GET cdn5-thumbs.motherlessmedia.com/thumbs/CB7CE41.jpg
200 OK 14 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/CB7CE41.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 26928x26967, segment length 16, baseline, precision 8, 640x480, components 3
Hash 0fa673ecaff6dda8a5f57b3232e43a35
158ef3095cbcb7cf5c8a9723952ce690b3abe044
89e251c8d3c82705817525e45da08a338f99985a75aa87e05492d3351fe2ccdf
GET /thumbs/CB7CE41.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 13510
vary: x-s-token
last-modified: Sun, 07 Oct 2018 00:29:05 GMT
etag: "34c6-57798979d1565"
x-cache: HIT
x-whom: cdn07
accept-ranges: bytes
GET ytboob.com/wp-content/uploads/2025/02/1iijbaf.jpg
200 OK 59 kB URL GET ytboob.com/wp-content/uploads/2025/02/1iijbaf.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectytboob.com
Fingerprint80:33:C2:83:09:D8:44:42:EF:D7:7A:57:C5:50:8D:05:CA:0D:4B:1B
ValiditySun, 18 May 2025 08:09:48 GMT - Sat, 16 Aug 2025 09:07:28 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash aa991055fa2e285e48df7442087df737
a3f33456000302d79497668ed4e4ee598cb86896
30787648cd1d91d7fa03129a28b216fda561dd43997bab823cec81435a583411
GET /wp-content/uploads/2025/02/1iijbaf.jpg HTTP/1.1
Host: ytboob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 59305
server: cloudflare
last-modified: Wed, 05 Feb 2025 20:06:19 GMT
etag: "67a3c4bb-e7a9"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 1299
cache-control: max-age=31536000
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lY9LmAQQ4jdlmv4vITSOM6NtC9GeX1vSFBc82gIyPzgYuZoByxw4j1JOzrBhWJjHEWR%2BWQXeXW8ER8pQxgWcOsDAXHFWmoxO"}]}
cf-ray: 9442ba1b092156cb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20231224-1/7c45abcbbaef5d08c1fe93f2d45a1780.jpg
200 OK 14 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20231224-1/7c45abcbbaef5d08c1fe93f2d45a1780.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5d479ff11743c6c8801c9a4881d4b131
9e5d75a11f38ce3cec24f10cd42ffeed91cd8792
8e8613876666b66bf32492bbf28ac30bc060a7260104d11af2fc7b02f416c92c
GET /jpgjingpinx.com/upload/vod/20231224-1/7c45abcbbaef5d08c1fe93f2d45a1780.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 14170
last-modified: Sun, 23 Feb 2025 00:16:26 GMT
expires: Tue, 23 Feb 2027 12:16:26 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20231224-1/7c45abcbbaef5d08c1fe93f2d45a1780.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "84ab40ff9a9a07bd"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.clporn.com/thumbs/29/426-teen.jpg
200 OK 11 kB URL GET www.clporn.com/thumbs/29/426-teen.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectclporn.com
Fingerprint8F:CA:12:EB:6D:F7:0B:C6:3E:7E:FB:1F:5B:47:EE:0F:FC:F2:10:55
ValidityMon, 14 Apr 2025 20:15:06 GMT - Sun, 13 Jul 2025 21:12:18 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3
Hash 3517da8b09c75e27701637c4508d859c
07b79084e5c9a1f2920f5e9fb3e3b27905f2d8ea
422b439e6f12e29ce5733218bf496bbb8b006815d9d9461f2fa4196cb8d8fe26
GET /thumbs/29/426-teen.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 11341
server: cloudflare
last-modified: Mon, 20 Apr 2020 13:02:09 GMT
etag: "5e9d9d51-2c4d"
expires: Thu, 07 May 2026 05:25:38 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 1388619
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XXXO%2Fw5vgQU%2Fgjtz1y7GrNTViuQeS5TkWMhdvxewD9%2BvM8DXzQQAkyBnKnK14ccvfCSl247AT7sdi7ei1wgE%2FrXYXSHNwq96HXpGsA%3D%3D"}]}
cf-ray: 9442ba1eee8d56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET naturismv.com/images/merry-pool-naturist-freedom.jpg
200 OK 62 kB URL GET naturismv.com/images/merry-pool-naturist-freedom.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash 2ade02cec914f83397036f9d7a6a87c9
01f86016205110c232e59cd70333cc92f80728df
ab79eb821ba7a259391eec0994107ebe787a99b667da16928bdd912930dec9bd
GET /images/merry-pool-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 62012
server: cloudflare
last-modified: Fri, 19 May 2023 12:04:52 GMT
etag: "646765e4-f23c"
expires: Wed, 22 Apr 2026 20:11:07 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 2631490
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=he92Zf%2BhXHZp84IWM7k181cMlbg3bYREkWqvhJ273x2BSnsgH5iKQmhqcM4nVGoUstN1cYnhq7SDEP8CNS7UHpp4ny2VdmNPYbBN"}]}
cf-ray: 9442ba200b820b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cacrz.4jpg.top/AV4.us.jpg
200 OK 8.7 kB URL GET cacrz.4jpg.top/AV4.us.jpg
IP
Certificate IssuerGoogle Trust Services
Subject4jpg.top
FingerprintBE:FB:D5:E3:D6:90:C9:AA:D7:5D:9F:CA:A4:3F:0E:6B:4A:62:A6:BC
ValidityThu, 24 Apr 2025 20:06:20 GMT - Wed, 23 Jul 2025 21:04:03 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/jpeg
content-length: 8741
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XEsRnJV6H23JzfuosbwYgwvKAYYbP6Fj7LuU9Ysk3kwNRhN%2BV3fUasUDKuplIeg%2BfxEaj76mFtTP0d8R8qA%2B0GWCmc2RGMY5wMrSTAlZ244NGj%2BD%2F2%2Bl40lgoF28BlHzTg%3D%3D"}],"group":"cf-nel","max_age":604800}
etag: "2225-5499bcea176c0"
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
age: 799285
cf-cache-status: HIT
cf-ray: 9442ba602ae50b69-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8746&min_rtt=8619&rtt_var=2662&sent=14&recv=10&lost=0&retrans=0&sent_bytes=3809&recv_bytes=1265&delivery_rate=320592&cwnd=12000&unsent_bytes=0&cid=3917c0039b19919e&ts=2349&x=80"
GET www.9188porn.xyz/upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET qwiketube.com/thumbs/964/400_chica_con_cepillo.jpg
301 Moved Permanently 14 kB URL GET qwiketube.com/thumbs/964/400_chica_con_cepillo.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectqwiketube.com
Fingerprint6D:37:70:60:D5:89:48:C7:95:90:20:94:51:CE:58:99:27:AE:42:D7
ValidityWed, 16 Apr 2025 09:51:57 GMT - Tue, 15 Jul 2025 10:50:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/964/400_chica_con_cepillo.jpg HTTP/1.1
Host: qwiketube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 23 May 2025 07:09:21 GMT
content-type: text/html
location: https://www.qwiketube.com/thumbs/964/400_chica_con_cepillo.jpg
server: cloudflare
strict-transport-security: max-age=15768000
age: 27
cache-control: max-age=86400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=E%2BFpBRoQ%2FNVY896Qtv0LOpryZESrZhWqHSdRnU15mTQDlIhg%2BVG2k5i5yBN7NZMWLeYiFijaRgzt0TmJ08fOOPWSkBe8ct95r2ln"}]}
cf-ray: 9442ba327d560b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET videopreview.chezcathy.com/ext/pre_1208088140.jpg
200 OK 9.7 kB URL GET videopreview.chezcathy.com/ext/pre_1208088140.jpg
IP
Certificate IssuerLet's Encrypt
Subjectvideopreview.chezcathy.com
Fingerprint57:9A:62:F9:2C:DF:06:02:FD:00:7E:90:41:F0:58:B7:25:C6:71:6D
ValidityFri, 18 Apr 2025 06:25:44 GMT - Thu, 17 Jul 2025 06:25:43 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash bb3f36efbb22f804782a82dce3a0c6d0
3f739828db6dd008d3122f6f483823cdd0ac6ae2
0f98d8c5f46a4dd060b8e94f8e25f33f217921e158269c0dab71152a2bf00001
GET /ext/pre_1208088140.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:21 GMT
Content-Type: image/jpeg
Content-Length: 9748
Last-Modified: Tue, 01 Oct 2024 18:24:03 GMT
Connection: keep-alive
ETag: "66fc3e43-2614"
Accept-Ranges: bytes
GET www.9188porn.com/upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=RTiQbAf89WAqDAD4d6TSJCJt1hLbq5tIzRP04OZz2zWEjs%2FYExcbbhauNk4eWKrmgHgaidLFkQhFkiOZOWOKgwU9RnP8nmBPqvXoPkMQ"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 9442ba142ef9b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET img.imghuo.cfd/media/videos/tmb/000/001/448/6.jpg
200 OK 6.9 kB URL GET img.imghuo.cfd/media/videos/tmb/000/001/448/6.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimg.imghuo.cfd
Fingerprint8E:A1:62:82:8D:80:F7:81:D5:85:E8:88:A3:92:94:47:71:0E:A0:E5
ValidityWed, 21 May 2025 07:47:38 GMT - Tue, 19 Aug 2025 07:47:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash 9763906e57de16351fb7e8c3fb14f0c0
5ad39ef169c4638fb9df353df199676340522ece
ec4fbd9d13552249e4b000691f703353df2c4654d1ed1c2a04300a6e8f504413
GET /media/videos/tmb/000/001/448/6.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 6903
Last-Modified: Sat, 23 Mar 2024 12:21:39 GMT
Connection: keep-alive
ETag: "65fec953-1af7"
Accept-Ranges: bytes
GET cdn1.hotmoza.tv/thumb/fc/a1/ed/fca1ed7474fc58c200101e88c0eaa081.jpg
200 OK 13 kB URL GET cdn1.hotmoza.tv/thumb/fc/a1/ed/fca1ed7474fc58c200101e88c0eaa081.jpg
IP
Certificate IssuerGoogle Trust Services
Subjecthotmoza.tv
Fingerprint12:4E:7F:F9:7A:6B:6A:8A:18:A2:01:B3:80:4D:B8:29:9F:6F:43:4B
ValiditySat, 26 Apr 2025 03:31:28 GMT - Fri, 25 Jul 2025 04:28:03 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", progressive, precision 8, 320x180, components 3
Hash f963ac87373bd10c69d879fcd7e0e1fd
d6d1fd0b7169900145246b21df5aeb23aca4d879
b0dce5f19736b62752b9760998a0a812049b9872b805e9e985b172df4110166b
GET /thumb/fc/a1/ed/fca1ed7474fc58c200101e88c0eaa081.jpg HTTP/1.1
Host: cdn1.hotmoza.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 13084
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
etag: f963ac87373bd10c69d879fcd7e0e1fd
last-modified: Fri, 01 Nov 2024 01:41:09 GMT
x-timestamp: 1730425268.90576
x-trans-id: tx36d864152b2a421daa1f5-0067249310
x-openstack-request-id: tx36d864152b2a421daa1f5-0067249310
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Sun, 25 May 2025 06:42:26 GMT
x-cdn-host-id: ds8140,ds9225
x-proxy-cache: HIT
accept-ranges: bytes
age: 1614
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SFRnZ7BxOkNFfEr%2BMAXIZxpuR7zKWsO06BlnM%2Fxu3XpmdjQfoj1RyXMZrPmM7s%2FG949Jd6cU6V5CT2tNiKi2n4TsADiT%2Fevv8WDXjo4%3D"}]}
cf-ray: 9442ba2f6a0e1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET stickamvids.net/photos/2020/03/11096_0_300.jpg
200 OK 6.4 kB URL GET stickamvids.net/photos/2020/03/11096_0_300.jpg
IP
ASN #44477 Stark Industries Solutions Ltd
Certificate IssuerLet's Encrypt
Subjectstickamvids.net
FingerprintD1:91:40:9F:36:56:28:A6:04:09:84:31:DF:58:AB:9B:89:7D:0D:83
ValidityThu, 27 Mar 2025 00:22:44 GMT - Wed, 25 Jun 2025 00:22:43 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 230x172, components 3
Hash d46c22688d6908faf1b6fb7b3da9f801
cc1fbb70fe4c6c953b5ab8c07696142afe8f5883
883d6e764b506d0e7b97b582e66f8da669111914695ad2193c4b6c006947d620
GET /photos/2020/03/11096_0_300.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 6371
Last-Modified: Wed, 14 Feb 2024 13:08:40 GMT
Connection: keep-alive
ETag: "65ccbb58-18e3"
Expires: Sat, 24 May 2025 07:09:22 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
GET rtgallery.net/tb/mather-lover.jpg
200 OK 33 kB URL GET rtgallery.net/tb/mather-lover.jpg
IP
Certificate IssuerLet's Encrypt
Subjectrtgallery.net
Fingerprint4E:C3:40:07:97:1C:DC:20:B3:66:18:DA:CD:F2:BF:27:EA:C5:AF:C4
ValiditySun, 23 Mar 2025 17:35:52 GMT - Sat, 21 Jun 2025 17:35:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Created with GIMP", progressive, precision 8, 480x360, components 3
Hash 540c78dedede16a9cb09aa0d66d5f222
7fa604405263e09d916cf0f6302c8f821d6de26c
e5796911f3b8ee6c1df20974474e765e7d553c966b8676f2c4a7c793cf218053
GET /tb/mather-lover.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 33219
Last-Modified: Sun, 17 Jun 2018 09:48:19 GMT
Connection: keep-alive
ETag: "5b262e63-81c3"
Cache-Control: private, max-age=600, must-revalidate
Accept-Ranges: bytes
GET i0.wp.com/666557.xyz/images/2025/03/10/9a3680eea0f0d421455949c459583732.jpg
200 OK 6.0 kB URL GET i0.wp.com/666557.xyz/images/2025/03/10/9a3680eea0f0d421455949c459583732.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 311x272, Scaling: [none]x[none], YUV color, decoders should clamp
Hash c2aea7f350edb59ebd466f5fa813e676
b5a8c7eaba5c811ccbf0c3eef54b0eb25703f669
26babd3bf4ce552846ca43aa46b29ebd3df1d67f1a26fe42ccf9b333ac8f67c6
GET /666557.xyz/images/2025/03/10/9a3680eea0f0d421455949c459583732.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 5964
last-modified: Sat, 22 Mar 2025 11:11:38 GMT
expires: Mon, 22 Mar 2027 23:11:38 GMT
cache-control: public, max-age=63115200
link: <http://666557.xyz/images/2025/03/10/9a3680eea0f0d421455949c459583732.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d86cfc4a6a6466ea"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.com/upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/28b4eb8a53f92362942b4aaaa648dfc9.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 23 May 2025 07:09:25 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2sB9U3DawiTC6CX%2FzC3HyR0Pb6VoqsH5%2BgQyGyKKNZouq7QSqSsH%2Fvme2149gwYBScIYpVCbVhEm3eqNnjO2ttwY%2B03kB45UTYOGpvo%2BvKgIiPzy%2FcwpPXlt2vwstEOy5CAE"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 23 May 2025 07:09:40 GMT
content-encoding: br
cf-ray: 9442ba483f540b4d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=15589&min_rtt=5529&rtt_var=14886&sent=64&recv=83&lost=0&retrans=1&sent_bytes=10798&recv_bytes=5855&delivery_rate=337785&cwnd=12000&unsent_bytes=0&cid=a6c59b246bbc7dac&ts=8101&x=80"
GET www.9188porn.xyz/upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET 58g.top/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subject58g.top
FingerprintCC:0D:AE:74:F9:A8:E9:5F:D7:F8:0A:CA:DC:90:66:0C:00:41:42:17
ValiditySat, 19 Apr 2025 05:47:16 GMT - Fri, 18 Jul 2025 06:46:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 58g.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:30 GMT
content-type: text/html
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zDh%2FKKMTBSOxqj9IUShXlGBl0dRJPin4NprWfFRc74%2F3w2Kju%2FY%2FeIPhrzx3ijTTZGr2X7sdhHzuFERlJiFYi9MNHm%2B%2B"}]}
age: 83
cache-control: max-age=86400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
content-encoding: br
cf-ray: 9442ba681e385688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240416-1/7cbec331832e25eee30aa2b25c4255d6.jpg
200 OK 39 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240416-1/7cbec331832e25eee30aa2b25c4255d6.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 960x540, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 84b22e4035227483eb65121e2d0d1743
27a34d69f975b9edc571119be0fa13655cf52e91
32ebaf5239e61dffca2b58e541dc5a0d28d7c4f86df5b0355a999b9b838dbb57
GET /jpgjingpinx.com/upload/vod/20240416-1/7cbec331832e25eee30aa2b25c4255d6.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 39136
last-modified: Sat, 14 Dec 2024 01:30:23 GMT
expires: Mon, 14 Dec 2026 13:30:23 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240416-1/7cbec331832e25eee30aa2b25c4255d6.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7a9d0d2c54691412"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET xvideosrei.com/wp-content/uploads/2021/09/ls-model-nude.jpg
200 OK 15 kB URL GET xvideosrei.com/wp-content/uploads/2021/09/ls-model-nude.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwww.xvideosrei.com
FingerprintC2:28:3A:CF:8A:D8:6A:AE:2F:E5:5E:F8:61:B6:CF:EB:A3:2F:85:03
ValiditySun, 18 May 2025 11:52:41 GMT - Sat, 16 Aug 2025 11:52:40 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 600x337, components 3
Hash 11cad4ecfeef2c7977bb71cedf726169
90abea391b13fc97a926d37d75273d0253ce7cfe
4ac3f0447c7cc4ed1d0b7251b2533e49679a2f748596ccb737908c752a48df31
GET /wp-content/uploads/2021/09/ls-model-nude.jpg HTTP/1.1
Host: xvideosrei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:02:41 GMT
content-type: image/jpeg
content-length: 14902
version: MS25051001
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 23 May 2026 07:02:41 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.thisav.com/favicon.ico
0 B URL GET www.thisav.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdntube.b-cdn.net/thumbnails/f3a448e3f96e651ccbb6166d3e5c83c20c88605b.jpg
200 OK 2.5 kB URL GET cdntube.b-cdn.net/thumbnails/f3a448e3f96e651ccbb6166d3e5c83c20c88605b.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x225, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 851669ea716d319838f2db48a1c3aac0
b806c6a8f71026b7f9012584e25c4ae8b9e8fc5e
e105a28321d51580ec1299e501450c0f4a9231c5c3c393b5ef9b36e3c22a48d7
GET /thumbnails/f3a448e3f96e651ccbb6166d3e5c83c20c88605b.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 2450
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 19 Nov 2021 04:15:38 GMT
cdn-storageserver: DE-677
cdn-requestpullsuccess: True
cdn-fileserver: 223
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/16/2025 17:27:04
cdn-edgestorageid: 830
cdn-requestid: 999255adaac27b82282ade8a3a5524ae
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pornohub24.ru/erosceny/screen/seks-priklyucheniya-podrostka-v-bordele-0.jpg
200 OK 11 kB URL GET pornohub24.ru/erosceny/screen/seks-priklyucheniya-podrostka-v-bordele-0.jpg
IP
Certificate IssuerLet's Encrypt
Subjectpornohub24.ru
FingerprintAC:7A:EA:AD:46:D7:7D:01:A1:BD:3E:92:DD:14:FD:82:9A:5F:7D:0B
ValidityTue, 01 Apr 2025 01:51:47 GMT - Mon, 30 Jun 2025 01:51:46 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3
Hash de39240dfdfb694570f4b835f1ef066c
706f6c74685bcfb23211cbf705bcba691d0526fa
43f186545fd3fc2de1de26c11592894fdee63ef68f731382093da8ccfefac874
GET /erosceny/screen/seks-priklyucheniya-podrostka-v-bordele-0.jpg HTTP/1.1
Host: pornohub24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 10981
last-modified: Sat, 06 Apr 2024 17:39:14 GMT
etag: "661188c2-2ae5"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.dirtysancheztube.com/thumbs/6/214_.jpg
200 OK 9.9 kB URL GET www.dirtysancheztube.com/thumbs/6/214_.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectdirtysancheztube.com
Fingerprint57:E1:09:05:19:13:BC:25:AA:EE:35:50:01:F8:F6:6F:2C:00:26:D0
ValidityThu, 17 Apr 2025 14:12:15 GMT - Wed, 16 Jul 2025 15:11:01 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3
Hash a532a09c1462de91993ab491e9ae1137
64416e301865fb84a396cae73c1c6e02f8e1efc4
d3aca2f36bee4fbb25ee44ce41d60f0738e9b7df7ccd444d9f30db7d16110393
GET /thumbs/6/214_.jpg HTTP/1.1
Host: www.dirtysancheztube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 9924
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Wed, 29 May 2019 09:00:18 GMT
etag: "5cee4a22-26c4"
expires: Thu, 07 May 2026 04:42:07 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 1391234
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TmJNcNxC3V5yt2VKQWVaQb0m9ikjCdNrn2lrWLFLmBJP6JkBecIT%2Fk%2FBQc5cY5jahVvOsRNK5n5cH%2BJEJCx0ZAxE9BMgDm1L45r4x62b6bQ10wmmYiY%3D"}]}
cf-ray: 9442ba306e7e56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET img.aosikaimge.com/20221004/j10X8v3p/1.jpg
200 OK 2.2 kB URL GET img.aosikaimge.com/20221004/j10X8v3p/1.jpg
IP
Certificate IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintBC:19:8D:FF:22:32:94:8C:04:80:02:CE:1A:59:1C:91:24:15:5C:66
ValidityTue, 24 Dec 2024 10:28:23 GMT - Fri, 23 Jan 2026 10:28:22 GMT
File type JPEG image data, baseline, precision 8, 240x320, components 3
Hash 4032202cd18c4808814bd541ebfb721b
b6d678add876abd129d1da858e78a281333970eb
ff245febf2339146b4d556dfa45cf74a72b28f5ace7c99f70e87c208cda06058
GET /20221004/j10X8v3p/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 2219
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 01:42:54 GMT
ETag: "633ce11e-8ab"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Cache-Control: public, max-age=15768000
Cache: HIT
Accept-Ranges: bytes
GET www.9188porn.xyz/upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET pics.x-xx.pro/thumbs/243/359_sini-bokeppbaruuu.jpg
200 OK 2.7 kB URL GET pics.x-xx.pro/thumbs/243/359_sini-bokeppbaruuu.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectx-xx.pro
FingerprintDA:FF:FF:76:8F:DF:6E:3F:1E:7A:06:D2:A8:CE:86:0C:33:CB:56:1D
ValidityThu, 15 May 2025 21:29:08 GMT - Wed, 13 Aug 2025 22:27:54 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 270x158, components 3
Hash 2e6ff90fef49e142a25fe4122df9b082
751998a816c8461a1c6dedcd8fbb8f76fa009e53
76acc4035d30fa3138e48fb96324469d19abcddbd97cfdbf98aab3263e155e34
GET /thumbs/243/359_sini-bokeppbaruuu.jpg HTTP/1.1
Host: pics.x-xx.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 2737
server: cloudflare
last-modified: Sun, 22 Aug 2021 13:47:03 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "61225557-ab1"
expires: Thu, 29 May 2025 21:14:26 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 35693
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lT%2BNgSxGz5L0cUUAH85nN8ljIGAmTjNeVyxMJiQP281ZHFn76Cu%2B102kD3337XGSyk2lbDvEKL6%2BGIFKKBPy%2FK9%2F%2BtrZdsjKzP19"}]}
cf-ray: 9442ba2c2c5556a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET en.vidmo.pro/thumbs_320/5f/0c/5f0c190932fe0d34124ef97ce3340f3b/15125168.jpg
200 OK 10 kB URL GET en.vidmo.pro/thumbs_320/5f/0c/5f0c190932fe0d34124ef97ce3340f3b/15125168.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash 48fcbf4f978e137fea9d5383ca5d9171
2d9552034af2b26c1eb42f3f3e24e57229e2fede
884c07c4d9616488ddb4fe08c1285f73d28bb77ba9a13cd9e5da71d87e6cecee
GET /thumbs_320/5f/0c/5f0c190932fe0d34124ef97ce3340f3b/15125168.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 10467
last-modified: Thu, 24 Nov 2022 03:26:20 GMT
expires: Fri, 08 Nov 2024 19:18:56 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET videopreview.chezcathy.com/ext/pre_9288474976.jpg
200 OK 9.4 kB URL GET videopreview.chezcathy.com/ext/pre_9288474976.jpg
IP
Certificate IssuerLet's Encrypt
Subjectvideopreview.chezcathy.com
Fingerprint57:9A:62:F9:2C:DF:06:02:FD:00:7E:90:41:F0:58:B7:25:C6:71:6D
ValidityFri, 18 Apr 2025 06:25:44 GMT - Thu, 17 Jul 2025 06:25:43 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash ef21790cf585663ae60fc6ef16bb01c4
784b00bcc375bd1c2418835838dcba2f1ee2f429
e3980b5d372e54e5c6a3a4f2f008aa1938396fb22d4f93de392a1e01db9b4717
GET /ext/pre_9288474976.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:19 GMT
Content-Type: image/jpeg
Content-Length: 9375
Last-Modified: Tue, 11 Jun 2024 16:18:13 GMT
Connection: keep-alive
ETag: "666878c5-249f"
Accept-Ranges: bytes
GET mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821562884%29fip%281%29ti%281%29&redirnss=1
200 OK 604 B URL GET mc.webvisor.org/watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821562884%29fip%281%29ti%281%29&redirnss=1
IP
Certificate IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint4E:A6:D4:57:F5:B7:FB:C1:98:C0:40:D2:B8:FA:B4:10:43:09:41:94
ValiditySun, 09 Mar 2025 21:02:24 GMT - Sun, 31 Aug 2025 20:59:59 GMT
Hash d6f9c2e095a01b8684a0bb8912e79f0d
27bc8640a39bc0f940dc631e475c27d17c066275
f27962e254337eed716484a850ef4a2a270c35dae453f3157cceb4b1af2006d8
GET /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821562884%29fip%281%29ti%281%29&redirnss=1 HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://young.av4us.org
Referer: https://young.av4us.org/
DNT: 1
Connection: keep-alive
Cookie: yabs-sid=1665195901747984166; i=xvICK1hQ26IVOvdQdNcEnhgZrzF4xGOSWO2IwqbnsQttyAMqFjDDwpL/5EgUBcHCj6ViJ6x0+wJoPk/gf2O1yVDnFR8=; yandexuid=7997605961747984166; yuidss=7997605961747984166; ymex=1779520166.yrts.1747984166#1779520166.yrtsi.1747984166; bh=YKa+wMEGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-length: 604
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block
access-control-allow-credentials: true
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
content-type: application/json; charset=utf-8
last-modified: Fri, 23-May-2025 07:09:26 GMT
expires: Fri, 23-May-2025 07:09:26 GMT
access-control-allow-origin: https://young.av4us.org
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
X-Firefox-Spdy: h2
GET icdn05.videoporn.tube/33885/1694238_1.jpg
200 OK 58 kB URL GET icdn05.videoporn.tube/33885/1694238_1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecticdn05.videoporn.tube
Fingerprint58:94:00:5A:3F:14:59:F5:16:C6:3A:E7:29:F9:68:00:60:4E:26:C3
ValidityWed, 30 Apr 2025 02:33:33 GMT - Tue, 29 Jul 2025 02:33:32 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x169, components 3
Hash 6a2fccef21a27f15b47b1d405d430d15
817900244c3419bba0881cfdf3267b6d732496bf
edb39285b2a1671494ff5951af3ad10a99341d8f71cefda02c8f45be4bd0d967
GET /33885/1694238_1.jpg HTTP/1.1
Host: icdn05.videoporn.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 57941
server: nginx/1.24.0
x-object-meta-mtime: 1604190161.386925468
etag: 6a2fccef21a27f15b47b1d405d430d15
last-modified: Fri, 04 Nov 2022 23:24:57 GMT
x-timestamp: 1667604296.39028
x-trans-id: tx2facdbafc9174074b3274-0067900600
x-openstack-request-id: tx2facdbafc9174074b3274-0067900600
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Sun, 22 Jun 2025 07:09:17 GMT
x-cdn-host-id: ah1004,ds9225
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET img.imghuo.cfd/yq2/media/videos/tmb/000/000/404/5.jpg
200 OK 9.1 kB URL GET img.imghuo.cfd/yq2/media/videos/tmb/000/000/404/5.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimg.imghuo.cfd
Fingerprint8E:A1:62:82:8D:80:F7:81:D5:85:E8:88:A3:92:94:47:71:0E:A0:E5
ValidityWed, 21 May 2025 07:47:38 GMT - Tue, 19 Aug 2025 07:47:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash b4e30eabf04502ebd9c1187dc20da82b
5c8585c69c4a8a142d13c9faa0b86100a8e1304c
6b7499b69f0e8dbf1fae5dd8f5fa11552fe4d6ad417fdefd19b051af52b92f9e
GET /yq2/media/videos/tmb/000/000/404/5.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 9090
Last-Modified: Sat, 23 Mar 2024 12:21:16 GMT
Connection: keep-alive
ETag: "65fec93c-2382"
Accept-Ranges: bytes
GET vidmo.pro/thumbs_320/0a/f6/0af633496949f39b9cad0a695bd92011/11948147.jpg
200 OK 7.4 kB URL GET vidmo.pro/thumbs_320/0a/f6/0af633496949f39b9cad0a695bd92011/11948147.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 320x240, components 3
Hash f9d02d06d8982d9bc6d2cf53fbb43e76
e3982c22d91640f6dbc34a0d1048f1b44e407a24
f474acac36991b3f64c8157e181e5b8bcac4e9ab0e0247ab692901bc5506800f
GET /thumbs_320/0a/f6/0af633496949f39b9cad0a695bd92011/11948147.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 7405
last-modified: Tue, 02 Jun 2020 23:42:16 GMT
expires: Fri, 05 Apr 2024 17:39:27 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET erota2.com/favicon.ico
301 Moved Permanently 878 B IP
Certificate IssuerGoogle Trust Services
Subjecterota2.com
Fingerprint29:9B:74:F9:9F:4A:F9:DF:C8:E0:22:E5:A6:30:BF:DA:82:92:97:23
ValidityFri, 02 May 2025 02:05:40 GMT - Thu, 31 Jul 2025 03:05:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: erota2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=utf-8
location: /favicon.png
cf-cache-status: HIT
age: 1031
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vmX3xruaHaipdtypQMAsxI4OGv0WdXeZV%2FHW%2BtsUwXLYUhHrcf3YeqPlMCwa29Em1%2BDKqO50QTEQ40NnyZWsSTugDGjxl%2BKRdFXBuOGaAlUuVmRwSSoYJ7dHTM4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9442ba5adf13b4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=88033&min_rtt=82378&rtt_var=34931&sent=32&recv=40&lost=0&retrans=0&sent_bytes=5137&recv_bytes=2858&delivery_rate=7149&cwnd=12000&unsent_bytes=0&cid=6c6fd3424cff05f8&ts=7849&x=1", cfExtPri, cfHdrFlush;dur=0
GET cdntube.b-cdn.net/thumbnails/50aaa90a22761db6de122da6c1f67d21d64ebbfb.jpg
200 OK 11 kB URL GET cdntube.b-cdn.net/thumbnails/50aaa90a22761db6de122da6c1f67d21d64ebbfb.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x731, Scaling: [none]x[none], YUV color, decoders should clamp
Hash eb4693350fbd413a07150c51513228e4
b49b302ae35ca2a15a592fba489614fc598db3b8
b6c27665472dc3891d8efbe878f75863c2c632fbfc1b59f573af4015556c65dd
GET /thumbnails/50aaa90a22761db6de122da6c1f67d21d64ebbfb.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/webp
content-length: 10894
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Sun, 05 Mar 2023 12:38:33 GMT
cdn-storageserver: DE-633
cdn-requestpullsuccess: True
cdn-fileserver: 572
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:04:10
cdn-edgestorageid: 830
cdn-requestid: 7c3a18e3f242df406912ef04d101fb97
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET t1.videosbang.mobi/media/ae/b8/42/aeb842366fbc22bb6425d9ba82b1633a.jpg
200 OK 22 kB URL GET t1.videosbang.mobi/media/ae/b8/42/aeb842366fbc22bb6425d9ba82b1633a.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectvideosbang.mobi
Fingerprint2B:A4:7F:E1:3A:61:A2:FA:A8:CB:72:53:28:F2:56:28:9D:72:39:E2
ValidityFri, 25 Apr 2025 07:41:00 GMT - Thu, 24 Jul 2025 08:38:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 400x300, components 3
Hash 9aeee99830531e76936aad663a01de98
3f4f6c96b01081ed2f1f7bb756c109064474aaa3
16ce1a5968284ed4b123bd9b05f4f1044961f4e0e1bd3356ff382b2b44f5dcee
GET /media/ae/b8/42/aeb842366fbc22bb6425d9ba82b1633a.jpg HTTP/1.1
Host: t1.videosbang.mobi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 22089
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
x-object-meta-mtime: 1581259999.836471
etag: 9aeee99830531e76936aad663a01de98
last-modified: Sun, 09 Feb 2020 14:53:23 GMT
x-timestamp: 1581260002.94675
x-trans-id: txda662943c1fd4c6ba15d5-006764cc72
x-openstack-request-id: txda662943c1fd4c6ba15d5-006764cc72
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Sun, 25 May 2025 03:22:17 GMT
x-cdn-host-id: ds8140,ds9225
x-proxy-cache: HIT
accept-ranges: bytes
age: 13623
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HGM75yyMIBqOdtp0a8WojSZXQfp93bQrPGHGbvgGm16HqDTVKrr1CJpIRyBkTU%2Faq5vfUG5jGE47mBLSvZUP2F0eM8nDuiW4NaswvBzVS3Q%3D"}]}
cf-ray: 9442ba2bcbca56c0-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET qanjiq.ru/favicon.ico
200 OK 1.4 kB IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectqanjiq.ru
Fingerprint24:67:EB:90:67:FC:80:8A:F1:7A:03:D8:3E:C5:4D:3B:91:E7:BB:1F
ValiditySat, 19 Apr 2025 00:25:45 GMT - Fri, 18 Jul 2025 00:25:44 GMT
File type MS Windows icon resource - 1 icon, 16x16
Hash 4949e2376f27a2c25b5aa2a49872f796
816efe9195100bfe5595485054682da4cfd2085d
eff2b548e08948bf20102a841a99d8d9085e4f69dd0de0babd62bcc1fc3626f8
GET /favicon.ico HTTP/1.1
Host: qanjiq.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:30 GMT
Content-Type: image/x-icon
Content-Length: 1406
Last-Modified: Thu, 05 Nov 2020 21:00:00 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5fa467d0-57e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/9c/4c/35/9c4c356cd1b218174addbc2a6f989621/9c4c356cd1b218174addbc2a6f989621.27.jpg
200 OK 9.0 kB URL GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/9c/4c/35/9c4c356cd1b218174addbc2a6f989621/9c4c356cd1b218174addbc2a6f989621.27.jpg
IP
ASN #60068 Datacamp Limited
Certificate IssuerSectigo Limited
Subjectxvideos.com
Fingerprint27:E9:05:C0:A5:FC:40:B1:D6:44:DC:D3:39:EE:11:78:2C:E2:F0:78
ValidityThu, 03 Oct 2024 00:00:00 GMT - Mon, 03 Nov 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3
Hash 2174ebc5ca2385d0a750f297a3ae8925
b83f3785145a82d61f14d817f9c5f1d6c48b0bfe
2ffefd74edaf703a79add19c7995ac2b06bfeffd271bfeb3be47ed76c650f272
GET /videos/thumbs169ll/9c/4c/35/9c4c356cd1b218174addbc2a6f989621/9c4c356cd1b218174addbc2a6f989621.27.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 8962
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Wed, 21 Mar 2018 06:05:32 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-77-nzt: EwwBuUwJEQH35CYEAAwBT3/TEgH3Vi9uAAwBbT1apAH32pIGAA
x-77-nzt-ray: 0ef5851b4bc9d9421d1f3068d9e19a37
x-accel-expires: @1750428169
x-accel-date: 1747712057
x-accel-date-max: 1740060169
x-77-cache: HIT
x-77-age: 272100
server: CDN77-Turbo
accept-ranges: bytes
X-Firefox-Spdy: h2
GET jpgjingpinx.com/upload/vod/20240108-1/ad7e0a995a518aa688b3a3e0a830d0b7.jpg
200 OK 115 kB URL GET jpgjingpinx.com/upload/vod/20240108-1/ad7e0a995a518aa688b3a3e0a830d0b7.jpg
IP
Certificate IssuerGoGetSSL
Subjectjpgjingpinx.com
Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC
ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT
File type PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size 115 kB (115187 bytes)
Hash 5247653e6405a7bd3ccceede8b42606a
b2222e8513a96ef9fa7e91c51385fc190958093a
5b8ffc3ffa6b970ba72c69c66931cfd6142a97a3fd3d46a8a63d6483bdf88d70
GET /upload/vod/20240108-1/ad7e0a995a518aa688b3a3e0a830d0b7.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 115187
Content-Type: image/jpeg
Date: Wed, 21 May 2025 13:50:19 GMT
Etag: "659b8f82-1c1f3"
Expires: Fri, 20 Jun 2025 13:50:19 GMT
Last-Modified: Wed, 21 May 2025 13:50:19 GMT
Server: openresty
X-Cache: HIT, policy, disk
GET en.vidmo.pro/thumbs_320/28/e6/28e69cdd2f3c53235cc992564f1cc624/12702406.jpg
200 OK 24 kB URL GET en.vidmo.pro/thumbs_320/28/e6/28e69cdd2f3c53235cc992564f1cc624/12702406.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 320x240, components 3
Hash 3b2fab690c34351308c49de243353bdf
880117c7906177eaf0191ab09e94b76f86bd1ea4
c4e6e37fcecd05baf67ca494b7d1434bad021603c881d489aa3a6386da794608
GET /thumbs_320/28/e6/28e69cdd2f3c53235cc992564f1cc624/12702406.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 24357
last-modified: Thu, 24 Dec 2020 03:04:16 GMT
expires: Wed, 17 Apr 2024 16:42:07 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET sbzytpimg1.com:3519/upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg
200 OK 97 kB URL GET sbzytpimg1.com:3519/upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Hash a48ae883f1bf13d4901ff5e752290ea6
00deb9312def2dd9c7f5f5e4dc44dc6f6bcc75f2
73c072160daaf4cd98e8916639c6f98751b3471fcdf0ccc43e3cbd5c5a77a6d5
GET /upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
last-modified: Thu, 13 Jun 2024 17:57:37 GMT
vary: Accept-Encoding
etag: "666b3311-17c5d"
expires: Fri, 20 Jun 2025 19:38:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
X-Firefox-Spdy: h2
GET vidmo.pro/thumbs_320/ff/60/ff600a92a0e10dfcd27bca4e6355bcf7/12319214.jpg
200 OK 7.3 kB URL GET vidmo.pro/thumbs_320/ff/60/ff600a92a0e10dfcd27bca4e6355bcf7/12319214.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1728x1727, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 320x240, components 3
Hash c0732e5173bee7a23d0bc11cc0ffc3b2
120cdb02e3ec5f783e8251e71418f021175b6638
d48d10c8e497c47926557151584b963c3aa45936600e7e0b8ec5eaef27a7f310
GET /thumbs_320/ff/60/ff600a92a0e10dfcd27bca4e6355bcf7/12319214.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 7327
last-modified: Thu, 01 Oct 2020 03:13:09 GMT
expires: Mon, 13 May 2024 00:21:37 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET thumb.aporntv.com/thumbs/5/9/9/7/6/5996bbeed354726844/5996bbeed354726844.flv-5b.jpg
200 OK 22 kB URL GET thumb.aporntv.com/thumbs/5/9/9/7/6/5996bbeed354726844/5996bbeed354726844.flv-5b.jpg
IP
Certificate IssuerLet's Encrypt
Subjectaporntv.com
Fingerprint12:C5:AA:F4:28:DA:FC:0D:26:EF:7E:DC:ED:3C:55:A1:34:24:B2:E6
ValidityTue, 22 Apr 2025 22:30:20 GMT - Mon, 21 Jul 2025 22:30:19 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 670x490, components 3
Hash cff50ae0bb1e99e9cf0ede38b4c6d16e
881e8d2495f60c740857e11a183b67ff600e33d8
06584227b5545a5298f14acddb3f082b58e014d5e6ff3d7499990d8f13234355
GET /thumbs/5/9/9/7/6/5996bbeed354726844/5996bbeed354726844.flv-5b.jpg HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 22392
cache-control: public, max-age=16070400
cf-bgj: imgq:100,h2pri
cf-polished: origSize=22909
etag: "5997641f-597d"
expires: Thu, 29 May 2025 08:59:02 GMT
last-modified: Fri, 18 Aug 2017 22:03:11 GMT
cf-cache-status: HIT
age: 79820
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2BIOvHq%2FubghdOrscDAqAdI29aB1E2sqYGvEv4%2FMmZcMuGJgTBykoBE9bEvtioehqJr2sRadi8cG%2FplPYJex%2F%2F0n3s3y5LVD85R81lRruvRrEerpyfdLpUaO2cxbN2s7DlrC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9442ba37cb8056ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1801&min_rtt=381&rtt_var=2020&sent=14&recv=14&lost=0&retrans=0&sent_bytes=6737&recv_bytes=1444&delivery_rate=4802653&cwnd=244&unsent_bytes=0&cid=d9f0b21f1cbf471f&ts=5321&x=0"
X-Firefox-Spdy: h2
GET douga100ka.net/sam/982.jpg
403 Forbidden 0 B URL GET douga100ka.net/sam/982.jpg
IP
ASN #31898 ORACLE-BMC-31898
Certificate IssuerLet's Encrypt
Subject*.douga100ka.net
Fingerprint02:D6:91:33:14:BA:84:CF:F9:DB:FE:DE:C2:C2:2A:6B:B0:FE:B9:CE
ValiditySun, 20 Apr 2025 11:57:07 GMT - Sat, 19 Jul 2025 11:57:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sam/982.jpg HTTP/1.1
Host: douga100ka.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1242
date: Fri, 23 May 2025 07:09:25 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
GET uzbak.ru/files/screens/388/9.jpg
200 OK 37 kB URL GET uzbak.ru/files/screens/388/9.jpg
IP
Certificate IssuerLet's Encrypt
Subjectuzbak.ru
FingerprintA8:2B:EB:2B:82:9A:D0:04:55:2A:0C:FD:33:E8:86:61:8E:18:66:73
ValidityWed, 30 Apr 2025 23:53:51 GMT - Tue, 29 Jul 2025 23:53:50 GMT
File type PNG image data, 176 x 144, 8-bit/color RGB, non-interlaced
Hash f03b84a44078c0158c295a71ec9ffef2
fbafefa17b27b51b60379168f30a4791e75cb0b8
4e74e1e91281f79fcda46c81dc25acf1ad4872dfd65785a044371b3386b1f3a7
GET /files/screens/388/9.jpg HTTP/1.1
Host: uzbak.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 37179
last-modified: Mon, 12 Oct 2020 13:36:52 GMT
etag: "5f845bf4-913b"
expires: Sat, 23 May 2026 07:09:22 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
GET stickamvids.net/favicon.ico
404 Not Found 0 B URL GET stickamvids.net/favicon.ico
IP
ASN #44477 Stark Industries Solutions Ltd
Certificate IssuerLet's Encrypt
Subjectstickamvids.net
FingerprintD1:91:40:9F:36:56:28:A6:04:09:84:31:DF:58:AB:9B:89:7D:0D:83
ValidityThu, 27 Mar 2025 00:22:44 GMT - Wed, 25 Jun 2025 00:22:43 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx/1.20.2
Date: Fri, 23 May 2025 07:09:28 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
GET www.9188porn.xyz/upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/ef6d2d50f3b07044c5e84dbc298bd19b.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET lsbzytp.com:3519/upload/vod/20230910-1/04ced29ea560bd9334d20757aab8651a.jpg
200 OK 71 kB URL GET lsbzytp.com:3519/upload/vod/20230910-1/04ced29ea560bd9334d20757aab8651a.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 980x550, components 3
Hash 3595b3dc649864d49e1b1bc913196022
ffdc2bae7b2fc532eab3fe3bed860afdbb986da5
e106be794453871ac0ab6620fccc987974210844b95f7a51ea191058e6aed78c
GET /upload/vod/20230910-1/04ced29ea560bd9334d20757aab8651a.jpg HTTP/1.1
Host: lsbzytp.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
last-modified: Wed, 22 Nov 2023 12:55:11 GMT
vary: Accept-Encoding
etag: "655dfa2f-11435"
expires: Fri, 20 Jun 2025 19:39:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET img.youtube.com/vi/k1OWMFrSBEQ/0.jpg
200 OK 13 kB URL GET img.youtube.com/vi/k1OWMFrSBEQ/0.jpg
IP
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E
ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Hash 79058bb911916fe6b7bf3485ff163710
0193f1aa692b5e2abe9c29f3c509cbd124cd7ae4
2c91616a515c21eb0a31d44bc8a9458864f28fa252eb96235f15beed12424caf
GET /vi/k1OWMFrSBEQ/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 12587
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 May 2025 07:04:55 GMT
expires: Fri, 23 May 2025 09:04:55 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET xmaza.co/wp-content/uploads/2024/06/Viral-Jija-Saali-Sex-Video-MMS.jpg
200 OK 13 kB URL GET xmaza.co/wp-content/uploads/2024/06/Viral-Jija-Saali-Sex-Video-MMS.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectxmaza.co
FingerprintAD:8A:D3:94:6A:9C:9F:A3:2D:36:A5:13:EB:74:98:AB:80:B7:AE:45
ValidityFri, 25 Apr 2025 08:33:21 GMT - Thu, 24 Jul 2025 09:31:49 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 70x70, segment length 16, baseline, precision 8, 500x303, components 3
Hash 751702354abc7a819d95155900db7776
07d5bbaa9e76b3613c9967dde7ef675c7416f764
c19805516124cbbb0b000b518fb2b0b169fdf21a88e3aee3012fc8fc99abd2d0
GET /wp-content/uploads/2024/06/Viral-Jija-Saali-Sex-Video-MMS.jpg HTTP/1.1
Host: xmaza.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 12875
cache-control: public, max-age=604800
expires: Tue, 29 Apr 2025 22:01:22 GMT
etag: "324b-667c4355-d01b08;;;"
last-modified: Wed, 26 Jun 2024 16:35:33 GMT
accept-ranges: bytes
server: cloudflare
alt-svc: h3=":443"; ma=86400
age: 205102
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zhbQIMuDZ%2Bay7jJ9fZDsomV7lEbsBOZugGLvLtnyXSt9uqsAWDVet2RMQW0hQpCMky9BTILO6CuFzU%2BNFpgTVXL6kyCiqQ%3D%3D"}]}
cf-ray: 9442ba30cdcc1c16-OSL
X-Firefox-Spdy: h2
GET en.vidmo.pro/thumbs_320/4c/52/4c52f4fe2731c1c37703f4e6fd47914d/12796175.jpg
200 OK 11 kB URL GET en.vidmo.pro/thumbs_320/4c/52/4c52f4fe2731c1c37703f4e6fd47914d/12796175.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 826x825, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 320x240, components 3
Hash 67002aea52a01a7c0d03102c7fe8c024
4291de2badfaef14a5b62f0bda43a0ff8b9d4c55
b795e580479cf0cf6f21c2a00def52448694352ec4cc4368b60758b33586b91c
GET /thumbs_320/4c/52/4c52f4fe2731c1c37703f4e6fd47914d/12796175.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 11423
last-modified: Sat, 09 Jan 2021 13:30:23 GMT
expires: Wed, 17 Apr 2024 10:36:49 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn1.hotmoza.tv/thumb/f2/07/e7/f207e7fdd7b94ad09931d9405ffd2e45.jpg
200 OK 8.1 kB URL GET cdn1.hotmoza.tv/thumb/f2/07/e7/f207e7fdd7b94ad09931d9405ffd2e45.jpg
IP
Certificate IssuerGoogle Trust Services
Subjecthotmoza.tv
Fingerprint12:4E:7F:F9:7A:6B:6A:8A:18:A2:01:B3:80:4D:B8:29:9F:6F:43:4B
ValiditySat, 26 Apr 2025 03:31:28 GMT - Fri, 25 Jul 2025 04:28:03 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 85", progressive, precision 8, 320x180, components 3
Hash 826ced6f8f355badaf05146761cf2b10
46e218b7f8d83b0a46b6b536984ecba8f492748b
9b64fabf2b0cf761be45125cc8082305f53c597584a5899519061e844f2ba265
GET /thumb/f2/07/e7/f207e7fdd7b94ad09931d9405ffd2e45.jpg HTTP/1.1
Host: cdn1.hotmoza.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 8078
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
x-object-meta-mtime: 1581181949.487582
etag: 826ced6f8f355badaf05146761cf2b10
last-modified: Sat, 08 Feb 2020 17:12:35 GMT
x-timestamp: 1581181954.16576
x-trans-id: txaf44d07afbe24be5b709e-006391cd4b
x-openstack-request-id: txaf44d07afbe24be5b709e-006391cd4b
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
expires: Sun, 25 May 2025 05:02:22 GMT
x-proxy-cache: HIT
cf-cache-status: HIT
age: 7619
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9oO1NCc8kg06Jzfc197sh6Xtfew0iIoI3YJFGuOpg2VqfpNhIadNTf15Kgttx%2BCgYjoAH1pfKmKEqMYVUB2Gky5WCchnQBqnwVmKQRA%3D"}]}
cf-ray: 9442ba2f8a3f1c02-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pornohub24.ru/erosceny/screen/syn-drochit-na-mamu-v-hudozhestvennom-filme-0.jpg
200 OK 19 kB URL GET pornohub24.ru/erosceny/screen/syn-drochit-na-mamu-v-hudozhestvennom-filme-0.jpg
IP
Certificate IssuerLet's Encrypt
Subjectpornohub24.ru
FingerprintAC:7A:EA:AD:46:D7:7D:01:A1:BD:3E:92:DD:14:FD:82:9A:5F:7D:0B
ValidityTue, 01 Apr 2025 01:51:47 GMT - Mon, 30 Jun 2025 01:51:46 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3
Hash db7d864173f31f64af30c0746fc70ffd
3c8c9e8723cdf8663fd5980e952c501563d23824
ef03226ef9eae527e6f2e5837ba9ba4f77be3fd3ecf80e880c3f41a292f9318d
GET /erosceny/screen/syn-drochit-na-mamu-v-hudozhestvennom-filme-0.jpg HTTP/1.1
Host: pornohub24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.24.0
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 18857
last-modified: Sat, 06 Apr 2024 17:39:32 GMT
etag: "661188d4-49a9"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET en.vidmo.pro/thumbs_320/ed/2d/ed2d7e6202a48ef4ce3893d5738c1a33/15572879.jpg
200 OK 11 kB URL GET en.vidmo.pro/thumbs_320/ed/2d/ed2d7e6202a48ef4ce3893d5738c1a33/15572879.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash 6fb5906a46248500ea2e258722f25804
d45570299fded20f1624f6d057e9016b9d7d84b5
fe3e050de76e8eb0b30e1d5c5f4279e32e68e565297737b2c8e9ae0b7b8b354c
GET /thumbs_320/ed/2d/ed2d7e6202a48ef4ce3893d5738c1a33/15572879.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 10866
last-modified: Sun, 30 Apr 2023 04:28:18 GMT
expires: Mon, 12 Aug 2024 20:56:28 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET teens-tube.com/favicon.ico
200 OK 1.2 kB URL GET teens-tube.com/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subjectteens-tube.com
Fingerprint05:E3:CA:17:5B:F5:81:CD:7B:F5:5D:00:47:79:9B:FD:B3:F8:81:FF
ValiditySun, 04 May 2025 05:19:08 GMT - Sat, 02 Aug 2025 05:19:07 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash a360081f18459960ae600be170f547fc
d401689ec2ff581b3a1eafc2e8167ca711b7e247
53320ad8a78040c7ca8f354b4ca467b8e3b2e661b64d084879a5040b88db12ba
GET /favicon.ico HTTP/1.1
Host: teens-tube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:30 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Thu, 19 Dec 2019 18:33:48 GMT
etag: "5dfbc28c-47e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2
GET young.av4us.org/v/s/motherless.com/D555104/title/Guilty%20woman%20stripped%20and%20brutally%20executed%20%20%20[11:29x432p]
301 Moved Permanently 178 kB URL User Request GET young.av4us.org/v/s/motherless.com/D555104/title/Guilty%20woman%20stripped%20and%20brutally%20executed%20%20%20[11:29x432p]
IP
Certificate IssuerGoogle Trust Services
Subjectav4us.org
Fingerprint2E:D3:F9:3C:D3:1F:0F:1A:56:9D:A3:CF:D6:8B:FC:DA:E0:53:9D:FE
ValiditySat, 17 May 2025 17:58:19 GMT - Fri, 15 Aug 2025 18:56:53 GMT
Size 178 kB (178280 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v/s/motherless.com/D555104/title/Guilty%20woman%20stripped%20and%20brutally%20executed%20%20%20[11:29x432p] HTTP/1.1
Host: young.av4us.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pdojs-line8: host-young.av4us.org4.194.8.20-myhost-young.av4us.org38.220.248/v/s/motherless.com/D555104/title/Guiltywomanstrippedandbrutallyexecuted[11:29x432p]
phost: young.av4us.org
pdojs-line355: notjp-nojp-myhost-young.av4us.org-filteron-
pdojs-line963: notjp-nojp-myhost-young.av4us.org-filteron-/v/s/motherless.com/D555104/title/Guiltywomanstrippedandbrutallyexecuted[11:29x432p]
pdo120: feedvid-, cachefileb-cacpdo4/4a/ee/4f, lfm-16-2574646, lmd-1747983812, lud-1747983812, xfvlen-0, fsize-334407, played-
pdo396: feedvid-, cachefileb-cacpdo4/4a/ee/4f, lfm-16-2574646, lmd-1747983812, lud-1747983812, xfvlen-0, fsize-334407, played-
pdophp-line429: -; cachetime- 100408.33074011; ctime- 19700101090000; lmd- 19700101090000
pdo-line556: host-young.av4us.org4.194.8.20-myhost-young.av4us.org38.220.248/v/s/motherless.com/D555104/title/Guiltywomanstrippedandbrutallyexecuted[11:29x432p]
cache-control: public, max-age=360001
location: /
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=DPm0Ou7qdN0ny4b4zeceAy%2BTD%2BG%2Byxm9hdHaw%2FE%2FZYqXOSzjfK%2FClsQZCAx5W3kp9stWZJcvorDRIr2nnr%2BXSTh8CeUpSAN9Svkhaqk%3D"}]}
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-192g-la: HIT
xkey-192la: young./v/s/motherless.com/D555104-AB-young.av4us.org-young.av4us.org-myzone---yes
x-proxy-cache-g-la: MISS
xkey-g-la: young./v/s/motherless.com/D555104-AB-young.av4us.org--my_zone
age: 26
cf-cache-status: HIT
cf-ray: 9442ba0fdd7e56c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET im4.mediacont.net/xxxzooporn/thumbs/20/754-fucks-the.jpg
200 OK 11 kB URL GET im4.mediacont.net/xxxzooporn/thumbs/20/754-fucks-the.jpg
IP
ASN #63119 Angelnet Limited
Certificate IssuerLet's Encrypt
Subjectmediacont.net
Fingerprint4B:1A:41:D8:E6:C5:06:5C:0E:8B:14:AF:42:C1:80:38:CF:73:10:E7
ValidityThu, 08 May 2025 03:04:55 GMT - Wed, 06 Aug 2025 03:04:54 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x53, segment length 16, baseline, precision 8, 300x175, components 3
Hash dc7fcbeeaf12ea4759f1191ee4d5abd3
ff10324fbb0ea5dd74768befd7883fcf1cf280fb
a422dde5aa5ed925191ec0d1df20a38a5adbfe934139d5933f2ffaf8f4e69256
GET /xxxzooporn/thumbs/20/754-fucks-the.jpg HTTP/1.1
Host: im4.mediacont.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:21 GMT
Content-Type: image/jpeg
Content-Length: 11020
Last-Modified: Thu, 03 Nov 2022 16:48:30 GMT
Connection: keep-alive
Keep-Alive: timeout=30
ETag: "6363f0de-2b0c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Request-ID: a37b6d06529aa7c2fe6b55b8e20394ae
Accept-Ranges: bytes
GET area51.porn/static/images/logo.svg
200 OK 2.3 kB URL GET area51.porn/static/images/logo.svg
IP
Certificate IssuerGoogle Trust Services
Subjectarea51.porn
Fingerprint0B:45:4D:B9:82:6C:FF:79:89:D6:08:2E:6A:EA:94:6A:92:8D:FD:E0
ValidityThu, 15 May 2025 17:15:31 GMT - Wed, 13 Aug 2025 18:12:38 GMT
File type SVG Scalable Vector Graphics image
Hash 3b607fed75b73190410b56d567432ed2
4e26d5ebc16252425f75f037c9bf0d5f6fb53482
bd509a93e20f6b999cc5572412bc35ce89814f958e89e20799919b72f6863a05
GET /static/images/logo.svg HTTP/1.1
Host: area51.porn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/svg+xml
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Mon, 01 Mar 2021 12:57:09 GMT
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-cache-status: HIT
age: 868831
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=nnrI7GN%2B4UoINDCPEgG9v8z2hpc6h9D%2BfuWjiHXbb%2B6TdkTM8QlqAxe4HVcYm29viycsaioA9N%2B6Vi0yaUstcvGOholE7adxNA%3D%3D"}]}
etag: W/"603ce4a5-901"
content-encoding: br
cf-ray: 9442ba391af80b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.com/upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 23 May 2025 07:09:17 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sc5f%2BBm2g6jZPPZaVwtjdk0EnUJVpjbE3ONHybqrMg9jpTqhS0B05I%2BDCNZ6KOVxty52on2PWLe6gtmpvkIPdHcZMhcGHXS4h53WlLVY"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 9442ba1759aeb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.yekuge.xyz/sdk/p/?zid=9801
200 OK 52 kB URL GET cdn.yekuge.xyz/sdk/p/?zid=9801
IP
Certificate IssuerGoogle Trust Services
Subjectyekuge.xyz
FingerprintC6:94:C6:E7:C5:1E:9D:1C:57:30:69:DB:EB:E8:C6:FF:23:87:48:90
ValidityWed, 21 May 2025 08:52:19 GMT - Tue, 19 Aug 2025 09:50:49 GMT
File type JavaScript source, ASCII text, with very long lines (51798)
Hash 91c4a974be8c0f67ab6741ffdc0112cd
11f9ef3096fece61ef3d21e9da3065b60809f56f
9121fa50763f08bd37d75640dc4b415ec474b11e7714e1369f58efc7548e97dc
GET /sdk/p/?zid=9801 HTTP/1.1
Host: cdn.yekuge.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: application/javascript
server: cloudflare
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lXPnRrDJZK59lrzoQxaI6MMwvjg4YtPDkNZvvrpohmiDycq9IC2cnRc3Ylfly3HzCrOmm5mjLdMPGaYOb5n3MTq%2B3CacYj31kKO3Bw%3D%3D"}]}
x-time: 1747984163
access-control-allow-origin: *
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 9442ba3c2c62b529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET page.phic4.top/myda.php
200 OK 0 B IP
Certificate IssuerGoogle Trust Services
Subjectphic4.top
Fingerprint7D:FB:B4:77:85:58:5A:A6:F5:90:D1:1A:18:37:82:49:6E:ED:B7:C6
ValidityThu, 01 May 2025 23:39:34 GMT - Thu, 31 Jul 2025 00:37:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:26 GMT
content-type: text/html; charset=utf-8
server: cloudflare
myda: myda2a02:6b8:c15:2602:0:492c:3870:0
vary: User-Agent, accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=BoR1H%2FlEJTb8qfM98V61loKXBrqxa5J1WAnE8QFjfBMnP5qtdaWOA9miRydOMEx5dsyoKnO8se3bGT5Dl8Mh7ynKqRyOXof3o3%2BAug%3D%3D"}]}
age: 5522
cache-control: max-age=14400
cf-cache-status: HIT
last-modified: Fri, 23 May 2025 05:37:23 GMT
content-encoding: br
cf-ray: 9442ba4d6d7656c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i0.wp.com/quk.fcbyti.sbs/upload/vod/202325/8b8b8f229e58a54cebd706062581faa2.jpg
200 OK 7.2 kB URL GET i0.wp.com/quk.fcbyti.sbs/upload/vod/202325/8b8b8f229e58a54cebd706062581faa2.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 405x287, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d57b3014ab4ea31332999ff57080f262
6353acd5e6269c81fa9362b3a18bac3ff9be758d
69c8050a4ca4b325386ae03377b92025a87fd0620cb1fa09114ef94a29edab4e
GET /quk.fcbyti.sbs/upload/vod/202325/8b8b8f229e58a54cebd706062581faa2.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 7186
last-modified: Wed, 30 Apr 2025 22:10:43 GMT
expires: Sat, 01 May 2027 10:10:43 GMT
cache-control: public, max-age=63115200
link: <http://quk.fcbyti.sbs/upload/vod/202325/8b8b8f229e58a54cebd706062581faa2.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "65bb1974b9ae9b40"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET en.vidmo.pro/thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg
200 OK 27 kB URL GET en.vidmo.pro/thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 320x240, components 3
Hash 196132c7344d297b1f245fd60466e8f7
330fc3f9c4226abe4adf9769f074adf2128aed8a
040d6fe0d9c11e18c63f941ce9e9eea206755f27623f022b767d06a97a6ed866
GET /thumbs_320/ee/14/ee140ed853c8b8715a162fd14dd19017/12637642.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 26960
last-modified: Mon, 14 Dec 2020 14:12:42 GMT
expires: Mon, 09 Oct 2023 19:16:54 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET thumb.aporntv.com/thumbs/5/f/2/1/a/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4-3.jpg
200 OK 2.0 kB URL GET thumb.aporntv.com/thumbs/5/f/2/1/a/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4-3.jpg
IP
Certificate IssuerLet's Encrypt
Subjectaporntv.com
Fingerprint12:C5:AA:F4:28:DA:FC:0D:26:EF:7E:DC:ED:3C:55:A1:34:24:B2:E6
ValidityTue, 22 Apr 2025 22:30:20 GMT - Mon, 21 Jul 2025 22:30:19 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 200x150, components 3
Hash 09a0f526b7e66503092ed8fbae9df4aa
352d2abd92decfcf8996470e03217b37bebe00d0
6debf76192ffee9b9200eb982ccbeb400a4c891caa5dc3fc981e6faad404808d
GET /thumbs/5/f/2/1/a/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4/5f219b65dd19eBig%20Brother%20Fucking%20Own%20Little%20Sister%20Hidden.mp4-3.jpg HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 2012
cache-control: public, max-age=16070400
cf-bgj: imgq:100,h2pri
cf-polished: origSize=2045
etag: "5f21a08f-7fd"
expires: Sun, 25 May 2025 20:44:13 GMT
last-modified: Wed, 29 Jul 2020 16:15:11 GMT
cf-cache-status: HIT
age: 383109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zod48aOuP%2BekASBWw4c9TOBa%2Bq2IzwGnfWTn7Y%2FDuStoCqGijLLUkf%2FubneDuMEGXKKAfDvqSLjN7PRJPV4Tzie17Nkc%2Bw2uLh39wgtSOEZXJJ8uuiZCKIdiNK%2BHumrGe4vO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9442ba370a7f56ca-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1349&min_rtt=381&rtt_var=1489&sent=10&recv=12&lost=0&retrans=0&sent_bytes=3970&recv_bytes=1329&delivery_rate=4802653&cwnd=244&unsent_bytes=0&cid=d9f0b21f1cbf471f&ts=5206&x=0"
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET blumpkintube.com/favicon.ico
200 OK 1.2 kB URL GET blumpkintube.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectblumpkintube.com
FingerprintDA:B0:E3:91:B1:3A:F6:92:40:A5:6D:DA:6D:67:42:B4:54:2E:FF:7C
ValidityMon, 14 Apr 2025 03:20:03 GMT - Sun, 13 Jul 2025 04:18:31 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 3de13983da1e7755426362ee988fae6a
51d87d2cb8a6950b5e1c8ca24a257cb397664a93
16c3dc433b7b2460b9ba12b1aa28a14c598e93f5bab8f7cb1b5afa3989457c05
GET /favicon.ico HTTP/1.1
Host: blumpkintube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M4ecDQVUXw1q3nDNLG7zluzSfc1LvwhriEYbrJShOOsu%2B%2Fu%2FFdCWyG7EOAzISaoLqw9J2Y6fPwdImg%2Bt%2F6XLncRwtSzuZ7N8jTl95fckJmISCh8f9VtNtdZYqFyTk96oxxAY"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 29 Nov 2019 11:53:39 GMT
etag: "5de106c3-47e"
expires: Fri, 15 May 2026 21:10:39 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 640728
cf-cache-status: HIT
cf-ray: 9442ba5c5b6d56a9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8804&min_rtt=3346&rtt_var=4558&sent=91&recv=129&lost=0&retrans=0&sent_bytes=8068&recv_bytes=7468&delivery_rate=290809&cwnd=12000&unsent_bytes=0&cid=267d71242711921b&ts=7232&x=80"
GET cloudflare-br-pic.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDI0LzAyLzI4LzA1L0JNakF5TkRBeU1qZ3dOVFUwTWpoZk1UVXdNREF4TXpVNU56WXlOekl6WHpFMU1ERXdOVFF4TWpFMk5qSTFNMTh5WHpNPV9vdXVfQjliZDA0NzU1YmQzZmExODVmZDBlMzYyOTZmMzU1MWUwLndlYnA.webp
200 OK 25 kB URL GET cloudflare-br-pic.kwai.net/kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDI0LzAyLzI4LzA1L0JNakF5TkRBeU1qZ3dOVFUwTWpoZk1UVXdNREF4TXpVNU56WXlOekl6WHpFMU1ERXdOVFF4TWpFMk5qSTFNMTh5WHpNPV9vdXVfQjliZDA0NzU1YmQzZmExODVmZDBlMzYyOTZmMzU1MWUwLndlYnA.webp
IP
Certificate IssuerGlobalSign nv-sa
Subject*.kwai.net
Fingerprint55:3D:47:75:CD:99:64:ED:1B:F0:25:7F:54:76:E2:9E:07:93:CF:62
ValidityThu, 24 Oct 2024 06:41:09 GMT - Tue, 25 Nov 2025 06:41:08 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 322x574, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 0b3cec2829e225a5e6b490536381004c
15ecdd133c5acd6773a1565cc311688b76f50edf
b282d1be3c2433bd1a7a3c54b8145a5bae1bfe3742b27a0729a0919388f3cd1c
GET /kimg/EKzM1y8qmQEKAnMzEg1waG90by1vdmVyc2VhGoMBdXBpYy8yMDI0LzAyLzI4LzA1L0JNakF5TkRBeU1qZ3dOVFUwTWpoZk1UVXdNREF4TXpVNU56WXlOekl6WHpFMU1ERXdOVFF4TWpFMk5qSTFNMTh5WHpNPV9vdXVfQjliZDA0NzU1YmQzZmExODVmZDBlMzYyOTZmMzU1MWUwLndlYnA.webp HTTP/1.1
Host: cloudflare-br-pic.kwai.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/webp
content-length: 25294
cf-ray: 9442ba2abfefabe0-CPH
cf-cache-status: HIT
accept-ranges: bytes
age: 26
cache-control: max-age=2592000
expires: Sat, 23 May 2026 07:09:20 GMT
last-modified: Fri, 23 May 2025 07:05:12 GMT
vary: Accept-Encoding
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront), 1.1 c26999728b9b80253ea8308df470deba.cloudfront.net (CloudFront)
krtid: gw96aa94f4f79946c29e422c66c40d202c
x-amz-cf-id: 9yndGPQuy8G3EUGDkJrjZR-_XBGaBRxmeV8vPYHAxUBPoVIOBuaQjQ==
x-amz-cf-pop: FRA50-C1, ARN56-P2
x-cache: Hit from cloudfront
access-control-allow-origin: *
x-ks-cache: HIT
x-ks-client-ip: 91.90.42.154
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET img.imghuo.cfd/sp/media/videos/tmb/1509/12.jpg
200 OK 12 kB URL GET img.imghuo.cfd/sp/media/videos/tmb/1509/12.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimg.imghuo.cfd
Fingerprint8E:A1:62:82:8D:80:F7:81:D5:85:E8:88:A3:92:94:47:71:0E:A0:E5
ValidityWed, 21 May 2025 07:47:38 GMT - Tue, 19 Aug 2025 07:47:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 384x214, components 3
Hash bfce0c55cc4c64ae88a635e183cbade5
64660684ed5422ba58d3810bd5fbf2f85276de5e
45bc2b8014a00ec8a7c071fae26bbde4c3b40e302e544889fbed6850d91bebe0
GET /sp/media/videos/tmb/1509/12.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 11886
Last-Modified: Sat, 23 Mar 2024 12:20:59 GMT
Connection: keep-alive
ETag: "65fec92b-2e6e"
Accept-Ranges: bytes
GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 87 kB URL GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 May 2025 05:09:17 GMT
expires: Sat, 23 May 2026 05:09:17 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 7206
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET videopreview.chezcathy.com/ext/pre_2916038326.jpg
200 OK 6.3 kB URL GET videopreview.chezcathy.com/ext/pre_2916038326.jpg
IP
Certificate IssuerLet's Encrypt
Subjectvideopreview.chezcathy.com
Fingerprint57:9A:62:F9:2C:DF:06:02:FD:00:7E:90:41:F0:58:B7:25:C6:71:6D
ValidityFri, 18 Apr 2025 06:25:44 GMT - Thu, 17 Jul 2025 06:25:43 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash 639b857f2f6f61b28b3253cd47c5850d
74d0f7c8f7600b87c83956525a3b441f1330b13c
8b6dec552d09a5f012d4dd89a746d02af9b26b1e26debf37f12ce693a6ef334e
GET /ext/pre_2916038326.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:21 GMT
Content-Type: image/jpeg
Content-Length: 6252
Last-Modified: Tue, 11 Jun 2024 11:58:28 GMT
Connection: keep-alive
ETag: "66683be4-186c"
Accept-Ranges: bytes
GET pornolomka2.com/uploads/posts/2017-04/medium/1491130991_00-15-22.jpg
200 OK 130 kB URL GET pornolomka2.com/uploads/posts/2017-04/medium/1491130991_00-15-22.jpg
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornolomka2.com
Fingerprint5E:83:DF:E0:31:40:AC:3C:BC:70:FA:A6:4C:5A:B3:43:56:02:22:15
ValidityThu, 22 May 2025 22:44:05 GMT - Wed, 20 Aug 2025 22:44:04 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x253, components 3
Size 130 kB (130213 bytes)
Hash 0d3c827bd2a6fcd45f290bc7f36a96c2
72344588d4eaed4cd8358197be6823435ef27672
2dbfc0afa4b5376d7d28be961747d5ab2e190585cda66d1cd0c2cc87654605ce
GET /uploads/posts/2017-04/medium/1491130991_00-15-22.jpg HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:19 GMT
content-type: image/jpeg
content-length: 130213
last-modified: Sun, 30 Aug 2020 17:00:13 GMT
etag: "5f4bdb1d-1fca5"
expires: Fri, 30 May 2025 07:07:19 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240127-1/56482ec9dd4f98f1c6ac8b8a18f74892.jpg
200 OK 33 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240127-1/56482ec9dd4f98f1c6ac8b8a18f74892.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x403, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7f23d8a7a925eb0cd895e616a31a8f37
135220d39350614dc36ee5ae3b6109b4eb80034d
5f4dd7e34753256b547e37b9040aa115621912d540b113c9049278741edb724d
GET /jpgjingpinx.com/upload/vod/20240127-1/56482ec9dd4f98f1c6ac8b8a18f74892.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 33048
last-modified: Sun, 15 Dec 2024 10:11:41 GMT
expires: Tue, 15 Dec 2026 22:11:41 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240127-1/56482ec9dd4f98f1c6ac8b8a18f74892.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b99e2e7b8c89dd4f"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/fbc9c3b245b682ebe3110ca10dbdd648.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn5-thumbs.motherlessmedia.com/thumbs/F96791E.jpg
200 OK 13 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/F96791E.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash da0b05758655b1e36e43c3e313471014
3d88e737d5d43c22c7ef4eeedc4edae7d77ef540
da5d58ab0990e62ae1930e52dc116d74fbd9d07c186fa808a6a592d9ac36ea96
GET /thumbs/F96791E.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 13408
vary: x-s-token
last-modified: Mon, 08 Oct 2018 02:36:21 GMT
etag: "3460-577ae7c9166f3"
x-cache: HIT
x-whom: cdn02
accept-ranges: bytes
GET thumb.aporntv.com/thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother
404 Not Found 0 B URL GET thumb.aporntv.com/thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother
IP
Certificate IssuerLet's Encrypt
Subjectaporntv.com
Fingerprint12:C5:AA:F4:28:DA:FC:0D:26:EF:7E:DC:ED:3C:55:A1:34:24:B2:E6
ValidityTue, 22 Apr 2025 22:30:20 GMT - Mon, 21 Jul 2025 22:30:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:20 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lrRBj08w0jJ0qbKILLl97WIeWdAp2YyCUE0m2qk2vjNpA4OXa1hMpWhm%2FJjlstlcJ9HVE31jh2OZD8Z5nXdqVo3TrBH8%2FyE0o94NCU9RbkK%2Fb9EYfFGCbKeQ2nPYs8lpimxY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba2b5e9f56ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1144&min_rtt=381&rtt_var=1438&sent=7&recv=10&lost=0&retrans=0&sent_bytes=2822&recv_bytes=1141&delivery_rate=4802653&cwnd=242&unsent_bytes=0&cid=d9f0b21f1cbf471f&ts=3529&x=0"
X-Firefox-Spdy: h2
GET naturismv.com/images/junior-miss-pageant-contest-1999-volume-3.jpg
200 OK 68 kB URL GET naturismv.com/images/junior-miss-pageant-contest-1999-volume-3.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash fe9907d7928bf519fc596c4b0de5773f
be3a2aba13a990f6c4a1d757fe7a64183fafa0dd
2dfcae072026361eac71af5eedecc8e15e0f48e1733bbe97ba45abe39afd80e9
GET /images/junior-miss-pageant-contest-1999-volume-3.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 68170
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 19 May 2023 12:04:52 GMT
etag: "646765e4-10a4a"
expires: Thu, 16 Apr 2026 00:01:31 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 3222467
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=k28mcH5XxqmB4aOLgzyALJNFUcyVOqG4HrCnCoPJEStlcKBV4vrAwi21vRj%2FVp5XDT%2FfBwfE2e5uNAuqG6RgnidGkyUdk8%2B623uB"}]}
cf-ray: 9442ba200b840b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET content.jwplatform.com/favicon.ico
404 Not Found 0 B URL GET content.jwplatform.com/favicon.ico
IP
Certificate IssuerAmazon
Subjectjwplayer.com
Fingerprint4C:E0:FA:4F:1C:F1:21:A8:0C:37:01:61:F5:1E:8E:A5:44:8B:32:6D
ValidityWed, 25 Sep 2024 00:00:00 GMT - Thu, 23 Oct 2025 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
content-type: text/html
content-length: 150
date: Fri, 23 May 2025 07:09:28 GMT
server: openresty
x-cache: Error from cloudfront
via: 1.1 f1dfb112336c56393fdb3341c0df8da0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: g1esYIpONjOMkv8RGmma_CiRKLWl6Q2VAG51MPZDvlCZmTQBOv7EOw==
X-Firefox-Spdy: h2
GET nlt05.videosection.com/d/4/7/d47280e7662c96a6cc5da7c02833769f/thumbs/480x270/1.jpeg
200 OK 26 kB URL GET nlt05.videosection.com/d/4/7/d47280e7662c96a6cc5da7c02833769f/thumbs/480x270/1.jpeg
IP
Certificate IssuerGoogle Trust Services
Subjectvideosection.com
Fingerprint3E:51:2A:60:0A:59:A9:A1:BB:DC:F8:EB:EE:03:F9:39:7D:56:ED:1F
ValiditySat, 26 Apr 2025 05:41:30 GMT - Fri, 25 Jul 2025 06:41:22 GMT
File type JPEG image data, baseline, precision 8, 480x270, components 3
Hash df102b0c13e7f910590f14836ccfb2bf
8ef19fd62412b0c4ab069ec0b1445fd995cb0942
446191fcc27e6a256390ce63ed865f7640a1e8f40d14535d77ee84ac186170fd
GET /d/4/7/d47280e7662c96a6cc5da7c02833769f/thumbs/480x270/1.jpeg HTTP/1.1
Host: nlt05.videosection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 25724
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Metrics-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-bgj: h2pri
last-modified: Mon, 09 Sep 2024 23:15:50 UTC
cache-control: max-age=120
cf-cache-status: HIT
age: 1322
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xrrmZDJfzyfDlT5SkvGa2vuVCvkVZacQdb%2Fo8JacE9WnMwPvd3EPeReWwUo9RB02bCMGZesyP%2FPjWl358HiTMy4lDFF6jQxlcNTyHXAt5UMOgnwch3kclwrPX8OpTFuoUIUKwb4gKcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9442ba2e7e71568e-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1672&min_rtt=465&rtt_var=2384&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1257&delivery_rate=8775757&cwnd=254&unsent_bytes=0&cid=b8e80374408657c1&ts=3229&x=0"
X-Firefox-Spdy: h2
GET cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
200 OK 11 kB URL GET cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
Certificate IssuerGoogle Trust Services
Subjectcdnjs.cloudflare.com
Fingerprint4B:06:E9:E2:47:47:F5:3C:33:58:F8:2A:95:70:22:5E:23:19:03:77
ValidityThu, 22 May 2025 14:38:44 GMT - Wed, 20 Aug 2025 15:38:38 GMT
File type JavaScript source, ASCII text, with very long lines (10613)
Hash ea77f824de2ef57acb12e7cb6596365e
10bad0dbdf30a0471c2c786b349daeb1dd19180e
2b19d92ce83bf3b498f73103ba1240f09c84798b1f92aedf1491ccf0aa6f5e4c
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
server: cloudflare
strict-transport-security: max-age=15780000
cf-ray: 9442ba3d19d556c7-OSL
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 134945
expires: Wed, 13 May 2026 07:09:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IDCsc8peQxAeYnYjLypFFa2WQwh8t%2Bbsx6P7fvaPJbpyhf3LHhayDH6uiaA2cO8S319eURUVNCHMG%2FN8S0iYFMjP3qqSHXwGheGi%2FH7AY9BMQgvuj6UbBuDici%2Fjfe5NnbKQydXh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/a28e7c81036b65df24d80294e754f6b9.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.xyz/upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET lsbzytp.com:3519/upload/vod/20231016-1/863d25c31ceb315491cb8b83b7735f22.jpg
200 OK 58 kB URL GET lsbzytp.com:3519/upload/vod/20231016-1/863d25c31ceb315491cb8b83b7735f22.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "Software: Snipaste", baseline, precision 8, 709x426, components 3
Hash 1a61d4b78cb6f3d86a203d5852650ac1
f7a63f5ad4b0b205af2c67d61296137a4ed995ac
7361ef0617de670b382537b5a919ffa95c6f1d96352f1dabf4837ae4154d05bb
GET /upload/vod/20231016-1/863d25c31ceb315491cb8b83b7735f22.jpg HTTP/1.1
Host: lsbzytp.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 57902
last-modified: Wed, 22 Nov 2023 12:54:19 GMT
vary: Accept-Encoding
etag: "655df9fb-e22e"
expires: Thu, 29 May 2025 09:53:28 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20231217-1/a0f66afb3038800b42791a20c9000ebd.jpg
200 OK 52 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20231217-1/a0f66afb3038800b42791a20c9000ebd.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Hash d83fa0dd4a498d2c164a54b5b61d0d14
f1b6566fe55a6bd5e24207c26fd9b53eb32af6c9
cfbbc1a78976c6626943a0c009f9149d737b6eac21b2d972762997953967dfe3
GET /jpgjingpinx.com/upload/vod/20231217-1/a0f66afb3038800b42791a20c9000ebd.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 52034
last-modified: Tue, 25 Feb 2025 19:32:31 GMT
expires: Fri, 26 Feb 2027 07:32:31 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20231217-1/a0f66afb3038800b42791a20c9000ebd.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ffa8ec1f1d448f5d"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET naturismv.com/images/french-christmas-celebration-part-2-enature-net-russianbare-com.jpg
200 OK 46 kB URL GET naturismv.com/images/french-christmas-celebration-part-2-enature-net-russianbare-com.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash 927e685287c634cca7411c48e60d989b
88e46535e85b4faf05e1e3902ebcd15be2490106
2cf8d7b9ce612ac8efcbe445d072b7bcd9cbe5216cf5dae467c01dcf83903867
GET /images/french-christmas-celebration-part-2-enature-net-russianbare-com.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 46223
server: cloudflare
last-modified: Fri, 19 May 2023 12:04:46 GMT
etag: "646765de-b48f"
expires: Thu, 07 May 2026 04:28:04 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 1392073
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=oXRsgzoWHlW3zeghpkhjWy3LoS4fTjlUvU4ZMzO3ia1gYr%2FSu7Uy%2BwpD1%2FfRS5zXIB0FN1dpKfd%2BU0Dc2Ji2aJX71OkpKJNQ%2FwmC"}]}
cf-ray: 9442ba200b810b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pornolomka.com/favicon.ico
301 Moved Permanently 0 B URL GET pornolomka.com/favicon.ico
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornolomka.com
Fingerprint3E:C1:19:98:F4:14:70:01:04:AD:7E:F4:9A:C2:7D:FC:C7:3C:37:17
ValidityTue, 22 Apr 2025 22:39:51 GMT - Mon, 21 Jul 2025 22:39:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pornolomka.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:29 GMT
content-type: text/html
content-length: 185
location: https://pornolomka2.com/favicon.ico
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
GET treeyork.com/172464/172464.jpg
0 B URL GET treeyork.com/172464/172464.jpg
IP
Certificate IssuerLet's Encrypt
Subjecttreeyork.com
Fingerprint5C:A8:FF:44:5E:C7:52:F0:F7:9A:65:DD:4B:5F:0B:33:B9:1E:A9:4E
ValidityFri, 28 Feb 2025 01:03:45 GMT - Thu, 29 May 2025 01:03:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /172464/172464.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn5-thumbs.motherlessmedia.com/thumbs/E10648D.jpg
200 OK 28 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/E10648D.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 8000x8001, segment length 16, baseline, precision 8, 640x480, components 3
Hash b6bd27b01c18312ba5221bb386d3241a
4b7d2bf3eadc6d39bcf4cba69ff44a76006e51b0
ddaba0c282fab05fb41283bb81ebc6f2a1e1cedb8ce210b4d1ea65fae840de96
GET /thumbs/E10648D.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 28093
vary: x-s-token
last-modified: Sun, 07 Oct 2018 12:29:40 GMT
etag: "6dbd-577a2a89c079d"
x-cache: HIT
x-whom: cdn03
accept-ranges: bytes
GET www.9188porn.xyz/upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET eb.spreee.pro/favicon.ico
404 Not Found 0 B URL GET eb.spreee.pro/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectspreee.pro
FingerprintDD:A1:CB:48:4C:7F:12:30:1F:C1:42:77:B5:1F:E0:E0:5F:A2:47:17
ValidityFri, 02 May 2025 11:36:32 GMT - Thu, 31 Jul 2025 12:34:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: eb.spreee.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:30 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
age: 29
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=lzN4XgrVAroZ5g0epNPL0Z5kSXbm6x7Dd27nmD9bVDITamtm68u49sTjZ2Z6%2FQcktrvOz8HW2eEy2nXB0eHba1BKbE6Awv9f3uGA"}]}
content-encoding: br
cf-ray: 9442ba69085c712e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET en.vidmo.pro/thumbs_320/6e/cb/6ecb40dca64eeb97fde81e027d45abcc/12389812.jpg
200 OK 40 kB URL GET en.vidmo.pro/thumbs_320/6e/cb/6ecb40dca64eeb97fde81e027d45abcc/12389812.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 320x240, components 3
Hash 3ae7b4e8c1909f47e8d2ed2667cbca4d
adbccb669e5cbe7ce04b76d7d50633809354b9d5
b7bfa75d5a3b4a449c61ad48f2688d4ce9ed55d58e604ececd175c182e1121b6
GET /thumbs_320/6e/cb/6ecb40dca64eeb97fde81e027d45abcc/12389812.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 39795
last-modified: Thu, 15 Oct 2020 23:19:46 GMT
expires: Fri, 05 Apr 2024 19:51:56 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET sasisa.ru/favicon.ico
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: sasisa.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.po-kaki-to.com/wp-content/uploads/2022/07/1657458101.jpg
200 OK 55 kB URL GET www.po-kaki-to.com/wp-content/uploads/2022/07/1657458101.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectpo-kaki-to.com
Fingerprint2D:88:4E:92:5F:C7:51:EC:F9:E4:49:40:10:44:0F:CF:22:12:71:03
ValidityTue, 15 Apr 2025 02:20:13 GMT - Mon, 14 Jul 2025 03:18:25 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPCM), density 47x47, segment length 16, progressive, precision 8, 650x500, components 3
Hash f00a57b4216f6799c4196c479be20543
e8455f1855846a2c4652738d7f967bbfb36f7f08
030fa1f022425f02ed84de9e22f2dbd71d6950127ea47bdfb3b9e00e9acd34fd
GET /wp-content/uploads/2022/07/1657458101.jpg HTTP/1.1
Host: www.po-kaki-to.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 55036
server: cloudflare
last-modified: Sun, 10 Jul 2022 13:01:41 GMT
etag: "62cacdb5-d6fc"
expires: Sat, 12 Jul 2025 05:07:11 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
accept-ranges: bytes
age: 871329
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=FNo44V%2FH79Lnl0wk%2F%2BY540twEyzcwGsd8pBFnxlHqtgoL8K%2BiB0k80Zn5j1i%2BtgcoykLqXXT9h3oKZPjnEgJs8yOHYlfzJrTodtaCf8P3DM%3D"}]}
cf-ray: 9442ba3238e856c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET media.crazyshit.com/content/2021/02/902283fb.png
200 OK 1.6 MB URL GET media.crazyshit.com/content/2021/02/902283fb.png
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectmedia.crazyshit.com
Fingerprint75:EC:4E:74:4F:5C:73:FB:18:18:58:60:BF:13:60:98:B5:67:61:C7
ValidityMon, 31 Mar 2025 02:32:22 GMT - Sun, 29 Jun 2025 02:32:21 GMT
File type PNG image data, 720 x 540, 8-bit/color RGBA, non-interlaced
Size 1.6 MB (1558306 bytes)
Hash 7374dc1bc839561e8e59e76b699254c8
b47c1cef3c962f389cdb12c061e7f01a30cfd64c
69486c6813196a1fb2234496038f5dcb1d1d7b9b93d05ad8cb1c06bb9eef705d
GET /content/2021/02/902283fb.png HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/png
content-length: 1558306
server: nginx/1.26.0
x-object-meta-mtime: 1613984327.553283513
etag: 7374dc1bc839561e8e59e76b699254c8
last-modified: Mon, 05 Apr 2021 11:17:11 GMT
x-timestamp: 1617621430.88285
x-trans-id: tx4af50ccf84354ad79b409-0066d719f2
x-openstack-request-id: tx4af50ccf84354ad79b409-0066d719f2
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 25 May 2025 07:09:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20240619-3/35663e156b055adf6c34df1b782131c1.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET en.vidmo.pro/thumbs_320/cb/30/cb3051c3aa8e3bec02616c6e9964ab13/9837226.jpg
200 OK 15 kB URL GET en.vidmo.pro/thumbs_320/cb/30/cb3051c3aa8e3bec02616c6e9964ab13/9837226.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 320x240, components 3
Hash e0e87571e10cde61405d5794c2837059
35d9090dea831df2e5c33fa8a130695793878f55
be2b46cbb5461c7e433085db6449c829f09ddb6f29b4f204732d911f0cc88a0c
GET /thumbs_320/cb/30/cb3051c3aa8e3bec02616c6e9964ab13/9837226.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 14958
last-modified: Mon, 13 May 2019 16:07:45 GMT
expires: Fri, 23 Feb 2024 16:05:12 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/47278404c982c9c4c9125c21b895c1a2.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.xyz/upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.com/upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/e1f9726bd7f0d7980ecba691b586ae02.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 23 May 2025 07:09:25 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H3%2BPSiML8Rc9SdX5zjab3U6O2Dj%2BP1njXBrBEaMV5wZur5Ydqn41lLow2l3u3k88vqJGbW%2BjrNqrdLyRMLQtYFzoXFg0m3P8R5W%2BU5kd4svF64r6fzQS4Ie24U9DXKEbr4tR"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 23 May 2025 07:09:40 GMT
content-encoding: br
cf-ray: 9442ba49df6b0b4d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=13698&min_rtt=5529&rtt_var=11720&sent=76&recv=86&lost=0&retrans=1&sent_bytes=23440&recv_bytes=6258&delivery_rate=1578295&cwnd=12000&unsent_bytes=0&cid=a6c59b246bbc7dac&ts=8362&x=80"
GET pornyc.com/favicon.ico
200 OK 1.2 kB IP
Certificate IssuerGoogle Trust Services
Subjectpornyc.com
FingerprintA5:26:AC:13:8A:C9:12:28:A6:C8:DD:FE:E6:19:18:C8:8B:2B:5D:04
ValiditySat, 26 Apr 2025 11:01:12 GMT - Fri, 25 Jul 2025 11:59:34 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 76a87b9c0965503d64dc4f0a9b73e3cb
b2a7bea1303bb39aea20f3f05b820c8c388efcdf
98734b691a87d139a39c2cf171a653311834a47bb9f7aeef888a26b0fc579837
GET /favicon.ico HTTP/1.1
Host: pornyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wmQW%2BL0vAlSWw6593Y1G05poTZS%2FYVIocS%2BegXuzOhDIE3yXbT66TYvS%2BoqghMc1otVSHX682QgpBCkEn%2B9hvQjNTvmy45MbO%2BPRjM4LQRc%2BS8qQ56M7zDfUbWXs"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 21 Sep 2021 08:49:38 GMT
etag: "61499ca2-47e"
expires: Wed, 13 May 2026 01:20:27 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 884941
accept-ranges: bytes
cf-ray: 9442ba5c2c5556af-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=10571&min_rtt=2652&rtt_var=6310&sent=110&recv=141&lost=0&retrans=0&sent_bytes=9087&recv_bytes=8100&delivery_rate=206826&cwnd=12000&unsent_bytes=0&cid=293fe82479edc238&ts=7903&x=80"
GET de.chezcathy.com/favicon.ico
200 OK 1.4 kB URL GET de.chezcathy.com/favicon.ico
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectde.chezcathy.com
Fingerprint31:12:9B:3D:36:76:58:1A:A6:9A:79:7E:FC:73:A6:11:BB:73:13:0C
ValidityThu, 17 Apr 2025 03:06:12 GMT - Wed, 16 Jul 2025 03:06:11 GMT
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Hash 8851a1b28ebe567b927c9ae6600a8fc6
113da6a02dff45d4b9c0d3c9ae531445a8c7b687
b545a5091485f5dd485f0e9d2abcd55a06b22f9359c6da8955b8da7b1d3c9212
GET /favicon.ico HTTP/1.1
Host: de.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:30 GMT
content-length: 1406
server: BunnyCDN-DE1-874
cdn-pullzone: 3632933
cdn-uid: 0f7047b6-2b70-4588-b55a-df9b2a15bf91
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"1406-1744916365610"
last-modified: Thu, 17 Apr 2025 18:59:25 GMT
cdn-cachedat: 05/08/2025 21:05:47
x-powered-by: Express
cdn-proxyver: 1.27
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 7635d7d74f19bcf734718cedb7ec6deb
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pornolomka2.com/favicon.ico
404 Not Found 0 B URL GET pornolomka2.com/favicon.ico
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornolomka2.com
Fingerprint5E:83:DF:E0:31:40:AC:3C:BC:70:FA:A6:4C:5A:B3:43:56:02:22:15
ValidityThu, 22 May 2025 22:44:05 GMT - Wed, 20 Aug 2025 22:44:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:29 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
GET ymlporn1.net/imgs/0b/0b02490b442bd1f179d7f944d3157b02.jpg
200 OK 6.4 kB URL GET ymlporn1.net/imgs/0b/0b02490b442bd1f179d7f944d3157b02.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectymlporn1.net
Fingerprint9E:64:83:41:29:A2:75:7B:B6:68:E6:DD:4D:DF:B0:48:C0:3C:AE:AB
ValidityFri, 18 Apr 2025 22:43:24 GMT - Thu, 17 Jul 2025 23:40:57 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3
Hash 08e6d6c871795231f92f04c9e48c5a61
ccbf75e0b0124a605a8e537bb558581c3bf22e0b
fa2b9cd4812d803ab7ff4286615e2b633a85551900e2931c4f816fd034f58474
GET /imgs/0b/0b02490b442bd1f179d7f944d3157b02.jpg HTTP/1.1
Host: ymlporn1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 6436
server: cloudflare
last-modified: Wed, 12 Sep 2018 16:31:48 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "5b993f74-1924"
accept-ranges: bytes
age: 31
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=8zJSWP9y3RP0lrvVukJt%2FRtMoAuIHdvB%2FIyBCgZg8yoBpzn3953vYx4zVF%2FBdvADfRKOEEgwO3MXgacVA%2BOw3sVkRB0Q8hUmLis%3D"}]}
cf-ray: 9442ba3a9db556a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET baraag.net/@KDE/image/png
200 OK 0 B URL GET baraag.net/@KDE/image/png
IP
Certificate IssuerLet's Encrypt
Subjectbaraag.net
FingerprintAB:C0:A5:40:B1:C4:1B:DA:AE:12:A1:80:42:EA:71:7A:11:02:84:8B
ValidityTue, 06 May 2025 08:35:46 GMT - Mon, 04 Aug 2025 08:35:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /@KDE/image/png HTTP/1.1
Host: baraag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=cTlBUZYvYgvA7xdR; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:24 GMT
__ddg10_=1747984164; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:24 GMT
__ddg9_=91.90.42.154; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:24 GMT
__ddg1_=lcJXoWN1reWmY806C1oR; Domain=.baraag.net; HttpOnly; Path=/; Expires=Sat, 23-May-2026 07:09:24 GMT
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: same-origin
vary: Accept-Encoding, Accept, Accept-Language, Cookie
link: </packs/js/locale/tr-json-8d299d27b0d858c0cbfd.chunk.js>; rel=preload; as=script; type=text/javascript; integrity=sha256-Te+gcZpOH2skKaXgPFcFMMLw8pSsux7NItaYleQ33Ac=
cache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
etag: W/"9abe6620b48bb9492bb627241e5e43a1"
content-security-policy: upgrade-insecure-requests;, base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://baraag.net; img-src 'self' data: blob: https://baraag.net https://media.baraag.net; style-src 'self' https://baraag.net 'nonce-PC3ubJ8wvD4yHhLX+aREyA=='; media-src 'self' data: https://baraag.net https://media.baraag.net; manifest-src 'self' https://baraag.net; form-action 'none'; child-src 'self' blob: https://baraag.net; worker-src 'self' blob: https://baraag.net; connect-src 'self' data: blob: https://baraag.net https://media.baraag.net wss://baraag.net; script-src 'self' https://baraag.net 'wasm-unsafe-eval'; frame-src 'self' https:
x-request-id: 979310e6-4e28-49ee-bd53-634ab0a73c9e
x-runtime: 0.023084
strict-transport-security: max-age=63072000; includeSubDomains
x-cached: MISS
content-encoding: gzip
age: 8
content-length: 10750
ddg-cache-status: HIT,HIT
X-Firefox-Spdy: h2
GET xmaza.co/favicon.ico
302 Found 10 kB IP
Certificate IssuerGoogle Trust Services
Subjectxmaza.co
FingerprintAD:8A:D3:94:6A:9C:9F:A3:2D:36:A5:13:EB:74:98:AB:80:B7:AE:45
ValidityFri, 25 Apr 2025 08:33:21 GMT - Thu, 24 Jul 2025 09:31:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xmaza.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Q9JxzM7wTt7WqSg0Rgcabg26iNTWVe%2Fivi%2FFtsSjE5Ha7QKfFYJJj8HaeTnN3ankRRKfMXmLZZrWWyRvnE653gG8yeGqAVSoxyn48RX8imidc2QtTZpcqPDhA%3D%3D"}],"group":"cf-nel","max_age":604800}
link: <https://xmaza.co/wp-json/>; rel="https://api.w.org/"
x-redirect-by: WordPress
location: https://xmaza.co/wp-content/uploads/2024/10/icon-150x150.png
alt-svc: h3=":443"; ma=86400
cf-cache-status: BYPASS
cf-ray: 9442ba5acd5056a8-OSL
server: cloudflare
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8887&min_rtt=1024&rtt_var=7775&sent=79&recv=116&lost=0&retrans=0&sent_bytes=7352&recv_bytes=6796&delivery_rate=214765&cwnd=12000&unsent_bytes=0&cid=acfcde79dc7b62b5&ts=6746&x=80"
GET www.googletagmanager.com/gtag/js?id=UA-620120-3
200 OK 259 kB URL GET www.googletagmanager.com/gtag/js?id=UA-620120-3
IP
Certificate IssuerGoogle Trust Services
Subject*.google-analytics.com
Fingerprint02:7D:56:C0:B9:20:0C:27:A4:AC:B9:8F:9D:45:1D:85:2A:30:50:AD
ValidityMon, 21 Apr 2025 08:40:41 GMT - Mon, 14 Jul 2025 08:40:40 GMT
File type JavaScript source, ASCII text, with very long lines (2385)
Size 259 kB (258843 bytes)
Hash 3596f623d954fb67d596978836a2140c
9608cdf4c24dcbbd8f4b9a480c5421ebd4111a8b
fb87b0f036188466102056d98798e61233c0f2f47d6b622936134a135111be9d
GET /gtag/js?id=UA-620120-3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 May 2025 07:09:23 GMT
expires: Fri, 23 May 2025 07:09:23 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 May 2025 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1075:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:1075:0
report-to: {"group":"ascgcycc:1075:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1075:0"}],}
server: Google Tag Manager
content-length: 92732
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET www.9188porn.xyz/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET fapdig.com/favicon.ico
301 Moved Permanently 0 B IP
Certificate IssuerGoogle Trust Services
Subjectfapdig.com
FingerprintC3:67:11:1F:C0:57:78:75:BE:3E:C3:A5:8C:CA:C8:85:D7:DA:A5:1A
ValiditySat, 17 May 2025 14:44:06 GMT - Fri, 15 Aug 2025 15:40:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 301 Moved Permanently
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bj0g8yivzBvIlWqi8qpbBCo5bXttVlN0OpeDuTCGiB47yuQpTyDF%2BdZwrX2atunr44wrAOpoPnrtZvBvTA97JWzWAYDXm%2FEgdqUaCHKY8G8ceiaPF%2F5K3Eei2Uii"}],"group":"cf-nel","max_age":604800}
location: https://fapdig.com/faviconico/
set-cookie: ASPro_1382933ca042bef776e8100bd5eb8ac5=4ciphtmqk9dcn07uqa5dink5hi; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: BYPASS
cf-ray: 9442ba5d0ffa56cb-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6396&min_rtt=734&rtt_var=4310&sent=88&recv=119&lost=0&retrans=1&sent_bytes=7851&recv_bytes=6942&delivery_rate=313822&cwnd=12000&unsent_bytes=0&cid=5e6d271239b96a9b&ts=6057&x=80"
GET xorow.ru/files/russkoe_porno/potaskuha_s_malenkimi_siskami_pryigaet_na_chlene_russkogo/screen.jpg
200 OK 9.0 kB URL GET xorow.ru/files/russkoe_porno/potaskuha_s_malenkimi_siskami_pryigaet_na_chlene_russkogo/screen.jpg
IP
ASN #207728 EUROHOSTER Ltd.
Certificate IssuerLet's Encrypt
Subjectwww.xorow.ru
FingerprintB3:E5:F9:15:C9:21:24:08:67:39:18:E0:07:EC:13:29:5F:EF:FB:20
ValidityTue, 08 Apr 2025 23:19:45 GMT - Mon, 07 Jul 2025 23:19:44 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 266x200, components 3
Hash a87ef1d6dc1b19f882800410877fa3ad
e6eb7287fd28fed5c720a767c0095eeeb1177767
2385dada5934d5c9ad8a02c32f606f47017840bba0821a72534fa26056e276c3
GET /files/russkoe_porno/potaskuha_s_malenkimi_siskami_pryigaet_na_chlene_russkogo/screen.jpg HTTP/1.1
Host: xorow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 9005
Last-Modified: Sun, 19 Jul 2020 07:40:48 GMT
Connection: keep-alive
ETag: "5f13f900-232d"
Expires: Sat, 24 May 2025 07:09:20 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes
GET ymlporn1.net/imgs/81/81705bd436fa07c370da79ed896ada15.jpg
200 OK 10 kB URL GET ymlporn1.net/imgs/81/81705bd436fa07c370da79ed896ada15.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectymlporn1.net
Fingerprint9E:64:83:41:29:A2:75:7B:B6:68:E6:DD:4D:DF:B0:48:C0:3C:AE:AB
ValidityFri, 18 Apr 2025 22:43:24 GMT - Thu, 17 Jul 2025 23:40:57 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3
Hash e88da9567ebe0d296ef81e15175f8e8e
656cca55263430e5a6d97b362f0b0d04e67f37c2
2cfc1bc74a8f9e7ac323b9333e166c6bb2326add7a8f744b5847230034c1dd41
GET /imgs/81/81705bd436fa07c370da79ed896ada15.jpg HTTP/1.1
Host: ymlporn1.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 10063
server: cloudflare
last-modified: Wed, 12 Sep 2018 19:14:10 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "5b996582-274f"
accept-ranges: bytes
age: 531
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=w1a7d3U5DxgoSnnWusu%2FdC%2BKUfixah5M0hxRd%2Fsc2cKWF%2BqxfoHYdy%2BXotJbvcrOvMcc3y2Z0WIpj2KGUpmFdcgidPIDwLTuThk%3D"}]}
cf-ray: 9442ba27cf6156a9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET feimian.slsltutu.com/upload/vod/20231020-1/7f040d725c2a0b4d9c3f947474ff0c06.jpg
0 B URL GET feimian.slsltutu.com/upload/vod/20231020-1/7f040d725c2a0b4d9c3f947474ff0c06.jpg
IP
Certificate IssuerLet's Encrypt
Subjectpic.lbtp88.com
FingerprintE0:D8:E9:3E:58:88:56:C3:37:E7:59:82:D9:67:E8:D2:F9:49:E6:84
ValidityFri, 28 Mar 2025 15:36:34 GMT - Thu, 26 Jun 2025 15:36:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20231020-1/7f040d725c2a0b4d9c3f947474ff0c06.jpg HTTP/1.1
Host: feimian.slsltutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET img.imghuo.cfd/sp/media/videos/tmb/2362/16.jpg
200 OK 13 kB URL GET img.imghuo.cfd/sp/media/videos/tmb/2362/16.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimg.imghuo.cfd
Fingerprint8E:A1:62:82:8D:80:F7:81:D5:85:E8:88:A3:92:94:47:71:0E:A0:E5
ValidityWed, 21 May 2025 07:47:38 GMT - Tue, 19 Aug 2025 07:47:37 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 384x214, components 3
Hash cbe71119b0378551bf382b305c26f172
ec13554454e4ae51f06fe40281e86852bd007a3e
12943d3aa28513a622cf9932cf2810ca69abb8fd86f5fdcf6e56484ccc68015d
GET /sp/media/videos/tmb/2362/16.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 12554
Last-Modified: Sat, 23 Mar 2024 12:20:56 GMT
Connection: keep-alive
ETag: "65fec928-310a"
Accept-Ranges: bytes
GET rolotube.com/images/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/ HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.xvideos.com/favicon.ico
200 OK 15 kB URL GET www.xvideos.com/favicon.ico
IP
ASN #46652 SERVERSTACK-ASN
Certificate IssuerSectigo Limited
Subject*.xvideos.com
Fingerprint8A:99:1B:79:BF:20:90:58:BE:23:F3:B2:15:CA:58:D1:87:C9:8F:0E
ValidityMon, 30 Dec 2024 00:00:00 GMT - Fri, 30 Jan 2026 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Hash d6baf7b631c1e482b6e2f770f9e67057
73eb49e766e5954e1ad9538cc35038b9f14494b9
fa1ee8d05ad6dfa0731ee0d37badfd019cc3315e6d3b9ca1ae161cee4749481b
GET /favicon.ico HTTP/1.1
Host: www.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 23 May 2025 07:09:29 GMT
Content-Type: image/x-icon
Content-Length: 15086
Last-Modified: Mon, 09 Oct 2023 14:43:32 GMT
ETag: "65241194-3aee"
Expires: Fri, 30 May 2025 07:09:29 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
Server: nginx
GET www.po-kaki-to.com/wp-content/uploads/2022/08/1660791440.jpg
200 OK 181 kB URL GET www.po-kaki-to.com/wp-content/uploads/2022/08/1660791440.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectpo-kaki-to.com
Fingerprint2D:88:4E:92:5F:C7:51:EC:F9:E4:49:40:10:44:0F:CF:22:12:71:03
ValidityTue, 15 Apr 2025 02:20:13 GMT - Mon, 14 Jul 2025 03:18:25 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x960, components 3
Size 181 kB (181319 bytes)
Hash 8ff4f8e27712295fb46f03a685039bda
0c9fd0d1abb2b141f887b0e7d611e073786d9d8b
954a43e1d882fe36abab2a017c4e0ac0449b011bc9cd9acce2536e396892eb88
GET /wp-content/uploads/2022/08/1660791440.jpg HTTP/1.1
Host: www.po-kaki-to.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 181319
server: cloudflare
last-modified: Thu, 18 Aug 2022 02:57:20 GMT
etag: "62fdaa90-2c447"
expires: Sat, 21 Jun 2025 23:34:54 GMT
cache-control: max-age=5184000
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
accept-ranges: bytes
age: 2619263
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IC47%2FrXeZViQD4D6ryhhQaORTonVYuIbUEC8OKyr1xDbAwzjFLSl4ga0D7oLb1Lbt21wPjNEHy4NCJmYJbZZc7z20Gp8n9VaEg8rG4HaGq0%3D"}]}
cf-ray: 9442ba20689c56c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn5-thumbs.motherlessmedia.com/thumbs/484AE0F.jpg
200 OK 21 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/484AE0F.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 8000x8001, segment length 16, baseline, precision 8, 640x480, components 3
Hash 278f9dc755d4ec59047c388b1b68a9db
7523cb912b38ecb54d5508a59deace7fe9131016
44c171ccce54b5ded718c0d5889990d5da1fb35d5c1164c3aefcea9827e9e14d
GET /thumbs/484AE0F.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 20808
vary: x-s-token
last-modified: Wed, 03 Oct 2018 14:07:58 GMT
etag: "5148-5775390cc827b"
x-cache: HIT
x-whom: cdn08
accept-ranges: bytes
GET zxvideosnet.z00.monster/scj/thumbs/7/132_team.jpg
200 OK 19 kB URL GET zxvideosnet.z00.monster/scj/thumbs/7/132_team.jpg
IP
Certificate IssuerLet's Encrypt
Subjectzxvideosnet.z00.monster
FingerprintEA:C9:4B:0B:F6:DB:FB:A2:4D:A0:BC:73:36:E5:66:EF:39:81:9D:0A
ValidityMon, 07 Apr 2025 04:31:46 GMT - Sun, 06 Jul 2025 04:31:45 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3
Hash 1487d75b90bb97ea32292f96f46d4410
126cb6642dc41b5f049da061b24a5aef4ea85cbb
4b16c241147ae063d4066e77b0c6eb4629ae6e6a758c61eb6bb80c7677500f37
GET /scj/thumbs/7/132_team.jpg HTTP/1.1
Host: zxvideosnet.z00.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 18647
last-modified: Mon, 25 Apr 2022 19:04:27 GMT
etag: "6266f0bb-48d7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/75a82977d340709e007133a618799818.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/75a82977d340709e007133a618799818.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/75a82977d340709e007133a618799818.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET xvideosrei.com/favicon.ico
404 Not Found 0 B URL GET xvideosrei.com/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subjectwww.xvideosrei.com
FingerprintC2:28:3A:CF:8A:D8:6A:AE:2F:E5:5E:F8:61:B6:CF:EB:A3:2F:85:03
ValiditySun, 18 May 2025 11:52:41 GMT - Sat, 16 Aug 2025 11:52:40 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xvideosrei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:02:47 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
version: MS25051001
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000;
content-encoding: br
X-Firefox-Spdy: h2
GET yinwo305.buzz/favicon.ico
441 No Reason Phrase 0 B URL GET yinwo305.buzz/favicon.ico
IP
Certificate IssuerDigiCert Inc
Subjectyinwo305.buzz
FingerprintC7:8F:40:01:27:80:5B:5D:37:72:D6:23:95:B2:6B:A0:05:11:08:EF
ValidityWed, 30 Apr 2025 00:00:00 GMT - Wed, 29 Apr 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: yinwo305.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 441 No Reason Phrase
date: Fri, 23 May 2025 07:09:29 GMT
server: Parking/1.0
content-length: 0
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240113-1/9af0d665469168d19032a6c6b3545778.jpg
200 OK 34 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240113-1/9af0d665469168d19032a6c6b3545778.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5053203d224f3ac7801edbdb0d3cfd48
d96b6c84b46acd675dc6b632de01de5ea16c69d4
cbf850035c93d56cbb35f4b8dd098acc947683161b88c9931aae575b37f433d9
GET /jpgjingpinx.com/upload/vod/20240113-1/9af0d665469168d19032a6c6b3545778.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 33976
last-modified: Fri, 28 Mar 2025 21:13:16 GMT
expires: Mon, 29 Mar 2027 09:13:16 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240113-1/9af0d665469168d19032a6c6b3545778.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "847d4426e4056846"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn.ahsexfilme.com/videos_screenshots/0/896/preview.jpg
200 OK 42 kB URL GET cdn.ahsexfilme.com/videos_screenshots/0/896/preview.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectcdn.ahsexfilme.com
Fingerprint5C:5B:42:36:2B:2F:4A:7F:85:49:65:8B:1D:7E:B4:52:BE:58:9D:F2
ValiditySun, 04 May 2025 02:32:14 GMT - Sat, 02 Aug 2025 02:32:13 GMT
File type JPEG image data, baseline, precision 8, 1280x720, components 3
Hash 3d7331d0428b743efd963f7bc424319f
e1c31dcf668acb8d7cfdd91374454becbd08ece1
0e807e6a8953d92ed7986044de9b3b571792194f93b9e621239164c1b4c5e9e0
GET /videos_screenshots/0/896/preview.jpg HTTP/1.1
Host: cdn.ahsexfilme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 41587
server: nginx/1.20.1
last-modified: Tue, 30 Jun 2020 21:35:02 GMT
etag: "5efbb006-a273"
expires: Sun, 25 May 2025 07:09:22 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET rtgallery.net/tb/17dksn.jpg
200 OK 36 kB URL GET rtgallery.net/tb/17dksn.jpg
IP
Certificate IssuerLet's Encrypt
Subjectrtgallery.net
Fingerprint4E:C3:40:07:97:1C:DC:20:B3:66:18:DA:CD:F2:BF:27:EA:C5:AF:C4
ValiditySun, 23 Mar 2025 17:35:52 GMT - Sat, 21 Jun 2025 17:35:51 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, comment: "Created with GIMP", progressive, precision 8, 480x360, components 3
Hash 26aaeefbfb73f60d874259a4382a5edd
0f341cf929a003fae2e6f2cf34aef66b8e732f58
d9e53890ac78bb65a3013ba0162ae6439cc53ebbf5b2ae88a8dcea6d67649be2
GET /tb/17dksn.jpg HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 36480
Last-Modified: Sun, 16 Jul 2023 06:16:15 GMT
Connection: keep-alive
ETag: "64b38b2f-8e80"
Cache-Control: private, max-age=600, must-revalidate
Accept-Ranges: bytes
GET img.hgimg01.com/upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg
0 B URL GET img.hgimg01.com/upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET pornohub24.ru/favicon.ico
404 Not Found 0 B URL GET pornohub24.ru/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subjectpornohub24.ru
FingerprintAC:7A:EA:AD:46:D7:7D:01:A1:BD:3E:92:DD:14:FD:82:9A:5F:7D:0B
ValidityTue, 01 Apr 2025 01:51:47 GMT - Mon, 30 Jun 2025 01:51:46 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pornohub24.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.24.0
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=iso-8859-1
content-encoding: gzip
X-Firefox-Spdy: h2
GET x-xx.pro/favicon.ico
200 OK 1.2 kB IP
Certificate IssuerLet's Encrypt
Subjectwww.x-xx.pro
FingerprintCC:49:4D:E9:A4:53:90:C2:F8:FF:02:80:1A:17:07:8B:8E:AB:87:C6
ValidityMon, 24 Mar 2025 09:20:10 GMT - Sun, 22 Jun 2025 09:20:09 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 4b3ee4f4a3f61a7c0c17b86ccf3bfc35
051526763921be02cfc745ce18595956032a018d
1a71bdc24fb78bb89b79a5e5cfc1b3404808d68098959c42bb4bcc0d42201f8b
GET /favicon.ico HTTP/1.1
Host: x-xx.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Fri, 11 Dec 2020 08:09:32 GMT
etag: "5fd3293c-47e"
expires: Fri, 30 May 2025 07:09:29 GMT
cache-control: max-age=604800
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.ikikiv.uk/favicon.ico
0 B URL GET www.ikikiv.uk/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ikikiv.uk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.sexetag.com/thumbs/72/72622/player.jpg
200 OK 34 kB URL GET www.sexetag.com/thumbs/72/72622/player.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectsexetag.com
Fingerprint55:2D:BF:68:94:26:A9:60:AC:10:D0:8F:7A:49:93:43:7F:72:FC:D6
ValiditySat, 10 May 2025 20:15:08 GMT - Fri, 08 Aug 2025 21:15:05 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 938x528, components 3
Hash e09b8322976f256bb492b7256aa12904
70c87155c093a26d8350645897e18ac7910cb567
f84b59a5ca9a53404ce4367db6db9dc50c68395ad43bc62fd29f44826df1ffb1
GET /thumbs/72/72622/player.jpg HTTP/1.1
Host: www.sexetag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 33899
cache-control: max-age=3888000
cf-bgj: imgq:100,h2pri
cf-polished: origSize=33925, status=vary_header_present
etag: "8485-592153b7d64e7"
last-modified: Mon, 09 Sep 2019 02:06:13 GMT
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 3566492
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=trEItsBcjnaqsgSytD9N0agXp5MkP26b7yE%2F%2BLSD4MSOb%2FRUOBE4tp4oHSL6tB9M%2FByRDx5TE3dzjLQBCijIxhCosL9Yj3b%2FGPtt7lXok%2FF73%2Bfh6wEQMC3DKNPlyHRvng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba2db8e3568b-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1375&min_rtt=511&rtt_var=1758&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3199&recv_bytes=1094&delivery_rate=7264214&cwnd=254&unsent_bytes=0&cid=eb9042636fc826c8&ts=3352&x=0"
X-Firefox-Spdy: h2
GET images.ohsex.pro/movs/711/670_teen-schoolgirls-porn.jpg
200 OK 11 kB URL GET images.ohsex.pro/movs/711/670_teen-schoolgirls-porn.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectohsex.pro
FingerprintBF:45:D1:CD:92:37:6F:C7:5E:4B:69:4E:B4:DA:07:41:FF:47:E5:8F
ValiditySat, 17 May 2025 19:55:35 GMT - Fri, 15 Aug 2025 20:53:13 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 300x185, components 3
Hash e7e7ab25e0e6a342cc994e46c6d4f50f
2e158616b54f03ec0ca66b30fc6ecccec2cabf45
46c90012b2271007f7c2a9f219a266a6a10c27c55c7e679ff4fb56fee156e107
GET /movs/711/670_teen-schoolgirls-porn.jpg HTTP/1.1
Host: images.ohsex.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 11281
server: cloudflare
last-modified: Mon, 06 Dec 2021 15:53:19 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "61ae31ef-2c11"
expires: Sun, 25 May 2025 05:30:01 GMT
cache-control: max-age=604800
accept-ranges: bytes
age: 437958
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9vshplCRJMF%2BCnQF0C6Wrqgsjcbp36%2FZ%2FNyqoPjjijGaTJJu5%2Bfek6McOrckV9RpS1JuKr4emEpz%2FD0NxWzsqHwSOQbbFx1U8KTki%2BY5"}]}
cf-ray: 9442ba2989a556a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 555.tourismdaily.ru/roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png
200 OK 41 kB URL GET 555.tourismdaily.ru/roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png
IP
Certificate IssuerGoogle Trust Services
Subjecttourismdaily.ru
Fingerprint98:BE:35:48:27:AA:73:3D:01:AE:98:BE:6D:FA:6F:23:EA:81:61:EB
ValidityFri, 09 May 2025 07:41:41 GMT - Thu, 07 Aug 2025 08:39:15 GMT
File type PNG image data, 320 x 240, 8-bit colormap, non-interlaced
Hash c62b423d53ff5b8ddea33abd32469369
d8d2103251a532b715cbdfbc936462055a42ffbc
47765723cbbf83499daffab782946262827890f34088ec1501125ee52df3b75e
GET /roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png HTTP/1.1
Host: 555.tourismdaily.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/png
content-length: 40820
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 189852
cache-control: max-age=14400
cf-cache-status: HIT
last-modified: Wed, 21 May 2025 02:25:09 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LdJQcqR0gmyl8rLHYU43K%2BwG8LAuvH4ab2VmTOQ2i8r3Bc0tDKEjwCyCrdJv1Jqf2UsB4WY4mqYOwHyD243L59uLzrm%2BXLk8mnn%2FPARuQk1g"}]}
cf-ray: 9442ba376a63b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdne-pics.youjizz.com/5/0/5/50548b06796f01e03fd4c46bdcc2f3aa1526415015-768-432-625-h264.mp4-1.jpg
200 OK 14 kB URL GET cdne-pics.youjizz.com/5/0/5/50548b06796f01e03fd4c46bdcc2f3aa1526415015-768-432-625-h264.mp4-1.jpg
IP
Certificate IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 12283x18144, segment length 16, comment: "Lavc52.123.0", baseline, precision 8, 308x232, components 3
Hash 1c63ee90afd96693661bad06cd83e5a4
30df2c21a41971aea906ce142690af2ffb2699d9
226436327a251ee3357b8ada5ce8caeedbdc4261ce37acfaeda2a6bac57cbb6c
GET /5/0/5/50548b06796f01e03fd4c46bdcc2f3aa1526415015-768-432-625-h264.mp4-1.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpeg
content-length: 14219
last-modified: Tue, 15 May 2018 20:17:34 GMT
etag: "378b-56c444aece78e"
expires: Sat, 28 Jun 2025 19:30:58 GMT
cache-control: max-age=10621197
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6141-2-111894-h-0-0---;6140-200-1293799----0-0-1
X-Firefox-Spdy: h2
GET pornogids.cc/contents/videos_screenshots/78000/78994/preview.jpg
200 OK 27 kB URL GET pornogids.cc/contents/videos_screenshots/78000/78994/preview.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectpornogids.cc
Fingerprint4F:63:9C:D3:CE:6C:1A:9A:58:7F:70:1D:AF:F9:1D:E2:6B:4F:75:88
ValiditySat, 17 May 2025 12:19:58 GMT - Fri, 15 Aug 2025 13:18:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc60.31.102", baseline, precision 8, 640x360, components 3
Hash f9e97ec823af01bc5fa6bb28b9ce05ef
76ba9658077bf4c44435b0efa1eb085ddec76eca
80976faf3ceb1c363af71560dece0960888ba0883988f1d3ef01afaf1e88a33e
GET /contents/videos_screenshots/78000/78994/preview.jpg HTTP/1.1
Host: pornogids.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 27055
server: cloudflare
last-modified: Sat, 08 Mar 2025 09:18:57 GMT
etag: "67cc0b81-69af"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
age: 2631506
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=HsXPTgHUUZwjhkkT5Te6fHtpzMIAHTjYoIjTKM113LsVdCp1FLhtYCyNXFnvn0fKC3z7C2LjOyCVrpXbVNnbv7fgGolcXgIC7Ik%3D"}]}
cf-ray: 9442ba309980b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET meetcdn.com/vs/46209473.jpg
200 OK 42 kB URL GET meetcdn.com/vs/46209473.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectmeetcdn.com
Fingerprint23:B5:5D:F4:A9:AC:80:BF:55:00:A6:B9:A1:EA:DC:FF:B5:10:75:3E
ValidityThu, 08 May 2025 06:17:43 GMT - Wed, 06 Aug 2025 07:16:07 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.64.101", baseline, precision 8, 960x720, components 3
Hash f03c52c9b0deb6b9d386ecae0866b7f8
8d7d71c205820be6a4a10d14c369ef40329912bc
fb62043e0c481fb3a0c4b1937bd03ef47ced6473c9eff431d0c100384cb23f7e
GET /vs/46209473.jpg HTTP/1.1
Host: meetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 41819
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 19 Nov 2019 07:23:17 GMT
etag: "5dd39865-a35b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
accept-ranges: bytes
age: 2630627
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=W%2BW0ftjbZlHbzutbBTk%2BMElZcCKe30K4eSrZtWguPzG00Hw0Qxh66nBDrXWwM9McwyV8FYf0JUoaEgXnA6Btduu6vbxCD5OgoQ%3D%3D"}]}
cf-ray: 9442ba355b285688-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ljcdn.kd-pic6669.com/20240714/4puQUktN/1.jpg
0 B URL GET ljcdn.kd-pic6669.com/20240714/4puQUktN/1.jpg
IP
Certificate IssuerLet's Encrypt
Subjectljcdn.comtucdncom.com
FingerprintBD:B8:D9:78:D6:BA:CA:13:22:F0:D8:9B:E0:72:29:AD:CA:D6:E4:33
ValiditySat, 12 Apr 2025 15:37:10 GMT - Fri, 11 Jul 2025 15:37:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20240714/4puQUktN/1.jpg HTTP/1.1
Host: ljcdn.kd-pic6669.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET vidmo.org/favicon.ico
200 OK 5.4 kB IP
Certificate IssuerZeroSSL
Subjectvidmo.org
Fingerprint55:2A:92:C3:B4:BE:A5:94:65:51:0B:27:D2:FF:A6:C8:47:5C:2C:F3
ValidityWed, 07 May 2025 00:00:00 GMT - Tue, 05 Aug 2025 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 6b6734885d5e4ff9dbb7d82ba6023598
3c454d68a346b375ed7b59a131699061e7393b1f
0f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819
GET /favicon.ico HTTP/1.1
Host: vidmo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.ahsexfilme.com/favicon.ico
200 OK 15 kB URL GET www.ahsexfilme.com/favicon.ico
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectahsexfilme.com
FingerprintC2:09:37:A2:F1:E2:49:89:3B:63:1C:9F:B7:34:E1:21:41:1C:18:20
ValidityMon, 21 Apr 2025 01:08:46 GMT - Sun, 20 Jul 2025 01:08:45 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 0545a2b925bac07f78772048033d81d4
93b4af9997b6f40344eff0c309a418fc54e1ff7e
cd5564f98062ec9d50313bfbcb0ff17ace39804c8c82906d6c82dcb17b340794
GET /favicon.ico HTTP/1.1
Host: www.ahsexfilme.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 23 May 2025 07:09:30 GMT
content-type: image/x-icon
content-length: 15406
last-modified: Sat, 06 Apr 2024 10:19:18 GMT
etag: "661121a6-3c2e"
expires: Sun, 22 Jun 2025 07:09:30 GMT
cache-control: max-age=2592000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/75a82977d340709e007133a618799818.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/75a82977d340709e007133a618799818.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/75a82977d340709e007133a618799818.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET porn112.com/favicon.ico
404 Not Found 0 B IP
Certificate IssuerLet's Encrypt
Subjectporn112.com
FingerprintE3:80:54:9D:90:C6:13:86:B3:F6:3F:8C:7D:B1:2A:A4:43:44:2F:B5
ValidityWed, 30 Apr 2025 07:06:37 GMT - Tue, 29 Jul 2025 07:06:36 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: porn112.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.20.1
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET xxxzooporn.net/favicon.ico
403 Forbidden 0 B URL GET xxxzooporn.net/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectxxxzooporn.net
Fingerprint47:28:02:36:7F:A6:0C:0B:0E:1D:B6:5C:75:17:E0:FC:D5:D9:02:97
ValiditySun, 27 Apr 2025 08:56:37 GMT - Sat, 26 Jul 2025 09:55:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: xxxzooporn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 9442ba660d571c16-OSL
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cf-mitigated: challenge
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
origin-agent-cluster: ?1
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gDjCYXB08lKLPLVMDjBwTecyelVpRd4PmauO7dld7HBnku7IQWU%2B%2FtzWoIBPlZxOw0%2FVZDSC29Xc%2FKCSv1UWv0aKnrXFYVDNGXb%2BkE3FF16SMH0SCGGtruyDrzOMDkheDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: chlray;desc="9442ba660d571c16", cfL4;desc="?proto=TCP&rtt=1837&min_rtt=411&rtt_var=2758&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3206&recv_bytes=1063&delivery_rate=7350253&cwnd=254&unsent_bytes=0&cid=81cc1bea11f29f6b&ts=1127&x=0"
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET sorkab.com/wp-content/uploads/2022/11/0002763.jpg
200 OK 35 kB URL GET sorkab.com/wp-content/uploads/2022/11/0002763.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint7E:D6:71:6B:9C:36:1D:C7:90:8F:FA:A8:7A:9C:EB:16:BE:16:EF:C1
ValiditySun, 04 May 2025 04:23:18 GMT - Sat, 02 Aug 2025 05:21:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Hash ba21a3ba6988a39155cd28821d5cf3b3
43aff2d21d78fde21fac1d5587766597b0ba722c
771ed2d6f2c2ae3b9b60ea665046aaccf3e7c8825f4699ebc6bdbd646a35fc11
GET /wp-content/uploads/2022/11/0002763.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:16 GMT
content-type: image/jpeg
content-length: 35259
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=31536000
expires: Sat, 21 Feb 2026 00:53:52 GMT
last-modified: Wed, 22 Feb 2023 08:34:08 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 6153069
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WPvAudBZdrtqjW1sIZxRF7pvq%2F9U9%2FpuMTXtym7zY14dhBBLTRVnwR7m8NZkSXaGLhhQ3XtNc%2F6MmGwrlcSHKvoFB7TwjKjh"}]}
cf-ray: 9442ba152f2556a8-OSL
X-Firefox-Spdy: h2
GET www.qwiketube.com/thumbs/964/400_chica_con_cepillo.jpg
200 OK 14 kB URL GET www.qwiketube.com/thumbs/964/400_chica_con_cepillo.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectqwiketube.com
Fingerprint6D:37:70:60:D5:89:48:C7:95:90:20:94:51:CE:58:99:27:AE:42:D7
ValidityWed, 16 Apr 2025 09:51:57 GMT - Tue, 15 Jul 2025 10:50:15 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 312x208, components 3
Hash 878f277a3a089abc8c518fd763dba1c2
1ed8dec46b902743ad80f8d15f1a07f8ca999d5a
55a0ad4ec6aa4d12ccb66ab775428e3216ffcd49b0fc1f5a7651cc51bf7f51fb
GET /thumbs/964/400_chica_con_cepillo.jpg HTTP/1.1
Host: www.qwiketube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://young.av4us.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 14254
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 22 Dec 2020 01:00:33 GMT
etag: "5fe14531-37ae"
expires: Mon, 16 Feb 2026 07:33:39 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 8292942
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=aA57XScYKr3uXF97i8mOMQCYw6I1VwxaVNeXWvFacyxuTR3kt%2B%2ByOF95Gq5HLhtIqoSLDYeCCxvA0qY6mHBFvaQJOnfUs86SVCRBgsZM6g%3D%3D"}]}
cf-ray: 9442ba332df10b06-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.analplanet.com/wp-content/uploads/2024/01/busty-amateur-teen-anal-83491.jpg
200 OK 32 kB URL GET www.analplanet.com/wp-content/uploads/2024/01/busty-amateur-teen-anal-83491.jpg
IP
ASN #60404 The Infrastructure Group B.V.
Certificate IssuerLet's Encrypt
Subjectanalplanet.com
Fingerprint59:8A:CD:E7:BA:B0:08:50:07:A6:44:4D:91:06:27:92:04:8C:EB:23
ValidityThu, 08 May 2025 19:11:23 GMT - Wed, 06 Aug 2025 19:11:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 600x337, components 3
Hash 80edd69913603398e40d9ebc99005ae8
3bbec54b7785beb9bee5f849aadaa038c5928f5f
aa1d95d73254b858ab71b6d572c5c6e8f558a7aea2b0f0be2dec4c84167c11a3
GET /wp-content/uploads/2024/01/busty-amateur-teen-anal-83491.jpg HTTP/1.1
Host: www.analplanet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 32084
last-modified: Fri, 12 Jan 2024 21:00:28 GMT
etag: "65a1a86c-7d54"
expires: Thu, 14 May 2026 07:09:22 GMT
x-cache: Static Cache
pragma: public
cache-control: max-age=30758400, public
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdne-pics.youjizz.com/5/b/a/4/b/5ba4b986144a5184399b3457fa48d8d61684684564-5.jpg
200 OK 9.4 kB URL GET cdne-pics.youjizz.com/5/b/a/4/b/5ba4b986144a5184399b3457fa48d8d61684684564-5.jpg
IP
Certificate IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1311x1309, segment length 16, comment: "Lavc59.18.100", baseline, precision 8, 308x232, components 3
Hash 920a457d5b080b49f0a7c08f04d1f142
85d32ba54bbbc015743fc9778314dda21404cfaf
03d5d0984fa0c47bda80d78c96562f6184ca533ee8b7b6035473a69605bbb481
GET /5/b/a/4/b/5ba4b986144a5184399b3457fa48d8d61684684564-5.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpeg
content-length: 9396
last-modified: Tue, 23 May 2023 11:51:11 GMT
etag: "24b4-5fc5b00ec2551"
expires: Sat, 27 Jan 2024 07:01:12 GMT
cache-control: max-age=10431098
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-7619-3-110725-h-0-0---;6140-47-1293799----0-0-0
X-Firefox-Spdy: h2
GET img.youtube.com/vi/Xaq8m5rKCyQ/0.jpg
200 OK 27 kB URL GET img.youtube.com/vi/Xaq8m5rKCyQ/0.jpg
IP
Certificate IssuerGoogle Trust Services
Subject*.google.com
Fingerprint2F:BC:E9:F2:13:41:F1:3E:34:53:D6:F4:E9:17:8E:40:10:82:D1:3E
ValidityMon, 21 Apr 2025 08:40:42 GMT - Mon, 14 Jul 2025 08:40:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Hash 1f0bd24fa7ffa750c67df914ddcb73e8
09c38b3ad35a367a2d5ee37ea583baa474bf4035
f73f42baf1ed0fbd544d70b3d9f2f8fc8a9401291a168a87ad559d8e149fbaf0
GET /vi/Xaq8m5rKCyQ/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 26737
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 May 2025 06:57:56 GMT
expires: Fri, 23 May 2025 08:57:56 GMT
cache-control: public, max-age=7200
etag: "1462012590"
content-type: image/jpeg
age: 690
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET pornodrochka.club/favicon.ico
404 Not Found 0 B URL GET pornodrochka.club/favicon.ico
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornodrochka.club
Fingerprint0A:36:E3:8C:01:5A:FC:A6:E6:66:54:CA:63:6E:28:22:27:61:D6:51
ValidityTue, 22 Apr 2025 22:39:38 GMT - Mon, 21 Jul 2025 22:39:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pornodrochka.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:27 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
GET zoojizz.com/media/videos/tmb/000/004/088/1.jpg
200 OK 4.2 kB URL GET zoojizz.com/media/videos/tmb/000/004/088/1.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectzoojizz.com
FingerprintA9:5E:24:54:A9:D1:52:7D:6E:22:35:F5:8C:AD:7A:B9:CE:0A:C2:F5
ValidityTue, 01 Apr 2025 07:37:16 GMT - Mon, 30 Jun 2025 08:35:58 GMT
File type JPEG image data, baseline, precision 8, 240x180, components 3
Hash 2d5cd723c7a4175ea91eb5080c573fb8
ca41458b3885e91401e16810c7f6e2f1c88570ee
d4825b59011b8d88fc0fdc405b1422086138f7968014f984931a284c3c684a8a
GET /media/videos/tmb/000/004/088/1.jpg HTTP/1.1
Host: zoojizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 4239
server: cloudflare
last-modified: Fri, 24 Mar 2023 08:04:33 GMT
etag: "641d5991-108f"
accept-ranges: bytes
age: 28
cache-control: max-age=14400
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vPH4i82JccrnB8zoj1Jz1v0%2BI9g%2Bnw9a2i3XhGmyUNS0PhRGq0YwXy59Vry6kHPE2bcoESjNUgFZmB7SRoADmhUuW9VSARkUOA%3D%3D"}]}
cf-ray: 9442ba2b28095690-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET rule34vault.com/favicon.ico
200 OK 22 kB URL GET rule34vault.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectrule34vault.com
Fingerprint59:AD:47:E2:3A:8B:CB:28:D5:D6:08:67:28:5F:F9:39:60:10:B6:1E
ValidityTue, 20 May 2025 13:41:53 GMT - Mon, 18 Aug 2025 14:39:34 GMT
File type MS Windows icon resource - 1 icon, 72x72, 32 bits/pixel
Hash f329a9792c4fc0760cdef5e53d29a878
b70debf4d34271a4949f317e8ff083abb7bb2024
1a86b7a3ab9931cfb76d1547e6758f9236d289cb9c39796867801a75d750fbc3
GET /favicon.ico HTTP/1.1
Host: rule34vault.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
server: cloudflare
last-modified: Fri, 23 May 2025 05:38:22 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 1230
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PRpYq5Nq%2FZbHxPTBr2UmBuwsXZ5Y9WhDHl2guQIm2LFXPeplXW3R4F313ZuMc%2Fan7nB31y8u5YurA%2BiGFcIBv1asmAYXVon3r8EFHNk%3D"}]}
cf-ray: 9442ba63ea787129-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/d5fea0e0b8f908f29f68ca03f18833ef.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET douga100ka.net/sam/982.jpg
403 Forbidden 0 B URL GET douga100ka.net/sam/982.jpg
IP
ASN #31898 ORACLE-BMC-31898
Certificate IssuerLet's Encrypt
Subject*.douga100ka.net
Fingerprint02:D6:91:33:14:BA:84:CF:F9:DB:FE:DE:C2:C2:2A:6B:B0:FE:B9:CE
ValiditySun, 20 Apr 2025 11:57:07 GMT - Sat, 19 Jul 2025 11:57:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sam/982.jpg HTTP/1.1
Host: douga100ka.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1242
date: Fri, 23 May 2025 07:09:22 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
GET filmesporno.xxx/favicon.ico
404 Not Found 0 B URL GET filmesporno.xxx/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subjectwww.filmesporno.xxx
Fingerprint99:78:79:5B:43:D8:9E:94:85:B5:C3:25:3B:5A:35:B3:44:8A:9A:F3
ValidityMon, 07 Apr 2025 09:33:59 GMT - Sun, 06 Jul 2025 09:33:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: filmesporno.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 06:58:11 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
version: MS25051001
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: br
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240111-1/1ce4ac3f61b7f0250b7b9ea8ad6d687a.jpg
200 OK 33 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240111-1/1ce4ac3f61b7f0250b7b9ea8ad6d687a.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 7b84f64f605f2e73017d344b980790b8
a91b832896f12739a75cdaf5b406fe44d492a066
b37bb7849d285a2efcd2d93582af3f9d4a19c11603fe4f381011040f22c9f82c
GET /jpgjingpinx.com/upload/vod/20240111-1/1ce4ac3f61b7f0250b7b9ea8ad6d687a.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 33208
last-modified: Wed, 08 Jan 2025 07:05:34 GMT
expires: Fri, 08 Jan 2027 19:05:34 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240111-1/1ce4ac3f61b7f0250b7b9ea8ad6d687a.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ba61659cce3c7acb"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240302-1/22e5a18c1855ab8b44d3a0868ee259cb.jpg
200 OK 12 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240302-1/22e5a18c1855ab8b44d3a0868ee259cb.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 23def7d6ce7db4817b715c5efad6ae9c
10f93c981ff2754478a5348b85664cba984d97b8
e92af5f6206f9e237baa68470920035215991db4a4aebac9f92173558361d780
GET /jpgjingpinx.com/upload/vod/20240302-1/22e5a18c1855ab8b44d3a0868ee259cb.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 11508
last-modified: Thu, 13 Feb 2025 15:48:36 GMT
expires: Sun, 14 Feb 2027 03:48:36 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240302-1/22e5a18c1855ab8b44d3a0868ee259cb.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6ee9f13b58267175"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET chomikuj.pl/ImageThumbnail.aspx?id=8665881655
302 Found 26 kB URL GET chomikuj.pl/ImageThumbnail.aspx?id=8665881655
IP
Certificate IssuerGoogle Trust Services
Subjectchomikuj.pl
Fingerprint77:74:88:C6:EB:AE:A3:47:CA:0C:FC:58:1D:06:AD:5E:2B:69:2B:0A
ValidityWed, 14 May 2025 02:07:27 GMT - Tue, 12 Aug 2025 03:07:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ImageThumbnail.aspx?id=8665881655 HTTP/1.1
Host: chomikuj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Fri, 23 May 2025 07:09:22 GMT
content-type: text/html; charset=utf-8
content-length: 276
location: https://s9631.chomikuj.pl/Thumbnail.aspx?e=viTNnVF8jH4-tAvjuB87jvvZtg6otfpz_yVVHu55mGlUGb3Mzp1i9u5oREtozSOqAdL58WkMcORIA2cgNQKdH7eBqan3hgKbbKPgvNxUfBw&pv=2
cache-control: private
set-cookie: rcid=4; expires=Sat, 23-May-2026 07:09:22 GMT; path=/; SameSite=Lax
x-server: m50
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9442ba3748c156a5-OSL
X-Firefox-Spdy: h2
GET www.9188porn.com/favicon.ico
403 Forbidden 0 B URL GET www.9188porn.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 23 May 2025 07:09:27 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OkECHiWm7DY2eFWJySsF1atj3YWVJL8cC2vXFK6S%2F%2BHRaCY1iGcpY%2FUXmaSwSKhNPiv0HLcatM7i6ht6Dnw0KJ9HLxW5PUK6MQDaZWZjk5Hp%2BpjovBA9w6xezNcjgjU1DVFK"}],"group":"cf-nel","max_age":604800}
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
content-encoding: br
cf-ray: 9442ba599fbd0b4d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=14309&min_rtt=5529&rtt_var=10011&sent=79&recv=88&lost=0&retrans=1&sent_bytes=25734&recv_bytes=6584&delivery_rate=1578295&cwnd=12000&unsent_bytes=0&cid=a6c59b246bbc7dac&ts=10887&x=80"
GET www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET naturismv.com/images/sweet-little-kristinka-naturist-freedom.jpg
200 OK 45 kB URL GET naturismv.com/images/sweet-little-kristinka-naturist-freedom.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash 53c35a1adb6dddf973faf295dfee567c
103f77982143ee6ec0f0395c534a2d574c0dddf9
345770747c5239ba0ad5045605a3922586845469758e54e0c22048dd17d20bd4
GET /images/sweet-little-kristinka-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 44673
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 19 May 2023 12:04:48 GMT
etag: "646765e0-ae81"
expires: Sat, 11 Apr 2026 04:02:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 3640033
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Wda11ScXh2zoNuSOnCsIkMFXD2dA5GKa890zsCmSBEsJcJAWQbXLy4aTDCBcMeL%2FqhQFMIyOEVhg50vbOVvEIKRYw3Xvjc9TV5YB"}]}
cf-ray: 9442ba200b800b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn2.nudegirls.wiki/uploads5/posters/1/8534/cumshots-m4h00067-mp4-zQHkQa.jpg
200 OK 36 kB URL GET cdn2.nudegirls.wiki/uploads5/posters/1/8534/cumshots-m4h00067-mp4-zQHkQa.jpg
IP
ASN #49453 Global Layer B.V.
Certificate IssuerLet's Encrypt
Subjectcdn2.nudegirls.wiki
Fingerprint73:A9:AE:40:95:C1:06:17:E9:1E:FF:4C:B6:D8:D7:CE:EF:37:90:04
ValidityWed, 23 Apr 2025 23:47:54 GMT - Tue, 22 Jul 2025 23:47:53 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3
Hash fdf5ac22ef6ba5bca93b76fb43e8302f
d9b2bd8452019e8cc7e3b19f8f66619d5cdcf702
d2ebdcc2dcd0c52d7270826149230cc2645e87ab859cdc2e37e078e2995180c5
GET /uploads5/posters/1/8534/cumshots-m4h00067-mp4-zQHkQa.jpg HTTP/1.1
Host: cdn2.nudegirls.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 35533
last-modified: Sat, 26 Oct 2019 03:57:55 GMT
etag: "5db3c443-8acd"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
GET en.chezcathy.com/favicon.ico
200 OK 1.4 kB URL GET en.chezcathy.com/favicon.ico
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjecten.chezcathy.com
Fingerprint27:F9:F1:C8:97:98:00:86:03:A7:97:DB:03:8F:7D:0D:51:A2:95:BF
ValidityThu, 17 Apr 2025 03:00:13 GMT - Wed, 16 Jul 2025 03:00:12 GMT
File type MS Windows icon resource - 1 icon, 16x16, 8 bits/pixel
Hash 8851a1b28ebe567b927c9ae6600a8fc6
113da6a02dff45d4b9c0d3c9ae531445a8c7b687
b545a5091485f5dd485f0e9d2abcd55a06b22f9359c6da8955b8da7b1d3c9212
GET /favicon.ico HTTP/1.1
Host: en.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-length: 1406
server: BunnyCDN-DE1-752
cdn-pullzone: 3638742
cdn-uid: 0f7047b6-2b70-4588-b55a-df9b2a15bf91
cdn-requestcountrycode: NO
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=2592000
etag: W/"1406-1744916365610"
last-modified: Thu, 17 Apr 2025 18:59:25 GMT
cdn-cachedat: 04/28/2025 15:50:16
x-powered-by: Express
cdn-proxyver: 1.23
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 04721a252d4dcc59d8c181997b92a122
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET zxvideos.net/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subjectzxvideos.net
FingerprintBB:D5:76:83:B5:18:F6:35:64:76:0A:C7:1D:93:CF:B0:AD:D4:44:3F
ValidityMon, 05 May 2025 16:18:04 GMT - Sun, 03 Aug 2025 17:16:24 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: zxvideos.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html
cf-ray: 9442ba65b83c56c4-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 28
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Be%2FMkiUpl9%2FoTxy2AJXS1evX7czGIRvZ4GKY86M0247w3mQ%2Fr4mDwuidhBby2p4Y%2BQrbWy1NXmBVPSy08OkoKiCR6sQHnId2GiLIsE3bwad4fZQCcQ82aE0%2Fq5gBmu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2035&min_rtt=430&rtt_var=3223&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3276&recv_bytes=1186&delivery_rate=7300840&cwnd=254&unsent_bytes=0&cid=6cf6e7a03b264ae4&ts=1108&x=0"
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241028-15/93eb4578a18847387d0c86580ddf6cc8.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET en.vidmo.org/favicon.ico
200 OK 5.4 kB IP
Certificate IssuerZeroSSL
Subjectvidmo.org
Fingerprint55:2A:92:C3:B4:BE:A5:94:65:51:0B:27:D2:FF:A6:C8:47:5C:2C:F3
ValidityWed, 07 May 2025 00:00:00 GMT - Tue, 05 Aug 2025 23:59:59 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 6b6734885d5e4ff9dbb7d82ba6023598
3c454d68a346b375ed7b59a131699061e7393b1f
0f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819
GET /favicon.ico HTTP/1.1
Host: en.vidmo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pornolomka3.com/uploads/posts/2021-05/1621767642_00-08-51.jpg
200 OK 16 kB URL GET pornolomka3.com/uploads/posts/2021-05/1621767642_00-08-51.jpg
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornolomka3.com
FingerprintBF:5C:F8:59:5E:5B:AC:97:C4:46:39:71:98:20:2D:9F:45:A6:BF:00
ValidityThu, 22 May 2025 22:44:16 GMT - Wed, 20 Aug 2025 22:44:15 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x240, components 3
Hash a08a8c7d0195ac7c7d657ecf6abc9a88
76de59d7311fb982e8f25ca30c90e910bfd4a5af
6cfb805726cb8641849e873509e3fb3e5e0a0c6a50b4256116e68e90e5473ab7
GET /uploads/posts/2021-05/1621767642_00-08-51.jpg HTTP/1.1
Host: pornolomka3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:21 GMT
content-type: image/jpeg
content-length: 16269
last-modified: Sun, 23 May 2021 10:59:09 GMT
etag: "60aa357d-3f8d"
expires: Fri, 30 May 2025 07:07:21 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 3gpking.pro/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subject3gpking.pro
FingerprintB7:CE:42:30:0A:EC:47:0A:4C:EB:DC:29:0A:D9:24:89:AC:4E:E4:01
ValidityTue, 15 Apr 2025 07:07:57 GMT - Mon, 14 Jul 2025 08:06:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 3gpking.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ig1XYBBj%2BRCziw3FXP2MA%2B16YtV9Yq24JpprwtSqR3Z5ywIw5kKXibjzmoUQ6nGFIwx9w2MJ2gfsGvUABZsx%2FtpFLMTagyo7Vc5u3XlPQILhLsf58is%2B3ouyI%2BiTDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
age: 23
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
content-encoding: br
cf-ray: 9442ba5cec0d56a2-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11553&min_rtt=3692&rtt_var=5011&sent=86&recv=127&lost=0&retrans=0&sent_bytes=7749&recv_bytes=7372&delivery_rate=222444&cwnd=12000&unsent_bytes=0&cid=4999867e11edb63c&ts=7656&x=80"
GET www.redd.tube/
200 OK 0 B IP
Certificate IssuerGoogle Trust Services
Subjectredd.tube
Fingerprint4B:F4:93:A5:81:69:7D:0C:A9:A1:D8:91:D8:20:58:DC:91:7E:6B:21
ValidityThu, 03 Apr 2025 14:42:20 GMT - Wed, 02 Jul 2025 15:39:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
x-frame-options: Deny
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
ischrome: false
country-code: NO
country-code-uk: false
content-encoding: gzip
vary: Accept-Encoding
set-cookie: PHPSESSID=85d468eca3214d1bb167d6789cb607bf; expires=Sat, 24-May-2025 07:09:29 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DG0NXD7hckHA5OqQovTKpRlOfgl6JDx7SZBTtL9HpNS3uLnjynkWGz74N2Hc9QBsRarWIhD4czIUXoEUeoLCClGK2%2BJFBAQ40C%2B6tvxIag2jXVlxT1nqjpVeNDmbSA8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba62add056b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4187&min_rtt=384&rtt_var=6125&sent=10&recv=13&lost=0&retrans=1&sent_bytes=4389&recv_bytes=1128&delivery_rate=6819466&cwnd=257&unsent_bytes=0&cid=a73a04a07a565e52&ts=1029&x=0"
X-Firefox-Spdy: h2
GET cdn5-thumbs.motherlessmedia.com/thumbs/4A38E04.jpg
200 OK 22 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/4A38E04.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash 16dd69f610cdba9c62fd499481d1116e
dfb2c239807695172900d97b283f9aabfc984421
cbee0e5575a5a319addc7f974c8ff702ec4175c48390f22b29d7e01c878b2dbc
GET /thumbs/4A38E04.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 22323
vary: x-s-token
last-modified: Wed, 03 Oct 2018 15:12:08 GMT
etag: "5733-57754763d2b75"
x-cache: HIT
x-whom: cdn08
accept-ranges: bytes
GET media.crazyshit.com/content/2017/11/40ca2746.jpg
200 OK 346 kB URL GET media.crazyshit.com/content/2017/11/40ca2746.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectmedia.crazyshit.com
Fingerprint75:EC:4E:74:4F:5C:73:FB:18:18:58:60:BF:13:60:98:B5:67:61:C7
ValidityMon, 31 Mar 2025 02:32:22 GMT - Sun, 29 Jun 2025 02:32:21 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 720x540, components 3
Size 346 kB (345889 bytes)
Hash 28f56d49b58dfa3b951112445753afa2
f18beb369ac0b4e5c1aa01fa856c5425a801f04a
e815f99e9a19196f80014da3d804ed2bc76b76e36e988e85678aebb8a9ffce2e
GET /content/2017/11/40ca2746.jpg HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 345889
server: nginx/1.24.0
x-object-meta-mtime: 1511336583.601
etag: 28f56d49b58dfa3b951112445753afa2
last-modified: Mon, 05 Apr 2021 12:31:21 GMT
x-timestamp: 1617625880.65577
x-trans-id: tx438b8721ded0472f81fa7-0065ccdd08
x-openstack-request-id: tx438b8721ded0472f81fa7-0065ccdd08
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 25 May 2025 07:09:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pornohi.net/data/video/cover_1/1018.jpg
200 OK 6.9 kB URL GET pornohi.net/data/video/cover_1/1018.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectpornohi.net
Fingerprint08:2E:97:97:EE:26:0E:30:43:0A:E8:0D:C4:CD:47:C8:F6:74:D5:E2
ValidityThu, 24 Apr 2025 00:24:02 GMT - Wed, 23 Jul 2025 01:21:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", progressive, precision 8, 320x180, components 3
Hash d94e2ff3fdfaeb0dfe2f9a194da4a97d
f0e62f6d2a28083e09a41ca587454a2a9a68838a
781e198d875f44a0c19893c3d8b67db59aff8f632e5188491665bd1fd90f75b9
GET /data/video/cover_1/1018.jpg HTTP/1.1
Host: pornohi.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 6903
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 24 Feb 2017 08:32:46 GMT
etag: "58afefae-1af7"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1302565
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eE%2FhxsTQayIsV%2BGQuQ5sRs7Myi6EyEMa9J1JtymOmZhHyfnEGnoDX9KF%2F%2Bo4%2BK6RrxZFMRF97QQUsfnFD571KW6KI8DKZnUSjg%3D%3D"}]}
cf-ray: 9442ba359e9856b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET jpgjingpinx.com/upload/vod/20240113-1/c4f06236326dc19dbfcc379e6ad94cb9.jpg
200 OK 453 kB URL GET jpgjingpinx.com/upload/vod/20240113-1/c4f06236326dc19dbfcc379e6ad94cb9.jpg
IP
Certificate IssuerGoGetSSL
Subjectjpgjingpinx.com
Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC
ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1080x607, components 3
Size 453 kB (452983 bytes)
Hash fb31448e38cd195f482a63daef3e4c66
19b63b455c45653da76d9b17ba2c1b02f9010285
644ececd8c2c2944742f27d421d45421ceb0379df0a19bab4c5d367a975c1b31
GET /upload/vod/20240113-1/c4f06236326dc19dbfcc379e6ad94cb9.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 452983
Content-Type: image/jpeg
Date: Wed, 21 May 2025 15:21:19 GMT
Etag: "65a22572-6e977"
Expires: Fri, 20 Jun 2025 15:21:19 GMT
Last-Modified: Wed, 21 May 2025 15:21:19 GMT
Server: openresty
X-Cache: HIT, policy, disk
GET new.qanjiq.ru/files/uzbekskoe_porno_video/zapal_video_novoe_yangi/screen.jpg
200 OK 54 kB URL GET new.qanjiq.ru/files/uzbekskoe_porno_video/zapal_video_novoe_yangi/screen.jpg
IP
ASN #24940 Hetzner Online GmbH
Certificate IssuerLet's Encrypt
Subjectnew.qanjiq.ru
FingerprintE6:B8:14:EE:C1:10:E6:54:49:9B:6A:22:8E:66:57:37:C8:27:FA:49
ValidityThu, 27 Mar 2025 00:30:17 GMT - Wed, 25 Jun 2025 00:30:16 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 264x480, components 3
Hash dbd9c7f242d1b06ef8575781461160c5
ca9302dfc22cc13d82f6d6c78be4e57d378c0854
8c67ab740f0bdbb3e01fcb7c92b83faceccec4085f0c03dcbbe7b3c4319ac9a3
GET /files/uzbekskoe_porno_video/zapal_video_novoe_yangi/screen.jpg HTTP/1.1
Host: new.qanjiq.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:22 GMT
Content-Type: image/jpeg
Content-Length: 53901
Last-Modified: Wed, 04 Nov 2020 21:00:00 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "5fa31650-d28d"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
GET sbzytpimg1.com:3519/upload/vod/20240614-1/19a8e9ee095ad4212a444cd6eb81089b.jpg
200 OK 133 kB URL GET sbzytpimg1.com:3519/upload/vod/20240614-1/19a8e9ee095ad4212a444cd6eb81089b.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size 133 kB (132685 bytes)
Hash c6f9d35c4b6c97c0366f99bf14a2f5b8
a041000ab5589b728d863a6604a3e11cc8ca322f
4f2b483ad0ea5edfb1d01cf973dee650dbfdd83d57b2709d7bc8aad8f88a0dbf
GET /upload/vod/20240614-1/19a8e9ee095ad4212a444cd6eb81089b.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 132685
last-modified: Thu, 13 Jun 2024 17:57:39 GMT
vary: Accept-Encoding
etag: "666b3313-2064d"
expires: Tue, 03 Jun 2025 01:06:21 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.rtl.de/img/423673/1595413582/c16_9/960/image.jpg
200 OK 37 kB URL GET www.rtl.de/img/423673/1595413582/c16_9/960/image.jpg
IP
Certificate IssuerAmazon
Subject*.rtl.de
Fingerprint56:5E:38:82:37:2A:CC:06:98:FA:C7:E9:CE:7A:B6:59:AE:95:C1:B5
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 960x540, components 3
Hash 1ec2a0209130c470dc6950ebe7b49a6c
43a59cb7ca143710944896e83999750accd55ef9
0f66e81c7cf93fa999a87c81f18f94982bd063b2f54c17cc1a48191bd04e59cc
GET /img/423673/1595413582/c16_9/960/image.jpg HTTP/1.1
Host: www.rtl.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
content-length: 36687
date: Sat, 26 Apr 2025 04:04:22 GMT
cache-control: max-age=2700000
cid: 423673
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 4b6691d4a753b7360fa8632b90c77126.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: VtEjDrDmujHn8elFTDoRrJ9oyWPLR5yT3BWrwWQZpWypwFJwelQ19A==
age: 2343901
X-Firefox-Spdy: h2
GET mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21562884)fip(1)ti(1)
302 Found 604 B URL GET mc.webvisor.org/watch/48140495?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21562884)fip(1)ti(1)
IP
Certificate IssuerGlobalSign nv-sa
Subjectmc.webvisor.com
Fingerprint4E:A6:D4:57:F5:B7:FB:C1:98:C0:40:D2:B8:FA:B4:10:43:09:41:94
ValiditySun, 09 Mar 2025 21:02:24 GMT - Sun, 31 Aug 2025 20:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watch/48140495?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(21562884)fip(1)ti(1) HTTP/1.1
Host: mc.webvisor.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://young.av4us.org/
Origin: https://young.av4us.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
set-cookie: yabs-sid=1665195901747984166; Path=/; SameSite=None; Secure
i=xvICK1hQ26IVOvdQdNcEnhgZrzF4xGOSWO2IwqbnsQttyAMqFjDDwpL/5EgUBcHCj6ViJ6x0+wJoPk/gf2O1yVDnFR8=; Expires=Mon, 21-May-2035 07:09:22 GMT; Domain=.webvisor.org; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7997605961747984166; Expires=Mon, 21-May-2035 07:09:22 GMT; Domain=.webvisor.org; Path=/; Secure; SameSite=None
yuidss=7997605961747984166; Expires=Sat, 23-May-2026 07:09:26 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
ymex=1779520166.yrts.1747984166#1779520166.yrtsi.1747984166; Expires=Sat, 23-May-2026 07:09:26 GMT; Domain=.webvisor.org; Path=/; SameSite=None; Secure
bh=YKa+wMEGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Sat, 27 Jun 2026 07:09:26 GMT; SameSite=None; Secure
bh=YKa+wMEGahfcyuH/CJLYobEDn8/14QzlyPCOA5S2Ag==; Path=/; Domain=.webvisor.org; Expires=Sat, 27 Jun 2026 07:09:26 GMT; SameSite=None; Secure
expires: Fri, 23-May-2025 07:09:26 GMT
x-xss-protection: 1; mode=block
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: https://young.av4us.org
last-modified: Fri, 23-May-2025 07:09:26 GMT
strict-transport-security: max-age=31536000
location: /watch/48140495/1?wmode=7&page-url=https%3A%2F%2Fyoung.av4us.org%2F&charset=utf-8&uah=che%0A0&browser-info=pv%3A1%3Avf%3A3e6hv5stskvynxmu7vt070f0u8bj%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A2050%3Acn%3A1%3Adp%3A0%3Als%3A1445699616214%3Ahid%3A963644084%3Az%3A0%3Ai%3A20250523070924%3Aet%3A1747984164%3Ac%3A1%3Arn%3A970226772%3Arqn%3A1%3Au%3A1747984164414089213%3Aw%3A1280x1024%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C0%2C9%2C14%2C133%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1747984156039%3Afip%3A6c3fb132cc84d7546d1d7fc6be731132-0ed8ce9e1e39cec802dafc59181dfc61-a81f3b9bcdd80a361c14af38dc09b309-08cddc828a0a4cecdead9052886a5778-8d2357552742d775381be8c05efc2ed7-b3a4b0ac1b44d5bc13e6d73ffb506aad-61b9878bbce18de73aafc8582a198c0c-5274424d88b08056c17f1a11bd3f2aff-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-861578da3666aba98730162cd5ac0199%3Arqnl%3A1%3Ast%3A1747984166%3At%3AHot%20Videos%20%E4%BA%BA%E6%B0%97%E5%8B%95%E7%94%BB--VIDEOS%40AV4.us&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2821562884%29fip%281%29ti%281%29&redirnss=1
access-control-allow-credentials: true
pragma: no-cache
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/3e1d513fdd6ab985dbecdfccfde422f6.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET i0.wp.com/jpgjingpinx.com/upload/vod/20231223-1/bf4931a07c9a0058ceacfc57a9ddc5b8.jpg
200 OK 33 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20231223-1/bf4931a07c9a0058ceacfc57a9ddc5b8.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 4dabc27fc742a38cbaeb5a67dc3b8b38
2f65127a93ce7baf289316a2edbd5e3f921410c5
a79feb83c8e40010933b92f390d617d4c61c9ed7486973d531246f1c79efd083
GET /jpgjingpinx.com/upload/vod/20231223-1/bf4931a07c9a0058ceacfc57a9ddc5b8.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 33096
last-modified: Sat, 14 Dec 2024 19:48:08 GMT
expires: Tue, 15 Dec 2026 07:48:08 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20231223-1/bf4931a07c9a0058ceacfc57a9ddc5b8.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "365be175b5c5c018"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET 69av.one/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subject69av.one
FingerprintBD:26:05:62:07:20:EC:4D:77:14:F4:91:D9:BD:CE:76:F9:2A:4A:94
ValidityFri, 04 Apr 2025 16:38:41 GMT - Thu, 03 Jul 2025 17:36:22 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 69av.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 6317
cache-control: max-age=31536000
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Jgu5JsBAeuIr5yv%2FgTr7rPlU8VXTpdE7sG%2BznGni4RtTHzVVmZTpHM23ibgYF0HPTNJLSIysrurMCrJmVH4JCUOmJG8IOg%3D%3D"}]}
content-encoding: br
cf-ray: 9442ba5cba720b31-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.rtl.de/favicon.ico
200 OK 15 kB IP
Certificate IssuerAmazon
Subject*.rtl.de
Fingerprint56:5E:38:82:37:2A:CC:06:98:FA:C7:E9:CE:7A:B6:59:AE:95:C1:B5
ValidityMon, 27 Jan 2025 00:00:00 GMT - Wed, 25 Feb 2026 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 7043d276b962eb937a87dce33c035e83
d6c2ae8b7c5309fa3fea63bcd09add501225fc16
18c92e6bb33d918072f39e53f531567e80b9b0753397a2fcdd8912f781c749ec
GET /favicon.ico HTTP/1.1
Host: www.rtl.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
content-length: 15086
date: Fri, 23 May 2025 07:09:25 GMT
cache-control: public, max-age=0, must-revalidate
x-nextjs-cache: HIT
x-nextjs-prerender: 1
x-powered-by: Express
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-cache: Hit from cloudfront
via: 1.1 4b6691d4a753b7360fa8632b90c77126.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P2
x-amz-cf-id: 2mbc6DnevVZfnmv8ef2R9yC5ozkN0TXc3iu3__A0JlrWFv97WB_D6w==
age: 3
X-Firefox-Spdy: h2
GET media.crazyshit.com/content/2020/08/0a9a0250.jpg
200 OK 238 kB URL GET media.crazyshit.com/content/2020/08/0a9a0250.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectmedia.crazyshit.com
Fingerprint75:EC:4E:74:4F:5C:73:FB:18:18:58:60:BF:13:60:98:B5:67:61:C7
ValidityMon, 31 Mar 2025 02:32:22 GMT - Sun, 29 Jun 2025 02:32:21 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 720x540, components 3
Size 238 kB (237769 bytes)
Hash 57360bf18b8f0356e2790245688f997b
32f9bf8bfb8528be0781a95fe0a2aa8cc3b0f598
1a29c1de798315c855abde40aff04ca77fb955e735359529f481f983d6e6be92
GET /content/2020/08/0a9a0250.jpg HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 237769
server: nginx/1.24.0
x-object-meta-mtime: 1597202675.963167667
etag: 57360bf18b8f0356e2790245688f997b
last-modified: Mon, 05 Apr 2021 12:28:09 GMT
x-timestamp: 1617625688.30131
x-trans-id: tx8db4b8ca9ec3440d8f0a6-0065ccf482
x-openstack-request-id: tx8db4b8ca9ec3440d8f0a6-0065ccf482
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 25 May 2025 07:09:20 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET zhestkoe.org/sites/zhestkoe.net/images/icon.png
200 OK 1.8 kB URL GET zhestkoe.org/sites/zhestkoe.net/images/icon.png
IP
Certificate IssuerGoogle Trust Services
Subjectzhestkoe.org
Fingerprint3A:37:27:03:E5:00:8E:63:96:6C:4A:D0:01:0C:C4:63:7E:57:D4:14
ValidityFri, 16 May 2025 15:29:05 GMT - Thu, 14 Aug 2025 16:27:37 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Hash ef79e39f351cd0717bb84648aef65098
58f7aa3cb41b4a58544f16e275c55858d4346c40
71b1ae4634508681de38aa658b5aa243b1fa9a21c36e4af3643bf74dc0528d7b
GET /sites/zhestkoe.net/images/icon.png HTTP/1.1
Host: zhestkoe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/png
content-length: 1778
server: cloudflare
last-modified: Wed, 19 Jun 2024 12:15:52 GMT
etag: "6672cbf8-6f2"
accept-ranges: bytes
age: 5213
cache-control: max-age=14400
cf-cache-status: HIT
priority: u=4,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hp5vygYoYlGKbguFcNOgHBO%2FG6L6ZfnrE8lt%2BaNLp%2FDr2tIKTRjWTdBDUiidCeapRhCOqzDSspSVBp%2B7KBDl4YdgcRbkwrn7Zv8%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-ray: 9442ba61dbb9569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET img.imghuo.cfd/media/videos/tmb/000/000/534/3.jpg
200 OK 7.9 kB URL GET img.imghuo.cfd/media/videos/tmb/000/000/534/3.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimg.imghuo.cfd
Fingerprint8E:A1:62:82:8D:80:F7:81:D5:85:E8:88:A3:92:94:47:71:0E:A0:E5
ValidityWed, 21 May 2025 07:47:38 GMT - Tue, 19 Aug 2025 07:47:37 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash cc1c3f43acc242b2600f29f8c8a001f4
1b450bf469c9026b740a831a6232b1b747662c98
5b30b6a495ca5beb7861c87a5a9781e66916046fe6bd9169e2407287e7addd9e
GET /media/videos/tmb/000/000/534/3.jpg HTTP/1.1
Host: img.imghuo.cfd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 7854
Last-Modified: Sat, 23 Mar 2024 12:21:45 GMT
Connection: keep-alive
ETag: "65fec959-1eae"
Accept-Ranges: bytes
GET pornyc.com/thumbs/32/093_teen-car.jpg
200 OK 16 kB URL GET pornyc.com/thumbs/32/093_teen-car.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectpornyc.com
FingerprintA5:26:AC:13:8A:C9:12:28:A6:C8:DD:FE:E6:19:18:C8:8B:2B:5D:04
ValiditySat, 26 Apr 2025 11:01:12 GMT - Fri, 25 Jul 2025 11:59:34 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3
Hash 17fb1cdffadc51c60b2d6e828741740a
122a6ae2d7a643ee7767381ad64f5c5cd48e825b
68a9263f56ffa32521c0e99741aa02b52f222c7a3ef5944f6782b4ca1c353c4c
GET /thumbs/32/093_teen-car.jpg HTTP/1.1
Host: pornyc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 15877
server: cloudflare
last-modified: Fri, 17 Sep 2021 16:09:52 GMT
etag: "6144bdd0-3e05"
expires: Sun, 17 May 2026 14:45:23 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 491036
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AEN5RriPfABZLLNZRphQjEbOnRPl8%2B7n1dPET9Kl50tlOI5aXLkwSbWnsMOrB9FSW579cRWXwcOQG%2Fv6lCi5vDHvNjyG4iaR"}]}
cf-ray: 9442ba2a49fb712f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn5-thumbs.motherlessmedia.com/thumbs/BF45F0C.jpg
200 OK 66 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/BF45F0C.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash 9ba1e4882944bf0f1f30d52f33f39320
0b99edd513000ae0cd836f401f71820ee1c57efd
2f2824c0646c69054d1b51550b52853d6edb068422486b21b7bad08810b80311
GET /thumbs/BF45F0C.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 65719
vary: x-s-token
last-modified: Sat, 06 Oct 2018 17:48:05 GMT
etag: "100b7-57792fd84988f"
x-cache: HIT
x-whom: cdn09
accept-ranges: bytes
GET www.9188porn.xyz/upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/bef15d0afca2cf8a9a3641524f346f8c.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET images.embed-player.space/23/04/26/1108098-148.jpg
200 OK 18 kB URL GET images.embed-player.space/23/04/26/1108098-148.jpg
IP
Certificate IssuerLet's Encrypt
Subjectimages.embed-player.space
Fingerprint5C:3A:CC:57:E3:C9:7C:E2:FE:E0:7A:F2:28:27:0C:7E:60:D1:76:43
ValiditySun, 04 May 2025 05:51:42 GMT - Sat, 02 Aug 2025 05:51:41 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 640x360, components 3
Hash 6e54e718ab6691c19ff4c8d806f73c8e
2ff05c2103b3a71e595a36e50d2a38a8c14e925b
1e5e86afc4a73cd67a8a76f9daa51f735666e1d54ea94b4c25f42f46454cb59b
GET /23/04/26/1108098-148.jpg HTTP/1.1
Host: images.embed-player.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 23 May 2025 07:09:23 GMT
Content-Type: image/jpeg
Content-Length: 18455
Last-Modified: Fri, 14 Mar 2025 05:04:14 GMT
Connection: keep-alive
ETag: "67d3b8ce-4817"
Accept-Ranges: bytes
GET sbzytpimg1.com:3519/upload/vod/20240826-1/7d86141f1b21c42847927ca7ca9d392c.jpg
200 OK 123 kB URL GET sbzytpimg1.com:3519/upload/vod/20240826-1/7d86141f1b21c42847927ca7ca9d392c.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type PNG image data, 718 x 334, 8-bit colormap, non-interlaced
Size 123 kB (122615 bytes)
Hash 010c17951139d7c9b1240ffc1bbba4cc
f6e64edf4290cf4f163a6af755b1b0d605c001b8
164658e0f8ea0e0a1828b7f81b07a2a807f083d36f7abb801162eb9a2960a5c6
GET /upload/vod/20240826-1/7d86141f1b21c42847927ca7ca9d392c.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
last-modified: Mon, 26 Aug 2024 12:19:55 GMT
vary: Accept-Encoding
etag: "66cc72eb-1def7"
expires: Fri, 20 Jun 2025 19:39:08 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/d37098271a58a84c4e5a9ed86bdfedcc26c8607c.jpg
200 OK 12 kB URL GET cdntube.b-cdn.net/thumbnails/d37098271a58a84c4e5a9ed86bdfedcc26c8607c.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x711, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 5127e5c6088bf59a045a7f0763056d57
82ea22d2887717d96896141d65864bbf7340a6b1
d2a45bc65b9c57a0213412fa5f647379906de54c8dca161c8dc37684b723f2eb
GET /thumbnails/d37098271a58a84c4e5a9ed86bdfedcc26c8607c.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 11940
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 16 Dec 2024 10:30:46 GMT
cdn-storageserver: DE-633
cdn-requestpullsuccess: True
cdn-fileserver: 1010
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:02:35
cdn-edgestorageid: 830
cdn-requestid: d0dbe13cad85e983f5a9b841d21d00e2
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/d5dcc746530fdf1e9514f6830a889e5c26e0aae0.jpg
200 OK 11 kB URL GET cdntube.b-cdn.net/thumbnails/d5dcc746530fdf1e9514f6830a889e5c26e0aae0.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x707, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 9d2dd023e09a75d9cbe01f24e624ac70
5205c6b2b5d7fd9a154608ac1cfa704822fb5061
0713b483591f21d5646f3d64f096113aa22cbce45daa054afd41fb27687092c8
GET /thumbnails/d5dcc746530fdf1e9514f6830a889e5c26e0aae0.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 11282
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 21 Nov 2022 19:45:31 GMT
cdn-storageserver: DE-1022
cdn-requestpullsuccess: True
cdn-fileserver: 316
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:00:28
cdn-edgestorageid: 830
cdn-requestid: a73bdf43dd623c8b8be8fc426b0eeb8d
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fapdig.com/faviconico/
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subjectfapdig.com
FingerprintC3:67:11:1F:C0:57:78:75:BE:3E:C3:A5:8C:CA:C8:85:D7:DA:A5:1A
ValiditySat, 17 May 2025 14:44:06 GMT - Fri, 15 Aug 2025 15:40:16 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /faviconico/ HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRjXqJTwVchnyPLwIOU1JbrJaXeC92b7%2Fz%2Fm2EFUJYUivnTkqo7M%2B%2F3%2B%2Fstv785muOjqPozdbaxCxCWyC2cuNJm6XViqE6fHfdA3lrIDZUMfe%2FjsWat1nZYFo1VO"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
set-cookie: ASPro_1382933ca042bef776e8100bd5eb8ac5=qb5cqbdphpl47iejmntig4no31; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9442ba61c83d56cb-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17336&min_rtt=734&rtt_var=17206&sent=93&recv=125&lost=0&retrans=2&sent_bytes=9531&recv_bytes=7627&delivery_rate=313822&cwnd=12000&unsent_bytes=0&cid=5e6d271239b96a9b&ts=6947&x=80"
GET xvideosrei.com/wp-content/uploads/2021/09/novinha-chupando-escola.jpg
200 OK 26 kB URL GET xvideosrei.com/wp-content/uploads/2021/09/novinha-chupando-escola.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwww.xvideosrei.com
FingerprintC2:28:3A:CF:8A:D8:6A:AE:2F:E5:5E:F8:61:B6:CF:EB:A3:2F:85:03
ValiditySun, 18 May 2025 11:52:41 GMT - Sat, 16 Aug 2025 11:52:40 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 600x337, components 3
Hash 7a1b5ef1bcd339ab04ee976e34526da2
afdba75110d2a3f828fb9c0da5b9f72d88417a24
c680a8dc3f9e71073a888059da9993e43fff1293ab72b1d15fa5a00d7b9eb240
GET /wp-content/uploads/2021/09/novinha-chupando-escola.jpg HTTP/1.1
Host: xvideosrei.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:02:39 GMT
content-type: image/jpeg
content-length: 25602
version: MS25051001
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 23 May 2026 07:02:39 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/a0866cc0c1d1b2789690570401405ecee203a26e.jpg
200 OK 17 kB URL GET cdntube.b-cdn.net/thumbnails/a0866cc0c1d1b2789690570401405ecee203a26e.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x919, Scaling: [none]x[none], YUV color, decoders should clamp
Hash ed8804902174938db7441b5d82a31a9f
af5b462beaf25f46192710a8d7bfbf9cc35da516
61dbea8b6c620a303c9cb60b3d5d29a173886d60a90e1aa7779edbdab161f808
GET /thumbnails/a0866cc0c1d1b2789690570401405ecee203a26e.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 16778
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Thu, 23 Jan 2025 19:01:44 GMT
cdn-storageserver: DE-633
cdn-requestpullsuccess: True
cdn-fileserver: 1024
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/10/2025 18:58:28
cdn-edgestorageid: 830
cdn-requestid: bcba2f09943be1055db4b419c578c2a9
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET rtgallery.net/favicon.ico
200 OK 894 B URL GET rtgallery.net/favicon.ico
IP
Certificate IssuerLet's Encrypt
Subjectrtgallery.net
Fingerprint4E:C3:40:07:97:1C:DC:20:B3:66:18:DA:CD:F2:BF:27:EA:C5:AF:C4
ValiditySun, 23 Mar 2025 17:35:52 GMT - Sat, 21 Jun 2025 17:35:51 GMT
File type MS Windows icon resource - 1 icon, 16x16, 24 bits/pixel
Hash ecfa03337847c3b30c7c0c5c4bbb5c5f
55457dd13b92fd876c253e3a74d46aec83429441
903d49ac2a65b3e7452534fc61790a686d1be8b936e8e6bcd9f49b1739a746f9
GET /favicon.ico HTTP/1.1
Host: rtgallery.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.22.1
Date: Fri, 23 May 2025 07:09:28 GMT
Content-Type: image/x-icon
Content-Length: 894
Last-Modified: Sat, 03 Jun 2017 05:36:38 GMT
Connection: keep-alive
ETag: "59324ae6-37e"
Cache-Control: private, max-age=600, must-revalidate
Accept-Ranges: bytes
GET www.9188porn.xyz/favicon.ico
0 B URL GET www.9188porn.xyz/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET zhestkoe.org/favicon.ico
302 Found 1.8 kB IP
Certificate IssuerGoogle Trust Services
Subjectzhestkoe.org
Fingerprint3A:37:27:03:E5:00:8E:63:96:6C:4A:D0:01:0C:C4:63:7E:57:D4:14
ValidityFri, 16 May 2025 15:29:05 GMT - Thu, 14 Aug 2025 16:27:37 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: zhestkoe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html; charset=utf-8
location: https://zhestkoe.org/sites/zhestkoe.net/images/icon.png
server: cloudflare
cache-control: no-cache, private
cf-cache-status: BYPASS
priority: u=4,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dJumDsFar0tWOPESqLe5I0WSksuUj7Ibh6Tm9q31oB8WRjoRam4G0G9S03ON%2BmR6EcEuEBYmBhTZ9LslKEgoA7v0dnVXMjURdbo%3D"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
set-cookie: XSRF-TOKEN=eyJpdiI6InFscEk0OWNHT2FyN295UmxTcG9wdWc9PSIsInZhbHVlIjoiTm1LOTFzanlrdXJ3L0cwQkhZQUlYM01Mc0ZzTE8rdUlXYjBtZlZlTk1lbEprLzhwd3RxeExRZVQzbm5Xdi84ZldUbytVOVpOVzE1VUhESXBySUJkaVYwaGx0YVRmWi8wS2ZXZU9DVllXRUIzSktOTHovcGhVWEhMbFBTT3hNQ1UiLCJtYWMiOiJjMWY4MGY2ODRjZDQzODM4NGNiYzBhNWNhY2UyMTQxZWVhODZmZWNlYjc3ZjJkNGEyN2Y4NWM4ZGUwMGY1ZTBjIiwidGFnIjoiIn0%3D; SameSite=Lax; Secure; Path=/; Max-Age=604800; Expires=Fri, 30 May 2025 07:09:28 GMT
laravel_session=eyJpdiI6IlRVNHFzeHZrMTdvakZqZ2wwM3BLM0E9PSIsInZhbHVlIjoiajMySGF4YjZXd0lOTFFyNm9BZlZ4aUltM2RSQ3NRUVJhYkNIV3A3RnF6a0JoUWovblc2bGN6cHlJM2k2a0RCQkl6RkJWRDdrTlVxa0JkRnJsZjRuTWxERjd5dW0wMjNZZUU4QzRjZEhtY1NpOXdEK045VndzaytBMUM3ZlJZeEYiLCJtYWMiOiIxZDU0ODg1NWI1YzUzM2UxZjQ0NzllN2UxMzZlOTllNTA2NGRiYmMyMWZhZjUzMWEwMjQzNmViOGUyNjU3YjA0IiwidGFnIjoiIn0%3D; HttpOnly; SameSite=Lax; Secure; Path=/; Max-Age=604800; Expires=Fri, 30 May 2025 07:09:28 GMT
cf-ray: 9442ba5cac2a569f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET naturismv.com/images/fitness-girls-naturist-freedom.jpg
200 OK 43 kB URL GET naturismv.com/images/fitness-girls-naturist-freedom.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash f26e2db57a5f70148567311fb931a4e5
78841d634a04f7c7b90dcd5656a5f6766e3bfce0
a7f76e52392b48d0683bbcc66c13cb8014540b3af5cd5963c70d5265a3201374
GET /images/fitness-girls-naturist-freedom.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 43134
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 19 May 2023 12:04:50 GMT
etag: "646765e2-a87e"
expires: Thu, 07 May 2026 03:13:48 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1396533
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eYgvogfSCQqT1MTsT4vXgkR1oU0kgxwaVgyNBOiiaFlrKDGAZp41C4oE2c95t5hzo9uWsnDJxQ9sm21MsU8d07%2BjM34ourY53CNV"}]}
cf-ray: 9442ba32fc360b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/c8b8cf88df48f3039a34a1faac8677e7c2813e6d.jpg
200 OK 9.1 kB URL GET cdntube.b-cdn.net/thumbnails/c8b8cf88df48f3039a34a1faac8677e7c2813e6d.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x709, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 1b07a946cdd4b599c400ebfefe82717f
b1d76181af24996b7a8b0f526047cec6eb6168dd
4adaff9ab95404b9343cb579e5af9b74f9feaa02ec3d0d382425cd3cff005d62
GET /thumbnails/c8b8cf88df48f3039a34a1faac8677e7c2813e6d.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/webp
content-length: 9076
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 12 Jul 2023 03:13:51 GMT
cdn-storageserver: DE-1019
cdn-requestpullsuccess: True
cdn-fileserver: 653
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:08:02
cdn-edgestorageid: 830
cdn-requestid: 34c57d62a75c509cf1d9d47c2f019599
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.redd.tube/favicon.ico
301 Moved Permanently 0 B URL GET www.redd.tube/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectredd.tube
Fingerprint4B:F4:93:A5:81:69:7D:0C:A9:A1:D8:91:D8:20:58:DC:91:7E:6B:21
ValidityThu, 03 Apr 2025 14:42:20 GMT - Wed, 02 Jul 2025 15:39:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.redd.tube
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=iso-8859-1
content-length: 229
location: http://www.redd.tube/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sc%2B8KAkjnaMduRapTI9zX%2FkzI1mCVcbE96S7zBidRQN7QKAuNPnbvd7IQK5WGpIT4cgpAwR2WBF1ra03TrSbNPvTIqAvkNAqbBGyPZPYh%2Fx044FgOOe2nCNaBX5irIw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba619c7956b1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3213&min_rtt=384&rtt_var=5571&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3194&recv_bytes=1062&delivery_rate=6819466&cwnd=254&unsent_bytes=0&cid=a73a04a07a565e52&ts=882&x=0"
X-Firefox-Spdy: h2
GET vidmo.pro/thumbs_320/81/cb/81cb901d154b371e53b137fdf7ca9638/12848805.jpg
200 OK 22 kB URL GET vidmo.pro/thumbs_320/81/cb/81cb901d154b371e53b137fdf7ca9638/12848805.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash 192f8249bdb29b0dceb1e9424048f40e
b3248cbf5298db98cb057b0c9f4f083890d012cf
d5c243cc75ef6306a034001e789d3ae1e2297a923284855402985df1f403de8c
GET /thumbs_320/81/cb/81cb901d154b371e53b137fdf7ca9638/12848805.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 22295
last-modified: Wed, 20 Jan 2021 13:01:00 GMT
expires: Tue, 16 Apr 2024 19:49:48 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.clporn.com/thumbs/1359/007_curly.jpg
200 OK 19 kB URL GET www.clporn.com/thumbs/1359/007_curly.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectclporn.com
Fingerprint8F:CA:12:EB:6D:F7:0B:C6:3E:7E:FB:1F:5B:47:EE:0F:FC:F2:10:55
ValidityMon, 14 Apr 2025 20:15:06 GMT - Sun, 13 Jul 2025 21:12:18 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 312x208, components 3
Hash 88e81997315a8dcbff76772ce4879a2e
44c59fa5eab00e05da28f47e336df8aadf0959f0
db6bb68e61ce719baed9f5bbd324a92e3eeb16c2ecbff3f9015ea7bf9079f049
GET /thumbs/1359/007_curly.jpg HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 19381
server: cloudflare
last-modified: Sun, 03 Oct 2021 07:46:52 GMT
etag: "61595fec-4bb5"
expires: Sun, 10 May 2026 05:17:25 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 1129913
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B0fR1PtpIKseEXGvw1Ydp5ln41xbYwKyzy8QF%2BxETFx9USKigXOH8HssdJdJ7t0kn7lV%2BDibDKCDn493sC3PJj8SUfxGr3bO88ZmqA%3D%3D"}]}
cf-ray: 9442ba1eee9056c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn5-thumbs.motherlessmedia.com/thumbs/678585E.jpg
200 OK 20 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/678585E.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash 996571e505042309b20fea0f532ca71c
ec1d5a7d80d77729e73f2570c655338c49106e21
e1cc223a0aa076a64bc97bf24fb6b6f0585dc2958a2a1fb9c63d67a0a90eb3b6
GET /thumbs/678585E.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 20508
vary: x-s-token
last-modified: Thu, 04 Oct 2018 07:01:54 GMT
etag: "501c-57761bae9737f"
x-cache: HIT
x-whom: cdn03
accept-ranges: bytes
GET cacrz.4jpg.top/AV4.us.jpg
200 OK 8.7 kB URL GET cacrz.4jpg.top/AV4.us.jpg
IP
Certificate IssuerGoogle Trust Services
Subject4jpg.top
FingerprintBE:FB:D5:E3:D6:90:C9:AA:D7:5D:9F:CA:A4:3F:0E:6B:4A:62:A6:BC
ValidityThu, 24 Apr 2025 20:06:20 GMT - Wed, 23 Jul 2025 21:04:03 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: cacrz.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:26 GMT
content-type: image/jpeg
content-length: 8741
server: cloudflare
etag: "2225-5499bcea176c0"
accept-ranges: bytes
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
access-control-allow-headers: Cake
ahost: RZ
cache-control: public, max-age=3600000
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VQnmlNI1lJMasR4Zkh929PqIUJP6CD59HbDOHLLxi%2B03MSjzpkqQUaAtd1vfMLPnUlNws8IlFLfYYMt8bZpQSgBwj%2FSq%2B7q6qnQnQg%3D%3D"}]}
age: 799282
cf-cache-status: HIT
vary: accept-encoding
cf-ray: 9442ba5179aab529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/baee58adf6480eaa3a494548791f4b57.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET css.4jpg.top/mycss/av4.css?33
200 OK 4.2 kB URL GET css.4jpg.top/mycss/av4.css?33
IP
Certificate IssuerGoogle Trust Services
Subject4jpg.top
FingerprintBE:FB:D5:E3:D6:90:C9:AA:D7:5D:9F:CA:A4:3F:0E:6B:4A:62:A6:BC
ValidityThu, 24 Apr 2025 20:06:20 GMT - Wed, 23 Jul 2025 21:04:03 GMT
Hash e05d356eb3c9cb0366e5491f098c5b66
9c82f99795bf55512147a0bd629e9775446291bf
7c7a5f32e5c6a2e6e1f3e71112f35691714019685cc4c7d567e158cb32d1579c
GET /mycss/av4.css?33 HTTP/1.1
Host: css.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:19 GMT
content-type: text/css
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
x-proxy-cache-192g-la: HIT
xkey-192la: jcss./mycss/av4.css?33-A-css.4jpg.top--myzone---no
age: 280733
cf-cache-status: HIT
priority: u=2,i=?0
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=LamOIXs9Y%2BRZbUUr2PGf%2BndbnPOjp0TUJDqrzJgiM%2FMYxDFjOQZ%2FJ93h8YcsXYzio0HskTrafSzAuGIK073bKn77pUtlxqzVonk%3D"}]}
etag: W/"103e-62edbddabc000"
content-encoding: br
cf-ray: 9442ba26787156b9-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
GET s9631.chomikuj.pl/Thumbnail.aspx?e=viTNnVF8jH4-tAvjuB87jvvZtg6otfpz_yVVHu55mGlUGb3Mzp1i9u5oREtozSOqAdL58WkMcORIA2cgNQKdH7eBqan3hgKbbKPgvNxUfBw&pv=2
200 OK 26 kB URL GET s9631.chomikuj.pl/Thumbnail.aspx?e=viTNnVF8jH4-tAvjuB87jvvZtg6otfpz_yVVHu55mGlUGb3Mzp1i9u5oREtozSOqAdL58WkMcORIA2cgNQKdH7eBqan3hgKbbKPgvNxUfBw&pv=2
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerDigiCert Inc
Subject*.chomikuj.pl
Fingerprint6F:5B:B0:9D:FF:F4:B0:50:D0:C8:F6:93:5D:DB:D5:E9:D2:32:A2:E0
ValidityTue, 10 Dec 2024 00:00:00 GMT - Sat, 10 Jan 2026 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1120x120, components 3
Hash dab217218542df68a433a0759514f863
8089ede982dfcc55c8f46c14f7f76e0c130cdca3
610d87bf04e9d4b46d1ee14e56a6d5db78e4d4d7f070030b7921236e5e200909
GET /Thumbnail.aspx?e=viTNnVF8jH4-tAvjuB87jvvZtg6otfpz_yVVHu55mGlUGb3Mzp1i9u5oREtozSOqAdL58WkMcORIA2cgNQKdH7eBqan3hgKbbKPgvNxUfBw&pv=2 HTTP/1.1
Host: s9631.chomikuj.pl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://young.av4us.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: private
content-type: image/jpeg
server: Microsoft-IIS/10.0
access-control-allow-origin: https://chomikuj.pl
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 23 May 2025 07:09:24 GMT
content-length: 26225
X-Firefox-Spdy: h2
GET blumpkintube.com/thumbs/64/186_cock.jpg
200 OK 11 kB URL GET blumpkintube.com/thumbs/64/186_cock.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectblumpkintube.com
FingerprintDA:B0:E3:91:B1:3A:F6:92:40:A5:6D:DA:6D:67:42:B4:54:2E:FF:7C
ValidityMon, 14 Apr 2025 03:20:03 GMT - Sun, 13 Jul 2025 04:18:31 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3
Hash 1216a557bc4628ee5feee388e7803dca
6ca15c946ca5be68cb34e377494705aca85ff77b
483c4319362c051bf024bf4a463f601cd23bd412780579dfc91feb9281266c13
GET /thumbs/64/186_cock.jpg HTTP/1.1
Host: blumpkintube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 10788
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Wed, 05 Aug 2020 12:04:28 GMT
etag: "5f2aa04c-2a24"
expires: Fri, 15 May 2026 20:14:47 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 644074
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VxUpEaF7kFt3uuis6P16NMb9UtF1Ig3unkzpA65iWEMoAZgANVnjCP8KOCy6EMs6QEuJCaE5oEmjpu7R1QKzIrnKqjqDHuhakNgLcsIC"}]}
cf-ray: 9442ba2f5dd956aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET realincest.pro/thumbs/177/3824942637803017177_0.jpg
200 OK 6.4 kB URL GET realincest.pro/thumbs/177/3824942637803017177_0.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectrealincest.pro
Fingerprint03:92:AE:65:A6:AA:50:B5:EF:F6:6C:99:A0:E5:88:FA:6B:E7:4C:61
ValidityThu, 24 Apr 2025 21:35:20 GMT - Wed, 23 Jul 2025 22:33:54 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x180, components 3
Hash 677eae22c927f87eb57643dc56c86de9
6e2907a97e833c7c6ef46060530e8fcb29216d79
2f8307ee3cd292db2fd295a3e4581a476fd9e3ed83d6c9553ebe698b6142b30c
GET /thumbs/177/3824942637803017177_0.jpg HTTP/1.1
Host: realincest.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 6430
server: cloudflare
last-modified: Fri, 06 Mar 2020 11:53:15 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "5e6239ab-191e"
expires: Sat, 21 Jun 2025 21:09:47 GMT
cache-control: max-age=2592000
accept-ranges: bytes
age: 35974
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=W9witR%2BCt38018x5WQGpgDvV3Qh2zgfO4XtmS1SUMIsLf0EtO4o5P75rzsIMK7jVuHz3lKu8dDCspDwwI9c%2BOCfWMVl9U4gJ6efHTQ%3D%3D"}]}
cf-ray: 9442ba312972569f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET stickamvids.net/photos/2016/04/9128_0_300.jpg
200 OK 5.4 kB URL GET stickamvids.net/photos/2016/04/9128_0_300.jpg
IP
ASN #44477 Stark Industries Solutions Ltd
Certificate IssuerLet's Encrypt
Subjectstickamvids.net
FingerprintD1:91:40:9F:36:56:28:A6:04:09:84:31:DF:58:AB:9B:89:7D:0D:83
ValidityThu, 27 Mar 2025 00:22:44 GMT - Wed, 25 Jun 2025 00:22:43 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 230x171, components 3
Hash 961b4500bce57f86fc04178dbcf8d47b
3a33594f261c5f91ee2dc85f2e9b5c11824231de
7a6ce38f0d2c40c32019d632b4cb70c237900f411ae9fbd02336968a5d755a35
GET /photos/2016/04/9128_0_300.jpg HTTP/1.1
Host: stickamvids.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Fri, 23 May 2025 07:09:20 GMT
Content-Type: image/jpeg
Content-Length: 5391
Last-Modified: Wed, 14 Feb 2024 13:08:38 GMT
Connection: keep-alive
ETag: "65ccbb56-150f"
Expires: Sat, 24 May 2025 07:09:20 GMT
Cache-Control: max-age=86400
Accept-Ranges: bytes
GET en.vidmo.pro/thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg
200 OK 15 kB URL GET en.vidmo.pro/thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash 99c1ac3d4a0054437ddff254cb3a14b6
73c7af71634699f608e19f6f732a3c654f1a23ec
abbfe903fbb9fe91192226e44296efc26e2c48f738f7c03a33ec98679c84a1dc
GET /thumbs_320/1c/c0/1cc0d800dcd14a199783879ad4307f0a/15613374.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 15379
last-modified: Sat, 24 Jun 2023 13:06:37 GMT
expires: Tue, 21 Nov 2023 16:22:06 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET avatars.mds.yandex.net/get-vthumb/1343348/25c1fcad290acb18891dfa4f20d34339/564x318_1
200 OK 30 kB URL GET avatars.mds.yandex.net/get-vthumb/1343348/25c1fcad290acb18891dfa4f20d34339/564x318_1
IP
Certificate IssuerGlobalSign nv-sa
Subject*.avatars.mds.yandex.net
FingerprintE6:CA:01:EF:27:C5:A7:B7:36:66:BC:E5:64:C2:63:12:FB:3C:8F:91
ValidityThu, 03 Apr 2025 14:25:03 GMT - Wed, 01 Oct 2025 20:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 474x266, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 35ea229a4ea4e3327908f48815f27ec8
c8949cf27dd0594ac186088cb934092efc5ffb63
644b35e39f3313d899e6853006b2ad2c2a59792dbe64f67096b11b548b29911e
GET /get-vthumb/1343348/25c1fcad290acb18891dfa4f20d34339/564x318_1 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/webp
content-length: 30168
last-modified: Wed, 08 Jan 2025 19:57:26 GMT
cache-control: max-age=604800,immutable
x-request-id: 8b7c87241b63a7f
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2
GET page.phic4.top/myda.php
200 OK 0 B IP
Certificate IssuerGoogle Trust Services
Subjectphic4.top
Fingerprint7D:FB:B4:77:85:58:5A:A6:F5:90:D1:1A:18:37:82:49:6E:ED:B7:C6
ValidityThu, 01 May 2025 23:39:34 GMT - Thu, 31 Jul 2025 00:37:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.phic4.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:26 GMT
content-type: text/html; charset=utf-8
server: cloudflare
myda: myda2a02:6b8:c15:2602:0:492c:3870:0
vary: User-Agent, accept-encoding
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KeeJ9V44eIMp3UQoZf6AuqnbIMVMVXwKR13WU8iAGnTj8X%2BjDXn2ZjINZGZf1Ao8LlbAueGq85dLWp4Ff88M%2BMC2PQkc0%2FavAh3VUg%3D%3D"}]}
age: 5522
cache-control: max-age=14400
cf-cache-status: HIT
last-modified: Fri, 23 May 2025 05:37:23 GMT
content-encoding: br
cf-ray: 9442ba4d7d9256c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET jpgjingpinx.com/upload/vod/20250105-1/49bf95c557bcc985667b4681a72170ba.jpg
200 OK 68 kB URL GET jpgjingpinx.com/upload/vod/20250105-1/49bf95c557bcc985667b4681a72170ba.jpg
IP
Certificate IssuerGoGetSSL
Subjectjpgjingpinx.com
Fingerprint2C:3E:6B:9C:FE:09:B4:24:D1:70:65:20:01:B7:8A:54:18:EA:BD:DC
ValidityFri, 20 Sep 2024 00:00:00 GMT - Sat, 20 Sep 2025 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 718x404, components 3
Hash e73e6611fc176083a1ada227d0aba1db
a5dff65c8b174d5f0943eab1bce58b9dbe207440
3427438e70cf658e81dff3d9de60da2f1403a4999e8e1be3f10fc420ea55191f
GET /upload/vod/20250105-1/49bf95c557bcc985667b4681a72170ba.jpg HTTP/1.1
Host: jpgjingpinx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 68510
Content-Type: image/jpeg
Date: Wed, 21 May 2025 15:21:44 GMT
Etag: "67796516-10b9e"
Expires: Fri, 20 Jun 2025 15:21:44 GMT
Last-Modified: Wed, 21 May 2025 15:21:44 GMT
Server: openresty
X-Cache: HIT, policy, disk
GET cdntube.b-cdn.net/thumbnails/8937f40a657e331e8d08310a09445a7cf5181636.jpg
200 OK 9.8 kB URL GET cdntube.b-cdn.net/thumbnails/8937f40a657e331e8d08310a09445a7cf5181636.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x707, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 3b4d72badd35ed1fcfaff8aa3557f7f7
702ebfac7232cace44c72f21b4a7d92efb097250
fae43f8d3344de87b0a8158abff55a6031e465357ed40711b8d6813ddd053035
GET /thumbnails/8937f40a657e331e8d08310a09445a7cf5181636.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/webp
content-length: 9776
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 03 Apr 2023 00:20:00 GMT
cdn-storageserver: DE-632
cdn-requestpullsuccess: True
cdn-fileserver: 570
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:00:22
cdn-edgestorageid: 830
cdn-requestid: 566d7068813d32e702888186226da5ec
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET sorkab.com/wp-content/uploads/2022/12/0002968.jpg
200 OK 20 kB URL GET sorkab.com/wp-content/uploads/2022/12/0002968.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint7E:D6:71:6B:9C:36:1D:C7:90:8F:FA:A8:7A:9C:EB:16:BE:16:EF:C1
ValiditySun, 04 May 2025 04:23:18 GMT - Sat, 02 Aug 2025 05:21:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Hash 799fa9c5d17fc44dd66febc67ced0452
2893613b8213d24e0623688e70248d8da65c4b9f
adac87f24bb21281c18e2bebf8e33f9084ccc68263ed6591bcc9d17a1ed8323e
GET /wp-content/uploads/2022/12/0002968.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:16 GMT
content-type: image/jpeg
content-length: 19655
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=31536000
expires: Sat, 21 Feb 2026 20:36:30 GMT
last-modified: Wed, 22 Feb 2023 06:31:43 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 3724798
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GtLOvGPb%2FKlVwWYwwCCRIs7R6fx1HwsOf3Vq5PvYtLUFElrcImiL9tvnl5MHGJfozAVN4hlMtBI4%2F%2F%2BGFyDaSX2olNvt2oW%2B"}]}
cf-ray: 9442ba152f1e56a8-OSL
X-Firefox-Spdy: h2
GET www.pornlulu.com/favicon.ico
404 Not Found 0 B URL GET www.pornlulu.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectpornlulu.com
Fingerprint8D:2F:27:67:D4:35:82:EB:97:AE:E9:86:AA:F0:4B:6B:47:05:07:C6
ValidityTue, 22 Apr 2025 07:12:05 GMT - Mon, 21 Jul 2025 08:10:04 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.pornlulu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cTL8W6BVYFE8IpGI8IUAU3rNhF8CE9WgBlvOsRTcV8tHSPjiJOTtQ3kSGqtVc%2FclMudpKEfg9ZOaSkUismb6xxXcX9SDbAGk5j8auXtw"}]}
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
x-cache: BYPASS, Status: 404
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
age: 1557
cf-cache-status: HIT
content-encoding: br
cf-ray: 9442ba638cbe5684-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET erota2.com/favicon.png
200 OK 878 B IP
Certificate IssuerGoogle Trust Services
Subjecterota2.com
Fingerprint29:9B:74:F9:9F:4A:F9:DF:C8:E0:22:E5:A6:30:BF:DA:82:92:97:23
ValidityFri, 02 May 2025 02:05:40 GMT - Thu, 31 Jul 2025 03:05:16 GMT
File type RIFF (little-endian) data, Web/P image
Hash 8d491fe781671a3fdd939f98295a0846
278ca4f6b579018a045a719df3281304371882b6
0b2b88c079d3ab9dfa6a46c70ec56c08c90a915fd1b6dc53693bff726ab78baa
GET /favicon.png HTTP/1.1
Host: erota2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://young.av4us.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/webp
content-length: 878
cf-bgj: imgq:85,h2pri
cf-polished: origFmt=png, origSize=14599
content-disposition: inline; filename="favicon.webp"
etag: "669f87ac-3907"
last-modified: Tue, 23 Jul 2024 10:36:28 GMT
vary: Accept
cf-cache-status: HIT
age: 3367
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B31tzPLRzxeb508WbptpMsQmTzNQ0wIAJCTrhm1buJLO2i6De01qIOPjZ%2BaOD2FiwQLvfi67dhFgUXUkgGEy040Fjv5qOxT6Ys8mBKg1UwxvrIKYRFjv91QiaDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba61be2ab4ff-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=82056&min_rtt=40214&rtt_var=38153&sent=34&recv=42&lost=0&retrans=0&sent_bytes=5948&recv_bytes=3177&delivery_rate=185&cwnd=12000&unsent_bytes=0&cid=6c6fd3424cff05f8&ts=8955&x=1", cfExtPri, cfHdrFlush;dur=0
GET e249.com/vs/35090229.jpg
200 OK 37 kB IP
Certificate IssuerGoogle Trust Services
Subjecte249.com
Fingerprint8C:B2:79:51:5B:E0:1C:B7:3F:9A:38:53:31:CE:02:23:D8:A6:BF:D1
ValiditySun, 11 May 2025 16:16:05 GMT - Sat, 09 Aug 2025 17:11:57 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc54.92.100", baseline, precision 8, 640x480, components 3
Hash e99a114f0b2315fd3799c454e330d112
0c7ce372d87680e6f836ae947ef4a28ee3665514
d6d56f6b68509a63b166e7dd0f655cca3e127de792dd98e310ad7b0b6ebc4261
GET /vs/35090229.jpg HTTP/1.1
Host: e249.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 37281
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Wed, 29 Aug 2018 23:06:47 GMT
etag: "5b872707-91a1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
accept-ranges: bytes
age: 1308804
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mxQXNFxR1GdheFSO9YBZ158npIVJU%2FPKtNNlLIhzUTtLwkwVc6DK9yhZEIFRrYrrBI0Y2lxw%2F0ek%2FxJoMpk4XRVjXZc23g%3D%3D"}]}
cf-ray: 9442ba2e5a3e5689-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/7f5454cc2c5cd0a06ea866dfd4e140eeabb1ec12.jpg
200 OK 12 kB URL GET cdntube.b-cdn.net/thumbnails/7f5454cc2c5cd0a06ea866dfd4e140eeabb1ec12.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x633, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 66ee03a3714874d3b56db88463211a41
a995d022e3b3428799030b09b7dfd312838cb979
aa4a5103a9b3d7b89d2b0eeb3e185ee052db2911b69f21f343e34e97cb2861cd
GET /thumbnails/7f5454cc2c5cd0a06ea866dfd4e140eeabb1ec12.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/webp
content-length: 12412
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Mon, 14 Nov 2022 05:26:07 GMT
cdn-storageserver: DE-636
cdn-requestpullsuccess: True
cdn-fileserver: 512
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 05:18:54
cdn-edgestorageid: 830
cdn-requestid: f77148d7478249cef6d6f34b927c3c6f
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET pornolomka3.com/favicon.ico
404 Not Found 0 B URL GET pornolomka3.com/favicon.ico
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornolomka3.com
FingerprintBF:5C:F8:59:5E:5B:AC:97:C4:46:39:71:98:20:2D:9F:45:A6:BF:00
ValidityThu, 22 May 2025 22:44:16 GMT - Wed, 20 Aug 2025 22:44:15 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: pornolomka3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:27 GMT
content-type: text/html
content-length: 169
X-Firefox-Spdy: h2
GET www.missvid.com/favicon.ico
404 Not Found 0 B URL GET www.missvid.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectmissvid.com
Fingerprint68:AB:31:84:E4:DB:8B:E5:93:2F:2F:3F:C1:B0:40:05:3D:79:93:CA
ValidityTue, 20 May 2025 22:46:56 GMT - Mon, 18 Aug 2025 23:45:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.missvid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:30 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PcpQCLzvXdz%2B8W0addD%2BD19sv5NCe6xfotJmue7XRYDBsqjNZvlY5XnCCgA0y4pAJTpw0fPn0TNmQ4aHnYIY98B3aW4kpHiJ%2BEPhCso%3D"}]}
cache-control: max-age=86400
cf-cache-status: HIT
age: 154
vary: accept-encoding
content-encoding: br
cf-ray: 9442ba683dc856c1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET filmesporno.xxx/wp-content/uploads/2022/04/novinha-dando-o-cu-na-suruba-1.jpg
200 OK 15 kB URL GET filmesporno.xxx/wp-content/uploads/2022/04/novinha-dando-o-cu-na-suruba-1.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwww.filmesporno.xxx
Fingerprint99:78:79:5B:43:D8:9E:94:85:B5:C3:25:3B:5A:35:B3:44:8A:9A:F3
ValidityMon, 07 Apr 2025 09:33:59 GMT - Sun, 06 Jul 2025 09:33:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 600x337, components 3
Hash f1b8d110924831eedad881607e1a758c
a0a9a8f32dfb63208b0a11e16ad97a72af4f3fc2
18ec2665ae6e32238616d6735f5fafbf296ccee105008eb815e77e85d20b6245
GET /wp-content/uploads/2022/04/novinha-dando-o-cu-na-suruba-1.jpg HTTP/1.1
Host: filmesporno.xxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 06:58:01 GMT
content-type: image/jpeg
content-length: 15208
version: MS25051001
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
expires: Sat, 23 May 2026 06:58:01 GMT
cache-control: max-age=31536000, public, immutable
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 3gpking.pro/images/de6/5a6/younger-sister-giving-blowjob-to-her-brother-thumb.jpg
200 OK 15 kB URL GET 3gpking.pro/images/de6/5a6/younger-sister-giving-blowjob-to-her-brother-thumb.jpg
IP
Certificate IssuerGoogle Trust Services
Subject3gpking.pro
FingerprintB7:CE:42:30:0A:EC:47:0A:4C:EB:DC:29:0A:D9:24:89:AC:4E:E4:01
ValidityTue, 15 Apr 2025 07:07:57 GMT - Mon, 14 Jul 2025 08:06:15 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 554x414, components 3
Hash 19fe24e2321407df53f9b39d3d5b929e
dd74dbfac070def1cead0bb653f0e4a613d261ee
d7411fbfee7a8952919db820a96dfdf96da146212c33940322e78f06b602fd5f
GET /images/de6/5a6/younger-sister-giving-blowjob-to-her-brother-thumb.jpg HTTP/1.1
Host: 3gpking.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 14737
server: cloudflare
last-modified: Sat, 18 Aug 2018 20:59:42 GMT
etag: "5b7888be-3991"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000; includeSubdomains; preload
content-security-policy: block-all-mixed-content
x-frame-options: DENY
x-content-type-options: nosniff
accept-ranges: bytes
age: 2625044
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=OMVR27JFEChJrXjL1V2xYUO2QFcaXAy51gKGKKfAe8EIt0UJ8h8dLG2QZaxiOKpTLvCergI7gOlKQxBltvUvko1OxrHhdfXeVg%3D%3D"}]}
cf-ray: 9442ba2d5c4c1bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET baraag.net/@KDE/image/png
200 OK 0 B URL GET baraag.net/@KDE/image/png
IP
Certificate IssuerLet's Encrypt
Subjectbaraag.net
FingerprintAB:C0:A5:40:B1:C4:1B:DA:AE:12:A1:80:42:EA:71:7A:11:02:84:8B
ValidityTue, 06 May 2025 08:35:46 GMT - Mon, 04 Aug 2025 08:35:45 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /@KDE/image/png HTTP/1.1
Host: baraag.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg8_=0PmxpHLRHvwDlspl; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:20 GMT
__ddg10_=1747984160; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:20 GMT
__ddg9_=91.90.42.154; Domain=.baraag.net; Path=/; Expires=Fri, 23-May-2025 07:29:20 GMT
__ddg1_=JoOYoT6q2EQyyrRTxFHD; Domain=.baraag.net; HttpOnly; Path=/; Expires=Sat, 23-May-2026 07:09:20 GMT
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=utf-8
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: same-origin
vary: Accept-Encoding, Accept, Accept-Language, Cookie
link: </packs/js/locale/tr-json-8d299d27b0d858c0cbfd.chunk.js>; rel=preload; as=script; type=text/javascript; integrity=sha256-Te+gcZpOH2skKaXgPFcFMMLw8pSsux7NItaYleQ33Ac=
cache-control: max-age=15, public, stale-while-revalidate=30, stale-if-error=86400
etag: W/"9abe6620b48bb9492bb627241e5e43a1"
content-security-policy: upgrade-insecure-requests;, base-uri 'none'; default-src 'none'; frame-ancestors 'none'; font-src 'self' https://baraag.net; img-src 'self' data: blob: https://baraag.net https://media.baraag.net; style-src 'self' https://baraag.net 'nonce-PC3ubJ8wvD4yHhLX+aREyA=='; media-src 'self' data: https://baraag.net https://media.baraag.net; manifest-src 'self' https://baraag.net; form-action 'none'; child-src 'self' blob: https://baraag.net; worker-src 'self' blob: https://baraag.net; connect-src 'self' data: blob: https://baraag.net https://media.baraag.net wss://baraag.net; script-src 'self' https://baraag.net 'wasm-unsafe-eval'; frame-src 'self' https:
x-request-id: 979310e6-4e28-49ee-bd53-634ab0a73c9e
x-runtime: 0.023084
strict-transport-security: max-age=63072000; includeSubDomains
x-cached: MISS
content-encoding: gzip
age: 4
content-length: 10750
ddg-cache-status: MISS,HIT
X-Firefox-Spdy: h2
GET www.9188porn.com/upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xL%2BVi%2BS9ZPQtKyd%2FuqUIBvlJRktrFlWGIaJPxgxVRobTwaO4FuF%2F5haOc7gdX4cUeLMZEbA%2BSKN%2BRVPWwZppuj2AJxhDsmpzjjhbpMhm"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 9442ba137e7eb4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.com/upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 403 Forbidden
date: Fri, 23 May 2025 07:09:16 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=qHI9pTnWGjcFDQjkoZ672hwHcKUOUBYOyk%2BP76dCiENZqLRe5Z3MtDco3LQ5CtfqFs2IrWJgQt4YpLq2x6hjFWiYMHJeHrHY%2BAQe56AH"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 9442ba136e75b4f9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET gcore-pic.xvideos-cdn.com/videos/thumbs169ll/2d/bf/46/2dbf46694aaa7f0f8437ede77edcc8ee/2dbf46694aaa7f0f8437ede77edcc8ee.3.jpg
200 OK 24 kB URL GET gcore-pic.xvideos-cdn.com/videos/thumbs169ll/2d/bf/46/2dbf46694aaa7f0f8437ede77edcc8ee/2dbf46694aaa7f0f8437ede77edcc8ee.3.jpg
IP
ASN #199524 G-Core Labs S.A.
Certificate IssuerSectigo Limited
Subjectxvideos.com
Fingerprint27:E9:05:C0:A5:FC:40:B1:D6:44:DC:D3:39:EE:11:78:2C:E2:F0:78
ValidityThu, 03 Oct 2024 00:00:00 GMT - Mon, 03 Nov 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
Hash 18595f4c0a2aa64e108eef8ac979530a
d75f6f632996f785e453c1b4571a92031a708a7f
4ded4273a5b02856b665048240d24decb8c6310ba083703daa1446ef92b26858
GET /videos/thumbs169ll/2d/bf/46/2dbf46694aaa7f0f8437ede77edcc8ee/2dbf46694aaa7f0f8437ede77edcc8ee.3.jpg HTTP/1.1
Host: gcore-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 24240
traceparent: 00-2499df5424bb3e0623647f73366a1f93-8d922c4bb0e93a4b-01
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Thu, 07 Dec 2023 14:17:26 GMT
expires: Tue, 06 May 2025 17:13:54 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc67
age: 2270621
x-id: osix-hw-edge-gc4
cache: HIT
x-cached-since: 2025-05-06T18:03:50+00:00
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ed/34/90/ed3490378a2ba0a57c6c9148560aec1f/ed3490378a2ba0a57c6c9148560aec1f.29.jpg
200 OK 10 kB URL GET cdn77-pic.xvideos-cdn.com/videos/thumbs169ll/ed/34/90/ed3490378a2ba0a57c6c9148560aec1f/ed3490378a2ba0a57c6c9148560aec1f.29.jpg
IP
ASN #60068 Datacamp Limited
Certificate IssuerSectigo Limited
Subjectxvideos.com
Fingerprint27:E9:05:C0:A5:FC:40:B1:D6:44:DC:D3:39:EE:11:78:2C:E2:F0:78
ValidityThu, 03 Oct 2024 00:00:00 GMT - Mon, 03 Nov 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
Hash 1042fef4c30f2201c701d45506b2bc74
ee1847d37b2e3f067536a911358c6121d6aabd69
da411e2b8ab5b90bc2adab2a1ee13f6e934f788ad3ded1219275a785a8caa257
GET /videos/thumbs169ll/ed/34/90/ed3490378a2ba0a57c6c9148560aec1f/ed3490378a2ba0a57c6c9148560aec1f.29.jpg HTTP/1.1
Host: cdn77-pic.xvideos-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 10141
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
last-modified: Tue, 29 Oct 2024 22:33:56 GMT
cache-control: max-age=10368000, public
access-control-allow-origin: *
x-77-nzt: EwwBuUwJEQH3XzkFAAwBJRPCQAH3abRqAAgBbT1apAGB
x-77-nzt-ray: 0ef5851b4bc9d9421d1f306890b39737
x-accel-expires: @1751016789
x-77-cache: HIT
x-accel-date: 1747641790
x-accel-date-max: 1730280788
x-77-age: 342367
server: CDN77-Turbo
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.xyz/upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET rolotube.com/favicon.ico
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET ohsex.pro/favicon.ico
200 OK 1.4 kB IP
Certificate IssuerLet's Encrypt
Subjectohsex.pro
Fingerprint21:AB:C2:19:30:7D:C2:D8:7B:8F:46:45:35:31:93:98:00:B9:0C:C0
ValiditySun, 13 Apr 2025 09:14:35 GMT - Sat, 12 Jul 2025 09:14:34 GMT
File type MS Windows icon resource - 1 icon, 16x16
Hash d2f0fb9f04ad069d589ab7b8624ffecc
7be10cb96ac10edb887c960df743f3b738f77e95
5800d50fcad968ecef621130cfb5c77aec5576fde628aa192906f4a40153827e
GET /favicon.ico HTTP/1.1
Host: ohsex.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:30 GMT
content-type: image/x-icon
content-length: 1406
last-modified: Fri, 29 Mar 2019 14:33:31 GMT
etag: "5c9e2cbb-57e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=63072000;
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fapdig.com/media/videos/tmb/000/036/963/player.jpg
200 OK 45 kB URL GET fapdig.com/media/videos/tmb/000/036/963/player.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectfapdig.com
FingerprintC3:67:11:1F:C0:57:78:75:BE:3E:C3:A5:8C:CA:C8:85:D7:DA:A5:1A
ValiditySat, 17 May 2025 14:44:06 GMT - Fri, 15 Aug 2025 15:40:16 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.28.103", baseline, precision 8, 1280x720, components 3
Hash 2bdc91636d6a8a4498925130893f39b4
2715091d5e9ac085b4ff664273d892c7478a431d
86b09df7e456764cd26fcaa3da148cf4f992a95593e26da1bfeba359780ab2fe
GET /media/videos/tmb/000/036/963/player.jpg HTTP/1.1
Host: fapdig.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 44848
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Thu, 02 May 2019 04:22:08 GMT
etag: "5cca7070-af30"
cache-control: max-age=14400
cf-cache-status: HIT
age: 27
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dCJX0Y3MTIPg3Ysf2e62TV3yu0dCixU2MBPR7OQD26J6QRWquZk3yTX6h%2F6xi6VqPzX39c%2BSWkvbNj8fL3x8QS69yAiVRYvc"}]}
cf-ray: 9442ba36f91056a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.w3schools.com/w3css/4/w3.css
200 OK 23 kB URL GET www.w3schools.com/w3css/4/w3.css
IP
ASN #20940 Akamai International B.V.
Certificate IssuerLet's Encrypt
Subjectcertification.w3schools.com
FingerprintA1:82:1A:58:B8:A7:60:34:68:8F:02:87:1A:9E:D1:D8:26:79:F6:E0
ValidityThu, 13 Mar 2025 11:17:26 GMT - Wed, 11 Jun 2025 11:17:25 GMT
Hash 75b37d4abbdde1322116d2744181081d
6d6b5ff442af4682c30e970c382002a7c694ac5b
c4f2aba13970ecf8303fb9329f97c8824861569273b0aa27acce48abc61d04f5
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css
last-modified: Thu, 22 May 2025 10:56:48 GMT
accept-ranges: bytes
etag: "098f8368cbdb1:0"
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com https://pathfinder.w3schools.com;
vary: Accept-Encoding
content-encoding: gzip
content-length: 5256
cache-control: public, max-age=31466222
expires: Fri, 22 May 2026 11:46:29 GMT
date: Fri, 23 May 2025 07:09:27 GMT
x-loc: true
X-Firefox-Spdy: h2
GET zhestkoe.org/types/videohub/images/228735.jpg
200 OK 10 kB URL GET zhestkoe.org/types/videohub/images/228735.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectzhestkoe.org
Fingerprint3A:37:27:03:E5:00:8E:63:96:6C:4A:D0:01:0C:C4:63:7E:57:D4:14
ValidityFri, 16 May 2025 15:29:05 GMT - Thu, 14 Aug 2025 16:27:37 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc54.23.100", baseline, precision 8, 180x135, components 3
Hash 8bb794ebc9444a4a015895fd1b4de4b9
61dfd20f14e34f7227ccd3bdc75376ad35779871
710c82abfbd4fce3d2048158eaf4a77a66591b0025e53dd34753e145af4cef84
GET /types/videohub/images/228735.jpg HTTP/1.1
Host: zhestkoe.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpeg
content-length: 10201
server: cloudflare
last-modified: Mon, 09 Mar 2015 18:17:27 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "54fde3b7-27d9"
accept-ranges: bytes
age: 5890
cache-control: max-age=14400
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=KPtdgIAz2P9jd9vPeEGPi0yrb794QMuauUbTVRw96Jyqte0R%2BNBwElwBY0Ah3Y9l%2BFZhoK2dZRrIWlNyxUjuNygbOcBwWpzPN7w%3D"}]}
cf-ray: 9442ba3b887356bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fixedjs.jtube.top/AV4.us.jpg
200 OK 8.7 kB URL GET fixedjs.jtube.top/AV4.us.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectjtube.top
FingerprintD3:D5:1C:C3:7C:30:87:4D:FD:26:E5:91:17:4C:77:FB:C2:FB:FE:09
ValidityThu, 01 May 2025 14:02:56 GMT - Wed, 30 Jul 2025 15:00:36 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
GET /AV4.us.jpg HTTP/1.1
Host: fixedjs.jtube.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:16 GMT
content-type: image/jpeg
content-length: 8741
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 287249
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B%2FcN4ZJwiusUAYT7Gfp9q6bAaHAT%2Fhr7%2FDYlgzu%2Flc%2BBlgO9eEjPBP%2FBahqaNSCNTf2Dl3Lz6oU0rRBwFjMlRc7du18rhxkts%2Ftp80CvOg%3D%3D"}]}
cf-ray: 9442ba133d8556a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET en.vidmo.pro/thumbs_320/ca/8e/ca8e7134e6185a69962bc98ba74efc7a/14389311.jpg
200 OK 18 kB URL GET en.vidmo.pro/thumbs_320/ca/8e/ca8e7134e6185a69962bc98ba74efc7a/14389311.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash df2ed6e7af9055f1cf475c44dca13b11
b14f2dd54823dcd1d4b9281ac6497552b36746e0
2a01b4aeae6296159e5572cedc6e1a0f96a93e2077e2fef0cb644fbddfc944a1
GET /thumbs_320/ca/8e/ca8e7134e6185a69962bc98ba74efc7a/14389311.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 17905
last-modified: Thu, 07 Apr 2022 11:13:38 GMT
expires: Mon, 09 Oct 2023 19:41:07 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET timg208.top/videos/0ef77719f0bbb119e4571076df3b4658/cover/5_505_259?ih=1
200 OK 23 kB URL GET timg208.top/videos/0ef77719f0bbb119e4571076df3b4658/cover/5_505_259?ih=1
IP
Certificate IssuerGoogle Trust Services
Subjecttimg208.top
FingerprintF7:73:89:DA:F0:1B:3B:3D:45:CE:DC:8D:3D:2D:81:53:53:0C:EE:F1
ValidityMon, 19 May 2025 18:55:18 GMT - Sun, 17 Aug 2025 19:51:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc56.60.100", baseline, precision 8, 505x259, components 3
Hash 45a117ca6ed397fcfabf063acdd6d321
fabd4c8148627abbe8075e3a8507886dae810faf
094e512f2bed0fabb2a026f08053c3b25b3a8974c38c9758e4768a887eb3e1ed
GET /videos/0ef77719f0bbb119e4571076df3b4658/cover/5_505_259?ih=1 HTTP/1.1
Host: timg208.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: application/octet-stream
content-length: 23390
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 04 Mar 2025 10:01:58 GMT
vary: Accept-Encoding
etag: "67c6cf96-5b5e"
expires: Thu, 03 Apr 2025 18:02:12 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 3218393
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SBI33VMn6jp8A%2Bszvvecmw2flvSomISO%2FVcBbBK49wD%2Bh0wCJdEBIl9eZ9CyMxt6BNDT44WmjS2ngYYZZghu2OxpPkm1ahpbMA%3D%3D"}]}
cf-ray: 9442ba39ef771c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET pics.teens-tube.com/thumbs/146/696-video-.jpg
200 OK 10 kB URL GET pics.teens-tube.com/thumbs/146/696-video-.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectteens-tube.com
FingerprintD6:35:07:62:C6:1B:09:0B:B4:A2:85:F7:F4:BB:B0:86:68:33:93:4D
ValiditySun, 30 Mar 2025 10:52:05 GMT - Sat, 28 Jun 2025 11:50:32 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 320x240, components 3
Hash 4777142152a5273fb9d4c50a71d9dea4
83eb7053c09dee8e8f571a31c5fab1163d1397ac
ab5a36e6535a9081c2daf00d9bc7478e7dc40577ccc57cd3805e3ec14399a98c
GET /thumbs/146/696-video-.jpg HTTP/1.1
Host: pics.teens-tube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 10161
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Thu, 06 Feb 2020 22:56:21 GMT
etag: "5e3c9995-27b1"
expires: Thu, 29 May 2025 20:51:22 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 37080
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=F4ckr5oZHnzDGpa%2FlEMhxnHkg2GQBRpWU1yEor2G80g1y%2B%2B13wIUpzBN%2BwICjrcWjci75TIrca8RNfhTSTjvGv1Ew97sk2BmROluD8FGC7J3"}]}
cf-ray: 9442ba39b84456c9-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET motherless.com/favicon.ico
200 OK 1.2 kB URL GET motherless.com/favicon.ico
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherless.com
FingerprintBC:66:10:ED:31:C2:E1:48:61:92:BF:BD:98:9C:71:7C:41:97:BB:15
ValidityWed, 02 Apr 2025 00:00:00 GMT - Sun, 03 May 2026 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 71fed71dccb91a13bdf68a6444f25ce4
38da7202842147ecda5521d50f094a54d1381f2c
18f6675d329e6cb3bb7d7d1e546a1c68c5cc599f1b3ae98c2abbd21a53dc42c2
GET /favicon.ico HTTP/1.1
Host: motherless.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:28 GMT
Content-Type: image/x-icon
Content-Length: 1150
Connection: keep-alive
Last-Modified: Thu, 20 Apr 2023 06:59:04 GMT
ETag: "6440e2b8-47e"
X-Server-W: web805
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
X-Cache-Status: HIT
Accept-Ranges: bytes
GET vidmo.pro/favicon.ico
200 OK 5.4 kB IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 6b6734885d5e4ff9dbb7d82ba6023598
3c454d68a346b375ed7b59a131699061e7393b1f
0f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819
GET /favicon.ico HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.japxtube.com/favicon.ico
404 Not Found 0 B URL GET www.japxtube.com/favicon.ico
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectjapxtube.com
Fingerprint95:61:0B:BF:56:49:85:7A:73:F7:F3:09:45:53:C5:04:C0:AA:0B:92
ValiditySat, 05 Apr 2025 03:47:42 GMT - Fri, 04 Jul 2025 03:47:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.japxtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: openresty
date: Fri, 23 May 2025 07:09:30 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET pornodrochka.club/uploads/posts/2018-08/medium/1533157268_00_48_39.jpg
200 OK 100 kB URL GET pornodrochka.club/uploads/posts/2018-08/medium/1533157268_00_48_39.jpg
IP
ASN #213166 UA-Hosting SIA
Certificate IssuerLet's Encrypt
Subjectpornodrochka.club
Fingerprint0A:36:E3:8C:01:5A:FC:A6:E6:66:54:CA:63:6E:28:22:27:61:D6:51
ValidityTue, 22 Apr 2025 22:39:38 GMT - Mon, 21 Jul 2025 22:39:37 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x253, components 3
Size 100 kB (100033 bytes)
Hash 641bb615504f8094720548584670c571
cc93296b8de93fe85f3bec5fb320ff524a9ba450
0da42b65c3702c09bc04a2e6262e46293d17b8e3dc2e56bb5e0cd924541314bf
GET /uploads/posts/2018-08/medium/1533157268_00_48_39.jpg HTTP/1.1
Host: pornodrochka.club
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 23 May 2025 07:07:16 GMT
content-type: image/jpeg
content-length: 100033
last-modified: Sat, 29 Aug 2020 17:58:44 GMT
etag: "5f4a9754-186c1"
expires: Fri, 30 May 2025 07:07:16 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET sbzytpimg1.com:3519/upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg
200 OK 108 kB URL GET sbzytpimg1.com:3519/upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size 108 kB (107687 bytes)
Hash 381ee2568b17f65163400314822146c6
2e60da2d75b8917c254732aacb8c9460c5e3fead
b6630449053082fb2eb3396ff3038460e1bea7e02c9c5771c57f0aa36a1d21c1
GET /upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpeg
content-length: 107687
last-modified: Sun, 30 Jun 2024 04:49:49 GMT
vary: Accept-Encoding
etag: "6680e3ed-1a4a7"
expires: Tue, 27 May 2025 17:21:38 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.oedy9.com/favicon.ico
404 Not Found 0 B URL GET www.oedy9.com/favicon.ico
IP
ASN #11426 TWC-11426-CAROLINAS
Certificate IssuerLet's Encrypt
Subjectwww.oedy9.com
Fingerprint1D:50:9E:B1:45:A4:25:AA:E3:63:E1:3E:0F:61:0F:BB:58:22:A4:81
ValidityFri, 04 Apr 2025 12:54:28 GMT - Thu, 03 Jul 2025 12:54:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.oedy9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html
content-length: 138
etag: "67ecfc3a-8a"
X-Firefox-Spdy: h2
GET timg213.top/videos/db5cc609869c89380427162e65cc79f88782ac19/cover/5_505_259?ih=1
200 OK 66 kB URL GET timg213.top/videos/db5cc609869c89380427162e65cc79f88782ac19/cover/5_505_259?ih=1
IP
Certificate IssuerGoogle Trust Services
Subjecttimg213.top
Fingerprint80:65:F7:35:8E:EF:B9:6E:F5:A0:99:B8:2C:15:74:2B:FC:62:AE:AC
ValidityThu, 01 May 2025 08:02:25 GMT - Wed, 30 Jul 2025 09:01:11 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 505x259, components 3
Hash 9d8722f2786f9a1734033293fa77a67a
ca7ed5649cb83d63f08d3dc52a468f8ec0ae72f7
1007e301acfff91253a693479ba35768dd11476147998fd9cae6d06593851dd1
GET /videos/db5cc609869c89380427162e65cc79f88782ac19/cover/5_505_259?ih=1 HTTP/1.1
Host: timg213.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: application/octet-stream
content-length: 66057
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 04 Mar 2025 12:52:12 GMT
vary: Accept-Encoding
etag: "67c6f77c-10209"
expires: Tue, 13 May 2025 05:41:14 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 1687128
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2Blyun35DHfkV6NCIpYkc9Exfax8POBGfkyVBbcyE0xTXDR0DM%2Bye2Rv1s%2BO%2F4d%2BqdUiOGgGAN1E%2Fk3jCBQlOV%2FxMdfRcXqrP3w%3D%3D"}]}
cf-ray: 9442ba2de93db500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.porn112.com/i/10/682_--.jpg
200 OK 15 kB URL GET i.porn112.com/i/10/682_--.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecti.porn112.com
Fingerprint3B:D8:8C:15:AA:ED:07:0A:FA:DD:11:4A:60:9A:9F:22:6A:DA:8C:5E
ValidityMon, 05 May 2025 02:33:58 GMT - Sun, 03 Aug 2025 02:33:57 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3
Hash dce3a9997867efd8a84ecde5591a4fb5
b01041626a1504867afd20d3b7d73375994fe867
61f23d7b01aee1daabfcb83ada564e97932603590f992dec61f894125ea0a138
GET /i/10/682_--.jpg HTTP/1.1
Host: i.porn112.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 14696
server: nginx/1.20.1
last-modified: Wed, 18 Nov 2020 17:01:50 GMT
etag: "5fb5537e-3968"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/967841723e772c939d2a9d68ec6dd7e8.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.sexsex61.com/favicon.ico
0 B URL GET www.sexsex61.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.sexsex61.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET theporn.cc/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subjecttheporn.cc
FingerprintEA:FF:F5:C4:71:40:9D:C1:5A:52:A8:BA:BD:CC:8F:35:51:39:DE:EA
ValidityMon, 12 May 2025 14:02:05 GMT - Sun, 10 Aug 2025 15:00:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: theporn.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:30 GMT
content-type: text/html
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 5058
cache-control: max-age=31536000
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ib0tHnmuXVUs87WIaQ9aNiHwtay%2FB2B9XHeAVKOfwYBStC2BnqLk%2BHKoAvfREE0lD1V13yniz8aPjwd0agb66djFy1oh%2BpP6"}]}
content-encoding: br
cf-ray: 9442ba69cf51568b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.xyz/upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg
0 B URL GET www.9188porn.xyz/upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20240620-1/f74beb32a511caa2a32176435b3b60c7.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET nudegirls.wiki/favicon.ico
404 Not Found 0 B URL GET nudegirls.wiki/favicon.ico
IP
ASN #49453 Global Layer B.V.
Certificate IssuerLet's Encrypt
Subjectnudegirls.wiki
Fingerprint5E:7A:FE:B7:DA:CB:3A:FB:F5:73:34:5D:DD:CB:DE:6D:A1:57:6A:0D
ValidityWed, 23 Apr 2025 23:45:42 GMT - Tue, 22 Jul 2025 23:45:41 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: nudegirls.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=utf-8
content-encoding: br
X-Firefox-Spdy: h2
GET chezcathy.com/ext/pre_8471132209.jpg
200 OK 8.3 kB URL GET chezcathy.com/ext/pre_8471132209.jpg
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectchezcathy.com
Fingerprint0D:8D:39:CD:A0:69:82:49:31:7C:64:A5:63:C0:EC:2C:5A:B1:29:DE
ValidityThu, 17 Apr 2025 02:57:05 GMT - Wed, 16 Jul 2025 02:57:04 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash 178be961243dd240e91ca349678d25dd
d161dd3d8c90034e4b0a8ac95ef9cda399dd102d
deee54a53332f786c568567449fe2fc70434e7490c7be08814efe56310d6d1b7
GET /ext/pre_8471132209.jpg HTTP/1.1
Host: chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 8338
server: BunnyCDN-DE1-864
cdn-pullzone: 3632922
cdn-uid: 0f7047b6-2b70-4588-b55a-df9b2a15bf91
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "6667e748-2092"
last-modified: Tue, 11 Jun 2024 05:57:28 GMT
cdn-cachedat: 04/28/2025 17:11:27
cdn-proxyver: 1.23
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 41c7274f9d2183aea5be826ed9d53c47
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET jpgjingpinx1.top/upload/vod/20240108-1/ff07fcc6a10bb29c44e3172bcee9f617.jpg
200 OK 139 kB URL GET jpgjingpinx1.top/upload/vod/20240108-1/ff07fcc6a10bb29c44e3172bcee9f617.jpg
IP
Certificate IssuerLet's Encrypt
Subjectjpgjingpinx1.top
FingerprintFC:CE:98:2E:E3:10:BF:BE:45:E6:C8:CE:AF:E9:CA:10:A2:02:50:F9
ValidityThu, 13 Mar 2025 03:21:36 GMT - Wed, 11 Jun 2025 03:21:35 GMT
File type PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size 139 kB (138602 bytes)
Hash f6c5a2b86da698cc0e9e23933d3a6c54
97a4cb3d234182ef05ff2ecf62ba4b3b0937fbdd
8cd08c3d145111d057008e4e0d850f7247aa6928bc3ac8d5e48e1beddad1cb0e
GET /upload/vod/20240108-1/ff07fcc6a10bb29c44e3172bcee9f617.jpg HTTP/1.1
Host: jpgjingpinx1.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Content-Length: 138602
Content-Type: image/jpeg
Date: Thu, 22 May 2025 09:04:49 GMT
Etag: "659b8fee-21d6a"
Expires: Sat, 21 Jun 2025 09:04:49 GMT
Last-Modified: Thu, 22 May 2025 09:04:49 GMT
Server: openresty
X-Cache: HIT, policy, disk
GET img.xgogi.com/contents/videos_screenshots/2000/2877/preview.mp4.jpg
200 OK 8.1 kB URL GET img.xgogi.com/contents/videos_screenshots/2000/2877/preview.mp4.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectxgogi.com
FingerprintD2:1B:2F:40:34:70:56:17:33:F0:4B:66:B6:5A:97:46:EB:88:B7:0E
ValiditySun, 18 May 2025 16:29:02 GMT - Sat, 16 Aug 2025 17:26:29 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 39x38, segment length 16, comment: "Lavc57.64.100", baseline, precision 8, 304x240, components 3
Hash 718b851a93c6997e7d2495a4bcff011c
a933ac307014320bc50ea1d1b3e0258e1454dbf4
61273987c06b5f61e13f941cab23893f3cfa403c034fa709c06701193b99c918
GET /contents/videos_screenshots/2000/2877/preview.mp4.jpg HTTP/1.1
Host: img.xgogi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
content-length: 8055
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Mon, 20 Mar 2017 06:10:07 GMT
etag: "58cf723f-1f77"
expires: Fri, 23 May 2025 07:09:21 GMT
cache-control: max-age=86400
accept-ranges: bytes
cf-cache-status: REVALIDATED
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=GE1zpKhTGMe3QgAsTUMhd%2Br9TlQTnF3RRZn8uEBK3FtvD%2FxhtfEa8CG1s8w9g7RXnfcZPk%2FO7gqwWeSzLQWIqdSrpYgA9ucyVdYN"}]}
cf-ray: 9442ba3879fa56c6-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET blumpkintube.com/thumbs/241/916_a.jpg
200 OK 11 kB URL GET blumpkintube.com/thumbs/241/916_a.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectblumpkintube.com
FingerprintDA:B0:E3:91:B1:3A:F6:92:40:A5:6D:DA:6D:67:42:B4:54:2E:FF:7C
ValidityMon, 14 Apr 2025 03:20:03 GMT - Sun, 13 Jul 2025 04:18:31 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 312x208, components 3
Hash 8f7398334486af0aaad3fdf1f1362767
b985c860c218365bf9eecd6e2285925e10193b18
c457c49465bd22bd7f67a115d8ab465d1d384a5ca2022dab42bce8c61850d77b
GET /thumbs/241/916_a.jpg HTTP/1.1
Host: blumpkintube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 11106
server: cloudflare
last-modified: Sat, 05 Sep 2020 23:56:53 GMT
etag: "5f5425c5-2b62"
expires: Thu, 07 May 2026 00:44:01 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 1405519
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=TdJPyJ6yLNlIXzDvk7TuwHh2DTimtLsRJ%2Bh4t%2F15j8ekbNgcjiCCUXTXbt%2B%2BqrUFE4pp8jTipvMnyr3wrE%2BxYOvbAv020rCxMr9rhD%2Bn"}]}
cf-ray: 9442ba2efd3356aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdntube.b-cdn.net/thumbnails/378d51b27cbb804b71eaf0a8a5fa15f3e301a4c2.jpg
200 OK 19 kB URL GET cdntube.b-cdn.net/thumbnails/378d51b27cbb804b71eaf0a8a5fa15f3e301a4c2.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x704, Scaling: [none]x[none], YUV color, decoders should clamp
Hash b5bf2af7dbda916a1c06147117e5f13d
1c1438f040055ba2f13a3a4bde02609ceeda3116
3d80479a96b660e1774d987d6c8e1b4780d39773d323246d4a36ca22ba5b8fa7
GET /thumbnails/378d51b27cbb804b71eaf0a8a5fa15f3e301a4c2.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 19288
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Wed, 22 Feb 2023 05:23:31 GMT
cdn-storageserver: DE-51
cdn-requestpullsuccess: True
cdn-fileserver: 540
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:03:09
cdn-edgestorageid: 830
cdn-requestid: 74248b8aa1fff6c262bcdcb78e302ce3
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET videopreview.chezcathy.com/ext/pre_3876646583.jpg
200 OK 13 kB URL GET videopreview.chezcathy.com/ext/pre_3876646583.jpg
IP
Certificate IssuerLet's Encrypt
Subjectvideopreview.chezcathy.com
Fingerprint57:9A:62:F9:2C:DF:06:02:FD:00:7E:90:41:F0:58:B7:25:C6:71:6D
ValidityFri, 18 Apr 2025 06:25:44 GMT - Thu, 17 Jul 2025 06:25:43 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash ef53516fe31841c5888e48d87483ad8e
bc9ea50f0848205fbaf576efa368ad5409bfafec
f23cdd0ba0e5e78fbee317173638f4e0e096d365ba16e6bb47457e1005877713
GET /ext/pre_3876646583.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0 (Ubuntu)
Date: Fri, 23 May 2025 07:09:18 GMT
Content-Type: image/jpeg
Content-Length: 12930
Last-Modified: Tue, 11 Jun 2024 17:21:28 GMT
Connection: keep-alive
ETag: "66688798-3282"
Accept-Ranges: bytes
GET cdntube.b-cdn.net/thumbnails/48f157bec4224fa98daf480c3427006e4506ad91.jpg
200 OK 18 kB URL GET cdntube.b-cdn.net/thumbnails/48f157bec4224fa98daf480c3427006e4506ad91.jpg
IP
ASN #34989 ServeTheWorld AS
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 400x843, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 12c39c48678462ac0c4698d823ed1917
40d1d25083afaf935f8f7ef5c4f2c3ba9d2a00f6
62d5ec67bb59831ad6bb5c53f818c5f31841ca15785fae71bed06b88cf1cf532
GET /thumbnails/48f157bec4224fa98daf480c3427006e4506ad91.jpg HTTP/1.1
Host: cdntube.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/webp
content-length: 18470
server: BunnyCDN-NO1-830
cdn-pullzone: 114851
cdn-uid: 610bc618-7bcd-4e37-a18e-2efa3a8e9c35
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
last-modified: Fri, 27 Jan 2023 08:01:05 GMT
cdn-storageserver: DE-587
cdn-requestpullsuccess: True
cdn-fileserver: 521
perma-cache: HIT
cdn-proxyver: 1.27
cdn-requestpullcode: 206
cdn-cachedat: 05/09/2025 02:00:47
cdn-edgestorageid: 830
cdn-requestid: 059ec92337febe4d159e8eabface2233
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
GET chezcathy.com/ext/pre_6222457392.jpg
200 OK 8.6 kB URL GET chezcathy.com/ext/pre_6222457392.jpg
IP
ASN #60068 Datacamp Limited
Certificate IssuerLet's Encrypt
Subjectchezcathy.com
Fingerprint0D:8D:39:CD:A0:69:82:49:31:7C:64:A5:63:C0:EC:2C:5A:B1:29:DE
ValidityThu, 17 Apr 2025 02:57:05 GMT - Wed, 16 Jul 2025 02:57:04 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Hash c36dce0d0dadf7efb1f644c18be412a2
e06b96f2651452ab28b36ce5e4c98af998a67426
4cc640ed6e740f3b80e78dfc1f741d5cb482f546fd8d90ada6c34430c94da7f8
GET /ext/pre_6222457392.jpg HTTP/1.1
Host: chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpeg
content-length: 8607
server: BunnyCDN-DE1-864
cdn-pullzone: 3632922
cdn-uid: 0f7047b6-2b70-4588-b55a-df9b2a15bf91
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
etag: "666ae007-219f"
last-modified: Thu, 13 Jun 2024 12:03:19 GMT
cdn-cachedat: 04/28/2025 17:19:45
cdn-proxyver: 1.23
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 864
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 6fce146588de0462c342524b8cf598a7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/61a2632c6b411069669ff5264a7124c0.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.dirtysancheztube.com/favicon.ico
200 OK 1.2 kB URL GET www.dirtysancheztube.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectdirtysancheztube.com
Fingerprint57:E1:09:05:19:13:BC:25:AA:EE:35:50:01:F8:F6:6F:2C:00:26:D0
ValidityThu, 17 Apr 2025 14:12:15 GMT - Wed, 16 Jul 2025 15:11:01 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash dfd251a1848f0caf669a9253f39d3068
ee5695be8c0f24633be95c3a3adbd4b5b42ed6a3
0b561412b53c6a575b07d9dd6cd1d9d98a4b61c2ab3540b6e9ff246eb5c88664
GET /favicon.ico HTTP/1.1
Host: www.dirtysancheztube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c2wzqijf2skNTJ%2Fb4uGEhmz7N4bWIjFwoef%2F9f7KM20mhuuVbeqeDYExwezLu8jjqLjgnDdvd6VzJxxUcVRPDQXPvSxqUtEnHzitGnp1y7ZDsplYHrqghH3DiNX7tTCGs%2B4gn9GVSrvIbmU%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 29 Nov 2019 12:08:12 GMT
etag: "5de10a2c-47e"
expires: Thu, 07 May 2026 05:24:50 GMT
cache-control: public, max-age=31536000, no-transform
cf-cache-status: HIT
age: 1388678
accept-ranges: bytes
cf-ray: 9442ba5cadfc56c9-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=11822&min_rtt=2613&rtt_var=6424&sent=68&recv=100&lost=0&retrans=0&sent_bytes=6817&recv_bytes=5957&delivery_rate=229511&cwnd=12000&unsent_bytes=0&cid=0545c587e49f7a99&ts=7035&x=80"
GET akhwbjyshezaxck.buzz/favicon.ico
441 No Reason Phrase 0 B URL GET akhwbjyshezaxck.buzz/favicon.ico
IP
Certificate IssuerDigiCert Inc
Subjectakhwbjyshezaxck.buzz
FingerprintAD:F7:E5:11:E1:A0:DD:81:29:D2:74:6A:9D:F6:EC:73:9B:1B:FE:70
ValiditySat, 17 May 2025 00:00:00 GMT - Sat, 16 May 2026 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: akhwbjyshezaxck.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 441 No Reason Phrase
date: Fri, 23 May 2025 07:09:30 GMT
server: Parking/1.0
content-length: 0
X-Firefox-Spdy: h2
GET www.qwiketube.com/favicon.ico
200 OK 1.2 kB URL GET www.qwiketube.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectqwiketube.com
Fingerprint6D:37:70:60:D5:89:48:C7:95:90:20:94:51:CE:58:99:27:AE:42:D7
ValidityWed, 16 Apr 2025 09:51:57 GMT - Tue, 15 Jul 2025 10:50:15 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 91b5d269ad8dde2cbffd259684defe72
72a130aeaeeede403876cd9ed9f9631e275843be
fe3958e2ceda030e6df0701fb9f0304c4245cda2abe21a1c2716fb4a47026271
GET /favicon.ico HTTP/1.1
Host: www.qwiketube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8D5o7wMxW37HzPqx3KkARSBqZsn4%2FGdVURLPdNlZPBNUd%2FdeG2QormfdEfOConf%2B%2F6k3KLnbkDGSewFwxn4X7nnaLTqQyTp9yivuhgnlAoFNbE82P9AcPOcODl6Q%2FaLe2BUhGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 22 Apr 2016 09:27:18 GMT
etag: "5719ee76-47e"
expires: Fri, 08 May 2026 01:08:39 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 1317648
cf-cache-status: HIT
cf-ray: 9442ba5c58be56b4-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=38076&min_rtt=2358&rtt_var=28393&sent=86&recv=122&lost=1&retrans=0&sent_bytes=7785&recv_bytes=7128&delivery_rate=65487&cwnd=12000&unsent_bytes=0&cid=b31d5669930d6153&ts=6628&x=80"
GET www.9188porn.xyz/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET vidmo.pro/thumbs_320/2e/c6/2ec6a8c481d63e846b0d2e337b982008/11962485.jpg
200 OK 27 kB URL GET vidmo.pro/thumbs_320/2e/c6/2ec6a8c481d63e846b0d2e337b982008/11962485.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 320x240, components 3
Hash 43cc16bd8b00918fc910021af665a04b
3475e2e7d5353fe0301dbf562dfea89cc26869c9
303cb92874350954d16582aedccc5c5d611853ef8607395e220a596732265848
GET /thumbs_320/2e/c6/2ec6a8c481d63e846b0d2e337b982008/11962485.jpg HTTP/1.1
Host: vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 27211
last-modified: Fri, 05 Jun 2020 14:11:38 GMT
expires: Wed, 17 Apr 2024 18:23:19 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET uzbak.ru/favicon.ico
200 OK 495 B IP
Certificate IssuerLet's Encrypt
Subjectuzbak.ru
FingerprintA8:2B:EB:2B:82:9A:D0:04:55:2A:0C:FD:33:E8:86:61:8E:18:66:73
ValidityWed, 30 Apr 2025 23:53:51 GMT - Tue, 29 Jul 2025 23:53:50 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
Hash 0c19c2a6163fbf4c669707bde76ca544
b4dc653f20445c38e93bd8128f96966ad000565d
33df002fc10b9e1be2c51738ccdfec04a26801ad54044c8e8852026cb3687e71
GET /favicon.ico HTTP/1.1
Host: uzbak.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 495
last-modified: Mon, 12 Oct 2020 13:16:33 GMT
etag: "5f845731-1ef"
strict-transport-security: max-age=31536000;
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn5-thumbs.motherlessmedia.com/thumbs/BEC09D2.jpg
200 OK 26 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/BEC09D2.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash 2f98ddb84487110ea0d8ff923a845c49
3c8dc3530b9944ec9dbd24beb04dbd4438fb1cdf
bc85803cf6eb7441b90bec20eb26526aafbd83e362d76926425f99410d9acfff
GET /thumbs/BEC09D2.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 26303
vary: x-s-token
last-modified: Sat, 06 Oct 2018 17:30:16 GMT
etag: "66bf-57792bdc3abab"
x-cache: HIT
x-whom: cdn07
accept-ranges: bytes
GET naturismv.com/images/junior-miss-pageant-contest-2000-nc5-volume-5-version-2.jpg
200 OK 69 kB URL GET naturismv.com/images/junior-miss-pageant-contest-2000-nc5-volume-5-version-2.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash 0494be0baf719ab90cce68b8da4bb77f
67fffecc9d46df33710de4ef15c8cca9447fdae1
54b4e8082bef2b048e18d594a53389e634ee6ef21e6337c431741f742fc95a86
GET /images/junior-miss-pageant-contest-2000-nc5-volume-5-version-2.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 68887
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Fri, 19 May 2023 12:04:52 GMT
etag: "646765e4-10d17"
expires: Thu, 07 May 2026 06:39:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 1384216
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=5HJpa3pHiWIsXBFdxdvoni3F43Gh1d6VTJB78D3lJeOqUDyzTDI%2B7jw89G2DcqQrGG3FzJZhsXgD%2Ff6DYpdYzGj2Njch6Vsldg2g"}]}
cf-ray: 9442ba345d9a0b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET oedy9.com/favicon.ico
404 Not Found 0 B IP
ASN #11426 TWC-11426-CAROLINAS
Certificate IssuerLet's Encrypt
Subjectwww.oedy9.com
Fingerprint1D:50:9E:B1:45:A4:25:AA:E3:63:E1:3E:0F:61:0F:BB:58:22:A4:81
ValidityFri, 04 Apr 2025 12:54:28 GMT - Thu, 03 Jul 2025 12:54:27 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: oedy9.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: nginx
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html
content-length: 138
etag: "67ecfc3a-8a"
X-Firefox-Spdy: h2
GET xorow.ru/favicon.ico
200 OK 1.2 kB IP
ASN #207728 EUROHOSTER Ltd.
Certificate IssuerLet's Encrypt
Subjectwww.xorow.ru
FingerprintB3:E5:F9:15:C9:21:24:08:67:39:18:E0:07:EC:13:29:5F:EF:FB:20
ValidityTue, 08 Apr 2025 23:19:45 GMT - Mon, 07 Jul 2025 23:19:44 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 0177fe6e0018eb853a8c8dc0613fcbb1
a0cf2ed70318f4dec7eb983782dd7e5dfe382b9c
d873fcd96aba0179c8773f6211afb165635a69b81ea5a3c801599ef192dbc7b5
GET /favicon.ico HTTP/1.1
Host: xorow.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 May 2025 07:09:28 GMT
Content-Type: image/vnd.microsoft.icon
Content-Length: 1150
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Last-Modified: Sun, 19 Jul 2020 07:44:20 GMT
ETag: "47e-5aac68ee1f358"
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000;
GET treeyork.com/172464/172464.jpg
0 B URL GET treeyork.com/172464/172464.jpg
IP
Certificate IssuerLet's Encrypt
Subjecttreeyork.com
Fingerprint5C:A8:FF:44:5E:C7:52:F0:F7:9A:65:DD:4B:5F:0B:33:B9:1E:A9:4E
ValidityFri, 28 Feb 2025 01:03:45 GMT - Thu, 29 May 2025 01:03:44 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /172464/172464.jpg HTTP/1.1
Host: treeyork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET lsbzytp.com:3519/upload/vod/20231108-1/5823acad366ca66b92264b066b02de6f.jpg
200 OK 26 kB URL GET lsbzytp.com:3519/upload/vod/20231108-1/5823acad366ca66b92264b066b02de6f.jpg
IP
Certificate IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 400x224, components 3
Hash 29a9cf3c419a23d92929c2f3effe4e97
c865bcb8e1ad7b2e57b1689e8508ae4b198913e1
7cc888b79392ea6a384c0be7049487b521e7c0bee66882f7f77c63eb624b0803
GET /upload/vod/20231108-1/5823acad366ca66b92264b066b02de6f.jpg HTTP/1.1
Host: lsbzytp.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
last-modified: Wed, 22 Nov 2023 12:50:13 GMT
vary: Accept-Encoding
etag: "655df905-6412"
expires: Fri, 20 Jun 2025 19:38:56 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
X-Firefox-Spdy: h2
GET rule34.paheal.net/_thumbs/2fb734d294dc47a36eeabf4304c47bf1/thumb.jpg
200 OK 2.2 kB URL GET rule34.paheal.net/_thumbs/2fb734d294dc47a36eeabf4304c47bf1/thumb.jpg
IP
Certificate IssuerLet's Encrypt
Subjectrule34.paheal.net
Fingerprint40:9B:D7:9F:19:78:90:0F:1A:3D:FB:BF:4B:A4:11:37:F2:96:28:C7
ValidityTue, 01 Apr 2025 01:27:42 GMT - Mon, 30 Jun 2025 01:27:41 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x108, components 3
Hash c6f366362b0750799c6ee4c2b02add9d
a8faaabb3c5dc322a5ae30fa7205ba6a7860bf86
dc2848f44e43ed4edd3dc36e0ad33cd8095dca2099621673a975174ef3049900
GET /_thumbs/2fb734d294dc47a36eeabf4304c47bf1/thumb.jpg HTTP/1.1
Host: rule34.paheal.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
cache-control: public, max-age=31556926
date: Fri, 23 May 2025 07:09:22 GMT
etag: "657b7d0e-8a7"
last-modified: Thu, 14 Dec 2023 22:09:18 GMT
server: Unit/1.34.2
content-type: image/jpeg
content-length: 2215
X-Firefox-Spdy: h2
GET www.clporn.com/favicon.ico
200 OK 1.2 kB URL GET www.clporn.com/favicon.ico
IP
Certificate IssuerGoogle Trust Services
Subjectclporn.com
Fingerprint8F:CA:12:EB:6D:F7:0B:C6:3E:7E:FB:1F:5B:47:EE:0F:FC:F2:10:55
ValidityMon, 14 Apr 2025 20:15:06 GMT - Sun, 13 Jul 2025 21:12:18 GMT
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Hash 7bce878d4d59681219dd7ee7b31d501f
8078782a63dd8997b9537de46f1c19c0b60737ce
19658bac1ca076be044dc8e1289ae869efd6847cc8d61405f1f6aeea11904dcf
GET /favicon.ico HTTP/1.1
Host: www.clporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 1150
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3w%2BKIvq4%2FBsIPegPtOxStjryNl2yMmFzoHNZ5oKTcRJJP7GSjmV3e8KGI6RDERFaGz%2Bo%2FBi7gcVWkcfXzmCVZBB6zcQFM1KO2IJBSn0GvT7CaJ1kMYbXxDc9CrTD5CVj3g%3D%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Sun, 21 May 2023 03:45:32 GMT
etag: "646993dc-47e"
expires: Thu, 07 May 2026 03:14:03 GMT
accept-ranges: bytes
cache-control: public, max-age=31536000, no-transform
age: 1396524
cf-cache-status: HIT
cf-ray: 9442ba5c1d265689-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=124753&min_rtt=17614&rtt_var=97133&sent=19&recv=20&lost=0&retrans=0&sent_bytes=4121&recv_bytes=1787&delivery_rate=30146&cwnd=12000&unsent_bytes=0&cid=fb31eb72eeb974cb&ts=9515&x=80"
GET www.9188porn.com/upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20240619-4/0a81fbf6ccb28048139b9764d7110c1f.jpg HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 23 May 2025 07:09:24 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsM3c5fn6EqBO4wUUQ29vms4WxLrSK6TK6%2BxHRm18JXDxb6JwMGR1xFTJO1fLP2cyTlEJLEbQb6ccrKNsF40ZZxo2apj6kLj3bA27WB19ajQT3FZO7P2tkjV1vFiErpvzmxU"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 23 May 2025 07:09:39 GMT
content-encoding: br
cf-ray: 9442ba46ff4a0b4d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=16409&min_rtt=5529&rtt_var=17662&sent=61&recv=81&lost=0&retrans=1&sent_bytes=8511&recv_bytes=5497&delivery_rate=337785&cwnd=12000&unsent_bytes=0&cid=a6c59b246bbc7dac&ts=7906&x=80"
GET www.youjizz.com/favicon.ico
200 OK 4.3 kB URL GET www.youjizz.com/favicon.ico
IP
Certificate IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
Hash cd65da5df2a2cfd472a198524ec61296
e51ea1800eec5985026a37498f4aa7044c757d04
321ac040acb1c782abf632960125319b8925361510e13b1a9dfd904a9e733515
GET /favicon.ico HTTP/1.1
Host: www.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Tue, 25 Feb 2020 06:57:19 GMT
etag: "5e54c54f-10be"
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded6583; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
GET ajyshedfwer.buzz/favicon.ico
0 B URL GET ajyshedfwer.buzz/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: ajyshedfwer.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn5-thumbs.motherlessmedia.com/thumbs/FDAE4D8.jpg
200 OK 18 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/FDAE4D8.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x480, components 3
Hash c074b7ea5d2a905bbdad74a3be3f1d93
0610825fb4771b6759d73976e2e7add425b0feae
0b96cf78e470ec9766cb9b3173d55672d4329cbfded9b8fe07b54677ec134577
GET /thumbs/FDAE4D8.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 18033
vary: x-s-token
last-modified: Mon, 08 Oct 2018 05:20:27 GMT
etag: "4671-577b0c772d4eb"
x-cache: HIT
x-whom: cdn04
accept-ranges: bytes
GET www.9188porn.xyz/upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/b9512f28eecda7e4fe2809c801fad800.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET realincestvideos.org/thumbs/970/3824942639621101970_0.jpg
200 OK 10 kB URL GET realincestvideos.org/thumbs/970/3824942639621101970_0.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectrealincestvideos.org
Fingerprint36:6B:A6:53:14:8C:F8:6D:42:86:0B:C1:06:93:F3:11:FE:E3:C2:44
ValidityFri, 16 May 2025 17:31:53 GMT - Thu, 14 Aug 2025 18:30:17 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 240x180, components 3
Hash df9640571f32a92ca04af356412a71f4
e7426a31be23115259796c21fe764d98111f7803
63da2d279b00f8b0ab8fbdd6ba41f3e4551b3ea92ac5de759111c16cf8debfb8
GET /thumbs/970/3824942639621101970_0.jpg HTTP/1.1
Host: realincestvideos.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 10272
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 25 Feb 2020 16:27:32 GMT
etag: "5e554af4-2820"
expires: Mon, 26 May 2025 04:13:38 GMT
cache-control: max-age=259200
cf-cache-status: HIT
age: 10542
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ulsn070vMYBNGSdCjNE%2FM%2Bgd7m0fSVNbueTUUF6hFrr7rlBsw%2FgkXa95lDZLGsAv%2Fo6YFaMRDL9vifvyD8NpDSz6U6XX%2BcrCjh74OAK%2FvqCgaA%3D%3D"}]}
cf-ray: 9442ba2ce8350b41-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET naturismv.com/images/beach-ball-day-enature-net-russianbare-com.jpg
200 OK 32 kB URL GET naturismv.com/images/beach-ball-day-enature-net-russianbare-com.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectnaturismv.com
Fingerprint89:AF:F9:3B:F9:65:5A:43:A3:77:FD:5B:A5:61:B8:50:E0:07:19:A4
ValidityFri, 02 May 2025 17:11:44 GMT - Thu, 31 Jul 2025 18:09:26 GMT
File type JPEG image data, progressive, precision 8, 400x300, components 3
Hash 9133c9e08104dcbcdf8510ef1c89b271
e2d3b6bca0052dd4b3a281c8af42a72d7c1f54a9
7fe60b732e5d4afe6de57b087dc6eb1f078d01692277ac1a098c8d92826064ce
GET /images/beach-ball-day-enature-net-russianbare-com.jpg HTTP/1.1
Host: naturismv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:18 GMT
content-type: image/jpeg
content-length: 32263
server: cloudflare
last-modified: Fri, 19 May 2023 12:04:44 GMT
etag: "646765dc-7e07"
expires: Wed, 13 May 2026 03:17:38 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;
accept-ranges: bytes
age: 877900
cf-cache-status: HIT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=x8sGZBLQYctjvGpg5TqgxW0j5GFnSPNlJ4GDyuDSB%2BJDc3%2BPQ61gWg5GtNmRgGjhHQg%2Fqo9bLCXGToIyH3y%2FjD9xflL%2F3nKijn1X"}]}
cf-ray: 9442ba200b830b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET thumb.aporntv.com/thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother
404 Not Found 0 B URL GET thumb.aporntv.com/thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother
IP
Certificate IssuerLet's Encrypt
Subjectaporntv.com
Fingerprint12:C5:AA:F4:28:DA:FC:0D:26:EF:7E:DC:ED:3C:55:A1:34:24:B2:E6
ValidityTue, 22 Apr 2025 22:30:20 GMT - Mon, 21 Jul 2025 22:30:19 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/5/d/e/7/7/5de7700edce10Blonde%20Little%20sister%20suck%20cock%20forced%20in%20Brother HTTP/1.1
Host: thumb.aporntv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 23 May 2025 07:09:25 GMT
content-type: text/html
vary: Accept-Encoding
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E0M4Wb%2BzPyA5lSGVEWH81HOpzfpXZNMeW3qW52zP7CknkHA52SVMt48n8JDk5%2BDAArta688Qn138lBllf02OWvWTiAUo%2BHCY3uw8SV14uv6ha8j12oBd9Uwbq%2Bisf8yCqBZ6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba481ea6b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12375&min_rtt=3908&rtt_var=9232&sent=78&recv=114&lost=0&retrans=0&sent_bytes=7321&recv_bytes=6777&delivery_rate=162960&cwnd=12000&unsent_bytes=0&cid=e9d213d72f35022c&ts=4417&x=1", cfExtPri, cfHdrFlush;dur=0
GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1
200 OK 87 kB URL GET ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js?1
IP
Certificate IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT
File type JavaScript source, ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /ajax/libs/jquery/3.3.1/jquery.min.js?1 HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 May 2025 10:31:36 GMT
expires: Fri, 22 May 2026 10:31:36 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 74270
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET en.vidmo.pro/thumbs_320/f6/f7/f6f7c0c54a7dbcb15eb50e34fca21f24/14628190.jpg
200 OK 14 kB URL GET en.vidmo.pro/thumbs_320/f6/f7/f6f7c0c54a7dbcb15eb50e34fca21f24/14628190.jpg
IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Hash 92c4b14c2026fa79e17c73957e2f4647
1ee5b4dfd626e6e2db9ea256797b0eb7984f3d5f
c0039bc6cde8f42112b28de1cb00928a2745dfb957b7282c4de6f5f6be0a8e80
GET /thumbs_320/f6/f7/f6f7c0c54a7dbcb15eb50e34fca21f24/14628190.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 14368
last-modified: Wed, 01 Jun 2022 09:29:03 GMT
expires: Sun, 19 Jan 2025 23:58:05 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
200 OK 218 kB URL GET cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js
IP
Certificate IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT
File type JavaScript source, ASCII text, with very long lines (675)
Size 218 kB (218431 bytes)
Hash 95fc62c240fb20023d366c05128a9c08
f348775b567814c8c3c625c0eaab5656d63d0cfd
3e4c74e2499d6edcb6f8ac926a48dfc47495f960c4273ebe14361ba339e699ea
GET /npm/yandex-metrica-watch/watch.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 86333
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.374.0
x-jsd-version-type: version
etag: W/"3553f-KarMbZx4F64kCt6O7WD3z8ZVukM"
content-encoding: br
x-served-by: cache-fra-eddf8230153-FRA, cache-lga21921-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 14271
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxpqY9qpZ9iswve7xjjBGdcfKrtcQdqK0BZw9P%2Bu10KXiuXaNdaOjfxHAKbJF5HRWbSUUPGag7QhyERo3ih8bZyOF0z4oWqEIUOqsz2zXeIg3UqCSmPjMPfUMvNbRYtTimU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba3d3ba9712e-OSL
X-Firefox-Spdy: h2
GET 8zoonet.z00.monster/scj/thumbs/0/280_chinos.jpg
200 OK 15 kB URL GET 8zoonet.z00.monster/scj/thumbs/0/280_chinos.jpg
IP
Certificate IssuerLet's Encrypt
Subject8zoonet.z00.monster
Fingerprint64:1F:28:45:1D:49:C2:88:C3:CB:D7:CC:F7:6D:89:13:F7:DE:41:A9
ValidityMon, 07 Apr 2025 04:18:42 GMT - Sun, 06 Jul 2025 04:18:41 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3
Hash 2767f6073ec5f718d15f6bdd61b4d34a
a230e90c138c9ccf9c24f87b5b09090b6e8431ae
0b5ff0e11eb2f7882690a1746ffa62c2c2a8f8b4a560325dd4bfd01aa7d9318c
GET /scj/thumbs/0/280_chinos.jpg HTTP/1.1
Host: 8zoonet.z00.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 15042
last-modified: Thu, 02 Jul 2020 18:01:27 GMT
etag: "5efe20f7-3ac2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/8990989bcf76dfb6181c665c60836387.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET en.vidmo.pro/favicon.ico
200 OK 5.4 kB IP
Certificate IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Hash 6b6734885d5e4ff9dbb7d82ba6023598
3c454d68a346b375ed7b59a131699061e7393b1f
0f8e5edd4348eaa11881bf6150baf7b3182b1c3e29c6378e0e921afce7d91819
GET /favicon.ico HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:28 GMT
content-type: image/x-icon
content-length: 5430
last-modified: Sun, 14 Oct 2012 21:41:38 GMT
etag: "507b3192-1536"
cache-control: public, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2
GET rolotube.com/images/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/ HTTP/1.1
Host: rolotube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.hardvintage.com/favicon.ico
404 Not Found 0 B URL GET www.hardvintage.com/favicon.ico
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecthardvintage.com
Fingerprint66:81:65:5C:A8:33:A2:C6:84:9F:EB:75:BE:E5:3A:F7:EA:BE:8F:DA
ValiditySat, 05 Apr 2025 03:03:10 GMT - Fri, 04 Jul 2025 03:03:09 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.hardvintage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: openresty
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET i.porn112.com/i/8/660_-.jpg
200 OK 20 kB URL GET i.porn112.com/i/8/660_-.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjecti.porn112.com
Fingerprint3B:D8:8C:15:AA:ED:07:0A:FA:DD:11:4A:60:9A:9F:22:6A:DA:8C:5E
ValidityMon, 05 May 2025 02:33:58 GMT - Sun, 03 Aug 2025 02:33:57 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3
Hash f8aa8b4b453d2e2f9aedcc38dbb342c8
7bdc74fa453f14858008d6a4e0258aca4fbabc24
72ffc2431cbfad8a2e66f18a798fd78f998baed0d6005aa10a802e64e1ae8f02
GET /i/8/660_-.jpg HTTP/1.1
Host: i.porn112.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 20420
server: nginx/1.20.1
last-modified: Wed, 18 Nov 2020 16:48:56 GMT
etag: "5fb55078-4fc4"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET media.crazyshit.com/content/2020/12/d5167257.jpg
200 OK 165 kB URL GET media.crazyshit.com/content/2020/12/d5167257.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectmedia.crazyshit.com
Fingerprint75:EC:4E:74:4F:5C:73:FB:18:18:58:60:BF:13:60:98:B5:67:61:C7
ValidityMon, 31 Mar 2025 02:32:22 GMT - Sun, 29 Jun 2025 02:32:21 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 720x540, components 3
Size 165 kB (164923 bytes)
Hash 14bdcd5d57117a6a8d77c63dfbced7d8
aff2df6b04df19dda34df0f1550faaeb1b8c632f
4c97b1c28771f7db555d0d38846962116a53a74a3eb810c1735c4253cd8b41d8
GET /content/2020/12/d5167257.jpg HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 164923
server: nginx/1.26.0
x-object-meta-mtime: 1606866316.758370769
etag: 14bdcd5d57117a6a8d77c63dfbced7d8
last-modified: Mon, 05 Apr 2021 12:56:56 GMT
x-timestamp: 1617627415.09703
x-trans-id: tx888d53f2328f459b95ce3-0066d7329d
x-openstack-request-id: tx888d53f2328f459b95ce3-0066d7329d
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 25 May 2025 07:09:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/bf53c4fb8ff8a105338f7d1e09764b10.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET videosection.com/favicon.ico
404 Not Found 0 B URL GET videosection.com/favicon.ico
IP
ASN #49981 WorldStream B.V.
Certificate IssuerLet's Encrypt
Subjectvideosection.com
Fingerprint14:02:8D:97:67:F2:2D:BE:5E:FC:C1:C4:51:B7:40:EE:EF:A1:80:4D
ValiditySat, 05 Apr 2025 04:57:33 GMT - Fri, 04 Jul 2025 04:57:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: videosection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html; charset=utf-8
server-timing: mw.not-found;dur=0.002414,mw.redirects;dur=0.429738,mw.user-country;dur=0.001029,mw.language;dur=0.013124,mw.niche;dur=0.000882,mw.meta;dur=0.00102,mw.utm;dur=0.000646,mw.referer;dur=0.174451,mw.request-vars;dur=0.024231,mw.data-processing;dur=0.001722,process-request;dur=0.630156,process-request_render;dur=0.624539
x-envoy-upstream-service-time: 2
x-envoy-decorator-operation: itube-gw-web.master.svc.cluster.local:8282/*
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
X-Firefox-Spdy: h2
GET sorkab.com/wp-content/uploads/2022/01/0000687.jpg
200 OK 28 kB URL GET sorkab.com/wp-content/uploads/2022/01/0000687.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint7E:D6:71:6B:9C:36:1D:C7:90:8F:FA:A8:7A:9C:EB:16:BE:16:EF:C1
ValiditySun, 04 May 2025 04:23:18 GMT - Sat, 02 Aug 2025 05:21:58 GMT
File type JPEG image data, progressive, precision 8, 640x360, components 3
Hash 68f9b2cbb0d3103d4d1989cda4e8627b
66d12dd3416ab1a072b338e65b4b51a9dd284864
5b9bf36e0139f3dcee24339ce79b3bb4fe4b353c37038f44e86a49115b5a669c
GET /wp-content/uploads/2022/01/0000687.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 27618
cache-control: public, max-age=31536000
expires: Sat, 16 May 2026 18:44:31 GMT
last-modified: Wed, 02 Mar 2022 05:12:53 GMT
accept-ranges: bytes
server: cloudflare
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
age: 562952
cf-cache-status: HIT
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mF3eHczbm3hrAShTpsQnaAkrLNLhqQL4ayMDVLoUErWBhxDEr8XCx7ZIS1ZYkH254WfOFdJmUqHxZDyou6xUEiPXx9zqq3Oa"}]}
cf-ray: 9442ba1789e556a8-OSL
X-Firefox-Spdy: h2
GET img.caoliuzywimg.com:188/20230218/H2lKjcKj/1.jpg
504 Gateway Timeout 0 B URL GET img.caoliuzywimg.com:188/20230218/H2lKjcKj/1.jpg
IP
Certificate IssuerUnizeto Technologies S.A.
Subjectimg.caoliuzywimg.com
Fingerprint56:53:85:09:6F:47:70:4E:D7:DB:38:DD:2A:C6:FD:9D:67:28:2A:26
ValidityMon, 31 Mar 2025 17:06:06 GMT - Thu, 30 Apr 2026 17:06:05 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /20230218/H2lKjcKj/1.jpg HTTP/1.1
Host: img.caoliuzywimg.com:188
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 504 Gateway Timeout
X-Cache: MISS
Date: Fri, 23 May 2025 07:09:35 GMT
Content-Length: 450
Content-Type: text/html; charset=utf-8
GET avatars.mds.yandex.net/get-vthumb/761302/e5a2b1206e167339be6679204b73a20e/564x318_1
200 OK 13 kB URL GET avatars.mds.yandex.net/get-vthumb/761302/e5a2b1206e167339be6679204b73a20e/564x318_1
IP
Certificate IssuerGlobalSign nv-sa
Subject*.avatars.mds.yandex.net
FingerprintE6:CA:01:EF:27:C5:A7:B7:36:66:BC:E5:64:C2:63:12:FB:3C:8F:91
ValidityThu, 03 Apr 2025 14:25:03 GMT - Wed, 01 Oct 2025 20:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 469x318, Scaling: [none]x[none], YUV color, decoders should clamp
Hash e74f0e2cc1f5a29f7466736b2974eb00
88842ac024669a4afbdfbe6d36b98146e5326655
9c07fb61c6ede82d000d7aa2ca2250d92342f0037920ac14c1ae785fcb141328
GET /get-vthumb/761302/e5a2b1206e167339be6679204b73a20e/564x318_1 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/webp
content-length: 13304
last-modified: Thu, 07 Mar 2024 16:47:02 GMT
cache-control: max-age=604800,immutable
x-request-id: 14fb3f83c40195f1
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-11/5d5a030b5cb99bac68111cfce4b0a62e.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET cdn5-thumbs.motherlessmedia.com/thumbs/34D616B.jpg
200 OK 38 kB URL GET cdn5-thumbs.motherlessmedia.com/thumbs/34D616B.jpg
IP
ASN #43350 NForce Entertainment B.V.
Certificate IssuerGoGetSSL
Subject*.motherlessmedia.com
Fingerprint57:B3:92:20:5F:2C:FA:27:4E:CD:E5:6F:BC:3E:04:43:42:3A:93:E8
ValidityMon, 04 Nov 2024 00:00:00 GMT - Fri, 05 Dec 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3
Hash 3c0f0f37e7382a40e04eb30f1c2b48e0
9f6041a411d498c4fb5f7a3cdddb150842d04896
89601ef6a7201f95b531a58c2f0de9622147456e2bda283d17d8a0a868b7e026
GET /thumbs/34D616B.jpg HTTP/1.1
Host: cdn5-thumbs.motherlessmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
server: openresty/1.21.4.1
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/jpeg
content-length: 38549
vary: x-s-token
last-modified: Wed, 05 Aug 2020 05:08:42 GMT
etag: "9695-5ac1a5d991e43"
x-cache: HIT
x-whom: cdn05
accept-ranges: bytes
GET img.hgimg01.com/upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg
0 B URL GET img.hgimg01.com/upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20240123-1/04dbd638e225ad4a722567e10ce8c6fa.jpg HTTP/1.1
Host: img.hgimg01.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET www.9188porn.com/upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png
403 Forbidden 0 B URL GET www.9188porn.com/upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png
IP
Certificate IssuerGoogle Trust Services
Subject9188porn.com
Fingerprint15:E5:D1:A1:7B:24:5F:05:8B:35:38:8F:0C:03:1B:7B:C1:D9:0C:8E
ValidityWed, 09 Apr 2025 22:51:46 GMT - Tue, 08 Jul 2025 23:49:32 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upload/vod/20241010-10/d605042215403c46876f5ce450b1ed0a.png HTTP/1.1
Host: www.9188porn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 403 Forbidden
date: Fri, 23 May 2025 07:09:24 GMT
content-type: text/html; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YoJxoJjkVBi0wPuSlv2rTl5CxondWETDGj%2B2dl1a6xay2w03qqttLMOF2Sgp91UEida2jOMHrfGQl1sGVRol8hkoNvT4LK67JRxjs1Q1OsTo%2F%2BAlbENUaa3TdJquX8T38L97"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Fri, 23 May 2025 07:09:39 GMT
content-encoding: br
cf-ray: 9442ba45df3f0b4d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17539&min_rtt=5529&rtt_var=20537&sent=57&recv=79&lost=0&retrans=1&sent_bytes=6159&recv_bytes=5141&delivery_rate=337785&cwnd=12000&unsent_bytes=0&cid=a6c59b246bbc7dac&ts=7719&x=80"
GET sorkab.com/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint7E:D6:71:6B:9C:36:1D:C7:90:8F:FA:A8:7A:9C:EB:16:BE:16:EF:C1
ValiditySun, 04 May 2025 04:23:18 GMT - Sat, 02 Aug 2025 05:21:58 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 23 May 2025 07:09:28 GMT
content-type: text/html
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wsQmRqwTyZhnfz0CXUwlxpcghcPeU8R64n4fyZtiR7FxovppC%2Bd4wtjZVxskuQi2arWd%2Fji4MImjZtwfqBSa6pOUZffEzre%2BVkEM5l9g%2FJQ28iVFGrcVt318Ogak"}],"group":"cf-nel","max_age":604800}
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: BYPASS
content-encoding: br
cf-ray: 9442ba594f37568b-OSL
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=19417&min_rtt=3681&rtt_var=25192&sent=79&recv=103&lost=0&retrans=1&sent_bytes=7393&recv_bytes=6114&delivery_rate=560378&cwnd=12000&unsent_bytes=0&cid=e690a5c9adb6708a&ts=11080&x=80"
GET 8zoo.net/favicon.ico
404 Not Found 0 B IP
Certificate IssuerGoogle Trust Services
Subject8zoo.net
FingerprintD7:68:24:17:91:A4:68:19:CA:75:7C:D5:17:39:CE:B5:1A:3F:0A:2E
ValidityFri, 16 May 2025 21:21:50 GMT - Thu, 14 Aug 2025 22:20:17 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: 8zoo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
date: Fri, 23 May 2025 07:09:29 GMT
content-type: text/html
cf-ray: 9442ba646f0a5687-OSL
server: cloudflare
content-encoding: br
vary: Accept-Encoding
age: 155
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xq%2FWp0e7UNMiLiibG0W0zvPlLwxaZhGeRkWfevwVBG4WhdbZbtoMhNbvfOg74yg4FKU69ZjA%2FAVuBqH%2F%2BRExu2XriujJ185qigxsde%2B2i%2Fn2sX50EHj%2BbXvXbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1746&min_rtt=388&rtt_var=2671&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1058&delivery_rate=6906200&cwnd=241&unsent_bytes=0&cid=7c8fd8074ea80958&ts=982&x=0"
X-Firefox-Spdy: h2
GET xmaza.co/wp-content/uploads/2024/10/icon-150x150.png
200 OK 10 kB URL GET xmaza.co/wp-content/uploads/2024/10/icon-150x150.png
IP
Certificate IssuerGoogle Trust Services
Subjectxmaza.co
FingerprintAD:8A:D3:94:6A:9C:9F:A3:2D:36:A5:13:EB:74:98:AB:80:B7:AE:45
ValidityFri, 25 Apr 2025 08:33:21 GMT - Thu, 24 Jul 2025 09:31:49 GMT
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Hash 7164a51a21c84fac015a655b008ffeaf
87dbf079c0eaa6b9af72d2056fd8c0d086926cac
5c851888d793d8cff01771c695a20279b4366481e9f895d5f0c5951857ab87f7
GET /wp-content/uploads/2024/10/icon-150x150.png HTTP/1.1
Host: xmaza.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://young.av4us.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 23 May 2025 07:09:29 GMT
content-type: image/png
content-length: 10153
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XMlDblUxyRE0pZGBvGHV7jzxOljMqwlW34aLCwmiJJAkaeLwqZBVyQoVc6BgVxaklND%2BdycVN1aj4XV%2BRCXgb0KV83Lnz4lzv8OI6pN7yE2DKRo4W9dOXYuyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
expires: Tue, 29 Apr 2025 20:11:12 GMT
etag: "27a9-67221baa-d03f38;;;"
last-modified: Wed, 30 Oct 2024 11:42:34 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
age: 211999
cf-cache-status: HIT
cf-ray: 9442ba61cd9c56a8-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server-timing: cfL4;desc="?proto=QUIC&rtt=9746&min_rtt=1024&rtt_var=7548&sent=81&recv=118&lost=0&retrans=0&sent_bytes=8119&recv_bytes=7137&delivery_rate=214765&cwnd=12000&unsent_bytes=0&cid=acfcde79dc7b62b5&ts=7794&x=80"
GET sorkab.com/wp-content/uploads/2022/01/0000701.jpg
200 OK 34 kB URL GET sorkab.com/wp-content/uploads/2022/01/0000701.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint7E:D6:71:6B:9C:36:1D:C7:90:8F:FA:A8:7A:9C:EB:16:BE:16:EF:C1
ValiditySun, 04 May 2025 04:23:18 GMT - Sat, 02 Aug 2025 05:21:58 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Hash 241ecdba1cc9df80691f5037c8ac563b
3900625a5cb7c46cc7ca033438666d45d3641d17
429fd17d535348aa8a3ca145bb75820d742d343a04caea265d823b549e464225
GET /wp-content/uploads/2022/01/0000701.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:16 GMT
content-type: image/jpeg
content-length: 34049
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: public, max-age=31536000
expires: Sat, 21 Mar 2026 01:30:54 GMT
last-modified: Wed, 22 Feb 2023 10:04:09 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 4363584
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=NWil02txAH2s5SGFrvkNH6%2FXsyofRI8%2FV9RSQVKqW3UfaqXLnYB3LsosNAbJy2aZI3DBOMcntGNd0%2BcU5pw5YE2ITNhqb%2Fq7"}]}
cf-ray: 9442ba136db056a8-OSL
X-Firefox-Spdy: h2
GET media.crazyshit.com/content/2019/10/81d2ac7e.jpg
200 OK 289 kB URL GET media.crazyshit.com/content/2019/10/81d2ac7e.jpg
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerLet's Encrypt
Subjectmedia.crazyshit.com
Fingerprint75:EC:4E:74:4F:5C:73:FB:18:18:58:60:BF:13:60:98:B5:67:61:C7
ValidityMon, 31 Mar 2025 02:32:22 GMT - Sun, 29 Jun 2025 02:32:21 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 720x540, components 3
Size 289 kB (289408 bytes)
Hash 3ee7ada5842709eb0b9836d1aa2405ad
70cb5b22737412b82363e97ff625583b6f699b1b
1e3aa2b04693ce56fcf914ba6cf5e6e08a146c8c99b927990ebf9ddda7d296d2
GET /content/2019/10/81d2ac7e.jpg HTTP/1.1
Host: media.crazyshit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/jpeg
content-length: 289408
server: nginx/1.24.0
x-object-meta-mtime: 1570436017.625173948
etag: 3ee7ada5842709eb0b9836d1aa2405ad
last-modified: Mon, 05 Apr 2021 12:44:17 GMT
x-timestamp: 1617626656.94797
x-trans-id: tx00aa01c2cec7407ab212b-0065fdb551
x-openstack-request-id: tx00aa01c2cec7407ab212b-0065fdb551
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Sun, 25 May 2025 07:09:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET r34xyz.b-cdn.net/posts/357/357980/357980.preview.jpg
200 OK 75 kB URL GET r34xyz.b-cdn.net/posts/357/357980/357980.preview.jpg
IP
ASN #60068 Datacamp Limited
Certificate IssuerSectigo Limited
Subject*.b-cdn.net
FingerprintBD:3C:C1:59:4F:6B:71:11:98:74:F8:91:CF:28:05:2B:25:3D:C1:21
ValidityTue, 05 Nov 2024 00:00:00 GMT - Tue, 11 Nov 2025 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1050x600, components 3
Hash d9474019a173ea5011bf6217dcbb7cdb
e943cae7d209b300952d2e4144cc5dabf05bc6aa
8e650c752acbe7c89a53235e0b435ddcf0b2c7408a3e0799366bbed07b8bdbb4
GET /posts/357/357980/357980.preview.jpg HTTP/1.1
Host: r34xyz.b-cdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 75216
server: BunnyCDN-DE1-722
cdn-pullzone: 839427
cdn-uid: 66d6ad83-3f00-4738-b738-db341e02bfab
cdn-requestcountrycode: NO
cache-control: public, max-age=2592000
last-modified: Fri, 29 Dec 2023 17:54:42 GMT
cdn-storageserver: DE-663
cdn-fileserver: 502
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 08/12/2024 15:17:11
cdn-edgestorageid: 1075
cdn-requestid: 39080e90a4f077503f5a10536709fe93
cdn-cache: HIT
cdn-status: 200
cdn-requesttime: 1
accept-ranges: bytes
X-Firefox-Spdy: h2
GET www.kwai.com/favicon.ico
200 OK 17 kB IP
ASN #20940 Akamai International B.V.
Certificate IssuerGlobalSign nv-sa
Subject*.kwai.com
Fingerprint79:B4:47:59:A1:C1:88:DD:61:AE:E7:5A:8E:99:CB:D6:16:20:E9:CC
ValidityTue, 30 Jul 2024 09:22:23 GMT - Sun, 31 Aug 2025 09:22:22 GMT
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
Hash 321813c75370556d33e64ec8c26dea6d
73c6f171c693e0005e2f7aae020d9a6f7652d375
5a5b31e72fbb8a672841e5511ffd511fb571cae9028a5395fd00196da7cf6c4c
GET /favicon.ico HTTP/1.1
Host: www.kwai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/x-icon
content-length: 16958
last-modified: Fri, 23 May 2025 03:44:54 GMT
etag: "682fef36-423e"
content-security-policy-report-only: default-src 'self' 'unsafe-inline' 'unsafe-eval' *.mythad.com https://*.kwai-pro.com http://*.kwai-pro.com http://*.kwai.net https://*.kwai.net *.kwai.com *.snackvideo.in *.kwai.me *.kwai.app *.kwimgs.com *.yximgs.com *.cloudfront.net *.kuaishou.com https://*.gifshow.com http://*.gifshow.com https://log-sdk.ksapisrv.com https://www.googletagmanager.com https://gifshow-static.download.ks-cdn.com https://static3.avast.com https://translate.google.com https://www.gstatic.com https://fonts.gstatic.com https://connect.facebook.net www.google-analytics.com hm.baidu.com m.snackvideo.com http://*.ap4r.com https://*.ap4r.com https://*.typekit.net http://*.typekit.net ak-sgp-pic.snackvideo.in tx-sgp-pic.snackvideo.in ws-sgp-pic.snackvideo.in g-us-kampic.golden49.net g-us-kamcdn.golden49.net m.kwai.com sentry.kuaishou.com https://cdn.jsdelivr.net https://at.alicdn.com https://www.facebook.com https://snap.licdn.com https://px.ads.linkedin.com https://cdn.linkedin.oribi.io https://www.linkedin.com https://*.google.com https://*.google-analytics.com https://*.doubleclick.net asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;img-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;connect-src http: https: asset: data: blob: android-webview-video-poster: ikwai: chrome-extension:;report-uri https://csplog.kwai-pro.com/log/kwai/wwwkwai
accept-ranges: bytes
date: Fri, 23 May 2025 07:09:29 GMT
alt-svc: h3=":443"; ma=93600
X-Firefox-Spdy: h2
GET media.tubewankers.com/thumbs/5/a/0/7/3/5a04c4baa9eb0.mp4/5a04c4baa9eb0.mp4-3.jpg
200 OK 62 kB URL GET media.tubewankers.com/thumbs/5/a/0/7/3/5a04c4baa9eb0.mp4/5a04c4baa9eb0.mp4-3.jpg
IP
Certificate IssuerGoogle Trust Services
Subjecttubewankers.com
Fingerprint56:64:57:C5:52:6F:34:0F:E8:6B:20:AC:BA:A4:72:29:4B:41:C5:EC
ValiditySat, 17 May 2025 12:11:17 GMT - Fri, 15 Aug 2025 13:09:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=8], baseline, precision 8, 673x448, components 3
Hash 8b2972af34709abbb1d85b484d26ede5
c7bb3001d72752b3c7a2e6087a21b5622d50c393
e4991cfdad97d07fdddf3eccf3833a5318622d4088449fe6f053551018140d89
GET /thumbs/5/a/0/7/3/5a04c4baa9eb0.mp4/5a04c4baa9eb0.mp4-3.jpg HTTP/1.1
Host: media.tubewankers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:21 GMT
content-type: image/jpeg
content-length: 62512
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
last-modified: Tue, 14 Nov 2017 21:58:00 GMT
etag: "f430-55df87b06f7e3"
cache-control: max-age=31536000
expires: Thu, 21 May 2026 20:06:38 GMT
vary: User-Agent, accept-encoding
cf-cache-status: HIT
age: 124033
accept-ranges: bytes
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VXfkoMTeWBtp6ba97NpyTapKtv0i7UJGdgkNkmeUBblIcMRF4uCowW9h3dfe74KON8MKrAFXDBa0r%2FJaMSLzTmSlMs9Ma61UEzgMbvV9NZX7C0g%3D"}]}
cf-ray: 9442ba30f9fcb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET ds2.obmenvsemfiles.net/fo/files_attachments/45a/339/45a339e059c8ac93b2e7418bfa29808f.jpg
200 OK 31 kB URL GET ds2.obmenvsemfiles.net/fo/files_attachments/45a/339/45a339e059c8ac93b2e7418bfa29808f.jpg
IP
ASN #60781 LeaseWeb Netherlands B.V.
Certificate IssuerLet's Encrypt
Subjectds2.obmenvsemfiles.net
Fingerprint87:79:AC:85:11:1E:8F:94:53:32:7A:DF:0F:53:BC:9F:6C:55:9F:E9
ValidityMon, 05 May 2025 08:48:31 GMT - Sun, 03 Aug 2025 08:48:30 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x300, components 3
Hash 45a339e059c8ac93b2e7418bfa29808f
5f3c7aa2a296182e77a16a0d46fa80f1f1add9a1
f1736e03a69ace7fa0b222374b33cacb8eb16b6a4aefaef7d2c3ac1ebaf6d66a
GET /fo/files_attachments/45a/339/45a339e059c8ac93b2e7418bfa29808f.jpg HTTP/1.1
Host: ds2.obmenvsemfiles.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/jpeg
content-length: 31369
last-modified: Fri, 14 Jun 2024 03:03:06 GMT
etag: "666bb2ea-7a89"
accept-ranges: bytes
X-Firefox-Spdy: h2
GET i0.wp.com/666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg
200 OK 4.7 kB URL GET i0.wp.com/666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 543x420, Scaling: [none]x[none], YUV color, decoders should clamp
Hash cd903bc38c7636fddf017878e2b14699
c7fb2bd6f331774ff3439f0e283da618ccb770fc
82844564199f05596cae6cd3ab076d23f74448fe28639228a8f46bc829ae24a4
GET /666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:20 GMT
content-type: image/webp
content-length: 4652
last-modified: Wed, 22 Jan 2025 00:26:58 GMT
expires: Fri, 22 Jan 2027 12:26:58 GMT
cache-control: public, max-age=63115200
link: <http://666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "96e8627d7186426e"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET img.xvideosporno.blog/wp-content/uploads/48234170/cp-de-novinhas.jpg
200 OK 6.4 kB URL GET img.xvideosporno.blog/wp-content/uploads/48234170/cp-de-novinhas.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectxvideosporno.blog
FingerprintEA:9C:54:8F:C8:01:1D:B9:C4:8E:A1:40:FD:80:D0:98:46:6A:E4:56
ValidityTue, 20 May 2025 01:56:20 GMT - Mon, 18 Aug 2025 02:55:00 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 352x198, components 3
Hash 065d99ff83e36170db5af59f43e6464d
765537e62e751212e10f411bb0145452b7757517
078193a6df033ba25df82b76f12b5457a9d124fd36127dd0c24b0504a75081d9
GET /wp-content/uploads/48234170/cp-de-novinhas.jpg HTTP/1.1
Host: img.xvideosporno.blog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:22 GMT
content-type: image/jpeg
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
expires: Wed, 04 Jun 2025 21:10:05 GMT
cache-control: max-age=3531600
version: MS25042301
x-dns-prefetch-control: on
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-micro-cache: HIT
cf-cache-status: HIT
age: 2443149
last-modified: Fri, 25 Apr 2025 00:30:13 GMT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IjvjUasXlcmqOJgev7IHVopzJjxJxwt0%2BMktZ2%2FTSt1pN%2BqEuqnuHuGF8SavAfpn%2BAVaS9vX8%2FYCBiGQRgORXUnIORc1wOLb66jIla6kZA27FYA%3D"}]}
cf-ray: 9442ba39e9af1c12-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET jsjs.4jpg.top/index.php?js=very
200 OK 0 B URL GET jsjs.4jpg.top/index.php?js=very
IP
Certificate IssuerGoogle Trust Services
Subject4jpg.top
FingerprintBE:FB:D5:E3:D6:90:C9:AA:D7:5D:9F:CA:A4:3F:0E:6B:4A:62:A6:BC
ValidityThu, 24 Apr 2025 20:06:20 GMT - Wed, 23 Jul 2025 21:04:03 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:17 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
imghost: 1729614248-h-jsjs4jpgtopmh--NO-rm162158222117/index.php?js=very
56nloadrate: 1.1015625
cache-control: max-age=360000, private
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AHEuhtaLSHg52T6djoABWrLdFoeco9TjhaY%2BQ35OA7ucavOC64jdcGXUuoa58swal25LKlCGki%2F%2BXE8V9WEW%2FNd0q3%2FiOy%2F0Y6o2"}]}
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
cf-cache-status: BYPASS
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
cf-ray: 9442ba12bf66b500-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET erota2.com/files/thumbnail/c4/if/c4ifxs5utjumshuhdclw3rin.jpg
200 OK 7.8 kB URL GET erota2.com/files/thumbnail/c4/if/c4ifxs5utjumshuhdclw3rin.jpg
IP
Certificate IssuerGoogle Trust Services
Subjecterota2.com
Fingerprint29:9B:74:F9:9F:4A:F9:DF:C8:E0:22:E5:A6:30:BF:DA:82:92:97:23
ValidityFri, 02 May 2025 02:05:40 GMT - Thu, 31 Jul 2025 03:05:16 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x169, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 2d1e10851a5f675b542be6c072317580
fecffe4d64d63ed8846037253d6a15b6aa298797
1c3bf3ce9ed9ef61966d2ed11173d72edb31b029f0213bee86779e1250ac7614
GET /files/thumbnail/c4/if/c4ifxs5utjumshuhdclw3rin.jpg HTTP/1.1
Host: erota2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:19 GMT
content-type: image/webp
content-length: 7806
cache-control: max-age=2592000
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=11418
content-disposition: inline; filename="c4ifxs5utjumshuhdclw3rin.webp"
etag: "605c214e-2c9a"
last-modified: Thu, 25 Mar 2021 05:36:14 GMT
vary: Accept
cf-cache-status: HIT
age: 737896
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Te4pogQtraaRnt8OwMT3U0KE6QVNQEQ7GlmCvFg1gOcSs5jmDxvtwRigX54a8WT8o4695alQDFdDNYhzHxm5psS3MbX94HmVju1tjqf5YD2HY2nYxD9f%2BxzaXZU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 9442ba27cdd47128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=476&min_rtt=374&rtt_var=136&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3269&recv_bytes=1199&delivery_rate=7144736&cwnd=251&unsent_bytes=0&cid=003f88f3e87530b0&ts=2910&x=0"
X-Firefox-Spdy: h2
GET i0.wp.com/jpgjingpinx.com/upload/vod/20240504-1/0b7faafe0b063baefaa198065db59dea.jpg
200 OK 46 kB URL GET i0.wp.com/jpgjingpinx.com/upload/vod/20240504-1/0b7faafe0b063baefaa198065db59dea.jpg
IP
Certificate IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Hash 621ad6cd48b888b26d4be74971279dae
289f54d002024372eb73954f63eaee178613ac92
10ad65ca0c61c2c0a381c8ad08c4adb3514639b36a3ba5295bd4a0bea2ac3488
GET /jpgjingpinx.com/upload/vod/20240504-1/0b7faafe0b063baefaa198065db59dea.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Fri, 23 May 2025 07:09:17 GMT
content-type: image/webp
content-length: 45828
last-modified: Sat, 14 Dec 2024 06:44:20 GMT
expires: Mon, 14 Dec 2026 18:44:20 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240504-1/0b7faafe0b063baefaa198065db59dea.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "28521e19abf1d8cb"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
GET www.9188porn.xyz/upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png
0 B URL GET www.9188porn.xyz/upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /upload/vod/20241010-10/c242b8e4f3f014e9f72e148d12aadb48.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://young.av4us.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
GET mylen-handmade.ru/sexfilme24/wp-content/uploads/2018/01/%E0%B8%8A%E0%B8%AD1.jpg
200 OK 17 kB URL GET mylen-handmade.ru/sexfilme24/wp-content/uploads/2018/01/%E0%B8%8A%E0%B8%AD1.jpg
IP
Certificate IssuerGoogle Trust Services
Subjectmylen-handmade.ru
FingerprintCF:FD:5B:79:1A:0E:51:98:1E:E7:14:79:5E:43:9D:87:47:55:F2:F4
ValidityFri, 02 May 2025 04:55:17 GMT - Thu, 31 Jul 2025 05:54:04 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3
Hash 224d3f7fe8f08a5a3aa8c2d9360929bc
d2b3e87fb8e6750cd2d0714e9f26a561b020f142
3a483d2a510349fba6cd4e80700f028072472913f62a989e708165c456896cbb
GET /sexfilme24/wp-content/uploads/2018/01/%E0%B8%8A%E0%B8%AD1.jpg HTTP/1.1
Host: mylen-handmade.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 23 May 2025 07:09:23 GMT
content-type: image/jpg
content-length: 16876
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cache-control: max-age=14400
cf-cache-status: HIT
age: 8350
last-modified: Fri, 23 May 2025 04:50:13 GMT
accept-ranges: bytes
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=cdTuuAZYWh55uV0xSJUMeVJ%2FY9juWAc0WUVPpYK6KWm2gmVB93hq%2BpcnYmEZJZjUUvuF89m8ipWzlFfw%2FwqcesSYsNgRR%2BIy9J0Yf93x1g%3D%3D"}]}
cf-ray: 9442ba3b4b1156a4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.175.253
64.112.78.22
89.248.193.244
79.127.216.111
192.243.50.109
85.17.28.50
5.63.144.84
51.83.213.151
185.100.87.48
95.101.10.64
185.76.9.18
140.83.39.180
0.0.0.0