r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2258cd6b877a3aca8f4c84074e65ac4b
4e46c70941f8e497e8afc8d078644e7f81761a1c
faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4942
Expires: Mon, 16 Jan 2023 11:14:13 GMT
Date: Mon, 16 Jan 2023 09:51:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3063227f59d1935298b0620fa7919145
478e1d8bef04b1f95381cac01829c03b6779d420
619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11538
Expires: Mon, 16 Jan 2023 13:04:09 GMT
Date: Mon, 16 Jan 2023 09:51:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6036
Expires: Mon, 16 Jan 2023 11:32:27 GMT
Date: Mon, 16 Jan 2023 09:51:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 16 Jan 2023 09:49:09 GMT
content-type: application/json
age: 162
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: WQycZsT+auKs+haecvsGcFCdDUdC9kF5qkzL4s+Mgs6Yi/+QSTpRZ9xnuo0V14IU2+eYy1KPfFs=
x-amz-request-id: 7FEDNF83XKNCKJ1V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 16 Jan 2023 09:44:32 GMT
age: 439
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:52 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jp.co-vid.win/v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]
200 OK 7.8 kB URL HTTP/1.1 jp.co-vid.win/v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]
IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11519), with CRLF line terminators
Hash 5beba5aeade2b2e7bf3adf1555d55f66
5c49bfb0548286b2cc99e45f307954c6916cdc54
47ce149adf94fd7cd54b1184ecab7d185fa32d3a9e9fddd35dca2ac3bcd3db9a
GET /v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p] HTTP/1.1
Host: jp.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 16 Jan 2023 09:51:52 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-jp.co-vid.win127.0.0.1-myhost-jp.co-vid.win127.0.0.1/v/s://www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]
phost: jp.co-vid.win
line1066: notjp-jp-myhost-jp.co-vid.win-filteron-
pdo106: feedvid-, cachefileb-cacpdo1/05/e3/9fa462, lfm-1-57673, lmd-57673, lud-57673, xfvlen-2394225, fsize-842726, played-
pdophp-line408: -; cachetime- 466.51472159876; ctime- 20220807072049
line1403: yhkey-
line1514: method-5: ik-s:/|||/ww|||w.m|||oav|||.co|||m/v|||ide|||os/|||275|||97/|||b4f|||40a|||a06|||591|||329|||854|||eec|||329|||efd|||107|||7d|||s|||www|||moav|||com|||videos|||b|||f|||aa|||eec|||efd|||ds://www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d: vidlang-cn8456
line1528: method-5: ik-275|||97/|||b4f|||40a|||a06|||591|||329|||854|||eec|||329|||efd|||107|||7d|||s|||b|||f|||aa|||eec|||efd|||ds://www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d: vidlang-cn
pdoline1599: sarray-599cn8080
pdoline1662: notjp-jp: fvkwcnt-8456
pdoline1666: notjp-jp: fvkwcnt-599
pdo-line1950: $i-57$load-0.8971875
Cache-Control: max-age=107934, public
genre: genre=
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: MISS
Xkey-5950: jp.co-vid.win/v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]-B-jp.co-vid.win-jp.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: jp.co-vid.win/v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]-B-jp.co-vid.win--my_zone
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 16 Jan 2023 09:33:46 GMT
age: 1086
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1640
Cache-Control: max-age=171741
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:52 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 09:34:13 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ymrAmR0twCppW91zF3iRxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Adnh6EOi+GIB679TpbhCBMJ7/fk=
cacrip.nakadashi.pw/AV4.us.jpg
200 OK 8.7 kB URL HTTP/1.1 cacrip.nakadashi.pw/AV4.us.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3\012- data
Hash edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390
NIDS Severity Alert suricata low ET INFO HTTP Request to a *.pw domain
GET /AV4.us.jpg HTTP/1.1
Host: cacrip.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:52 GMT
Content-Type: image/jpeg
Content-Length: 8741
Connection: keep-alive
etag: "2225-5499bcea176c0"
access-control-allow-origin: *
cache-control: public, max-age=360000
x-proxy-cacher9: HIT
xkeyr9: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw-cacrip.nakadashi.pw-my_zone
x-proxy-cache-la2: HIT
xkey-la2: cacrip./AV4.us.jpg-A-cacrip.nakadashi.pw--my_zone
CF-Cache-Status: HIT
Age: 232138
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XL%2F7ZCJtcgWg17%2Bp33NEFtwgnpm0VGOYftk9%2BfjQO4nUG0V%2Fdf274MYGy13oGvfRddg6lqTckiEsUV5DoDhKBgiRx%2FaTKKYOFyuWOMQLbRYjb%2BiBw3AwTMV6oiH2AljXQj0eGDrF"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f483efbd06d1-LHR
alt-svc: h2=":443"; ma=60
cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
200 OK 4.0 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/nosleep/0.11.0/NoSleep.min.js
IP
File type ASCII text, with very long lines (10613)
Hash 9653b380e66b38af571efdafa5763f0d
835aa2c117b6b3156a3b439ec302ffa268466c55
3181b9ecf39cca87ae50e71c715a2accc9787ac8655edf1d0fc5195bd688b38f
GET /ajax/libs/nosleep/0.11.0/NoSleep.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 3953
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ed16b69-29bf"
last-modified: Fri, 29 May 2020 20:07:05 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 319720
expires: Sat, 06 Jan 2024 09:51:52 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNrp70iVD0U%2BeHFU0UMKqnSdGnmOaK%2FI%2FqKrywLRGSvS11m5Ch%2BgQceM3aOLgg3DY5T1JDovjrTe3eYyE9fM%2BvNXVnVuLx8pr0oT%2BD6KRfJiz5HN7uaJTC7tGUETa7Gd20KkF0xZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78a5f48409a90b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
jsjs.gazo.space/mycss/av4.css?3
200 OK 1.3 kB URL HTTP/1.1 jsjs.gazo.space/mycss/av4.css?3
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 55d39b2d0155f6d4ef3be034128f27bb
e21c9b2e878a57898ec2883cf334c057ecdb927c
6650b9e1cbcfe327a56bfefef2bec6ec0aa756ffa3d7ceb2e901dc828d42843d
GET /mycss/av4.css?3 HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:52 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"f05-5ef068d702bfd"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
Cache-Control: public, max-age=3600000
CF-Cache-Status: HIT
Age: 3241984
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8kcY%2BJ68F4etxKMEI7ArZFfdIj84w0Sr122W5BNqg1dpvslCRKijud5u3HDThS%2BZo9xvMtmMxigvBoRzcbUKe7C%2FccOBsKuMe9kDnSQq63VbwFIibNodZ1BCYjwq6YY3lAc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f48408af72f0-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jsjs.gazo.space/index.php?js=very
200 OK 67 kB URL HTTP/2 jsjs.gazo.space/index.php?js=very
IP
File type ASCII text, with no line terminators
Hash f4d948f8747087cb7a5695369340db7e
ca8c920bb71a933e6f9607467e988c1d6abb74de
8cbdafaa2188b8f5eb8c0772660ef4d9dc0a7b246fe41b70011a2dedc909dd41
GET /index.php?js=very HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:52 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--NO-rm2400cb003771024ac465b4b/index.php?js=very
55nloadrate: 0.459375
cache-control: max-age=360000, private
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxgnZbTq54eW7pUjBQcV2qNPcUNB00KktrcMq9S9eqiKRFEI8BAP7U8MsEu4pN5BsypIiSU3UFRbilvFJKJUjoOyNq7LXPWEYNg67F2yqeV2d2MueOQ%2F3PwOeoVsOOTMHeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f480ae648873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 13 Jan 2023 01:25:53 GMT
expires: Sat, 13 Jan 2024 01:25:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 289560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
Hash 3e9bc23b5ce8868ba63c07f4f1b10b75
a451534af786220cfe95ed9f2299291cddfbc927
7cb3e49cf2952f5ce8b02a2e633e7730ab48ac926b7ba215d4e48a7321fadf88
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:53 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6B322524A08B28D07C2C0D7C8F3785DF3D08A6A0"
Expires: Mon, 16 Jan 2023 20:00:00 GMT
Last-Modified: Mon, 16 Jan 2023 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3385
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f4846fd4b515-OSL
jsjs.gazo.space/index.php?js=av4&advertisement&
200 OK 81 kB URL HTTP/2 jsjs.gazo.space/index.php?js=av4&advertisement&
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (6448), with CRLF line terminators
Hash 4e2b095edd3ff456d818f8d9a83b1b53
316f95d074333e27c591a383e23dfe60c73e206b
02ad6e61314260868b35048eccad418790dc45d80fb31495d622ec02d73c2804
GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:52 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
access-control-allow-headers: Cake
imghost: 240026512804c008ad763d1c3-h-jsjsgazospacmh--IE-rm2400cb003771024ac465a9c/index.php?js=av4&advertisement&
55nloadrate: 0.645625
cache-control: public, max-age=7200, s-max-age=1800
vary: Accept-Encoding
cf-cache-status: HIT
age: 340
last-modified: Mon, 16 Jan 2023 09:46:12 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJh1FbC0bbOj2r0VhmYzwW9UXGkYSyLSGgn1q6MlBwFtWNL5r2o20%2FYUfTuFacyyz59QybCGlPzvvwwFZCJr%2BPEfVjPoCRf9pGRR3tULpE2P9luOXib%2B1q8%2FfgDV2IxMO0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f480ae738873-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash f3ee298482e8025b16b90899b84c98d1
ce5050ce27200b3408a8e5113adcc7a8d14b4796
4c3dd7d296e502765b2de450a4ecb5f8c872ed477b464b9913d2633125680ff0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a813a061a05c54b0097af9696d4bcb2e
6a7c9a8587f67a9202d2220c8ab12dd283df0e54
be4722747d6b02daf5e954e7fefc2e99ca522b243db0e4395282af48b381f939
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
200 OK 1.8 kB URL HTTP/1.1 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
File type ASCII text, with very long lines (4505)
Hash 62df3c3b9c50eb48c9bdf36e310babf2
1f69b85084ccd0348dcd55fba839be4f271a591d
883898451b3b4a6a893b54c87b71fe23df90be071936330b23eb2cd6c4f49274
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 Aug 2022 02:39:12 GMT
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
CF-Cache-Status: HIT
Age: 3283
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFN26q3%2F89c5w1Bao7s8iubvy9%2BFVzOLI%2BCDSyEFwinoIEuhqGDQhO8Ef%2BNI2PKQ1463tyyXKvnM2bXSsS%2Bzbr3O8D0fsqW5qt1wBD7k1I470WHLejoeNeZ3GZU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f4859d3fb4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
200 OK 278 B IP
Hash 4f57fdaa88588ec2957b3ddea7437e50
8fea93c83c9bbdfe21a1d0bcfe5af94c292394e2
5b483ffb4bd6d2ac3810a3bc5a59d71fbcf0640d1d8880352e68c09ffaebbac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:53 GMT
Last-Modified: Mon, 16 Jan 2023 08:47:58 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
ocsp.globalsign.com/gseccovsslca2018
200 OK 939 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP
Hash 7ad0a1d64c3a98e16375aae7cb9c9b59
e522be0fc1e399b26b1b4ea63208b9ea0a5696cb
d3a4872f456ae9e6fd90b66f9180ea2e8ee0bb854c3857562880316bd986a042
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 939
Connection: keep-alive
Expires: Fri, 20 Jan 2023 08:08:17 GMT
ETag: "e522be0fc1e399b26b1b4ea63208b9ea0a5696cb"
Last-Modified: Mon, 16 Jan 2023 08:08:18 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3414
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f48609d4b515-OSL
vjs.zencdn.net/7.8.2/video-js.css
200 OK 11 kB URL HTTP/2 vjs.zencdn.net/7.8.2/video-js.css
IP
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 8e0b9e4f5782827464baaa97ab90792a
25330bf40d7ad79648413156e6680a5c0de064b1
f26b66fc7b0a3f85500fe249594bfec05008ab32b33cd885a67fb588b6eb9ac5
GET /7.8.2/video-js.css HTTP/1.1
Host: vjs.zencdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 26 May 2020 21:39:05 GMT
etag: "9d2c20f32d2509c50bdcb9239fb9b62e"
cache-control: public, max-age=31536000
content-type: text/css; charset=utf-8
content-encoding: gzip
date: Mon, 16 Jan 2023 09:51:53 GMT
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 5214
vary: Accept-Encoding
access-control-allow-origin: *
timing-allow-origin: *
content-length: 10723
X-Firefox-Spdy: h2
mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1657614906214%3Ahid%3A881564037%3Az%3A0%3Ai%3A20230116095153%3Aet%3A1673862714%3Ac%3A1%3Arn%3A577980021%3Arqn%3A1%3Au%3A1673862714674502061%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C257%2C256%2C2%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673862712426%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673862714%3At%3A%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
302 Found 400 B URL HTTP/2 mc.yandex.ru/watch/48140495?wmode=7&page-url=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1657614906214%3Ahid%3A881564037%3Az%3A0%3Ai%3A20230116095153%3Aet%3A1673862714%3Ac%3A1%3Arn%3A577980021%3Arqn%3A1%3Au%3A1673862714674502061%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C257%2C256%2C2%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673862712426%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673862714%3At%3A%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP
File type JSON data\012- , ASCII text, with very long lines (400), with no line terminators
Hash eccd6019ee0f3c6bbbaac5fd7b5dbad0
b0f8bc24c394f5607ff569836d5e7c5c5b6670a3
fe20577464bf9ec193243fd13677526b00d2f9937d7185ccf5abb4190e829981
GET /watch/48140495?wmode=7&page-url=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1657614906214%3Ahid%3A881564037%3Az%3A0%3Ai%3A20230116095153%3Aet%3A1673862714%3Ac%3A1%3Arn%3A577980021%3Arqn%3A1%3Au%3A1673862714674502061%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C257%2C256%2C2%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673862712426%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673862714%3At%3A%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: /watch/48140495/1?wmode=7&page-url=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&charset=utf-8&browser-info=pv%3A1%3Avf%3Afppw4pdxetycw4cz2ehur%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A953%3Acn%3A1%3Adp%3A0%3Als%3A1657614906214%3Ahid%3A881564037%3Az%3A0%3Ai%3A20230116095153%3Aet%3A1673862714%3Ac%3A1%3Arn%3A577980021%3Arqn%3A1%3Au%3A1673862714674502061%3Aw%3A1280x939%3As%3A1280x1024x24%3Ask%3A1%3Ads%3A0%2C257%2C256%2C2%2C-4%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Ans%3A1673862712426%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-c6d7b47b2dcff33f80cab17f3a360d0b-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1673862714%3At%3A%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Mon, 16 Jan 2023 09:51:53 GMT
access-control-allow-origin: http://jp.co-vid.win
set-cookie: yabs-sid=266380011673862713; Path=/; SameSite=None; Secure
i=SRc5em0F3OL07qEbD0LGyFLpnthnhVQt82zQYYO3NeGc7Icyy8je4m/tWAqN84s6vjrbxUq3ca9o0OiEraDgJL3FQYM=; Expires=Thu, 13-Jan-2033 09:51:46 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=8506630501673862713; Expires=Tue, 16-Jan-2024 09:51:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=8506630501673862713; Expires=Tue, 16-Jan-2024 09:51:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1705398713.yc.1673862713#1705398713.yrts.1673862713#1705398713.yrtsi.1673862713; Expires=Tue, 16-Jan-2024 09:51:53 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Mon, 16-Jan-2023 09:51:53 GMT
last-modified: Mon, 16-Jan-2023 09:51:53 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
pornhubthailand.com/wp-content/uploads/2018/12/%E0%B9%863-1.jpg
200 OK 32 kB URL HTTP/2 pornhubthailand.com/wp-content/uploads/2018/12/%E0%B9%863-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 511x287, components 3\012- data
Hash ee2f53aa7d6a9f433c1d1adcac6eaa4e
ad848e0b4f24b0e48947b18809416c02787e3775
d50ef1ae050c8eb1457015ab58be767ab7dce56e54ce6337045d18334e5d00cf
GET /wp-content/uploads/2018/12/%E0%B9%863-1.jpg HTTP/1.1
Host: pornhubthailand.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: image/jpeg
content-length: 32158
last-modified: Fri, 06 Mar 2020 06:00:44 GMT
etag: "5e61e70c-7d9e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1924177
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8WbbwBqlhm3y4FKAR%2BkoIHDzpGg4x5oFEeqG5uu2yt3J5Dr38Rc5JAqZVUhrs6FxJ0YzI0E1sWbZ775uVkadlqcCDJn361khduQpjec%2B7bvPqDwZtL%2F9loIlZ3dXz5HeCORCTn5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f489b856b521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/19000/19736/preview.jpg
200 OK 83 kB URL HTTP/2 moav.com/contents/videos_screenshots/19000/19736/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1862x1080, components 3\012- data
Hash cc9bb40f6dbca04d8a06a1d303c9f134
5cd892f0e50d956ff58ca3b86103f29b56ad10df
0a515987dd588f91e59169f737dd62750ce039020b6b6fe14e81ef5eabd794c4
GET /contents/videos_screenshots/19000/19736/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: image/jpeg
content-length: 83413
last-modified: Mon, 28 Mar 2022 10:26:01 GMT
etag: "62418d39-145d5"
expires: Fri, 20 Jan 2023 13:52:06 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 2231987
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WwMoPtUd1ciRjXG%2BDZoSxbEYolUmwgTwUF64iaAIbnQ5IqH0SozyZNpqz4XM3oQsF8AVuUO3Us%2F6gjME8Cy%2FPYgE9Ah0Unc4ptbBrjfB9p7u5xtzNABoMaL7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f489a93f7725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash 3561a2514f6d2a4efe083d7b9b0e7c13
c74031895064b75b1edb87f64d8b1e27028bc417
d8e21955640add58fa2f38613b91230397ca43a2091fc096b9f9d5f667dfe3ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5442
Cache-Control: max-age=142062
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:53 GMT
Etag: "63c490e5-116"
Expires: Wed, 18 Jan 2023 01:19:35 GMT
Last-Modified: Sun, 15 Jan 2023 23:48:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
moav.com/contents/videos_screenshots/18000/18888/preview.jpg
200 OK 150 kB URL HTTP/2 moav.com/contents/videos_screenshots/18000/18888/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.14.100", baseline, precision 8, 1837x1080, components 3\012- data
Size 150 kB (149574 bytes)
Hash 1389f9a810adfd684e654ec8211dc7a9
35bf36be74fb8c355cf39c5c03f630774ef512ef
af7c6946b6bfb838c5e9dce49e43459bc56c54fe52d079688796ce4bd5869ff5
GET /contents/videos_screenshots/18000/18888/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: image/jpeg
content-length: 149574
last-modified: Sat, 26 Mar 2022 12:21:23 GMT
etag: "623f0543-24846"
expires: Wed, 01 Feb 2023 16:12:27 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1186766
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3CerHbeM2RzubdO7WJOu6%2BwGhSZe%2BWO%2FvBIOUT4kUqOKTlk70hGoXKnVP4ML%2FijXbkESdhaZo2dSs1vroQcDNhb%2FFug1BPWWhp7GlMGQlavwgyoUZlQ1yxo3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f489e9a27725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tinh69.com/wp-content/uploads/i/dua-ban-gai-vao-nha-nghi-de-kham-pha-lon.jpg
200 OK 32 kB URL HTTP/2 tinh69.com/wp-content/uploads/i/dua-ban-gai-vao-nha-nghi-de-kham-pha-lon.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 600x337, components 3\012- data
Hash 1e607c77bbfe61de245886d6b9364cbe
8cf787a65daf72c9a1dea9fcc23548887455b14f
865adaa29aae7ca03fd935df653b475693c05898e19073cbeb771eb5854ca2cd
GET /wp-content/uploads/i/dua-ban-gai-vao-nha-nghi-de-kham-pha-lon.jpg HTTP/1.1
Host: tinh69.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: image/jpeg
content-length: 31943
last-modified: Tue, 16 Mar 2021 15:24:58 GMT
etag: "6050cdca-7cc7"
expires: Tue, 07 Feb 2023 13:23:50 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
cf-cache-status: HIT
age: 678483
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6s3PtFV7xBOC2o%2BkL3h7hAxMap2PEmiLYq6UKB9jo47mo%2FTQJhWeqpGuCYgT2TReUH4uWfFXLdRd01bCY%2BybH%2FFuDPLD9LwdA%2FaVShCRHfB5ymhr5lnE59Xfyjiq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f48a2d910b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
moav.com/contents/videos_screenshots/5000/5653/preview.jpg
200 OK 204 kB URL HTTP/2 moav.com/contents/videos_screenshots/5000/5653/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc59.20.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 204 kB (203715 bytes)
Hash b7aede64f3aa30642a044d3630d35782
a05ade705a8294cde3132f722981fca7c1662fe4
c8457201ca6ee9bdc35cd2d39e4461e7dc07f639a4cc288603cce5b5d25a3ff6
GET /contents/videos_screenshots/5000/5653/preview.jpg HTTP/1.1
Host: moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: image/jpeg
content-length: 203715
last-modified: Mon, 07 Mar 2022 05:46:44 GMT
etag: "62259c44-31bc3"
expires: Fri, 10 Feb 2023 20:12:57 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 394736
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIGKMiPPi4r9bf1tblgyP8OF%2FhfTICjiExSe32CzWZSWmkcD9seSj59Eui0YRD%2F5gwiBlMcbdakXZFFOu%2FgPt4Ki1i9fJlruBLRbC%2BCd3%2F9O%2BdjBuvXRUlmOvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f489e9a77725-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash 4e64e93a59791af1e1618832d2edfff9
f3ef7123cb0a51a905548d9aa861776db5e61b9f
044bd40930896e90811b54f92e4b7a3d59eb11d4206f7563d1b293cb28914c73
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "044BD40930896E90811B54F92E4B7A3D59EB11D4206F7563D1B293CB28914C73"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2479
Expires: Mon, 16 Jan 2023 10:33:13 GMT
Date: Mon, 16 Jan 2023 09:51:54 GMT
Connection: keep-alive
jsjs.gazo.space/tagjpa.php?noself=1&url=av.hentaitube.win/tags/1
200 OK 18 kB URL HTTP/1.1 jsjs.gazo.space/tagjpa.php?noself=1&url=av.hentaitube.win/tags/1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash d9859efb42662d1aecab0e840e2e605d
24491179f8395d85a417b1f9912d40533d686dc5
87a0c520ec8737b6e09b03eff05aae5cbf7f547d98a4452a651f1164635a5cd4
GET /tagjpa.php?noself=1&url=av.hentaitube.win/tags/1 HTTP/1.1
Host: jsjs.gazo.space
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
8tagproxuri: /tagjpa.php?noself=1&url=av.hentaitube.win/tags/1
X-Frame-Options: ALLOWALL
cross-origin-resource-policy: cross-origin
Cache-Control: public, max-age=72000
671tagproxuri: /tagjpa.php?noself=1&url=av.hentaitube.win/tags/1
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cake
CF-Cache-Status: HIT
Age: 70835
Last-Modified: Sun, 15 Jan 2023 14:11:19 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BuGmcaLWt2RQEz3uq%2BBs2JcIhWImBPifd20TX5sg6CP86YQLafkViBbcqPks73%2B%2FS9V4qZ3NxQkaZfchie3PQ8OiwDevcFgrHYv7VKtw8mqKoOAWCG9B%2FO8wwEMWbccpjSs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f48a7f3972f0-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
lbfm.lbpictupian.com/upload/vod/2022/07-20/07/kfftu0ar2jx0720kfftu0ar2jx507203.jpg
200 OK 7.6 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/07-20/07/kfftu0ar2jx0720kfftu0ar2jx507203.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 818ac72bf7b604582c8c4eb5d2077e9c
d51e35295f205b00b2fe3354675bcbf6d36f6688
24b35ef81945521cde12389358064920450006326992c1b9b97d8e746f1961cb
GET /upload/vod/2022/07-20/07/kfftu0ar2jx0720kfftu0ar2jx507203.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: image/webp
content-length: 7602
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=9790
content-disposition: inline; filename="kfftu0ar2jx0720kfftu0ar2jx507203.webp"
etag: "62d73c52-263e"
last-modified: Tue, 19 Jul 2022 23:20:50 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 4745
accept-ranges: bytes
server: cloudflare
cf-ray: 78a5f48ab8c00b39-OSL
X-Firefox-Spdy: h2
jp.co-vid.win/7
200 OK 21 kB IP
ASN #26496 AS-26496-GO-DADDY-COM-LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (45768), with CRLF line terminators
Hash a174a71c201463fdd755b66ed4ddf563
c54573c0b0d889fe74da96239ea74ec789d612e0
135db2d144665872fe7d373fd34432d044720553d7ca1b2a4cc186bcbccbe0d8
GET /7 HTTP/1.1
Host: jp.co-vid.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/v/s:/www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d/title/%E9%95%B7%E7%9B%B8%E7%9A%84%E5%8F%AF%E6%84%9B%E7%9A%84%E5%A6%B9%E5%AD%90%EF%BC%8C%E7%B5%95%E7%BE%8E%E4%B8%80%E7%B7%9A%E5%A4%A9%E6%89%8B%E6%8C%87%E6%91%B3%E9%80%BC%EF%BC%8C%E4%BE%86%E5%9B%9E%E6%8A%BD%E6%8F%92%E8%87%AA%E6%85%B0%EF%BC%8C%E7%B5%A6%E7%94%B7%E5%8F%8B%E5%8F%A3%E4%BA%A4%E7%84%A1%E5%A5%97%E7%89%B9%E5%AF%AB%E7%88%86%E8%8D%89%E4%B8%80%E7%B7%9A%E5%A4%A9%20-%20MOAV.COM%20[24:54x270p]
Cookie: lctcfck=NO; _ym_uid=1673862714674502061; _ym_d=1673862714
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 16 Jan 2023 09:51:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Vary: Host,Accept-Encoding
pdo-line8: host-jp.co-vid.win127.0.0.1-myhost-jp.co-vid.win127.0.0.1/7
phost: jp.co-vid.win
line1066: notjp-jp-myhost-jp.co-vid.win-filteron-
line2430: notjp-/7-myhost-jp.co-vid.win-filteron-
line2504: jp
line2538: -jp
xline: 2594host-99002
Cache-Control: max-age=60, public
Content-Encoding: gzip
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: jp.co-vid.win/7--jp.co-vid.win-jp.co-vid.win-cacpdo0---yes
X-Proxy-Cache-g-jp: HIT
Xkey-g-jp2: jp.co-vid.win/7--jp.co-vid.win--my_zone
lbfm.lbpictupian.com/upload/vod/2022/08-21/12/0qbbtz5nl2t12020qbbtz5nl2t3219131.jpg
200 OK 7.7 kB URL HTTP/2 lbfm.lbpictupian.com/upload/vod/2022/08-21/12/0qbbtz5nl2t12020qbbtz5nl2t3219131.jpg
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 240x320, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae5b327ab3ef9eefaa67a319efd8e5e6
ada6326a7d98ed23d08acd8f90b76e6ef2deaf0d
06365681e81ce44fdc0acabf08165a60a5515de87bb0ffa29285e94bce1e6bd7
GET /upload/vod/2022/08-21/12/0qbbtz5nl2t12020qbbtz5nl2t3219131.jpg HTTP/1.1
Host: lbfm.lbpictupian.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: image/webp
content-length: 7708
cf-bgj: imgq:85,h2pri
cf-polished: qual=85, origFmt=jpeg, origSize=8926
content-disposition: inline; filename="0qbbtz5nl2t12020qbbtz5nl2t3219131.webp"
etag: "6301ae58-22de"
last-modified: Sun, 21 Aug 2022 04:02:32 GMT
vary: Accept
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1822
accept-ranges: bytes
server: cloudflare
cf-ray: 78a5f48b99c80b39-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 2d7e9eb97705cee9ef6c22a04f3e5530
68aded023a5aa4965b6ae6e8f5739d7593ca7127
75d0bee4d4c4fafbaa35afa1520124a8fe1a30e89841e5de88c4961f34d9165f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1620
Cache-Control: max-age=104418
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:54 GMT
Etag: "63c40cc8-117"
Expires: Tue, 17 Jan 2023 14:52:12 GMT
Last-Modified: Sun, 15 Jan 2023 14:25:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
javbukkake.com/movies/spermmania-158_linktera.jpg
200 OK 50 kB URL HTTP/2 javbukkake.com/movies/spermmania-158_linktera.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 960x540, components 3\012- data
Hash 9f392fe84dc90758ede51406f684534b
b4b2c87a6af13bd80f36aa73e2f6238042575c8d
c9ba16890c3750aaf04ecfe7163d031fb8835aabc0c0b09a53d7bd8ab656760e
GET /movies/spermmania-158_linktera.jpg HTTP/1.1
Host: javbukkake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: image/jpeg
content-length: 49694
last-modified: Mon, 04 Mar 2019 06:04:56 GMT
etag: "5c7cc008-c21e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 1321072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4CgmYccv%2FGhJEyWfFhYGys8a1CDbeVM%2BiFnuNz5hCci932sA7mC%2FT1Es6qPfroOLjnTq21nC%2BjQv0O9B5y381rmKnRBHB92xGiToIxqf%2Fnr9C5ShlOk8kkjAYkSnss2nCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78a5f48c2ab4b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thepervs.com/thumbs/32736.jpg
301 Moved Permanently 0 B URL HTTP/1.1 thepervs.com/thumbs/32736.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/32736.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 10:51:54 GMT
Location: https://thepervs.com/thumbs/32736.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uQbIZMoZ%2BBx3LKj8an2Ugc%2BQqltzVjjm2bs2RlkXNPyRI%2BCRqQNwd0hxSF6kQzxwE%2FiE7xrAhEf0GkEgGIIf%2F6DCWoyssRcbZfb2GaSdYwlCr5I0FdTPzWT1DprBqKE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f48c6a85b518-OSL
alt-svc: h2=":443"; ma=60
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:53 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
av.hentaitube.win/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
200 OK 655 B URL HTTP/1.1 av.hentaitube.win/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
IP
File type HTML document, ASCII text, with very long lines (1238)
Hash bc3ba461c8a309acf61b6d9c41cb6236
88482306ecc9258d5e9cbb9ba5314dab223a5db4
31331f1b1519882d2f2fb60367708fd56a7a1ec0bddd0554c635547179c7dc8f
GET /cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js HTTP/1.1
Host: av.hentaitube.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 10 Jan 2023 10:27:05 GMT
ETag: W/"63bd3d79-4d7"
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0EjI%2F65GGFN1aeih9xfGCQ5yTfG%2Bi%2FDy8dsJxToDUB2V4bme71sDWbVBUUMEfyUQSj%2BMHLcK0UUxPLJZYDp6ae3AviWEEbbk90W4yAeml5%2FqkXPjnnqHG0rMLv%2FGppJRK840Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f48c9c31753d-LHR
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Expires: Wed, 18 Jan 2023 09:51:54 GMT
Cache-Control: max-age=172800, public
Content-Encoding: gzip
static.thisav.com/images/videothumbs/112983-1.jpg
403 Forbidden 110 B URL HTTP/1.1 static.thisav.com/images/videothumbs/112983-1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash a91ee3cb35185cccc15e68e9c76c5441
59ae4770e2c926731d216c4aae03130d66fef18f
da14c9f38411534fa596d36202c22c26f146b9d814a1d4e52e7fad08c9a2dbce
GET /images/videothumbs/112983-1.jpg HTTP/1.1
Host: static.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 403 Forbidden
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: text/html
transfer-encoding: chunked
vary: Accept-Encoding
server: NginX
content-encoding: gzip
ocsp.digicert.com/
200 OK 278 B IP
Hash 3561a2514f6d2a4efe083d7b9b0e7c13
c74031895064b75b1edb87f64d8b1e27028bc417
d8e21955640add58fa2f38613b91230397ca43a2091fc096b9f9d5f667dfe3ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5443
Cache-Control: max-age=142062
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:54 GMT
Etag: "63c490e5-116"
Expires: Wed, 18 Jan 2023 01:19:36 GMT
Last-Modified: Sun, 15 Jan 2023 23:48:53 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
200 OK 2.4 kB URL HTTP/1.1 av.hentaitube.win//cacrip.nakadashi.pw/AV4.us.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1344), with CRLF, LF line terminators
Hash fa484157d11be435da31d79378293028
9eebf207fd893fda335c58c54b103e6298b52739
5b7d7db83ceb3719062e913fe8831ba4b96506f032aec6fed6d91387d07a7038
GET //cacrip.nakadashi.pw/AV4.us.jpg HTTP/1.1
Host: av.hentaitube.win
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.hentaitube.win127.0.0.1-myhost-av.hentaitube.win127.0.0.1//cacrip.nakadashi.pw/AV4.us.jpg
phost: av.hentaitube.win
line1066: notjp--myhost-av.hentaitube.win-filteron-
line2430: notjp-//cacrip.nakadashi.pw/AV4.us.jpg-myhost-av.hentaitube.win-filteron-
Cache-Control: public, max-age=780511798
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: EXPIRED
Xkey-5950: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win-av.hentaitube.win-cacpdo0---yes
X-Proxy-Cache-gla: HIT
Xkey-gla: av.//cacrip.nakadashi.pw/AV4.us.jpg-A-av.hentaitube.win--my_zone
CF-Cache-Status: HIT
Age: 2437121
Last-Modified: Mon, 19 Dec 2022 04:53:13 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVf2fDt%2FdCzY4F5%2FggtW5kC9GaGQ8hB2Z5IRBEEHkEJGY1o%2BbL4cziZut0UBRix5t4LrNf4xOicM4LJ2R1Ry0afCwmPq3snxZcSCjXIVruAMsCaUxyVg5OnOWltK2EovCWs3oA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a5f48eee7d753d-LHR
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img2.xiangbinjun.com/new/2020-02-19/Caribbeancompr_051017_003.jpg
200 OK 166 kB URL HTTP/1.1 img2.xiangbinjun.com/new/2020-02-19/Caribbeancompr_051017_003.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Size 166 kB (165530 bytes)
Hash 91a13aff7850ab16283391b6a6389da5
6ef80d0d8dbda917b1621bd076bb994e6624388e
2aec62fa1d01929fb302b37b3d1f192a27939451ca3f696a7c29a8fd6dac800a
GET /new/2020-02-19/Caribbeancompr_051017_003.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 165530
Connection: keep-alive
Server: X
Last-Modified: Fri, 06 Mar 2020 10:01:41 GMT
Accept-Ranges: bytes
Date: Mon, 16 Jan 2023 05:26:25 GMT
ETag: "5e621f85-2869a"
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 7v2WnbRnnxeO5CMkcBh5Opk2VxonPQd5xMa4bxx3XFVS5yB8P3-iGA==
Age: 28977
Vary: Accept-Encoding, Origin
img2.xiangbinjun.com/new/2019-12-10/Pacopacomama-110619_202.jpg
200 OK 120 kB URL HTTP/1.1 img2.xiangbinjun.com/new/2019-12-10/Pacopacomama-110619_202.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 960x540, components 3\012- data
Size 120 kB (119938 bytes)
Hash 669fc5649fdeabcbe311f8a025700205
92eacaace2798cec30daacb3ce5dd4520e3c33df
6f31335c67416ea4aa8b1baf6e3b4c3ca5f3c7e65729145670c871f60f708ca8
GET /new/2019-12-10/Pacopacomama-110619_202.jpg HTTP/1.1
Host: img2.xiangbinjun.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 119938
Connection: keep-alive
Server: X
Last-Modified: Sat, 23 Nov 2019 07:43:56 GMT
Accept-Ranges: bytes
Date: Sun, 15 Jan 2023 11:17:08 GMT
ETag: "5dd8e33c-1d482"
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: _zpFYvS8HHAfi1FvL9-GiDMJFrEX94plYUHuudJhgJB_8A3T17Fe-Q==
Age: 81286
Vary: Accept-Encoding, Origin
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash db4f4bea1963672982bee8c09be382ba
5f7520785c2bed3ed017d89622544df6f6d7a139
281bd317f9084cb0cded16df24c9fbab2148d53b72f6ed4e335dd5c12c2a9416
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 09:51:54 GMT
Last-Modified: Mon, 16 Jan 2023 09:12:15 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _jJ2Eyv69du70GVx2zvWGJAN0snRmDH7upR7MhQ68sI7OommeKYBTw==
Age: 2379
pics.r18.com/digital/video/h_094ktds00924/h_094ktds00924jp-1.jpg
200 OK 54 kB URL HTTP/2 pics.r18.com/digital/video/h_094ktds00924/h_094ktds00924jp-1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash a22d9031ef53d86dd6eb579b5da5011e
095ea772f0ed02dc9f91047b572890a2f357865f
7d05114b55115a0ea51213cbd81578f9ae2e0c861d2b7c75cbdf130a82d9da1f
GET /digital/video/h_094ktds00924/h_094ktds00924jp-1.jpg HTTP/1.1
Host: pics.r18.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54481
server: openresty
last-modified: Mon, 21 Nov 2016 07:04:10 GMT
x-pics-origin: digital-master
x-cache-status: HIT
accept-ranges: bytes
date: Sat, 07 Jan 2023 13:36:22 GMT
etag: "58329c6a-d4d1"
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ioKUfxgi1RLiakWQNw4XgCA-ay6jEH-y5l7RBLYd6NhZHPY5kM6-Ww==
age: 764132
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 718f146ceb8e7a98316afcf47fb3e942
7dae05172d883766ed90fa10213a73705cc19a67
0908f37cb95c4979a1b3cc6c85d434eb47166f1c3c52b88f3396afd422209981
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0908F37CB95C4979A1B3CC6C85D434EB47166F1C3C52B88F3396AFD422209981"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3707
Expires: Mon, 16 Jan 2023 10:53:41 GMT
Date: Mon, 16 Jan 2023 09:51:54 GMT
Connection: keep-alive
sorkab.com/wp-content/uploads/2022/03/0001225.jpg
200 OK 37 kB URL HTTP/2 sorkab.com/wp-content/uploads/2022/03/0001225.jpg
IP
File type JPEG image data, progressive, precision 8, 640x360, components 3\012- data
Hash d0edb0dfe14f547fb786664178fbc223
18f80319d36e33a677984329c3e61b589a4f93c9
8f089ed2c9ac155e011b1586d3dfa47648396d339f93e68fbaa4d0b82328bf4d
GET /wp-content/uploads/2022/03/0001225.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: image/jpeg
content-length: 37029
cache-control: public, max-age=31557600
expires: Wed, 08 Nov 2023 10:49:17 GMT
last-modified: Wed, 23 Mar 2022 22:37:19 GMT
vary: User-Agent, Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 292203
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAACO8NRcP%2FTAZOFqcmaBSiULNRsuBarSbOVBsFtTjc6prq0GM5NcaKmA%2Bwv54lfrUzwSLWgu8KqvQ%2BDJxryfFErWHu8Jg2iYdoOuGOY7Ra7Lo5ZWJ6Kr%2BYfHYpf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4905e647692-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 7050e95be55b97906d410be96a771be3
ebb4b4b2c6a2841015599cd635bba33c336d6498
58f37429518826e80a421df29a8be126d8753bda1c4dd0eb2c09e85bfb140581
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=891
Date: Mon, 16 Jan 2023 09:51:54 GMT
Connection: keep-alive
X-N: S
cdne-pics.youjizz.com/4/1/f/41f9019931e055e3f1997c53f76f31431637751725-1920-1080-2596-h264.mp4-9.jpg
200 OK 26 kB URL HTTP/1.1 cdne-pics.youjizz.com/4/1/f/41f9019931e055e3f1997c53f76f31431637751725-1920-1080-2596-h264.mp4-9.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 308x232, components 3\012- data
Hash 78f6fc15b368dd610c975c539ebcf1f3
c182aafa66fff8864bceec25c331813d40317677
5bba5072afd2d1e1f92b75e070eb675ec5968daf4b9c9f879c0151b3dfc7f963
GET /4/1/f/41f9019931e055e3f1997c53f76f31431637751725-1920-1080-2596-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: image/jpeg
Content-Length: 26028
last-modified: Wed, 24 Nov 2021 11:09:48 GMT
etag: "65ac-5d186e5707c73"
cache-control: max-age=86401
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-6141-2-36348-h-0-0---;7619-23-14850----0-0-0
cdne-pics.youjizz.com/d/d/e/dde2a3531a7556f5ffb92041385b95621618486203-1280-720-1975-h264.mp4-9.jpg
200 OK 20 kB URL HTTP/1.1 cdne-pics.youjizz.com/d/d/e/dde2a3531a7556f5ffb92041385b95621618486203-1280-720-1975-h264.mp4-9.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 308x232, components 3\012- data
Hash 025cd99c4567fc7b5d09d84cc24ecacb
189b03e1d29b56fa767360a39fd7461a79277f59
12210299c58ab6174faef4527182832df287872e4a4d1255bab4bd0a840c9644
GET /d/d/e/dde2a3531a7556f5ffb92041385b95621618486203-1280-720-1975-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: image/jpeg
Content-Length: 20234
last-modified: Thu, 15 Apr 2021 11:49:06 GMT
etag: "4f0a-5c001735869b6"
cache-control: max-age=86401
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-7619-3-50841-h-0-0---;7619-23-14850----0-0-0
cdne-pics.youjizz.com/f/5/4/f5470e16a80cee6cb22b67343e2b72191646382844-1920-1080-3324-h264.mp4-9.jpg
200 OK 13 kB URL HTTP/1.1 cdne-pics.youjizz.com/f/5/4/f5470e16a80cee6cb22b67343e2b72191646382844-1920-1080-3324-h264.mp4-9.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, orientation=upper-left], baseline, precision 8, 308x232, components 3\012- data
Hash 5df700df6fbdb309aecdcf158054e32d
59af1dc62777fef9513a2d3cd292e1885c5fdb32
886607ea2691c43f78b0b95360b8123864f2e03e453de716c8215a1a1a791711
GET /f/5/4/f5470e16a80cee6cb22b67343e2b72191646382844-1920-1080-3324-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 13166
last-modified: Fri, 04 Mar 2022 08:45:58 GMT
etag: "336e-5d9608b23dca1"
expires: Fri, 04 Nov 2022 16:14:23 GMT
cache-control: max-age=10791213
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
Accept-Ranges: bytes
x-cdn-diag: ams5-6139-1-3306-h-0-0---;7619-24-14850----0-0-0
www.aipa563.com/uploads/2019/06/14/200GANA-2084.jpg
200 OK 82 kB URL HTTP/1.1 www.aipa563.com/uploads/2019/06/14/200GANA-2084.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 840x472, components 3\012- data
Hash e0472e003a0ef392219c62640b6f0b37
72d9a7f020240eff7eb4f0feb6a86c2db1943272
d846bf78b854c4abfad89ed405234c4526c429b993db0b71cb4e381746e8caa9
GET /uploads/2019/06/14/200GANA-2084.jpg HTTP/1.1
Host: www.aipa563.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 82451
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 02:41:33 GMT
ETag: "14213-5d819966cc332"
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 225778
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htKs0DLAWf25EGynmdgsFV3do7kFAx2hQjGpSbUExQP8ktFJA7Ns0BDPargx%2BMu2qZ9yW8sAcsMlLGsW4u6SQrXL73GCSlMG3s1CN7HOa6kOEHr6u2OUUsT1%2FT5pILgaJDQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f490feb71bfe-OSL
alt-svc: h2=":443"; ma=60
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash eeb7e21f0630401cc152666158cfc0f2
43bb67cac3704921f13fac0f9ba25e331f62bf1a
98db6a410f69591143bff327eb0ace7370c9cb71223c67870428e4cd6fa1b491
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=895
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
www.91bjav.com/contents/videos_screenshots/78000/78342/preview.jpg
200 OK 44 kB URL HTTP/2 www.91bjav.com/contents/videos_screenshots/78000/78342/preview.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 873x872, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 872x480, components 3\012- data
Hash 88721464dc0eda1457fd1a171e6be93a
4bc5704b0ec9d2f884406a139570d09223c46afc
139ad959a2417e3bf59f6c6ea3a88d07b5397476773ab98cef6427b292a07d0d
GET /contents/videos_screenshots/78000/78342/preview.jpg HTTP/1.1
Host: www.91bjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 43481
last-modified: Mon, 24 May 2021 13:20:43 GMT
etag: "60aba82b-a9d9"
expires: Sat, 04 Feb 2023 02:23:06 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 977329
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ABdyTkoeBkmPeJn8whsMKLU4lTzOXgbaah8NHKNzDX0OjKxQtQNQnin5Kmln%2BWZdU9dO21YVa0N0Q4snnEFkby4CNxOxdWQzRa7yqXE3Qxy8vlDud3sqJLrSmz2ihkxGVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4916db80b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
302 Found 0 B URL HTTP/1.1 av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 302 Found
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
Cache-Control: public, max-age=36000000
Location: https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
Access-Control-Allow-Origin: *
X-Proxy-Cache-5950: HIT
Xkey-5950: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster-av.dmm.monster-cacpdo0---yes
X-Proxy-Cache-gjp: HIT
Xkey-g-jp: av.dmm.monster/poster/https://ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg--av.dmm.monster--my_zone
CF-Cache-Status: HIT
Age: 5419925
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WTaUpd%2FitOfQ9YPjyVnEHq%2FohFCO1D9hJeNqyUVuN2FHbrk99yYNvg8RlM1lyjmIDy2zPhb2kM1iyhamaOxRu4b3F5nHkEnTTeDy2TFEBlnMRkD8FQz%2BYRRyRJvLoNp7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78a5f49198230afa-OSL
alt-svc: h2=":443"; ma=60
thepervs.com/thumbs/32264.jpg
301 Moved Permanently 0 B URL HTTP/1.1 thepervs.com/thumbs/32264.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbs/32264.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 10:51:55 GMT
Location: https://thepervs.com/thumbs/32264.jpg
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=198QV9uoKSPbFLuwIz6DJXZGEpWeVnSeSZV3z4EfSnoanBimGHWEpUSJtpoatjZA2LCvUcduQryq%2BLkKegxt9f4fzpFz1GcZVoXA%2F%2FGa5yxZfETyMvUn%2F8G0iqMzaTs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f491a946b518-OSL
alt-svc: h2=":443"; ma=60
str13.sextvx.com/9/6/9/0/5/969055/screenshots_240x180/3-anasis-yayaya.jpg
200 OK 13 kB URL HTTP/1.1 str13.sextvx.com/9/6/9/0/5/969055/screenshots_240x180/3-anasis-yayaya.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x190, components 3\012- data
Hash 985ea571832d4cdd75a5e907a0f27176
1a1b4ae032e93ac37075bf95eaff5fd12898b198
9f9448a7cbadab689b0ab9eadcbbba2dfab01b06c69171223f7dd20c5f064b96
GET /9/6/9/0/5/969055/screenshots_240x180/3-anasis-yayaya.jpg HTTP/1.1
Host: str13.sextvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 12979
Last-Modified: Sun, 05 Jul 2020 21:06:05 GMT
Connection: keep-alive
ETag: "5f0240bd-32b3"
Expires: Thu, 16 Feb 2023 09:51:55 GMT
Cache-Control: max-age=2678400
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: ALLOW-FROM *.sextvx.com
Content-Security-Policy: frame-ancestors *.sextvx.com
X-Content-Type-Options: nosniff
Server-Available: 1
Accept-Ranges: bytes
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:54 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash acd765d299089413c5c7c7d47c4e5391
bcaef280445e875682aa7db99bb009d94f7c3ab6
9fb8e8c8faeec6aee263a0ccbc76b6ebfe297952d9720746d64bc719bef3990d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
mc.yandex.ru/metrika/advert.gif
200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Mon, 16 Jan 2023 09:51:55 GMT
access-control-allow-origin: *
etag: "63bfb9f8-2b"
expires: Mon, 16 Jan 2023 10:51:55 GMT
accept-ranges: bytes
last-modified: Thu, 12 Jan 2023 10:42:48 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
cdn3.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg
200 OK 19 kB URL HTTP/2 cdn3.pornking.fun/picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 320x180, components 3\012- data
Hash eb3327a7bd449534d69ec7ff5f3fdf20
008567c05714e5dca376e2996e70577b754dce49
ce3ed81fd1d2485450fb54a43cea3eec3c279a8fb3c0b530a3d5fb109b7ed823
GET /picture/original/nUE0pUZ6Yl9cLl1_qP1foF5-nTAxov5wo_0iLF9MI1S3JxEWq056HzkBERxmJxqXn1y6HGEnnyceGwWXnx1RL3qMrzpmG1EEY3ZbqmbmZwNfnQbkBQNcYTcjMJpiZQN1Ymp3Zv8lZwLiqwViZmVjrQR-ZP-lZGDhnaOaXFfbXSOipz5YnJ5aYzM1ovysZmVjrQR-ZP0lZGDhnaOa/(PornKing.fun)_schulmadchen-report-5-1973.jpg HTTP/1.1
Host: cdn3.pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 18742
accept-ranges: bytes
last-modified: Mon, 16 Jan 2023 09:51:55 GMT
cache-control: max-age=8640000
expires: Wed, 26 Apr 2023 09:51:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
hifiporn.fun/xxx/5/6ph-xoey-jk/playsinline
301 Moved Permanently 162 B URL HTTP/2 hifiporn.fun/xxx/5/6ph-xoey-jk/playsinline
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /xxx/5/6ph-xoey-jk/playsinline HTTP/1.1
Host: hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: text/html
content-length: 162
location: https://hifiporn.co/xxx/5/6ph-xoey-jk/playsinline
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
spermatv.net/contents/videos_screenshots/0/87/preview.jpg
200 OK 9.0 kB URL HTTP/1.1 spermatv.net/contents/videos_screenshots/0/87/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Hash ceac8af33d48a2b73602523b5c725fe5
755740c3a7d9784aa16f68d73a5fd71bcdf84580
8d3e071121ae0665ec4683d05959f560e1a3ae75523ee0104ed2857d17d4afb6
GET /contents/videos_screenshots/0/87/preview.jpg HTTP/1.1
Host: spermatv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 9033
Last-Modified: Thu, 28 Jan 2021 09:39:02 GMT
Connection: keep-alive
ETag: "60128636-2349"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
pic.lbtp88.com/upload/vod/2020/04-14/06/dqyk2hehj0c0605dqyk2hehj0c033794.jpg
404 Not Found 505 B URL HTTP/1.1 pic.lbtp88.com/upload/vod/2020/04-14/06/dqyk2hehj0c0605dqyk2hehj0c033794.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f554227f9c9dd6d6acc625bede0d537e
9bc18a5f0f35164189bf5cfcfca2aa2bc60ddc60
34d76ad76c83adf293ce2900b18c73d4eb9260d6227852633d8ab976bacbdee4
GET /upload/vod/2020/04-14/06/dqyk2hehj0c0605dqyk2hehj0c033794.jpg HTTP/1.1
Host: pic.lbtp88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Mon, 16 Jan 2023 17:50:31 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 505
Connection: keep-alive
ETag: "5e846a5d-1f9"
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d595511e396aba61931239daef7039f
6979e8ecd5cfdf15c3d8a6589612ec6fa8666167
ebda48b59329119f333bdcebf1f8869aa0c6be9af2afeb08eb6e0791099f3220
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBDA48B59329119F333BDCEBF1F8869AA0C6BE9AF2AFEB08EB6E0791099F3220"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4727
Expires: Mon, 16 Jan 2023 11:10:42 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
m.pornhd.vip/javtube/tokyohot/ai.wakana/n0747_ai_wakana_ew/5.jpg
200 OK 49 kB URL HTTP/2 m.pornhd.vip/javtube/tokyohot/ai.wakana/n0747_ai_wakana_ew/5.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 700x393, components 3\012- data
Hash 3f10af503d7a7c094b6b7107e40d09d4
ad53e3133f75ea30bb1dc14227acc0db76977023
a84a8ea7d98befa70e4273945ff354d5cf113cfd6bbaeb9c7f476d4ddf2ec8b9
GET /javtube/tokyohot/ai.wakana/n0747_ai_wakana_ew/5.jpg HTTP/1.1
Host: m.pornhd.vip
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 48922
last-modified: Wed, 06 Jun 2012 15:43:34 GMT
etag: "4fcf7aa6-bf1a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 7050e95be55b97906d410be96a771be3
ebb4b4b2c6a2841015599cd635bba33c336d6498
58f37429518826e80a421df29a8be126d8753bda1c4dd0eb2c09e85bfb140581
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=890
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
ocsp.digicert.com/
200 OK 279 B IP
Hash 2d7e9eb97705cee9ef6c22a04f3e5530
68aded023a5aa4965b6ae6e8f5739d7593ca7127
75d0bee4d4c4fafbaa35afa1520124a8fe1a30e89841e5de88c4961f34d9165f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1621
Cache-Control: max-age=104418
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:55 GMT
Etag: "63c40cc8-117"
Expires: Tue, 17 Jan 2023 14:52:13 GMT
Last-Modified: Sun, 15 Jan 2023 14:25:12 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash acd765d299089413c5c7c7d47c4e5391
bcaef280445e875682aa7db99bb009d94f7c3ab6
9fb8e8c8faeec6aee263a0ccbc76b6ebfe297952d9720746d64bc719bef3990d
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
cdn.hotscope.tv/files/thumbnail/Qr3nLbBNY.jpg
200 OK 6.6 kB URL HTTP/1.1 cdn.hotscope.tv/files/thumbnail/Qr3nLbBNY.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 375x374, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 270x375, components 3\012- data
Hash 2ea3a5f425561deee6350f5ff063754e
3d91224aa578c0e5257dbce3e3fec5ce3ff80524
dfe1681ee7b7df6213034f17ab238c90b05e93cc04c6f35d3d00a3a491789713
GET /files/thumbnail/Qr3nLbBNY.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 6556
Last-Modified: Tue, 13 Apr 2021 11:36:05 GMT
Connection: keep-alive
ETag: "60758225-199c"
Expires: Tue, 16 Jan 2024 09:51:55 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
subo228.com/20230113/g834Rn2g/1.jpg
200 OK 39 kB URL HTTP/1.1 subo228.com/20230113/g834Rn2g/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x239, components 3\012- data
Hash 17c50643686549490bbbd197e0a56ff3
6a3b0636ef906822733a92a60323b619d4c222a9
e68ae4f02c295f1526555ad17ee9e8a2dffc331d14cc09422a0a8f55db1ef65d
GET /20230113/g834Rn2g/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 38576
Last-Modified: Sat, 14 Jan 2023 05:03:50 GMT
Connection: keep-alive
ETag: "63c237b6-96b0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash cda005cfe3f94a73cf3fa985fc62ec1e
77ef009d6baf9388208f1c37f9c6718838388968
92556d9169d9df0f6348a54898aab2a83023203f7f6be001402ca3b6c1606400
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92556D9169D9DF0F6348A54898AAB2A83023203F7F6BE001402CA3B6C1606400"
Last-Modified: Sun, 15 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3859
Expires: Mon, 16 Jan 2023 10:56:14 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
91rb.net/contents/videos_screenshots/81000/81978/preview.jpg
200 OK 105 kB URL HTTP/2 91rb.net/contents/videos_screenshots/81000/81978/preview.jpg
IP
File type JPEG image data, baseline, precision 8, 1280x720, components 3\012- data
Size 105 kB (105439 bytes)
Hash e84754553a7e5fbef887748bf092ce26
d5a7c4e3a50b5ef4f0dfbdf444361ffe5570cfcb
b8e0350417959b016e3965bd08652a3be7f6aebd6680e5f59d1bb0bf2d9b88a8
GET /contents/videos_screenshots/81000/81978/preview.jpg HTTP/1.1
Host: 91rb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 105439
last-modified: Wed, 14 Jul 2021 12:44:09 GMT
etag: "60eedc19-19bdf"
expires: Wed, 08 Feb 2023 04:50:12 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 622903
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=du8RXOSehhrz2xaRw2eiERybfgem2wkN7qHkIIv2FJX2syRdIzL3qhyfZuMULtC1Ndlli%2BJQcloADfOhfVbSQsxOqmMDqRjyiEJf71DLGYyvzt2zKNVlg4nR%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f492fd9db52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
248avporn.com/wp-content/uploads/2019/03/6.jpg
200 OK 13 kB URL HTTP/2 248avporn.com/wp-content/uploads/2019/03/6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x240, components 3\012- data
Hash 7143bdfc9f6a0f56efd192be1e17b5fc
5f59f1333bf494eda0626acdccc7f4a613c8cc18
30010cffb81f2b9879464056f59c747747f9e2dafa750972ad5151606b2f5c98
GET /wp-content/uploads/2019/03/6.jpg HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 12585
last-modified: Sun, 17 Mar 2019 09:27:29 GMT
etag: "5c8e1301-3129"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
test: /wp-content/uploads/2019/03/6.jpg
x-fc-nginx-serving-static: Yes
x-fc-nginx-reason: /wp-content/uploads/2019/03/6.jpg
x-fc-nginx-file: /var/www/248avporn.com/htdocs/wp-content/cache/all//wp-content/uploads/2019/03/6.jpg/index.html
cf-cache-status: HIT
age: 2855109
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BBalVw0uv0McpzfNT9%2BFeSTVkBhmZPOow0TjqLYgaT4zoKcFF2zdOth7tW965RpXET9LvlTBU5tic5fXQtFW6JZ%2FVUIZSJIssOTxYMu1JX4TC32WaRd91wrUbgL2QS7u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f492fbf0b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a4f00eddf94cbac7834b592102b243ca
d7b559aa6d22469cd8d40927dcb689d54eff857c
bd896de1fab388a37d82abd9650b3101948ad4b0aa8cfdd4265eff13eb79572c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD896DE1FAB388A37D82ABD9650B3101948AD4B0AA8CFDD4265EFF13EB79572C"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10638
Expires: Mon, 16 Jan 2023 12:49:13 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
subo228.com/20221129/4GiLyoYo/1.jpg
200 OK 22 kB URL HTTP/1.1 subo228.com/20221129/4GiLyoYo/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 9343d6eb66d9cec4a669fad0cafda74c
0d9f2c9c6c61a106446d1361aa4226d9629e36df
a3ad9b68c7dcc9924357aea2a1c300025b9c96253346a46e1b2a370be79da7f7
GET /20221129/4GiLyoYo/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 21975
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-55d7"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
200 OK 13 kB URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/10/rop1syn5zpl.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash bd1934626b1e75409b0d8e3b1fc7e89a
e8a4214456ffa07acbcbc19018b1117dee08d152
eec49b4245859db2b70eba890eb95d08893dd9ab6cc049c3495cb56a9f1b5add
GET /upload/vod/2022/10/rop1syn5zpl.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 13432
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 10:02:18 GMT
ETag: "634690aa-3478"
Accept-Ranges: bytes
javgiga.com/wp-content/uploads/2022/08/FC2-PPV-30622141.jpg
200 OK 23 kB URL HTTP/2 javgiga.com/wp-content/uploads/2022/08/FC2-PPV-30622141.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 380x215, components 3\012- data
Hash 56a1ab9f2d802b5dc566af8497ae73b0
711166a1a47f9e4d6bf1f28ddd9715ad3a7e4027
de21795c94a1d2c000eda8f3d0e067ca0f14ebb0be771840115b7e41a071b022
GET /wp-content/uploads/2022/08/FC2-PPV-30622141.jpg HTTP/1.1
Host: javgiga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 22835
last-modified: Tue, 02 Aug 2022 06:52:03 GMT
etag: "62e8c993-5933"
expires: Sat, 21 Jan 2023 06:58:22 GMT
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
pragma: public
x-served-by: javgiga.com
cf-cache-status: HIT
age: 2169558
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LywwjDVG6mHmEiozKULlXNgflRNHEK%2BdMm2dag%2BRdq1NRZCueaLN0BbIXRGoln8OoQak%2Fv7oCoMdTDuapf4t62mtEogc5q63QVinB4fLPEIzBLohSlQSjUvRJL%2B1JA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4935bea0b69-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7d9d8e2256aadd9c1b57b6f62b9bc3c1
f0b5eaab84b1622991f0399a6f02fb10de70905f
cdf9f5bdb7c52ebf66fe021a4e576edbf6fe89fd35552d890f6209be0c490aca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CDF9F5BDB7C52EBF66FE021A4E576EDBF6FE89FD35552D890F6209BE0C490ACA"
Last-Modified: Sat, 14 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1914
Expires: Mon, 16 Jan 2023 10:23:49 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
icdn05.4kpornvideos.tv/36667/1833320_1.jpg
200 OK 34 kB URL HTTP/2 icdn05.4kpornvideos.tv/36667/1833320_1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x169, components 3\012- data
Hash 96f4c47e177901de3618b478d94e1b8c
b1090c1b0b5e3006016e0e82895d76f5efa54ef4
4340cac12b9cd919d439e802e4f2477893e9f696d3dc821415d182b8cd5f9279
GET /36667/1833320_1.jpg HTTP/1.1
Host: icdn05.4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 34103
server: nginx/1.22.0
x-object-meta-mtime: 1612933286.088063616
etag: 96f4c47e177901de3618b478d94e1b8c
last-modified: Sun, 06 Nov 2022 12:03:22 GMT
x-timestamp: 1667736201.24264
x-trans-id: txb82cc4c0b4154b7b8638a-00637738b3
x-openstack-request-id: txb82cc4c0b4154b7b8638a-00637738b3
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Wed, 15 Feb 2023 09:51:55 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
icdn05.4kpornvideos.tv/5853/292622_1.jpg
200 OK 17 kB URL HTTP/2 icdn05.4kpornvideos.tv/5853/292622_1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x169, components 3\012- data
Hash c1a88079176939e0e06b9e5f9212037d
e2bef26f061c1230656e6d40dff7306ccea009df
146515ea85611cab9c4810f0342382bc92e5b0e696df1e230c3d6e774866e4f5
GET /5853/292622_1.jpg HTTP/1.1
Host: icdn05.4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 17257
server: nginx/1.22.0
x-object-meta-mtime: 1598367595.677851005
etag: c1a88079176939e0e06b9e5f9212037d
last-modified: Mon, 07 Nov 2022 15:55:11 GMT
x-timestamp: 1667836510.81809
x-trans-id: txd08a1994e32a4ac58e4da-0063775707
x-openstack-request-id: txd08a1994e32a4ac58e4da-0063775707
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Wed, 15 Feb 2023 09:51:55 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4047
Expires: Mon, 16 Jan 2023 10:59:22 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9ad6eda4986b3e71eb172e5781ecdad9
3be8ff58e1c80a6d210db52efd99751b70ee7696
5aa3be8e1d208ca856e40be1934537617801a2e01dd9abd035721b5ebdfb2697
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5AA3BE8E1D208CA856E40BE1934537617801A2E01DD9ABD035721B5EBDFB2697"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9242
Expires: Mon, 16 Jan 2023 12:25:57 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 38487f5989a2f51dfe63b3ba6c7acc11
c63dc1fd5120041459dbe302d68cc5f150a5b7cc
4a462397b97bc54242daf7b604af1f50734ab0965d5705bc7d953afc347257ac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A462397B97BC54242DAF7B604AF1F50734AB0965D5705BC7D953AFC347257AC"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4879
Expires: Mon, 16 Jan 2023 11:13:14 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
www.heydouga.com/contents/4017/234/player_thumb.jpg
301 Moved Permanently 267 B URL HTTP/1.1 www.heydouga.com/contents/4017/234/player_thumb.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d48793a03f8913f54a2d94b7a03f0868
952e49b3da2dfc19bf113fbfdc73c1de80d1758d
c1b06fc2536999793a39d94eb62f84d03ec2a6d124f7d36d405011c60f4a1c01
GET /contents/4017/234/player_thumb.jpg HTTP/1.1
Host: www.heydouga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Location: https://www.heydouga.com/contents/4017/234/player_thumb.jpg
Content-Length: 267
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a14364fe2ad784ef5db2ea66dcf18dba
3274bc2a0b6e41d6f44e31ab0e233f79677079d3
40ffbf3dd157214eb918c6babf69b94f657f354337001f0b7e06930bf6a47aae
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6288fb14-98ed-45e9-92f6-6fabe4d7cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7291
x-amzn-requestid: 153fdafd-e094-4261-8202-065208ed543e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOMGuxoAMFkJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725a-68ba19037f23dae033513080;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dCzcLSv-R9QxYnx_d6iQJBWnYuZIIsHlwdKj4N_8yNlNHiSQ7RDDVQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:45:02 GMT
age: 43613
etag: "3274bc2a0b6e41d6f44e31ab0e233f79677079d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.trust-provider.cn/
200 OK 600 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 136fb184658ccace6275cce2cbc702cd
78fbb3bc11c38084a5005143e840c3a96d6154b4
3e33830fe1bb102a3a5f1a72db19e14c4fb5b8c61187c5535ffa5777f26d1264
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Mon, 16 Jan 2023 09:33:36 GMT
last-modified: Sun, 15 Jan 2023 03:34:41 GMT
expires: Sun, 22 Jan 2023 03:34:40 GMT
etag: "78fbb3bc11c38084a5005143e840c3a96d6154b4"
cache-control: max-age=601806,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb3
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
cf-ray: 78a5d9c14eb5916e-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1673861616
via: cache15.l2de2[0,0,304-0,H], cache25.l2de2[0,0], cache8.se1[0,0,200-0,H], cache5.se1[0,0], cache4.se1[2,0]
age: 1099
x-cache: HIT TCP_MEM_HIT dirn:11:412425922
x-swift-savetime: Mon, 16 Jan 2023 09:34:36 GMT
x-swift-cachetime: 1740
timing-allow-origin: *, *
eagleid: 2ff62c9816738627154901689e, 2ff62c9816738627154901689e
blog-imgs-143.fc2.com/m/i/x/mixerovideo/hoka329-min.jpg
200 OK 9.3 kB URL HTTP/2 blog-imgs-143.fc2.com/m/i/x/mixerovideo/hoka329-min.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x299, components 3\012- data
Hash 426541c71c97b65b869ffaceabc55c2a
95b256c5839ef9b25a92b8835e7db9b3b4642ed4
574a48f5d7d873c3721a576558f51196aa7b2e7f37b7bfcf91ed503d5492df1f
GET /m/i/x/mixerovideo/hoka329-min.jpg HTTP/1.1
Host: blog-imgs-143.fc2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 9298
last-modified: Sat, 03 Oct 2020 04:29:35 GMT
etag: "5f77fe2f-2452"
expires: Mon, 26 Dec 2022 09:29:14 GMT
cache-control: max-age=2592000
s-maxage: 2678400
x-accel-expires: @1674641869
server: CDN77-Turbo
x-77-nzt: AblMCQ0Ifun/bqkbAA
x-77-nzt-ray: c0a4cc28448c52963b1ec5635586741f
x-cache: HIT
x-age: 1812846
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.91bjav.com/contents/videos_screenshots/81000/81360/preview.jpg
200 OK 73 kB URL HTTP/2 www.91bjav.com/contents/videos_screenshots/81000/81360/preview.jpg
IP
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Hash 5a731df6aeb84f85a604dd96ee303a57
a17a00d5b08f6ab008278424ed2832a87d8bd186
4dfd59d6178bf2757729e916778662a8bf52501efb72b74128144f82122532f0
GET /contents/videos_screenshots/81000/81360/preview.jpg HTTP/1.1
Host: www.91bjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 72624
last-modified: Thu, 08 Jul 2021 09:06:01 GMT
etag: "60e6bff9-11bb0"
expires: Mon, 06 Feb 2023 22:23:57 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 732478
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWZerIUjp7ou2breYAUbzIumKwt34ZnwInZSld31S%2BaQsj2v3Gsk1gfk%2BNxEtfSU%2FAEpmXhNvVSWeLnLboRhitWnAod75so8Vi%2FwAlq346ixEeLf4hLTDdInQ2nNt5lthQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f494193b0b31-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash c5f9f483346b72f76aca982ddab1b6b5
db1d813fa4a1753393e87817f4cb8e649d6249e9
b8a8dbcec2724f6fcb300e4dd73043d4517522600775f03495473441bd150adb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1544
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:55 GMT
Last-Modified: Mon, 16 Jan 2023 09:26:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
248avporn.com/wp-content/uploads/2018/09/4-6.png
200 OK 18 kB URL HTTP/2 248avporn.com/wp-content/uploads/2018/09/4-6.png
IP
File type PNG image data, 320 x 240, 8-bit colormap, non-interlaced\012- data
Hash bca2abff9d482636681e70ab232db256
f9cecd60dd8fdcba5426c05f134a87bf3909f541
685a00487b94ca23648256b6a943a2bb2ada3afad89058ef808c0a4e80ce6104
GET /wp-content/uploads/2018/09/4-6.png HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/png
content-length: 18403
last-modified: Wed, 06 Mar 2019 05:40:28 GMT
etag: "5c7f5d4c-47e3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000
access-control-allow-origin: *
test: /wp-content/uploads/2018/09/4-6.png
x-fc-nginx-serving-static: Yes
x-fc-nginx-reason: /wp-content/uploads/2018/09/4-6.png
x-fc-nginx-file: /var/www/248avporn.com/htdocs/wp-content/cache/all//wp-content/uploads/2018/09/4-6.png/index.html
cf-cache-status: HIT
age: 3641388
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfwVPCfuB1BayrA%2BSJBUIcIrKUW2uSyuQ9TpoNKPB8O3xUvhDZvdY%2FbabA9hs8hcuRoRAKPwV%2F1OpodlS4cZneIqWZ19655o%2BurrWpkv8XxwMr7n3DyTLEhBNRTF3dRh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4942db2b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 83f9b6f9a35836c9098e80c47b753c24
99ac38442dcb1b34c84fd6694c792592d2f6d57e
5378dd966257b97d1cab45afa133b689f81e86e265b072cfc5008a5d6253dc10
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=709
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
ocsp.globalsign.com/gsrsaovsslca2018
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP
Hash fda5700aee26433a0d9e933a3b924889
101d4e49752c696bf20f20568346af79bc042f30
8797484779b6b816b7dd40418ea688c5a551322a2dd41c683ef2ea0e31f7dbe6
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Fri, 20 Jan 2023 07:48:13 GMT
ETag: "101d4e49752c696bf20f20568346af79bc042f30"
Last-Modified: Mon, 16 Jan 2023 07:48:14 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1938
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f4943dbfb515-OSL
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 8c661d2217cb608d56118d5f0dafd06f
785417c10093f2c1011d5d977d27a4aa2b85a737
de0c6485f46f5a8389e155969ce875c4b6e042068e988c8b72c45b779f67eb97
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 09:51:55 GMT
Etag: "63c48021-1d7"
Last-Modified: Mon, 16 Jan 2023 09:04:34 GMT
Server: ECS (dcb/7EEF)
X-Cache: Miss from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tRukDDj-KApBbj7Y1_Qc9iOnRD5WPXPFpFTKYdyHctmhk8Oc_X0Jdw==
Age: 2841
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 95d4bfe42926f8b6e300db603d422080
395fd44f5143fa6fcff5dcab3f04477be64033ae
e8f3609c068c2ff30478ddefb6ed4645873490bdabb10312e6ebb8d4b9b2fb72
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 20 Jan 2023 07:06:42 GMT
ETag: "395fd44f5143fa6fcff5dcab3f04477be64033ae"
Last-Modified: Mon, 16 Jan 2023 07:06:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 185
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f4945de2b515-OSL
pic16.seaige.com/pic/20220228/a754904ddd81f48cb56a4f529202fb6b/1.jpg
200 OK 13 kB URL HTTP/2 pic16.seaige.com/pic/20220228/a754904ddd81f48cb56a4f529202fb6b/1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1079x1080, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 720x416, components 3\012- data
Hash cc37aae24587d7198005cc17b7a1540b
ea74c9228d33253f2c936822b7ce2a67b1fc6592
d598d4176f6cc205231a1805ef6c1d473e2044ff2908f8e5b3bde5db15ae2264
GET /pic/20220228/a754904ddd81f48cb56a4f529202fb6b/1.jpg HTTP/1.1
Host: pic16.seaige.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Sat, 07 Jan 2023 11:17:29 GMT
content-type: image/jpeg
content-length: 13139
last-modified: Mon, 28 Feb 2022 13:28:02 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "621ccde2-3353"
expires: Mon, 06 Feb 2023 11:17:29 GMT
age: 772466
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
cdn.tokyoporns.com/thumbs_35/19/112748323/b_orig.jpg
200 OK 43 kB URL HTTP/2 cdn.tokyoporns.com/thumbs_35/19/112748323/b_orig.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.91.100", baseline, precision 8, 1280x720, components 3\012- data
Hash ecac297434020e8075b7366501b0fa4a
15816c409fc04344614657b38f02e374c66c0c18
341c24d69685c47cf316e88df49927b6687d8cbb16684f4eddcdb1c7211c2d6a
GET /thumbs_35/19/112748323/b_orig.jpg HTTP/1.1
Host: cdn.tokyoporns.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 42895
last-modified: Sun, 25 Oct 2020 02:21:40 GMT
etag: "5f94e134-a78f"
expires: Tue, 14 Feb 2023 12:23:03 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 77332
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdTarVc3vEk%2B004tgmYgjDWR5hve75Y4b3KCXQfNqMy8pzNZPaq0ybCGMOi56meidzLq4cDnUVyAOVcXJl2nr%2BwA5pFadas3KNkpQ%2BOxMeeMe33QkkvIIC9KBYoqQ286%2BgpgfCc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4947e1db503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP
Hash 95d4bfe42926f8b6e300db603d422080
395fd44f5143fa6fcff5dcab3f04477be64033ae
e8f3609c068c2ff30478ddefb6ed4645873490bdabb10312e6ebb8d4b9b2fb72
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Fri, 20 Jan 2023 07:06:42 GMT
ETag: "395fd44f5143fa6fcff5dcab3f04477be64033ae"
Last-Modified: Mon, 16 Jan 2023 07:06:43 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 185
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f4949e24b515-OSL
fmtu.netfhtu.com/upload/vod/2022/10/hn2zb3roctt.jpg
200 OK 16 kB URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/10/hn2zb3roctt.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 0560b383fc30a8a47748583fcd7cd291
d880c6c01e78bf190f8a239a74afbdcf0ea78243
276fb5029614da1441be6fb6d6045b66aa36e943d8d9e763fd162416b9293daa
GET /upload/vod/2022/10/hn2zb3roctt.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 15956
Connection: keep-alive
Last-Modified: Wed, 12 Oct 2022 10:02:16 GMT
ETag: "634690a8-3e54"
Accept-Ranges: bytes
001.manyse.com/2210/img/FC2-PPV-3107682.jpg
200 OK 267 kB URL HTTP/2 001.manyse.com/2210/img/FC2-PPV-3107682.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Size 267 kB (267237 bytes)
Hash 5b926175562ee446d73492ea3c55a29c
0c0d15da1c923948b2b81de31c4659677121201e
a36979ab5d58610c6b222700f4976961913c3b66d0965056678767869172ab3e
GET /2210/img/FC2-PPV-3107682.jpg HTTP/1.1
Host: 001.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 267237
last-modified: Tue, 11 Oct 2022 17:14:40 GMT
etag: "6345a480-413e5"
expires: Wed, 15 Feb 2023 09:51:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
access-control-allow-origin: https://manymv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
kapp66.com/contents/videos_screenshots/93000/93747/preview.jpg
200 OK 121 kB URL HTTP/2 kapp66.com/contents/videos_screenshots/93000/93747/preview.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 121 kB (120941 bytes)
Hash d570aa55f6108494731bfeba9e0a048d
490d072d1e979cb498165f5f18ffc219af6e2e6a
e8f384ec7f015ee62c49dcdf0579cd1b7f8abf72407a8ce78ffa3280bee89880
GET /contents/videos_screenshots/93000/93747/preview.jpg HTTP/1.1
Host: kapp66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 120941
last-modified: Sun, 12 Dec 2021 12:11:01 GMT
etag: "61b5e6d5-1d86d"
expires: Wed, 01 Feb 2023 15:44:00 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 1188475
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZfRr0xWSR%2Bn46a%2FjkObMIM%2FbZw6%2FiJjX%2FDm2yOyT1ef6aTlRFbZFiMAJxVF7wF272zphak3hPaGh2tnlkZ72Jsf07JuYrKg1gWe2YrLPepVBh9d8TPtxUA6dlKd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f494bdc2b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
001.manyse.com/2210/img/FC2-PPV-3105239.jpg
200 OK 80 kB URL HTTP/2 001.manyse.com/2210/img/FC2-PPV-3105239.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 600x600, components 3\012- data
Hash 899be8c3fd7cb30220a4e92e4086d355
4cb56633454703c91a602c6101b4427a1219cc09
3618680055fe4397f21ea129d20f0df76a2d351c66ec8e309e805ae5ebd8b0c3
GET /2210/img/FC2-PPV-3105239.jpg HTTP/1.1
Host: 001.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 80329
last-modified: Sun, 09 Oct 2022 18:13:03 GMT
etag: "63430f2f-139c9"
expires: Wed, 15 Feb 2023 09:51:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
access-control-allow-origin: https://manymv.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2
image.mgstage.com/images/mercury/298honb/257/pb_e_298honb-257.jpg
200 OK 333 kB URL HTTP/2 image.mgstage.com/images/mercury/298honb/257/pb_e_298honb-257.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 840x563, components 3\012- data
Size 333 kB (333428 bytes)
Hash c1ec5974889c6db70c1da2ac639d466e
3f93235fa79e04e42b05be340ac5b8514b33e091
041c8563f3da083b56055d87e0bb2d69c25b22279a88a0e9cd52f246a22d80f6
GET /images/mercury/298honb/257/pb_e_298honb-257.jpg HTTP/1.1
Host: image.mgstage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 333428
last-modified: Sat, 28 May 2022 23:41:10 GMT
x-amz-version-id: 4R8AJiXCepU7bldFQYcwoc6KY7yr8veo
accept-ranges: bytes
server: AmazonS3
date: Sun, 15 Jan 2023 22:06:54 GMT
etag: "c1ec5974889c6db70c1da2ac639d466e"
x-cache: Hit from cloudfront
via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N4T290eaZkvAdV_c5of1Krccv_ACsHIxr6yE_bUi_w6LdKnEIDXgTQ==
age: 42302
X-Firefox-Spdy: h2
www.91rb.net/contents/videos_screenshots/70000/70268/preview.jpg
200 OK 233 kB URL HTTP/2 www.91rb.net/contents/videos_screenshots/70000/70268/preview.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 233 kB (233063 bytes)
Hash 192c5ca56843d8fff0a69b261bc40d78
17993e2b61b39dd92a02178d1b8c64f7c2bce52d
0bd8fdaafd0e153466ec3cdda04f9cefdc05b7e02625884c88430c15237c9d09
GET /contents/videos_screenshots/70000/70268/preview.jpg HTTP/1.1
Host: www.91rb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 233063
last-modified: Fri, 05 Feb 2021 22:41:45 GMT
etag: "601dc9a9-38e67"
expires: Sun, 12 Feb 2023 20:06:48 GMT
cache-control: max-age=2592000
access-control-allow-headers: *
access-control-expose-headers: Server,range,Content-Length,Content-Range
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-origin: *
cf-cache-status: HIT
age: 222307
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wCA8UGCdgnn%2FI7i5YP9UGDQ%2B10pSxw%2BHa01ughew5Unp0ACce4kvdBrOYfcCt8eDVT4iurAT%2FRxQmEEk5Nx%2Fm0JBGk8%2FBhkQDbPGrmNg9ffnFMLGWp1FzolqdO%2FG%2BBY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f494cf2eb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
icdn05.4kpornvideos.tv/14985/749239_1.jpg
200 OK 32 kB URL HTTP/2 icdn05.4kpornvideos.tv/14985/749239_1.jpg
IP
ASN #39572 DataWeb Global Group B.V.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x169, components 3\012- data
Hash 8053380ab5deae840df2a06889b37e02
1b536555047d9a50275811dcca049faeb72a5964
0abf703bf1a77601051aeba60112e5e81b7cdd75341191cda7a2515e8f778097
GET /14985/749239_1.jpg HTTP/1.1
Host: icdn05.4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 32224
server: nginx/1.22.0
x-object-meta-mtime: 1598361522.003149178
etag: 8053380ab5deae840df2a06889b37e02
last-modified: Thu, 03 Nov 2022 15:28:46 GMT
x-timestamp: 1667489325.96478
x-trans-id: tx7e3a15d185154d0f95a96-006379dce3
x-openstack-request-id: tx7e3a15d185154d0f95a96-006379dce3
access-control-allow-origin: *
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=2592000
expires: Wed, 15 Feb 2023 09:51:55 GMT
vary: Accept-Encoding
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
subo228.com/20221106/UAHvgUzl/1.jpg
200 OK 29 kB URL HTTP/1.1 subo228.com/20221106/UAHvgUzl/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash 67f8c7146707e37953102d980bba91f0
1d3a4149465713143638be54f377ac060f21f5db
f5e8a585b87c908367223c996fbbc6b895bb8c201550fd10ede069ce502d1fa4
GET /20221106/UAHvgUzl/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 28897
Last-Modified: Thu, 12 Jan 2023 14:27:59 GMT
Connection: keep-alive
ETag: "63c018ef-70e1"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20221014/1k84ZeHv/1.jpg
404 Not Found 16 B URL HTTP/1.1 subo228.com/20221014/1k84ZeHv/1.jpg
IP
File type Unicode text, UTF-8 text, with no line terminators
Hash a0cd8c7fbc2aaafc0f1c75a4c440f426
ac9d3253552b2f14b2c05c51db6db9e886123483
864a4746a84b83b86716153293de213cd49050532b3e33d2fdc6bed5f89f0126
GET /20221014/1k84ZeHv/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 718f146ceb8e7a98316afcf47fb3e942
7dae05172d883766ed90fa10213a73705cc19a67
0908f37cb95c4979a1b3cc6c85d434eb47166f1c3c52b88f3396afd422209981
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "0908F37CB95C4979A1B3CC6C85D434EB47166F1C3C52B88F3396AFD422209981"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3706
Expires: Mon, 16 Jan 2023 10:53:41 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
fmtu.netfhtu.com/upload/vod/2022/10/dguztia2tru.jpg
404 Not Found 505 B URL HTTP/1.1 fmtu.netfhtu.com/upload/vod/2022/10/dguztia2tru.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f554227f9c9dd6d6acc625bede0d537e
9bc18a5f0f35164189bf5cfcfca2aa2bc60ddc60
34d76ad76c83adf293ce2900b18c73d4eb9260d6227852633d8ab976bacbdee4
GET /upload/vod/2022/10/dguztia2tru.jpg HTTP/1.1
Host: fmtu.netfhtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 505
Connection: keep-alive
ETag: "5f064f1b-1f9"
broimg.net/images/2234/404/916/_6326e38cb3f15.jpeg
200 OK 16 kB URL HTTP/2 broimg.net/images/2234/404/916/_6326e38cb3f15.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 332x253, components 3\012- data
Hash 8b7aa6af5ce5c0f4a5fe4000a0aa457e
18c8e85e9b88111d8124bc7c957971be089bd18e
04d7e2f1c8ae51f0bd9636e30fd1ebef392d9c3909073288855575a31a38f5ff
GET /images/2234/404/916/_6326e38cb3f15.jpeg HTTP/1.1
Host: broimg.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 15874
last-modified: Sun, 18 Sep 2022 09:23:24 GMT
etag: "6326e38c-3e02"
expires: Sun, 29 Jan 2023 15:19:58 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 1449117
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GuWdEPuZkQqwYS1ImIZ7RsQLr5WM0GSduTGH2K6jO0apkjAYRQSs9%2BxZSOXjNDhoUi0JxfuzVC9kmRmK2lBmeK%2F78b02SDY7Q6jyiRnKyhsxKlDrILqsUskDly8e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4958a201c16-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 542f87ebb35e170451b610e4b700bcb1
2259cdebacc4c9f07aad838eec494863d4273ad1
85001f2cf33f3fc98d4cdcc7aef38611e34aea3a791d8acb0a5946c4619398eb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2fb3ba8-a85e-42ba-b607-87ced36844b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5766
x-amzn-requestid: b6a8d7ee-ff35-4720-8d2e-ba2b8db6edfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP4GDQIAMFTSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-6022a62f69d8f938458d18a0;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YcIDYSEtEIIfGauNxD9V1tuSCAPDq9OaaAATRTOC3Sjlb-72IA0ScQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:06:50 GMT
age: 42305
etag: "2259cdebacc4c9f07aad838eec494863d4273ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a7917592de9f2ddbe7d3a7fa7f3d4d62
866b04ce93a30369d7cb0a6d2155a8b10292507f
da58e1798bf0fcbfe771420a66bbf671cc84e0ca429e076fdc70bb8d73cddb18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd986c41-5e27-40cc-8622-aeddbd283d0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6273
x-amzn-requestid: f5d21802-91ea-44cc-aeb2-8ec9af07e1a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbOyFwNIAMFZsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4725e-3028350e72b2ee7b6ae44f2c;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8ggqVFvybykQ-MJzU9H_L6JS9YqmLGsuaMJ34Qy7o6yoMOJOmvYsMA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:53:09 GMT
age: 43126
etag: "866b04ce93a30369d7cb0a6d2155a8b10292507f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a507a6629d742e1e268ba6833cf5b451
7e4c2bd0ce7a35a9ec3012df4919d13d253d8717
96fb03520c4a2e164613c92d4d61accb160d4a7abc8b524d7f72f3de30c7f74b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96FB03520C4A2E164613C92D4D61ACCB160D4A7ABC8B524D7F72F3DE30C7F74B"
Last-Modified: Sat, 14 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20954
Expires: Mon, 16 Jan 2023 15:41:09 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
ak21727.com/20220208/0HKQUimn/1.jpg
200 OK 12 kB URL HTTP/1.1 ak21727.com/20220208/0HKQUimn/1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density -2874x-2941, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x569, components 3\012- data
Hash 627ca2be3b4a2435c0a5db5835731c73
6443c2d6b31b3d3ef5b7c5d89df9be86d343d3ba
f77e26c0e05a0ada724cb69bb6171dcf54cfb8cb485926e4701d8799bd916ab4
GET /20220208/0HKQUimn/1.jpg HTTP/1.1
Host: ak21727.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: application/octet-stream
Content-Length: 12140
Connection: keep-alive
Last-Modified: Thu, 24 Mar 2022 22:19:19 GMT
Content-Disposition: attachment; filename="1.jpg"
ETag: "623cee67-2f6c"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: X-Requested-With
Access-Control-Allow-Methods: POST, GET, OPTIONS
Accept-Ranges: bytes
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f9856e4a4461fb58b07a0202bded19e
8ff627a2fe99aaf07ec035d4a1efbf85835491e4
013181b036009effe9e2cf8e43965aa34ac68f8d1fcfcaac620441b00b26759f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99108d47-2f63-4dc7-965c-495b56c7fc30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6559
x-amzn-requestid: 2077d9af-6d78-4811-9526-2be067f54bea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbLfE0pIAMFS7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47249-66bae56324858b0778530aeb;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7U9q5ecOsAOG_pyzfc4kThdaTReeTP_MRP0CH5eRj6a1Pqts6Oki3w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 21:54:19 GMT
age: 43056
etag: "8ff627a2fe99aaf07ec035d4a1efbf85835491e4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash 2f730e57f76d9523b5eb0e3cf005bc9c
b306786f12e603f52ab191a7101646444199547b
c64dd4cb694440bdd2f66df1a4665a80cd2a2833d032cff294e3ddcde3103f3a
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=875
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9768b1bb9048d23c6a631e153b47ab04
741da16203215f9d52e476214b1bdef332961a35
750b57d8c95b025da617f005eef0e3bf685f7778e8e039f70015d7bfb810cb3b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f0659c5-1455-4203-aa61-f1bb301688cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11040
x-amzn-requestid: 8d0ff3db-efbc-41ff-abd9-4f328129cfd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eroNIFEtIAMFS8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c153ed-138d582e22acee7017e9d4e9;Sampled=0
x-amzn-remapped-date: Fri, 13 Jan 2023 12:51:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gyoizb63vbxozvOs7WjPmHHB-O1iGBA_xBzTEoHqp9XGiqnPyQImGg==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 15 Jan 2023 22:07:01 GMT
age: 42294
etag: "741da16203215f9d52e476214b1bdef332961a35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4fcbed1f27bccb1f8b6fe4c9efde16f
2b2b272f1712319a5de86f8fac3f73b23e5ef4b0
d33384b6a4f1f5a5ee73643dd86161fe59dfe9d27af4483ffef2e28693e62ee6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c941e9c-910c-4cd7-a013-a4dca3c5db2b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3845
x-amzn-requestid: 4b8fa830-dad5-4f44-addd-2fcee42f417e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: excEMFt1oAMFeOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c3a6e7-703ffebe0297428c35eabdb6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 07:10:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wMmYR9yEPelW_Q5_tnImorkseC1tr0EcDvNHeYBpNWB6l47og9HC5Q==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 07:28:34 GMT
age: 8601
etag: "2b2b272f1712319a5de86f8fac3f73b23e5ef4b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 314 B IP
Hash f5d84d5c65df233a0f18f644fe0fbe00
46f573c21c8c4edbb443ded5fb45c28dba29823a
d8645860da11578fa9fbaaac829a46e980bb3731fdc841a56b895ca8c2dcab8e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4806
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:55 GMT
Last-Modified: Mon, 16 Jan 2023 08:31:50 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 314
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 1d88c06521724d2e3df6a9dc47a6457e
4dad3584fa1ea85df4d8faf5621ebb4918f6a1d7
a97f54d9554bad81323891f25d9962029c40da8f786c485620cea3b8c75cf8de
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A97F54D9554BAD81323891F25D9962029C40DA8F786C485620CEA3B8C75CF8DE"
Last-Modified: Sun, 15 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3603
Expires: Mon, 16 Jan 2023 10:51:58 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
cdn8.hifimov.co/picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg
200 OK 16 kB URL HTTP/2 cdn8.hifimov.co/picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 480x360, components 3\012- data
Hash 49a64700871851b7b2d3cff66f6d19e1
13eee50af4fd1f6c9e22b35b022c8dae2d1a92b3
1283e011a869a59201d0c2e2045ff175d0bfef465d962c35fd1fdf93e9d7b3d1
GET /picture/original/nUE0pUZ6Yl9cYay0nJ1aYzAioF9_nF8gExu-El1wLwOXAP9bpJEyMzS1oUDhnaOaXFfbXRucEzyAo3LhL_8cK_ukMTIzLKIfqP5dpTp5v7P/(HiFiMov.co)_cimg2982-avi-preview-hqdefault.jpg HTTP/1.1
Host: cdn8.hifimov.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 15899
accept-ranges: bytes
last-modified: Mon, 16 Jan 2023 09:51:55 GMT
cache-control: max-age=8640000
expires: Wed, 26 Apr 2023 09:51:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash c5f9f483346b72f76aca982ddab1b6b5
db1d813fa4a1753393e87817f4cb8e649d6249e9
b8a8dbcec2724f6fcb300e4dd73043d4517522600775f03495473441bd150adb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1544
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:55 GMT
Last-Modified: Mon, 16 Jan 2023 09:26:11 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 278
subo228.com/20221007/rJiXl11p/1.jpg
200 OK 39 kB URL HTTP/1.1 subo228.com/20221007/rJiXl11p/1.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=4, height=480, software=www.meitu.com, width=864], baseline, precision 8, 426x236, components 3\012- data
Hash bdeb4dd3ca91fe1253e02f98e230e6f1
22ac9fb78dc86d89713048702a26b008448dac0e
031cfe8c4b4a80b7ae2edef8dc5debfd7cfb23d92ac032af965a2a3e6c754c16
GET /20221007/rJiXl11p/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 38552
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-9698"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
200 OK 142 kB URL HTTP/1.1 jp-xvideos-av.com/wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png
IP
ASN #2519 ARTERIA Networks Corporation
File type PNG image data, 300 x 200, 8-bit/color RGB, non-interlaced\012- data
Size 142 kB (142489 bytes)
Hash b9579e6e0876854ad03328858216edca
f81276d6b45938999d3494f9814e7256d199fef6
e5f04edc2067571f46affbfd0943855147535482d64ac7030a9184702144fd58
GET /wp-content/uploads/2015/08/jWn1Bk3xQnkdhbOc.png HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:54 GMT
Content-Type: image/png
Content-Length: 142489
Connection: keep-alive
Last-Modified: Tue, 11 Aug 2015 10:20:03 GMT
Expires: Wed, 15 Feb 2023 09:51:54 GMT
Cache-Control: max-age=2592000
Accept-Ranges: bytes
dvcasha2.ocsp-certum.com/
200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP
ASN #20940 Akamai International B.V.
Hash f0f4e4095c4cfe38ead6271710e568a7
5b14801166202395643ae59e30fd63c2377b4629
7498a29cad36b4864c82729c86d12db36388b65e2576f544173e756d730abbc7
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=718
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
X-N: S
subo228.com/20230101/1IIqJFEv/1.jpg
200 OK 22 kB URL HTTP/1.1 subo228.com/20230101/1IIqJFEv/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash f6b23a476673000baf511df9385f1ad9
df7984b7ca93f0cc0820199c4584d8ca5c030a1b
af1d00244be4b8090152a6662b3c30059c0d3b0379c6115c01ceea5ab5c397b9
GET /20230101/1IIqJFEv/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 22529
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-5801"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
www.w3schools.com/w3css/4/w3.css
200 OK 5.3 kB URL HTTP/2 www.w3schools.com/w3css/4/w3.css
IP
File type Unicode text, UTF-8 (with BOM) text
Hash cfa5fd76f66a5f917b87ddd80b75b3fa
c0d7265855205d77acc0f1154172070a8680ab19
38ae41c45eedd4f190a8ddbda2a2dc69e2a4d75a6ff8cb0bb35d4a521724ee98
GET /w3css/4/w3.css HTTP/1.1
Host: www.w3schools.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
age: 5649
cache-control: public,max-age=14400,public
content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
content-type: text/css
date: Mon, 16 Jan 2023 09:51:55 GMT
etag: "01877178f26d91:0"
last-modified: Thu, 12 Jan 2023 14:06:40 GMT
server: ECS (ska/F716)
vary: Accept-Encoding
x-cache: HIT
x-content-security-policy: frame-ancestors 'self' https://mycourses.w3schools.com;
x-powered-by: ASP.NET
content-length: 5250
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
200 OK 727 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP
Hash 59640c304619fc826f01363033c68d70
6f1212343ad3806799fb32327289fcdf15138a5e
f31709a7a94d699070f3e184ece0f8ac265f6a9157a24e243c63beca5e169d66
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Fri, 13 Jan 2023 05:17:31 GMT
Expires: Fri, 20 Jan 2023 05:17:30 GMT
Etag: "6f1212343ad3806799fb32327289fcdf15138a5e"
Cache-Control: max-age=328534,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a5f4968ab5b50b-OSL
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash d0a29fc7d299f2baed085769bf9c80c4
fa440892f32664e6bd5f56e7f27afad62d2304c2
6881bdd874d73e7eb933ffe179b62a0fbf852be5ca187386714a249c5b3feaf3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6881BDD874D73E7EB933FFE179B62A0FBF852BE5CA187386714A249C5B3FEAF3"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11576
Expires: Mon, 16 Jan 2023 13:04:51 GMT
Date: Mon, 16 Jan 2023 09:51:55 GMT
Connection: keep-alive
twitter.com/favicon.ico
200 OK 1.2 kB IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 630d203cdeba06df4c0e289c8c8094f6
eee14e8a36b0512c12ba26c0516b4553618dea36
bbce71345828a27c5572637dbe88a3dd1e065266066600c8a841985588bf2902
GET /favicon.ico HTTP/1.1
Host: twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 UTC
perf: 7626143928
server: tsa_o
set-cookie: guest_id=v1%3A167386271599498894; Max-Age=34214400; Expires=Fri, 16 Feb 2024 09:51:55 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 1150
x-transaction-id: ae119f04cc222c3a
strict-transport-security: max-age=631138519
x-response-time: 103
x-connection-hash: ba6630cf331e38e1d1e97221e8dbbd3b8290d865ed739b4399738e070d15b171
X-Firefox-Spdy: h2
fmlb.netlbtu.com/upload/vod/2022/07-12/12/leao3ff0dsv1231leao3ff0dsv294005.jpg
200 OK 7.8 kB URL HTTP/1.1 fmlb.netlbtu.com/upload/vod/2022/07-12/12/leao3ff0dsv1231leao3ff0dsv294005.jpg
IP
File type JPEG image data, baseline, precision 8, 240x320, components 3\012- data
Hash 858df185fd9c41a6cb7f3123480d2410
befb66b77103546e11a4e20e89f0963e38d21cbe
61684da8d3771ab7ec4c7cebae10334bc46d6bc61d91ef7700757da1363f78b3
GET /upload/vod/2022/07-12/12/leao3ff0dsv1231leao3ff0dsv294005.jpg HTTP/1.1
Host: fmlb.netlbtu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:53:05 GMT
Content-Type: image/jpeg
Content-Length: 7806
Last-Modified: Wed, 09 Nov 2022 11:42:00 GMT
Connection: keep-alive
ETag: "636b9208-1e7e"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
subo228.com/20221207/UlZkez4I/1.jpg
200 OK 32 kB URL HTTP/1.1 subo228.com/20221207/UlZkez4I/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, baseline, precision 8, 426x239, components 3\012- data
Hash bd3dd332ff8ac8e6ed0a69833bdc05fc
c33ba9a74229026422a498f693c613b9ceea3711
ca35d2ec3aaffc9792069ff462f52426ff75b87b398f2bec68e3f8d824806b87
GET /20221207/UlZkez4I/1.jpg HTTP/1.1
Host: subo228.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 31604
Last-Modified: Thu, 12 Jan 2023 14:28:00 GMT
Connection: keep-alive
ETag: "63c018f0-7b74"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
img.manyse.com/img/FC2-PPV-3139336.jpg
200 OK 292 kB URL HTTP/2 img.manyse.com/img/FC2-PPV-3139336.jpg
IP
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 960x1440, components 3\012- data
Size 292 kB (292523 bytes)
Hash 14b148273ef00b61bd5d754af33802f4
fa80a5df5ed2a20f5628ec46dea278fd7aed2d31
489ec5b446c56bcfb8a8b0d2fee98d3b6d5588eb8e9e476c463cd7e01c00468f
GET /img/FC2-PPV-3139336.jpg HTTP/1.1
Host: img.manyse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 292523
last-modified: Sat, 14 Jan 2023 20:31:23 GMT
etag: "63c3111b-476ab"
expires: Wed, 15 Feb 2023 09:51:55 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
avgle.com/favicon.ico
200 OK 981 B IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 510e3ad6f5144249a38c0d004d031d6d
da79be2a316cfc8e15c6495ef0fffab92bc47a1a
ebf552c1366b2855b20535d71ef13b33483606622ee19e32cf3c56ff64f26c98
GET /favicon.ico HTTP/1.1
Host: avgle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Thu, 02 Jul 2020 10:22:07 GMT
etag: W/"5efdb54f-47e"
servedby: n2
cf-cache-status: HIT
age: 1711
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3L08YH8LDbBpgQHBhCgx19YpQGxmWLb2QqFLw%2FiBLNiC8%2BzBGLoifdbf3ocGbh%2F60B7pE09vm1ZzjKjYgKw6MkvOfHqCKV96%2FZi1Mn591dNGPjzPonBWOY%2F5%2Boo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4978cc2b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
200 OK 8.3 kB URL HTTP/1.1 ddcdn.comtucdncom.com/upload/vod/2019-11-15/157377151010.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 320x240, components 3\012- data
Hash 1398ecfa82fd9e61cf23d5b188ddf6f9
cea6edcf5e5afd770231e955cbec58cb9962e5ba
1c5f11dc1c7aba7008a1896d807bb27b2ef6995e825772ac6472a970d219bb03
GET /upload/vod/2019-11-15/157377151010.jpg HTTP/1.1
Host: ddcdn.comtucdncom.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Tengine
Date: Mon, 16 Jan 2023 17:50:32 GMT
Content-Type: image/jpeg
Content-Length: 8279
Last-Modified: Fri, 25 Nov 2022 12:37:29 GMT
Connection: keep-alive
ETag: "6380b709-2057"
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
X-Cache: hit
Accept-Ranges: bytes
a.nyaaaa.net/fcblog/wp-content/uploads/2022/08/spay107jp.jpg
200 OK 41 kB URL HTTP/2 a.nyaaaa.net/fcblog/wp-content/uploads/2022/08/spay107jp.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash de8b6a2e4855f65faa209f2ac4f4e473
62fdcb9b48ab82415de693005777985a945274de
203e691a544591b64f2744177f595171516325cb1d50e044b07161a98a0c12d0
GET /fcblog/wp-content/uploads/2022/08/spay107jp.jpg HTTP/1.1
Host: a.nyaaaa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 23 Jan 2023 09:51:55 GMT
content-type: image/jpeg
last-modified: Mon, 01 Aug 2022 04:36:23 GMT
accept-ranges: bytes
content-length: 40939
date: Mon, 16 Jan 2023 09:51:55 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 59a24d6cc37fae0c12e7bca51eb6384d
92d402f9606207fdc8e32b0b86293912d7f650f3
f1cfb76e5eef5e9342b806843ac2a60cd49b9cc4e1d5f496d4fdf2f04b9b70d9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1CFB76E5EEF5E9342B806843AC2A60CD49B9CC4E1D5F496D4FDF2F04B9B70D9"
Last-Modified: Mon, 16 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10864
Expires: Mon, 16 Jan 2023 12:53:00 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
pics.dmm.co.jp/digital/amateur/ankk023/ankk023jp.jpg
200 OK 31 kB URL HTTP/2 pics.dmm.co.jp/digital/amateur/ankk023/ankk023jp.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash e92b1fca1a563ddd61c65641083a36fe
ead79e0824154d9c283ed644d09af69cdc205d9f
6ddbf9bbc7185e5c3e9c97a8d84cffd507d11954ce0ce8e72b2cdc6f1b925063
GET /digital/amateur/ankk023/ankk023jp.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 31159
last-modified: Fri, 04 Nov 2022 08:22:40 GMT
etag: "6364cbd0-79b7"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoGPFHjswG7laYsmIAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
www.peppahub.com/favicon.ico
404 Not Found 169 B URL HTTP/1.1 www.peppahub.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 75498ccdf6d1ca96d29735566023829a
2951272e362fdf3d79488531406a383f96cf6332
dd2943d2f8c69925d2c6248e82f232d5c75efca81b0b16d580773e2d890133b6
GET /favicon.ico HTTP/1.1
Host: www.peppahub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx/1.10.3
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 169
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 67eeaf54a17487962ebeb64f50d667db
b1167fdeb1df56cce0e25e4868a32e1d6350dd32
d3dbf38219b26dca9bc3f96e10cfaa671ba4fe570be40e12831b31d368bb0c9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3DBF38219B26DCA9BC3F96E10CFAA671BA4FE570BE40E12831B31D368BB0C9D"
Last-Modified: Sun, 15 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3194
Expires: Mon, 16 Jan 2023 10:45:10 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
pic13.baihuzu.com/pic/20220301/7c265136c62a7ebdce02856590386442/1.jpg
200 OK 13 kB URL HTTP/2 pic13.baihuzu.com/pic/20220301/7c265136c62a7ebdce02856590386442/1.jpg
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 270x480, components 3\012- data
Hash 44f1c38c7f5106cd4b9d682a46537a4c
69fcb3a4a0da6770e7c38dc2f40ab5db8f9073e5
14953bd1f8a83471837c370f519223609e55f40818c12622c6a6e92f25af0400
GET /pic/20220301/7c265136c62a7ebdce02856590386442/1.jpg HTTP/1.1
Host: pic13.baihuzu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: https://www.xzylm.com
date: Sat, 14 Jan 2023 16:04:20 GMT
content-type: image/jpeg
content-length: 13349
last-modified: Tue, 01 Mar 2022 14:02:01 GMT
cache-control: max-age=2592000
accept-ranges: bytes
etag: "621e2759-3425"
expires: Mon, 13 Feb 2023 16:04:20 GMT
age: 150456
via: http/1.1 traffic_server (https://www.xzylm.com [cRs f ])
X-Firefox-Spdy: h2
www.heydouga.com/contents/4017/234/player_thumb.jpg
302 Found 0 B URL HTTP/1.1 www.heydouga.com/contents/4017/234/player_thumb.jpg
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /contents/4017/234/player_thumb.jpg HTTP/1.1
Host: www.heydouga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Mon, 16 Jan 2023 09:51:56 GMT
Server: Apache
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: sameorigin
Content-Security-Policy: frame-ancestors 'self';
Location: https://sample.heydouga.com/contents/4017/234/player_thumb.jpg
X-ServerID: hmedia-web226
Content-Length: 0
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=EUC-JP
kissjav.com/favicon.ico
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: kissjav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
thepervs.com/thumbs/32736.jpg
403 Forbidden 4.5 kB URL HTTP/2 thepervs.com/thumbs/32736.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2116)
Hash 5dc4d9d2555bff4ff6ae8772f5e72356
48efe5f95d0cfa45428dc2bf2c74d2fd2b06335a
c3b7042dc59709a847414d95b007fdc3af5557cc8e2f02f712c0ce0993d83025
GET /thumbs/32736.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5z9DW6oiSv1vKOgLu1VcmJmtuiy7DHQt%2FgvI5a%2F6FpTUeCyHQMJodMZeHHnSOA60p3ZXGdtCrK2GoRikk8FjTbpIysNZfokOK0LcZC3FLBzhEj0qNfVqSPbosMYCVu8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f495cf2ffac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
javdoe.to/favicon.ico
200 OK 834 B IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d1ef3c0e26b7666e6fccae8ba16e54bc
864d9fdee3010a2e81096281184733759240a46d
7a0d80f6d0ed9598dd2f9b367d5290c27f7c3d1e5e282473ee42ced9f0588f91
GET /favicon.ico HTTP/1.1
Host: javdoe.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Wed, 06 Apr 2022 03:36:40 GMT
etag: W/"624d0ac8-47e"
cache-control: max-age=86400
cf-cache-status: HIT
age: 11651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0eYpNhuc%2Bm4wcjFQduUdCpJ5bEKzz%2FbP7bfPCoortUWWxZGnzIpbceX6ByNcY1ce%2FYt%2BaEv38zbrXrBrQ9seiInJifFuixQL%2BFg3iAHePTELAQTXkhk%2BVWz%2FXc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4976ca4b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b56fe9ce1a3caf6ad5ff40073e8b10b4
282859b6e407f18e87b3a9e8b28709fc50880e4f
b7434398a195fb06c51943510e27b972e1dfdb1d41c7e576ad862d327eae51f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B7434398A195FB06C51943510E27B972E1DFDB1D41C7E576AD862D327EAE51F5"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=566
Expires: Mon, 16 Jan 2023 10:01:22 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
okashik.atype.jp/images/112-cpsky-268/1.jpg
200 OK 78 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-268/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash 19f7a10d28f04778fc6fcfddd1cdd466
c49aa361931a9914cff59eb8c2ac30ee19f52af9
e474d898ffa3e4f90c5a19aae8a13b47fc507e74e3c49dfcafd5efe1eaa10c57
GET /images/112-cpsky-268/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:02:14 GMT
ETag: "ec0b7c-13173-5c43a0fb541dd"
Accept-Ranges: bytes
Content-Length: 78195
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.digicert.com/
200 OK 279 B IP
Hash e47e5115ebf7cbb03dc432b5ac60e83e
883e7435e958bf9e9da677c56e4ea998c7af1b74
6bfb41512302c1df1a9f34554dd5782784d819e53818fb8cd6c97c727d29ad0d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3146
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:56 GMT
Last-Modified: Mon, 16 Jan 2023 08:59:30 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 279
page.myfile-host.info/myda.php
200 OK 0 B URL HTTP/1.1 page.myfile-host.info/myda.php
IP
ASN #7506 GMO Internet,Inc
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /myda.php HTTP/1.1
Host: page.myfile-host.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jsjs.gazo.space/
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:56 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.1e-fips mod_fcgid/2.3.9 PHP/7.4.20
X-Powered-By: PHP/7.4.20
Access-Control-Allow-Origin: *
Content-Length: 0
Connection: close
Content-Type: text/html; charset=utf-8
www.javbangers.com/favicon.ico
200 OK 850 B URL HTTP/2 www.javbangers.com/favicon.ico
IP
File type PNG image data, 49 x 49, 8-bit/color RGBA, non-interlaced\012- data
Hash e6bf88bee6f01ccb4f616dc0b7e59028
bcba814e166ff6402d84d08e14917bcde0e77571
f5661cab3bafa42509e8f2e02c4800d1fbb9b323c489cdc710ab3ee1137a1256
GET /favicon.ico HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
content-length: 850
last-modified: Mon, 16 Dec 2019 16:11:37 GMT
etag: "5df7acb9-352"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
pic.duga.jp/unsecure/scrum/0024/noauth/jacket_240.jpg
200 OK 42 kB URL HTTP/1.1 pic.duga.jp/unsecure/scrum/0024/noauth/jacket_240.jpg
IP
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x340, components 3\012- data
Hash 09186ee88b2dfb15091289fdc8ef9d9c
f42a9ba9af3f699f9318892f48a9cd6a86067a82
adb4d7691265de93ef1840aa814e7edb05a6b91d7c96db4f7193d31b6885cdec
GET /unsecure/scrum/0024/noauth/jacket_240.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 42519
Connection: keep-alive
Last-Modified: Thu, 23 Jan 2020 09:27:12 GMT
ETag: "5e2966f0-a617"
Expires: Wed, 19 May 2021 02:39:00 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
www.qbooe.com/upload/195/photos/20210511/236202105111732_33100.jpg
200 OK 111 kB URL HTTP/1.1 www.qbooe.com/upload/195/photos/20210511/236202105111732_33100.jpg
IP
ASN #17444 HKBN Enterprise Solutions Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Size 111 kB (111305 bytes)
Hash 139cd978f5f76d27e0c59cf0649329c6
358cafe67ddce5ae392ab0755482313d5bbf4443
deb6d442041286a36ce68a081cb53170788c48bcba19aa64febef7638641671d
GET /upload/195/photos/20210511/236202105111732_33100.jpg HTTP/1.1
Host: www.qbooe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: openresty/1.19.3.1
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 111305
Connection: keep-alive
Last-Modified: Tue, 11 May 2021 09:32:05 GMT
ETag: "609a4f15-1b2c9"
Expires: Tue, 16 Jan 2024 09:51:55 GMT
Cache-Control: max-age=31536000, public
Accept-Ranges: bytes
pics.dmm.co.jp/digital/amateur/ankk021/ankk021jp.jpg
200 OK 36 kB URL HTTP/2 pics.dmm.co.jp/digital/amateur/ankk021/ankk021jp.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 300x300, components 3\012- data
Hash 5e6d47a8028270ca10a64d2cfdff9873
dd469ece5a998a5d7b1293db6e9fdf07c9cf9596
0488d6e825b3a954f890d867869a04422e4a93c411ae6d46b28d60769532705e
GET /digital/amateur/ankk021/ankk021jp.jpg HTTP/1.1
Host: pics.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: image/jpeg
content-length: 36192
last-modified: Thu, 27 Oct 2022 07:46:39 GMT
etag: "635a375f-8d60"
x-pics-origin: digital-master
x-cache-status: HIT
set-cookie: app_uid=Z/6RoGPFHjswG7laYsmJAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dmm.co.jp; path=/
accept-ranges: bytes
X-Firefox-Spdy: h2
kissjav.li/favicon.ico
301 Moved Permanently 162 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
hifiporn.fun/favicon.ico
301 Moved Permanently 162 B IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: hifiporn.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html
content-length: 162
location: https://hifiporn.co/favicon.ico
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
pic.duga.jp/unsecure/paradisetv/3898/noauth/jacket_240.jpg
200 OK 46 kB URL HTTP/1.1 pic.duga.jp/unsecure/paradisetv/3898/noauth/jacket_240.jpg
IP
ASN #9370 SAKURA Internet Inc.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x340, components 3\012- data
Hash bf23fb5bd82e460848d14e258f5d3473
2017034aaa0d5c9854895f1d28f195508a8ab768
d593bf565379214118b9f7143440bf888efca93106bf9f5dec7301cefea1f3c5
GET /unsecure/paradisetv/3898/noauth/jacket_240.jpg HTTP/1.1
Host: pic.duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:55 GMT
Content-Type: image/jpeg
Content-Length: 46231
Connection: keep-alive
Last-Modified: Fri, 16 Apr 2021 06:40:39 GMT
ETag: "60793167-b497"
Expires: Mon, 23 Jan 2023 04:19:27 GMT
Cache-Control: max-age=604800
Accept-Ranges: bytes
a.nyaaaa.net/favicon.ico
404 Not Found 1.2 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: a.nyaaaa.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 16 Jan 2023 09:51:56 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
www.yaoji1.xyz/favicon.ico
200 OK 0 B URL HTTP/1.1 www.yaoji1.xyz/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.yaoji1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: image/x-icon
Content-Length: 0
Last-Modified: Wed, 15 Sep 2021 19:38:30 GMT
Connection: keep-alive
ETag: "61424bb6-0"
x-backend-server: ip-10-201-16-117.ec2.internal
Accept-Ranges: bytes
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 2a15befcfedf0f9222642fe40b7a00a6
eea19764dad683492cb20acae890b5d8e5518656
4b0ee71ec1bbe98cb74e25577dfd72b0370b5952e6101827e1b389f4036d3418
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B0EE71EC1BBE98CB74E25577DFD72B0370B5952E6101827E1B389F4036D3418"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Mon, 16 Jan 2023 10:47:15 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
ocsp.digicert.cn/
200 OK 471 B IP
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash e445286cacdd6bbfff1206fd5c842a2f
23b23c7c5eb926ae9f0eed4e0e00c129a292483e
8cb1288099a6eafa66e3a060c074f36e68dff159776e794f981e7497b09d39f5
POST / HTTP/1.1
Host: ocsp.digicert.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Mon, 16 Jan 2023 09:51:56 GMT
Ali-Swift-Global-Savetime: 1673862716
Via: cache3.l2de2[512,511,200-0,M], cache3.l2de2[512,0], cache7.se1[534,533,200-0,M], cache7.se1[536,0]
X-Cache: MISS TCP_MISS dirn:-2:-2
X-Swift-SaveTime: Mon, 16 Jan 2023 09:51:56 GMT
X-Swift-CacheTime: 0
Timing-Allow-Origin: *
EagleId: 2ff62c9b16738627160532353e
okashik.atype.jp/images/101-jmkd-0041/1.jpg
200 OK 78 kB URL HTTP/1.1 okashik.atype.jp/images/101-jmkd-0041/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash 26045168687aee8f65109e01fad47f71
829c4d3bc1076723eadc0a9cc9feb0a67a8c492e
de317953f39bdfd512d7ff3affe34ad2cf24834715734e36b5b028f920aaebcb
GET /images/101-jmkd-0041/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:28:15 GMT
ETag: "e007e4-12fd1-5c439962bc32e"
Accept-Ranges: bytes
Content-Length: 77777
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 2c104d87bd5df23c731f0e1fe1e70337
fa77c4ee4662e4d10187d6a4dfb040717be720ec
f0e3fad134a782600dcc460c124d83ae7fa0315c864938cff94ce4360ebc24df
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F0E3FAD134A782600DCC460C124D83AE7FA0315C864938CFF94CE4360EBC24DF"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8179
Expires: Mon, 16 Jan 2023 12:08:15 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
www.aipa563.com/favicon.ico
200 OK 393 B URL HTTP/1.1 www.aipa563.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 621df604c524ef9b0b8cd8b54e06e070
a4a25b52d7b2469bb4a90721ce19a870f3fcc4d2
24f06d88ef6cb2341f401b320932d5ff659e8fd448ba67775e9d868e694380d4
GET /favicon.ico HTTP/1.1
Host: www.aipa563.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: image/vnd.microsoft.icon
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 16 Feb 2022 02:40:46 GMT
ETag: W/"10be-5d81993aab6e8"
Cache-Control: public, max-age=31536000
CF-Cache-Status: HIT
Age: 23173391
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjV%2FlX7094G7R99af2v2ROp9xMbsSogGzNzn4RxgbaNpoSdRdqzkcNPfZXAhXYQ69ACa5FcT%2FYsgRzC1mXWZnWtKkHS1bQS6oJNGsYoUew1gKctD7BGaE%2FAG2SP6dN6Wwa8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f49b3a751bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.248avporn.com/favicon.ico
302 Found 138 B URL HTTP/1.1 www.248avporn.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: www.248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://248avporn.com/favicon.ico
X-Powered-By: EasyEngine 3.7.5
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NCWnf1aCO%2Bwer93%2Fyd7cIXIiaKW6BHf9LueAC3ym45fKVIt0%2FPRrhf7fk%2B94xMCFhT6Pl4uMHUWltqcmPy2TnJoYqfo%2BbwHy3tI8RD2f%2Fyhi0m3B3qw%2BOue5a2A9bRDjQ23HrA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f49a3ace0b49-OSL
alt-svc: h2=":443"; ma=60
hifiporn.co/favicon.ico
200 OK 1.2 kB IP
ASN #399045 DEDIOUTLET-NETWORKS
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b150efdeb3609db9549b0a6bc14c2c28
5b5878d4e6c40d99999a6b567682dc04b0abbab2
6dc0a3772db9841274ebc722b0351803512b6a5323d04343d192ec7315eca4bd
GET /favicon.ico HTTP/1.1
Host: hifiporn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Tue, 09 Jun 2020 20:06:57 GMT
expires: Mon, 23 Jan 2023 09:51:56 GMT
cache-control: max-age=604800
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 8607574c61c28c96a00a64a69a444d17
9d7b389a751989625453bff83f7c8c336b5f2b53
89e08777afe9ed64b0d81af7230f5a775738401ba76339c949dc99379579cf23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "89E08777AFE9ED64B0D81AF7230F5A775738401BA76339C949DC99379579CF23"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3095
Expires: Mon, 16 Jan 2023 10:43:31 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
biguz.net/favicon.ico
403 Forbidden 575 B IP
ASN #14576 HOSTING-SOLUTIONS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e30ae560a233b48e7a61979776dc2bba
8949f5f1f85cca910072e22fabf34c1ddd067baa
0444da1288bab65b2cade7ca8ce75792d2ac7639d534e57b55e511a5cf2f8c70
GET /favicon.ico HTTP/1.1
Host: biguz.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
server: nginx
date: Mon, 16 Jan 2023 09:49:03 GMT
content-type: text/html
content-length: 575
etag: "60616904-23f"
X-Firefox-Spdy: h2
jp-xvideos-av.com/favicon.ico
404 Not Found 146 B URL HTTP/1.1 jp-xvideos-av.com/favicon.ico
IP
ASN #2519 ARTERIA Networks Corporation
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /favicon.ico HTTP/1.1
Host: jp-xvideos-av.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 146
Connection: keep-alive
spermatv.net/favicon.ico
200 OK 486 B IP
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 81f76b186bcc1eacffa9b3fe91b4cb81
6786e82dfa9fcde4e14f3e29c89ae9e26ad73068
f23f25075647b52b1096a35820b25cc3362b3749a9525b1f863bfe4f5431f37d
GET /favicon.ico HTTP/1.1
Host: spermatv.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: image/x-icon
Last-Modified: Tue, 02 Feb 2021 15:27:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"60196f5e-47e"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
hifiporn.co/xxx/5/6ph-xoey-jk/playsinline
200 OK 19 kB URL HTTP/2 hifiporn.co/xxx/5/6ph-xoey-jk/playsinline
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (62642), with no line terminators
Hash 92ac3886c729be6dbabef8f7e56938df
7f8e6208512293f6b78b6f52864518b672031c44
06fee740f0881c5b3120d52dd1adf2d8078f4b39d9003b1078c2e40525b4d980
GET /xxx/5/6ph-xoey-jk/playsinline HTTP/1.1
Host: hifiporn.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=604800
expires: Mon, 23 Jan 2023 09:51:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
mypornvid.fun/favicon.ico
301 Moved Permanently 162 B URL HTTP/2 mypornvid.fun/favicon.ico
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: mypornvid.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html
content-length: 162
location: https://mypornvid.fun/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 9f91da800f76012b9ddcb0bb0f1b5d38
f61dfc55fbca79d4ce0213d23ef07d92c03129b2
407fc4125bde005a7dd7dce1a4aa9baa76d7fe3ec0002c3265c73a94049ac23b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:56 GMT
Etag: "63c48b2a-1d7"
Last-Modified: Mon, 16 Jan 2023 08:39:50 GMT
Server: ECS (amb/6BA0)
X-Cache: HIT
Content-Length: 471
www.qbooe.com/favicon.ico
404 Not Found 15 kB URL HTTP/1.1 www.qbooe.com/favicon.ico
IP
ASN #17444 HKBN Enterprise Solutions Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4767), with CRLF line terminators
Hash dd846bd8a8e97e72054e10b5b513b963
08d70ff27c851a171d2969239676bb274fc087fa
3f251643750ca69f42e24f0789f8a254722e3a2766894f28e59bff1704afdb25
GET /favicon.ico HTTP/1.1
Host: www.qbooe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: openresty/1.19.3.1
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e0m2adbntaolgnldf60s35oumq; path=/
lang=zh-hk; expires=Wed, 15-Feb-2023 09:51:56 GMT; Max-Age=2592000; path=/
_uads=a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bi%3A1673949116%3Bs%3A5%3A%26quot%3Buaid_%26quot%3B%3Ba%3A0%3A%7B%7D%7D; expires=Thu, 13-Jan-2033 09:51:56 GMT; Max-Age=315360000; path=/
mode=day; expires=Thu, 13-Jan-2033 09:51:56 GMT; Max-Age=315360000; path=/
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 84712a90b303f0ca2b5f60c0d5028df7
41e8e18403b5c5f7f6da092af4ec320e937df410
679b958bf10edd1f1bbb5575022489ed19b2262b9720d0e660673f18e01a4cba
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "679B958BF10EDD1F1BBB5575022489ED19B2262B9720D0E660673F18E01A4CBA"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3832
Expires: Mon, 16 Jan 2023 10:55:48 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
okashik.atype.jp/favicon.ico
200 OK 27 kB URL HTTP/1.1 okashik.atype.jp/favicon.ico
IP
ASN #2527 Sony Network Communications Inc.
File type MS Windows icon resource - 1 icon, -106x-106, 8 bits/pixel\012- data
Hash c96307b54559ba5b66bf64349fffaeed
ed0cf0bb16c7920bd8d9d07ca64cdeb5bac869b0
00690fc9a758e373f131eb5748f95d55238b0b60dca77bbfdb9c04949db74f88
GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:56 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:22:28 GMT
ETag: "dc0718-6906-5c439817e2b05"
Accept-Ranges: bytes
Content-Length: 26886
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2b0d22fc4859fd4b158edefee6f262c
f80693ebca51239b117611efb2bfe36a8dbb1906
cd48b9502fb525fdd133b31085d38d16ef963496e2545b5b2383e84a33fd817d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD48B9502FB525FDD133B31085D38D16EF963496E2545B5B2383E84A33FD817D"
Last-Modified: Sun, 15 Jan 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7985
Expires: Mon, 16 Jan 2023 12:05:01 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 2a15befcfedf0f9222642fe40b7a00a6
eea19764dad683492cb20acae890b5d8e5518656
4b0ee71ec1bbe98cb74e25577dfd72b0370b5952e6101827e1b389f4036d3418
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4B0EE71EC1BBE98CB74E25577DFD72B0370B5952E6101827E1B389F4036D3418"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Mon, 16 Jan 2023 10:47:15 GMT
Date: Mon, 16 Jan 2023 09:51:56 GMT
Connection: keep-alive
248avporn.com/favicon.ico
302 Found 138 B URL HTTP/1.1 248avporn.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash aff950cab4c0265e21d401db15f1026d
f03e18461817f7a6546c8bf8fa8d686d7e30aca0
753e0dd54f28c4f7009b9c0b18a68aed175416bd8b7d134858264586eaac56f0
GET /favicon.ico HTTP/1.1
Host: 248avporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://248avporn.com/favicon.ico
X-Powered-By: EasyEngine 3.7.5
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u0wr6cju2321z7FjkEthkhZdntI0hzdbL%2FWfKZt30dYUWhl93yCpJIoOfa7qjei22%2FE25gQO33XBhZ2xyQkQdAsH4lwXaliJZVDRdivbtV1hd6UbRJn25zlta7qwRD4o"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f49a7b3cb4f7-OSL
alt-svc: h2=":443"; ma=60
18j.tv/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 18j.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jp.co-vid.win/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 16 Jan 2023 10:51:56 GMT
Location: https://18j.tv/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sO1X2U2CDHKlcUlqkUYuLJY7164pWMa1pxTMNErEupyxTvci8KHGVWkfzyOB%2BhjhAdpqS7uPJyfIvTvBQKLYW3VJQxb6cePI4mlWz6BdZdS1mwfeOB2sLj8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78a5f49ccfd7b51b-OSL
alt-svc: h2=":443"; ma=60
mypornvid.fun/
301 Moved Permanently 162 B IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: mypornvid.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html
content-length: 162
location: https://mypornvid.fun/videos/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.godaddy.com/
200 OK 7.6 kB IP
Hash 32de22a14de12acaf5790e0e509221c4
efc6b34483c3d53edced6faab083aa51e75f5fc2
d8b2dd49c94a96071c2d3133f08dcdddd742c6adfe85f82b8a05a82c681475f8
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 16 Jan 2023 00:46:30 GMT
Expires: Tue, 17 Jan 2023 00:46:30 GMT
ETag: "01fe19cb7a58d575512a580d94df21cefa80cba3"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 2c104d87bd5df23c731f0e1fe1e70337
fa77c4ee4662e4d10187d6a4dfb040717be720ec
f0e3fad134a782600dcc460c124d83ae7fa0315c864938cff94ce4360ebc24df
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F0E3FAD134A782600DCC460C124D83AE7FA0315C864938CFF94CE4360EBC24DF"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8178
Expires: Mon, 16 Jan 2023 12:08:15 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
okashik.atype.jp/images/104-ops-006/1.jpg
200 OK 209 kB URL HTTP/1.1 okashik.atype.jp/images/104-ops-006/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 209 kB (209444 bytes)
Hash b0d35870db286199d9fae08f5f311d8d
dcc4bdcda60e5ffd807726176b49640cf9603f51
d0de3a261384bf11bae4b17b12409f5576ae5b3dc3a22e0e516f5615bb9c3c09
GET /images/104-ops-006/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:03 GMT
ETag: "e42821-33224-5c439c78d1ac5"
Accept-Ranges: bytes
Content-Length: 209444
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/104-ops-026/1.jpg
200 OK 230 kB URL HTTP/1.1 okashik.atype.jp/images/104-ops-026/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 230 kB (230306 bytes)
Hash 61f2ad2ea8777b8cee55552d41ce4dd5
1aa824482c3edbb3150efd161ffad91767df2b46
0947380ece28cb33258ab5aa80bcefea8ae5bba8b8004a8f19edf675f07844f2
GET /images/104-ops-026/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:16 GMT
ETag: "e42989-383a2-5c439c849a465"
Accept-Ranges: bytes
Content-Length: 230306
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
ugc-img.ifengimg.com/img/2021/8/24/27416954-1251-4878-bfa2-09f8601609cb_w1620_h1080.jpeg
200 OK 316 kB URL HTTP/1.1 ugc-img.ifengimg.com/img/2021/8/24/27416954-1251-4878-bfa2-09f8601609cb_w1620_h1080.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1620x1080, components 3\012- data
Size 316 kB (316023 bytes)
Hash f8cbae3610a854b62373a66d3951278f
72c75a68c2ffc7cb837f7dd925d58b63d73338b0
9078e524af121b3dd130090f80e8f047ba01ab0088acc78f6ccf0a99f9e71eb2
GET /img/2021/8/24/27416954-1251-4878-bfa2-09f8601609cb_w1620_h1080.jpeg HTTP/1.1
Host: ugc-img.ifengimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Tue, 24 Aug 2021 02:25:51 GMT
Etag: "72c75a68c2ffc7cb837f7dd925d58b63d73338b0"
Content-Type: image/jpeg
Date: Sat, 14 Jan 2023 23:08:04 GMT
Server: tencent-cos
x-cos-hash-crc64ecma: 13380243902618079044
x-cos-request-id: NjNjMzM1ZDNfYTcwZWYyMDlfMjBmZmRfNGFhMjliNg==
Content-Length: 316023
Accept-Ranges: bytes
X-NWS-LOG-UUID: 2898364634357355470
Connection: keep-alive
X-Cache-Lookup: Cache Hit
Access-Control-Allow-Origin: *
pornmaster.fun/favicon.ico
301 Moved Permanently 162 B URL HTTP/2 pornmaster.fun/favicon.ico
IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornmaster.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/favicon.ico
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a5aacfbecc4b2e6ef0690447b29a4368
82dfdb46d744c9fea7ac2f98c5195c1dd6ded978
6b3c2487561276b12a44230565307286618cf52f3c022003f3e12eb235778a77
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B3C2487561276B12A44230565307286618CF52F3C022003F3E12EB235778A77"
Last-Modified: Mon, 16 Jan 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1857
Expires: Mon, 16 Jan 2023 10:22:54 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
ocsp.sectigo.com/
200 OK 472 B IP
Hash a85a1fae2c084137284f4a983ca55a67
a52a66712cb7f17b732ca74db253ce62cab64eff
055dce813a5849fe2583f5495faf7712fac63e7b5a8c4e52c9b230d71692854f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 14 Jan 2023 22:54:15 GMT
Expires: Sat, 21 Jan 2023 22:54:14 GMT
Etag: "a52a66712cb7f17b732ca74db253ce62cab64eff"
Cache-Control: max-age=478336,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78a5f49c3fe9b4f1-OSL
mixerovideo.jp/favicon.ico
200 OK 1.2 kB URL HTTP/1.1 mixerovideo.jp/favicon.ico
IP
ASN #2497 Internet Initiative Japan Inc.
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash f30b5ed270a57eabea60beb935e2b800
c1492fee679e0d1b8b9616ff2a7c27a53a5ed792
28483803ba537e11aad283f0732e4277d8272d951ad0e32655528cd906ffdfb6
GET /favicon.ico HTTP/1.1
Host: mixerovideo.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: openresty
Date: Mon, 16 Jan 2023 09:51:56 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 27 May 2013 05:14:38 GMT
Connection: close
ETag: "51a2ebbe-47e"
X-Ci: c1003n
Accept-Ranges: bytes
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP
Hash 5e3aaccad6053b11b8caec931d731185
76f1209c59a22000a118c6fa21274e3144aabece
8ceecc2b080f5aa9b71d7842086b7b451b7571418ccab6802bafd44b1d3c96e0
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
200 OK 346 B IP
ASN #20940 Akamai International B.V.
Hash 8607574c61c28c96a00a64a69a444d17
9d7b389a751989625453bff83f7c8c336b5f2b53
89e08777afe9ed64b0d81af7230f5a775738401ba76339c949dc99379579cf23
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "89E08777AFE9ED64B0D81AF7230F5A775738401BA76339C949DC99379579CF23"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3094
Expires: Mon, 16 Jan 2023 10:43:31 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
okashik.atype.jp/images/112-snm-040/1.jpg
200 OK 292 kB URL HTTP/1.1 okashik.atype.jp/images/112-snm-040/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 292 kB (291832 bytes)
Hash 09ef29c78da0f674625a3de790c57e43
9d5849e1eeec84178d2a725b10683dd2616c75dd
5d781a8cd05e2b5c3c26d08893c32683093df687d8cb9b3674f2efad33deef92
GET /images/112-snm-040/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:03:56 GMT
ETag: "ec167c-473f8-5c43a15c7b35d"
Accept-Ranges: bytes
Content-Length: 291832
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/2117-ohi-009/1.jpg
200 OK 104 kB URL HTTP/1.1 okashik.atype.jp/images/2117-ohi-009/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 150x150, segment length 16, comment: "Created with GIMP", baseline, precision 8, 450x634, components 3\012- data
Size 104 kB (103983 bytes)
Hash 598d554ea89f0b887ab1a37f5a646e2e
37c53c3a3db9556e8b72601146e836a4d2f1b48f
0f7cda25b4ea2c5e5c8e3c1d330591989b11899808dbc1493c7e1902fffe2d60
GET /images/2117-ohi-009/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:56 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:09:47 GMT
ETag: "ee0e39-1962f-5c43a2aba574d"
Accept-Ranges: bytes
Content-Length: 103983
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8413c3485391fd84c01d114279419545
efab5ca43469f50799f95802e2178b5536aedeb1
249b5684f792f1dff0e3544e0a21edb53f8547b64f408287477ab6a8c04ed6e2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "249B5684F792F1DFF0E3544E0A21EDB53F8547B64F408287477AB6A8C04ED6E2"
Last-Modified: Mon, 16 Jan 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1390
Expires: Mon, 16 Jan 2023 10:15:07 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 95fe38acf019d9f548454921b26ab5d1
9ff9c8e69d6c2605d27fd54468701ff3b496c005
0fe2c30b482247b4ba8ae369aee4fde0c12daed10c7ae1e312ee96cc41940429
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FE2C30B482247B4BA8AE369AEE4FDE0C12DAED10C7AE1E312EE96CC41940429"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4502
Expires: Mon, 16 Jan 2023 11:06:59 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
okashik.atype.jp/images/106-taskj-070/1.jpg
200 OK 407 kB URL HTTP/1.1 okashik.atype.jp/images/106-taskj-070/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 407 kB (407279 bytes)
Hash 3d537489b9120c66e4286765e999db14
d310dcd78fb5674c029f8f90305e7ec4a20b159d
c23a51a55f97cff3f5e5df940d15af956aa4831d582d5fac85dd0e5e89c9a2bb
GET /images/106-taskj-070/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:55 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:47:36 GMT
ETag: "e804e3-636ef-5c439db65424d"
Accept-Ranges: bytes
Content-Length: 407279
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: image/jpeg
www.liaoai3.xyz/favicon.ico
404 Not Found 4.8 kB URL HTTP/1.1 www.liaoai3.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF, LF line terminators
Hash a2b296ff500dbf8be24d49ec6096fe92
4f5815f0b7f968916d5c11a219058a7788986d13
c7d972f5ce111c70a18a6e733e87ae036bd8684995c3a517cca63c14f8e7f267
GET /favicon.ico HTTP/1.1
Host: www.liaoai3.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=clrbvas7j7mbl6hashulr5k8b6; path=/
kt_referer=http%3A%2F%2Fjp.co-vid.win%2F; expires=Tue, 17-Jan-2023 09:51:57 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
kt_ips=91.90.42.154; expires=Tue, 17-Jan-2023 09:51:57 GMT; Max-Age=86400; path=/; domain=.liaoai3.xyz
Content-Encoding: gzip
www.youjizz.com/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 www.youjizz.com/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash cd65da5df2a2cfd472a198524ec61296
e51ea1800eec5985026a37498f4aa7044c757d04
321ac040acb1c782abf632960125319b8925361510e13b1a9dfd904a9e733515
GET /favicon.ico HTTP/1.1
Host: www.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Tue, 25 Feb 2020 06:57:19 GMT
etag: "5e54c54f-10be"
accept-ranges: bytes
set-cookie: RNLBSERVERID=ded6583; path=/
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
x-request-id: 63C51E3C-42FE72F201BB1D44-113E52A
e1.o.lencr.org/
200 OK 345 B IP
ASN #20940 Akamai International B.V.
Hash 84712a90b303f0ca2b5f60c0d5028df7
41e8e18403b5c5f7f6da092af4ec320e937df410
679b958bf10edd1f1bbb5575022489ed19b2262b9720d0e660673f18e01a4cba
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "679B958BF10EDD1F1BBB5575022489ED19B2262B9720D0E660673F18E01A4CBA"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3831
Expires: Mon, 16 Jan 2023 10:55:48 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
www.nanrenb.xyz/favicon.ico
301 Moved Permanently 324 B URL HTTP/1.1 www.nanrenb.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3a558af21182f1446ae9694d8212b911
a91a7ba0ec775e8b072cf97b7baba8c405ba8f94
daa741a8c619361d0d1ac78be851155f0493488f22398c77bcb5f6543958af83
GET /favicon.ico HTTP/1.1
Host: www.nanrenb.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://jp.co-vid.win/
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 324
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://www.nanrenb.xyz/favicon.ico
ocsp.digicert.com/
200 OK 471 B IP
Hash 88c788b40e2b24a45f18277e8f50f430
127dfe33e0070d4a70699eb501da484d1cea0f37
c6ab6a005704aa1f170a906e6424f7ada936ab5465d05088d5ee5a366deee06c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3806
Cache-Control: max-age=170651
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:57 GMT
Etag: "63c506fa-1d7"
Expires: Wed, 18 Jan 2023 09:16:08 GMT
Last-Modified: Mon, 16 Jan 2023 08:12:42 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 88c788b40e2b24a45f18277e8f50f430
127dfe33e0070d4a70699eb501da484d1cea0f37
c6ab6a005704aa1f170a906e6424f7ada936ab5465d05088d5ee5a366deee06c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:57 GMT
Etag: "63c3b59e-1d7"
Server: ECS (amb/6BA0)
Content-Length: 471
mrjav.net/
200 OK 16 kB IP
Hash 27a5d80ed10a7e9b09c09a1b7cbca114
8ebf483418b554e17fe1cbbb35fcfc8594786487
6200bbc198a9b7059729c093b618fd61633e1143c8c880a40216f4c214b55547
GET / HTTP/1.1
Host: mrjav.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33
Set-Cookie: Angie_e9694da344=4706f9657bec2823dc209f7c4677528c; path=/
Pragma: no-cache
Last-Modified: Mon, 16 Jan 2023 09:51:57 GMT
Expires: Mon, 16 Jan 2023 09:52:57 GMT
Cache-Control: max-age=60
Content-Encoding: gzip
www.qiqu9.xyz/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 www.qiqu9.xyz/favicon.ico
IP
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash ce94747bb0dea683fd420d4764ac487d
e874006f6da2ce8f3fabbfea5b8ed85aa69e6d06
aafd5ce83fcd211faadd4cda72da4f98b1a471004c718b0e65a5da1e879b0886
GET /favicon.ico HTTP/1.1
Host: www.qiqu9.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: image/x-icon
Content-Length: 4286
Last-Modified: Sun, 02 Oct 2022 05:49:31 GMT
Connection: keep-alive
Keep-Alive: timeout=60
ETag: "6339266b-10be"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
www.tokyomotion.net/favicon.ico
200 OK 22 kB URL HTTP/1.1 www.tokyomotion.net/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash e7a9ffd5e704d4f7bced88b4e7c23ecd
44d6c52d7136e0e683d028d2afe342bebe65bee4
146997d8abd3bff9027614a850a6f71568bd83019c041e897675c712fcbf4f26
GET /favicon.ico HTTP/1.1
Host: www.tokyomotion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
server: Apache
last-modified: Fri, 16 Sep 2022 10:17:32 GMT
etag: "576e-5e8c8ab827106"
accept-ranges: bytes
content-length: 22382
content-type: image/vnd.microsoft.icon
okashik.atype.jp/favicon.ico
302 Found 220 B URL HTTP/1.1 okashik.atype.jp/favicon.ico
IP
ASN #2527 Sony Network Communications Inc.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash defd284fb78bef18e9374a9382c93719
736e7e68516b7f0377f6f205ebde660d5bebb78c
c5a8b78b16f83baec833a97646ca463043fe9406cab23b321c4da95ecb778204
GET /favicon.ico HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Location: https://okashik.atype.jp/favicon.ico
Content-Length: 220
Keep-Alive: timeout=1, max=150
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
200 OK 935 B IP
ASN #20940 Akamai International B.V.
Hash 1bfcb50284f9cda0a6de813d13f93e07
c713c88b62d2261863358510270594712fc3c2e2
fdc15a0ee27456e86cd27636068e813b417bcc81f3f8f48a5f900bc89455663c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD9C93EA746B2AFE54BA51312D9505646230D9DAC4D10918A0A300CF8D35363A"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9565
Expires: Mon, 16 Jan 2023 12:31:22 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
hifimov.co/favicon.ico
200 OK 1.2 kB IP
ASN #399045 DEDIOUTLET-NETWORKS
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash b4f251d3904c06d03eca94cd26d2c03f
957b9afa61b7c9caf7f9ac8917c0ff042b353f1b
840e212b5e59880e5e710d8b6ce75538fb221036710d6736bd61e292db4d26c7
GET /favicon.ico HTTP/1.1
Host: hifimov.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: image/x-icon
content-length: 1150
last-modified: Sat, 28 Sep 2019 20:03:00 GMT
expires: Mon, 23 Jan 2023 09:51:57 GMT
cache-control: max-age=604800
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/Uzl9FVb0AGo
IP
Hash 5e3aaccad6053b11b8caec931d731185
76f1209c59a22000a118c6fa21274e3144aabece
8ceecc2b080f5aa9b71d7842086b7b451b7571418ccab6802bafd44b1d3c96e0
POST /s/gts1p5/Uzl9FVb0AGo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 16 Jan 2023 09:51:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
86348fp.buzz/favicon.ico
301 Moved Permanently 166 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3ea1c8d079b38532a6e01a96216ba5e2
598d3ff91d3e252f1e13df8cf0348b270ff2da3f
87a9323ac85ce28867d5d7ce590c8f29b8d1a999961fca71bb33adef48683691
GET /favicon.ico HTTP/1.1
Host: 86348fp.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: openresty
date: Mon, 16 Jan 2023 09:51:47 GMT
content-type: text/html
content-length: 166
location: https://86348fp.buzz/
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.reddit.com/favicon.ico
200 OK 2.4 kB URL HTTP/2 www.reddit.com/favicon.ico
IP
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4f450017f68decfda3027242b57e4811
3bceac8d2b1869b991c2d03de385354a05fca2ec
3fcb0febd3450b5edbd536a86dbfe6dd7bad6bd39d3976801b069e14d15da5d3
GET /favicon.ico HTTP/1.1
Host: www.reddit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Jan 2019 21:19:55 GMT
etag: "4f450017f68decfda3027242b57e4811"
content-type: image/vnd.microsoft.icon
accept-ranges: bytes
date: Mon, 16 Jan 2023 09:51:57 GMT
via: 1.1 varnish
strict-transport-security: max-age=31536000; includeSubdomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: public, max-age=86400
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.2, "failure_fraction": 0.2}
content-length: 2441
X-Firefox-Spdy: h2
okashik.atype.jp/images/112-cpsky-046/1.jpg
200 OK 82 kB URL HTTP/1.1 okashik.atype.jp/images/112-cpsky-046/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Hash d5c6d514ee8918d73014e83f55327250
36c754342181f2e9726959ec7f4cd5bbb19dcd6a
10902a25bdcd8facfbd7914f313c0d6bbeb737ecd2fb82456d8983808dcef01d
GET /images/112-cpsky-046/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 05:00:17 GMT
ETag: "ea2b56-14165-5c43a08bcfc6d"
Accept-Ranges: bytes
Content-Length: 82277
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
erosakuchan.blogterest.net/favicon.ico
200 OK 4.3 kB URL HTTP/1.1 erosakuchan.blogterest.net/favicon.ico
IP
ASN #59253 Leaseweb Asia Pacific pte. ltd.
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash fb91f30211964b611bf39955e0938076
b0fb1b9af61280950dfee4bbcc8a077466751203
4472d39e6d2ec3fffc6b274160e858e3f0e9292f9e26f2aa1f801a8879c6a5a1
GET /favicon.ico HTTP/1.1
Host: erosakuchan.blogterest.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: image/x-icon
Content-Length: 4286
Connection: close
Last-Modified: Wed, 04 Apr 2018 05:49:31 GMT
ETag: "5ac4676b-10be"
Expires: Wed, 01 Feb 2023 09:36:47 GMT
Cache-Control: max-age=2592000
X-Cache-Status: HIT
Accept-Ranges: bytes
okashik.atype.jp/images/104-sig-024/1.jpg
200 OK 270 kB URL HTTP/1.1 okashik.atype.jp/images/104-sig-024/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 270 kB (270088 bytes)
Hash 47afdbc104a58ad9e79eabb2d2659119
8bea6f4b7e776e5f28810d7d4d60918fbe6446e9
67a10a99e9a3b545cb28d36e669cc05007d215ceb0d93e71a2527a53f4969aa4
GET /images/104-sig-024/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:50 GMT
ETag: "e600f2-41f08-5c439ca5bd2f5"
Accept-Ranges: bytes
Content-Length: 270088
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
86348fp.buzz/
302 Found 142 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
GET / HTTP/1.1
Host: 86348fp.buzz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: openresty
date: Mon, 16 Jan 2023 09:51:48 GMT
content-type: text/html
content-length: 142
location: https://hcxmiqadtm.tmvjaqa7vvc98uf3dggkkpydkmejoscauy.buzz:8443/
access-control-allow-origin: *
X-Firefox-Spdy: h2
okashik.atype.jp/images/104-sigd-005/1.jpg
200 OK 246 kB URL HTTP/1.1 okashik.atype.jp/images/104-sigd-005/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS3 Windows, datetime=2010:08:24 15:34:35], baseline, precision 8, 450x634, components 3\012- data
Size 246 kB (246318 bytes)
Hash 7daec1f712d3aff9aa04ff7991669d04
d16ffbdb0c5b46af1f717b01c6a5da21c841892c
d615d836416d366de3cd69e7bda3769f0ac0e612670da612e25ada469d2dfacd
GET /images/104-sigd-005/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:53 GMT
ETag: "e60156-3c22e-5c439ca8d00cd"
Accept-Ranges: bytes
Content-Length: 246318
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
okashik.atype.jp/images/104-ops-002/1.jpg
200 OK 229 kB URL HTTP/1.1 okashik.atype.jp/images/104-ops-002/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 229 kB (228917 bytes)
Hash 2e7ccb9cb2020df958a007081731a519
34b1d2a556acec03da38f72fa255813ab580d40f
1ecc7448e79312556da23570f8509c4fb56617df259ea7a4d7d9ac965fc51ea4
GET /images/104-ops-002/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:00 GMT
ETag: "e427d0-37e35-5c439c75eea8d"
Accept-Ranges: bytes
Content-Length: 228917
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=148
Connection: Keep-Alive
Content-Type: image/jpeg
www.dmm.co.jp/favicon.ico
301 Moved Permanently 198 B URL HTTP/2 www.dmm.co.jp/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 4b4e14e78cc1cfeaff2be86686a7872d
45a095fc2374b08181d51e199e08955232fa2414
3c656afd70b573701e1cdd886340dd79bff1834c6f47ab8daed47f04c03a4e6f
GET /favicon.ico HTTP/1.1
Host: www.dmm.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=iso-8859-1
content-length: 198
location: https://p.dmm.co.jp/p/favicon.ico
date: Mon, 16 Jan 2023 09:51:57 GMT
server: Apache
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sn_iYB9MYIyXROzMeXsfE9F6T6q9ZV_8QwJ7KhUzEwehnduux5nFFQ==
X-Firefox-Spdy: h2
ura001.dtiblog.com/favicon.ico
301 Moved Permanently 175 B URL HTTP/1.1 ura001.dtiblog.com/favicon.ico
IP
ASN #30212 HYPERMEDIA-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 542326939f4555617da834c7b8d77657
8f18d6d27726d760dc031f2e169049e6ead2401e
df1ab7c3007109ad4dc39d1d8530385470ce86b54ea906c32f7e74ed68fcc4b1
GET /favicon.ico HTTP/1.1
Host: ura001.dtiblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: text/html
Content-Length: 175
Connection: keep-alive
Location: https://click.dtiserv2.com/redir.fcgi?click=1432&site=103&b=14321&lang=tokyo
X-Sh: 105
Strict-Transport-Security: max-age=31536000
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash eb7184a1030882f7255f9213a5240af1
fa9dc17feb6ce3da6cfdafa2774e43b879ec09ed
e2ebbce278fc5edfdb60f7958221accca2a1defef0155dbd3e9821172ff665fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2EBBCE278FC5EDFDB60F7958221ACCCA2A1DEFEF0155DBD3E9821172FF665FD"
Last-Modified: Sun, 15 Jan 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8689
Expires: Mon, 16 Jan 2023 12:16:46 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 298b68d99ff7798a988319d6201774d3
587bb5f229ec0938e237fe746f15f2d560ecbb17
0c2ffb4d3e6f0b2f4275d4a268e39b5e0a29fa251da246dc22c47d4cfd896fe8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0C2FFB4D3E6F0B2F4275D4A268E39B5E0A29FA251DA246DC22C47D4CFD896FE8"
Last-Modified: Sat, 14 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7023
Expires: Mon, 16 Jan 2023 11:49:00 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
www.1pondo.tv/moviepages/092415_001/images/str.jpg
200 OK 104 kB URL HTTP/1.1 www.1pondo.tv/moviepages/092415_001/images/str.jpg
IP
ASN #30212 HYPERMEDIA-SYSTEMS
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 960x540, components 3\012- data
Size 104 kB (103890 bytes)
Hash a1e09365c87ac82acc7e5f7888cc1c80
d909eb882b6c557f565194352d63f9b347a524a7
401cad75f312106df06cee9b50a48f08308e6366f80403277add381adfc4b9ff
GET /moviepages/092415_001/images/str.jpg HTTP/1.1
Host: www.1pondo.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: image/jpeg
Last-Modified: Fri, 11 Sep 2015 13:50:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"55f2dc30-195d5"
Referrer-Policy: no-referrer-when-downgrade
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash ad94927c346187b654344859358cbc4c
838168e60d95af522207d54fe67c5962d519e848
d697ffc279ac514cc3dd63cc9ebbac97d05c93b4a610e2f463944b36bf1ca5ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D697FFC279AC514CC3DD63CC9EBBAC97D05C93B4A610E2F463944B36BF1CA5CE"
Last-Modified: Sun, 15 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16950
Expires: Mon, 16 Jan 2023 14:34:27 GMT
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
pornking.fun/favicon.ico
301 Moved Permanently 162 B IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /favicon.ico HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
200 OK 2.7 kB URL HTTP/2 notification.tubecup.net/tags?tag_id=23782&timezone_olson=UTC&version_name=d
IP
ASN #24940 Hetzner Online GmbH
Hash e77e59798362f429a6972992d4f5eb2f
29bfd494e3f5fc9ea3c2ad9d42183e82443a0fba
846edb0cd8432f2745d251d59c196f21279b5f507a76d6673924328f88c01adf
GET /tags?tag_id=23782&timezone_olson=UTC&version_name=d HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: application/json
content-length: 2581
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
okashik.atype.jp/images/104-sig-022/1.jpg
200 OK 293 kB URL HTTP/1.1 okashik.atype.jp/images/104-sig-022/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 450x634, components 3\012- data
Size 293 kB (293218 bytes)
Hash c391f6b53913dcc1dd7555f85d17554f
06552f90664936ddf7b55c7dddcacc41ac1d141b
152304fffa1466b03b7e79974e32989c6ed423367e3564c0c04a086148d3118d
GET /images/104-sig-022/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:49 GMT
ETag: "e600ca-47962-5c439ca4b832d"
Accept-Ranges: bytes
Content-Length: 293218
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
fp.metricswpsh.com/fp?tag_id=23782
204 No Content 0 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Mon, 16 Jan 2023 09:51:57 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://jp.co-vid.win
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
javmobile.mobi/favicon.ico
200 OK 11 kB URL HTTP/2 javmobile.mobi/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash c25860e94c859034334f0eacb3a5b387
3124212f8c92633fd007bd94df93ec12d82604ee
031296f14702ab39cf000d741ccbb58a8aafb58d759b9ad4a7721ab54bc0b450
GET /favicon.ico HTTP/1.1
Host: javmobile.mobi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Sun, 14 Nov 2021 23:47:51 GMT
etag: W/"6191a027-3aee"
expires: Wed, 08 Feb 2023 03:15:14 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 628602
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lde3SrKUQxfnofRQR75zsi0Sz4GiduPyO6CeTLJSes1dh4igW%2Bq3DWoIISBpWvj7K9GZs3Mvs1k91aaBnv%2BoO8QqoyVVzys9RMn%2Ba9vxBf7wdAzUVlM5s6lh8i0UW8TUJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49819c7f3fb-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornking.fun/
301 Moved Permanently 162 B IP
ASN #399045 DEDIOUTLET-NETWORKS
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET / HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html
content-length: 162
location: https://pornking.fun/hd/
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
okashik.atype.jp/images/104-sws-001/1.jpg
200 OK 116 kB URL HTTP/1.1 okashik.atype.jp/images/104-sws-001/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2009:02:09 18:44:08], progressive, precision 8, 450x634, components 3\012- data
Size 116 kB (115473 bytes)
Hash 2301fb9d2bac6bb29c0a8e8cbe4b380f
a0b511af7407aa8a1bc8be9f7acbb80beac63529
dedee03f27df3faa2e38141a76717a2fbf1ad8cbf663bfc2cb565ef153dabbaa
GET /images/104-sws-001/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:57 GMT
ETag: "e601e2-1c311-5c439caca05e5"
Accept-Ranges: bytes
Content-Length: 115473
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=149
Connection: Keep-Alive
Content-Type: image/jpeg
rz.nakadashi.pw/v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3
200 OK 597 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 469e33c79a3a618f9788569cbad423fd
d98d5bc17a9fb62be40ef99e4abe077d74d25db6
50f3e3136554b6ce717ffde2fa0f50d889da91323be11ec77f41f241e9dd2825
GET /v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/5a/44/4fbc72, lfm-1-56731, lmd-56731, lud-1222651, xfvlen-2900599, fsize-810639, played-274
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114219/c0930-hitozuma0663-fhd-hisae-kiura-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fjvPanovRX6%2Bv2US%2BP1qXIOYfhGLtUK%2BsVc63TxkdctchTkkpdd3M5Kl3pG5amMX1OwSzt2eLMgOORiDOfo5rRcjHi651sMh%2FgHffDuMYJMEWGeKBriLq%2BtXc6h82R76EHs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a19c7e23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3
200 OK 355 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 36f76ca4f3fc79f2658489cdb21a8fdf
707f4a7bd065c17a1bf1f9b106f47405e83ba5fa
1e15ded52fd5fdd3afb7c95ddfee3e3816342131c50aaffa24434a1565eae1da
GET /v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/cc/15/0295124, lfm-1-7897, lmd-7897, lud-1584331, xfvlen-1599754, fsize-505160, played-38
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/94814/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019006/?playlist=24783/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NztqnHUMH6OcA3ea8LiL%2FwuXfVRdrMQJmCoAA2Rpbm5F9lHxKrkiSslPj8eOFAs3aGZsty7%2FhbS9hYgvaxCjoUt5JOo6b5%2Bv2XcQ8GA1PkNp14yPd4NPvOJq4IHg8BuhqL4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bfe23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3
200 OK 4.5 kB URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1924)
Hash 7a1c53001effd0b2e4e8fbba671e4c5a
8175ce36509971b74db513ba78d6cea3c4b18076
bb615af6d17c1313a4c8257857ccb3e0fb40d176f86b6f84d0deda76517cf0bc
GET /v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e7/df/037d72, lfm-1-32309, lmd-32309, lud-1064242, xfvlen-3111911, fsize-778261, played-67
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114226/c0930-hitozuma0671-fhd-hisae-kiura-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgaxU4HJOpvNHSmdLseLaODAVtUUAEeu5Egd5kTfv3J5KYbS2%2FQlGB7TL9Evg1uZKJ0dtcxteET8yUTZ7x8tu%2FXxnoajb7zq9uW9qv99P%2FD9JTZb5r%2F4DtZ1UN40lJWmgK8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a19c7d23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3
200 OK 268 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash a5acd43489fae103618d96f62cef6b3a
8bf138c48112ef7042439fce68419dca521f3ae0
ca83a0ffc73b26cf9acd8b5a45f74e927ab471dcbad948268340dfc41e3c1328
GET /v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/44/63/a75171, lfm-1-3281, lmd-3281, lud-1429455, xfvlen-2164819, fsize-633132, played-88
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114147/c0930-hitozuma0602-fhd-maiko-hosono/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DGjHVaJeHO8gxmn0Ss%2B3V8o3%2FlfnYEoBJ0c2atz4lsDF7j2RR8fwwKaGM9S9NgE%2B8t6SfoyO6JSXUiar%2FSX6NfhKJ0ENgW4RMJdm4XGJZ3J%2BVIlDZHd02T3exPPlPst%2BuAo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a19c7b23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-egc.xvideos.com/videos/thumbsll/02/7d/fc/027dfcf12e3d8c3ec25a6aa86d56e781/027dfcf12e3d8c3ec25a6aa86d56e781.20.jpg
404 Not Found 173 B URL HTTP/1.1 img-egc.xvideos.com/videos/thumbsll/02/7d/fc/027dfcf12e3d8c3ec25a6aa86d56e781/027dfcf12e3d8c3ec25a6aa86d56e781.20.jpg
IP
ASN #60068 Datacamp Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3674c9f9d4cb3aeda8a1dabcf83e21ce
e464bbf96e99f833d457531275b5f4e94d5f633d
d0defd1c3d57c0cc21ccf2602e742ba72684282cebaae43539b5b6c6d97ac5b7
GET /videos/thumbsll/02/7d/fc/027dfcf12e3d8c3ec25a6aa86d56e781/027dfcf12e3d8c3ec25a6aa86d56e781.20.jpg HTTP/1.1
Host: img-egc.xvideos.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 404 Not Found
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: sameorigin
Cache-Control: max-age=10368000, public
Access-Control-Allow-Origin: *
X-Accel-Expires: @1679501703
X-77-NZT: A8O1pg1lLUf/mK8AANRmOJwmaZL/H3lHAI/0Ot1Y7iXB
X-77-NZT-Ray: ffffffff0932a4b73e1ec56311887604
X-77-Cache: HIT
Server: CDN77-Turbo
X-Cache-LB: HIT, HIT
X-Age-LB: 4684063, 44952
X-77-POP: stockholmSE
Content-Encoding: gzip
rz.nakadashi.pw/v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3
200 OK 355 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3
IP
File type ASCII text, with no line terminators
Hash d5f4112353cbb3d627a6588487b34f66
7f7af767df1c9e4ecea3504d236e938d4b0e0ec9
de33c4ab82bae0253453f36483a3b800a4d0b910d2e96833cd0384db3f3930df
GET /v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e6/14/0d54106, lfm-1-7896, lmd-7896, lud-519236, xfvlen-2569630, fsize-820014, played-15
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/94818/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019004//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xFiJR%2FHvAfIYFAWo5cW7j4zUwpEPr6SNbgvmWnFWWhn4Xkimm%2BrK33%2Fhzn38LD%2FunzsOWvwq1uJTyyG88yd3pTyN9nudI%2FBJ2zhleEjx5O6bzX0AegjX9wuD61y6YvxBxI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0523be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
kissjav.li/media/videos/tmb/000/097/411/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/097/411/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/097/411/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 0523669dbd9022827ab290fb4fb51ae4
5f16edbe208326cbe2b511c04efbb215e42d8005
e6cd7906534ef7776ddd2d7622c1afcd95eb7bdd5ed58fa2af6bd44c049c6360
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 16 Jan 2023 09:51:57 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 15 Jan 2023 21:12:57 GMT
Expires: Mon, 16 Jan 2023 21:12:57 GMT
ETag: "5f16edbe208326cbe2b511c04efbb215e42d8005"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
okashik.atype.jp/images/104-ops-023/1.jpg
200 OK 252 kB URL HTTP/1.1 okashik.atype.jp/images/104-ops-023/1.jpg
IP
ASN #2527 Sony Network Communications Inc.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 450x634, components 3\012- data
Size 252 kB (251500 bytes)
Hash 8bef2da112c39ac8dcfecca19098b5d7
343f455bf3f2c271ba103a5213e2344f95520e5a
941bc69ab850644998edf3f48567539cca88bd6900b4fec788138290dabc0019
GET /images/104-ops-023/1.jpg HTTP/1.1
Host: okashik.atype.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Tue, 08 Jun 2021 04:42:14 GMT
ETag: "e42961-3d66c-5c439c835dde5"
Accept-Ranges: bytes
Content-Length: 251500
Access-Control-Allow-Origin: *
Keep-Alive: timeout=1, max=148
Connection: Keep-Alive
Content-Type: image/jpeg
rz.nakadashi.pw/v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3
200 OK 344 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 06332022dfd9d8f1c7ef9882764a86f2
c0ae5215c48ea125aaf2a6c00ef3f011e1498ff8
ac7bc0b7c7c461604c730b36796085477dc899947471c21057a3bfd0ff987c5d
GET /v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/e2/4f/09ab112, lfm-1-20569, lmd-20569, lud-2888149, xfvlen-2243267, fsize-816313, played-155
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/88194/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019001//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JuKf%2BSkdVttO6cI18wYukgNwNu1CNScbvHOX6AgkZfImJHpC745KTPgbHxLq4YSPZ9UZvaaLJLYdrftH9itN7uGel0QONn0auE8MrdPXzQXYBkD8F8y0s55kacbW6KFe2G8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a19c7723be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fp.metricswpsh.com/fp?tag_id=23782
200 OK 28 B URL HTTP/1.1 fp.metricswpsh.com/fp?tag_id=23782
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , ASCII text
Hash e3af49472d683a217237a6ebaf79bcb7
378db4d7e6171a2676ee15c80b4475d7f5ec9742
7714898d715fb8b1ce7a1de73e0e7c9f6394acc8a08cf1a3b342a7829d4de84a
POST /fp?tag_id=23782 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 22293
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 28
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://jp.co-vid.win
Set-Cookie: id=16009071310055897931; Expires=Tue, 16 Jan 2024 09:51:58 GMT; Secure; SameSite=None
Vary: Origin
www.nanrenb.xyz/favicon.ico
404 Not Found 5.3 kB URL HTTP/1.1 www.nanrenb.xyz/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (320), with CRLF, LF line terminators
Hash fbf4862952231540aee24204516fec12
7189823bbca5dca1b7aeaf61e7a64178f1f9e06a
a9ed89371545aa375277fc50d33ac7d9df233df6abda90fdc60be59ad9a0f64d
GET /favicon.ico HTTP/1.1
Host: www.nanrenb.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=60
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=2kp68jehbg783tiaosn64fi4h7; path=/
kt_referer=http%3A%2F%2Fjp.co-vid.win%2F; expires=Tue, 17-Jan-2023 09:51:58 GMT; Max-Age=86400; path=/; domain=.nanrenb.xyz
kt_ips=91.90.42.154; expires=Tue, 17-Jan-2023 09:51:58 GMT; Max-Age=86400; path=/; domain=.nanrenb.xyz
Content-Encoding: gzip
click.dtiserv2.com/Click1432/14321-103-2
301 Moved Permanently 191 B URL HTTP/1.1 click.dtiserv2.com/Click1432/14321-103-2
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 071fd8ecafea25912fcd3ac36da047f8
1df9fbcde3170de426d4ca7fa23870e69ac7f5a7
6a0441175769a66b712c9e317a0c46df05120400370b4f9fc9828d30e9338b08
GET /Click1432/14321-103-2 HTTP/1.1
Host: click.dtiserv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: text/html
Content-Length: 191
Location: https://click.dtiserv2.com/Click1432/14321-103-2
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Via: 1.1 google
ccdb8b0a9f.f1bb4e5049.com/2a443bc5a9d63adc852dc685b0350637.js
200 OK 77 kB URL HTTP/2 ccdb8b0a9f.f1bb4e5049.com/2a443bc5a9d63adc852dc685b0350637.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash adef0748a9eed64ebff391309209cd35
9b152737ad7a5a5a2d50b3a152212db6cec08ecb
07d7d9983d442623eb93db3898b2a6db3d9806a05c4ea0d7386971161aee7234
Analyzer Verdict Alert quad9 Sinkholed
GET /2a443bc5a9d63adc852dc685b0350637.js HTTP/1.1
Host: ccdb8b0a9f.f1bb4e5049.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 15:32:02 GMT
etag: W/"63c17972-4b8fc"
content-encoding: gzip
expires: Mon, 16 Jan 2023 09:56:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
ccdb8b0a9f.f1bb4e5049.com/286566bbb49e31cac4692b9ada3f4309.js
200 OK 27 kB URL HTTP/2 ccdb8b0a9f.f1bb4e5049.com/286566bbb49e31cac4692b9ada3f4309.js
IP
ASN #39572 DataWeb Global Group B.V.
Hash c2719d6afcb2379628c9117a0efd4788
23e11e1d63d0f95f2c358fc06087d789c3e3a6ef
0e848fe36a1685b46001ca4663d1493751670b4d963e6403854ba9fb9ee17d4a
Analyzer Verdict Alert quad9 Sinkholed
GET /286566bbb49e31cac4692b9ada3f4309.js HTTP/1.1
Host: ccdb8b0a9f.f1bb4e5049.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Wed, 07 Dec 2022 08:28:22 GMT
etag: W/"63904ea6-16019"
content-encoding: gzip
expires: Mon, 16 Jan 2023 09:56:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
1273ddea5a.5a114f2436.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDY3NzUxMzE2MDA2MzQ1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMTEsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IiVFOSU5NSVCNyVFNyU5QiVCOCVFNyU5QSU4NCVFNSU4RiVBRiVFNiU4NCU5QiVFNyU5QSU4NCVFNSVBNiVCOSVFNSVBRCU5MCVFRiVCQyU4QyVFNyVCNSU5NSVFNyVCRSU4RSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSVFNiU4OSU4QiVFNiU4QyU4NyVFNiU5MSVCMyVFOSU4MCVCQyVFRiVCQyU4QyVFNCVCRSU4NiVFNSU5QiU5RSVFNiU4QSVCRCVFNiU4RiU5MiVFOCU4NyVBQSVFNiU4NSVCMCVFRiVCQyU4QyVFNyVCNSVBNiVFNyU5NCVCNyVFNSU4RiU4QiVFNSU4RiVBMyVFNCVCQSVBNCVFNyU4NCVBMSVFNSVBNSU5NyVFNyU4OSVCOSVFNSVBRiVBQiVFNyU4OCU4NiVFOCU4RCU4OSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSUyQ01PQVYuQ09NJTJDQWZyZWVjYVRWJTJDS29yZWFuJTJDQkolMkMyNzExMjAyMjAwOCVFQyU5NSU4NCVFRCU5NCU4NCVFQiVBNiVBQyVFQyVCOSVCNFRWJTJDJUVDJTk3JUFDJUVDJTg0JUIxQkolMkMlRUMlOTUlOEMlRUIlQUElQjglMkMlRUIlODUlQjglRUMlQjYlOUMlMkMlRUIlQjAlQTklRUMlODYlQTElRUMlODIlQUMlRUElQjMlQTAlMkNBZnJlZWNhVFYlMkNWT0QlMkNLQkolMkNLT1JFQU4lMkNCSiUyQ0xFU0JJQU4lMkMxODA4MjAxOTAwNCUyQyVFMiU5NiVCNjAlM0EyMGMwOTMwLWhpdG96dW1hMDY3My1GSEQlMkNTaGl6dXJ1JTJDSGFyeXUlMkMyLiJ9
200 OK 0 B URL HTTP/2 1273ddea5a.5a114f2436.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDY3NzUxMzE2MDA2MzQ1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMTEsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IiVFOSU5NSVCNyVFNyU5QiVCOCVFNyU5QSU4NCVFNSU4RiVBRiVFNiU4NCU5QiVFNyU5QSU4NCVFNSVBNiVCOSVFNSVBRCU5MCVFRiVCQyU4QyVFNyVCNSU5NSVFNyVCRSU4RSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSVFNiU4OSU4QiVFNiU4QyU4NyVFNiU5MSVCMyVFOSU4MCVCQyVFRiVCQyU4QyVFNCVCRSU4NiVFNSU5QiU5RSVFNiU4QSVCRCVFNiU4RiU5MiVFOCU4NyVBQSVFNiU4NSVCMCVFRiVCQyU4QyVFNyVCNSVBNiVFNyU5NCVCNyVFNSU4RiU4QiVFNSU4RiVBMyVFNCVCQSVBNCVFNyU4NCVBMSVFNSVBNSU5NyVFNyU4OSVCOSVFNSVBRiVBQiVFNyU4OCU4NiVFOCU4RCU4OSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSUyQ01PQVYuQ09NJTJDQWZyZWVjYVRWJTJDS29yZWFuJTJDQkolMkMyNzExMjAyMjAwOCVFQyU5NSU4NCVFRCU5NCU4NCVFQiVBNiVBQyVFQyVCOSVCNFRWJTJDJUVDJTk3JUFDJUVDJTg0JUIxQkolMkMlRUMlOTUlOEMlRUIlQUElQjglMkMlRUIlODUlQjglRUMlQjYlOUMlMkMlRUIlQjAlQTklRUMlODYlQTElRUMlODIlQUMlRUElQjMlQTAlMkNBZnJlZWNhVFYlMkNWT0QlMkNLQkolMkNLT1JFQU4lMkNCSiUyQ0xFU0JJQU4lMkMxODA4MjAxOTAwNCUyQyVFMiU5NiVCNjAlM0EyMGMwOTMwLWhpdG96dW1hMDY3My1GSEQlMkNTaGl6dXJ1JTJDSGFyeXUlMkMyLiJ9
IP
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxMDY3NzUxMzE2MDA2MzQ1NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjIxLjEiLCJ0YWdfaWQiOjIzNzgyLCJzY3JlZW5fcmVzb2x1dGlvbiI6IjEyODB4MTAyNCIsImFkYmxvY2siOjAsInRpbWV6b25lX29sc29uIjoiVVRDIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjIuMTEsImlzX3YyIjoxLCJpc192Ml9lbXB0eSI6bnVsbCwidXNlcl9rZXl3b3JkcyI6IiVFOSU5NSVCNyVFNyU5QiVCOCVFNyU5QSU4NCVFNSU4RiVBRiVFNiU4NCU5QiVFNyU5QSU4NCVFNSVBNiVCOSVFNSVBRCU5MCVFRiVCQyU4QyVFNyVCNSU5NSVFNyVCRSU4RSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSVFNiU4OSU4QiVFNiU4QyU4NyVFNiU5MSVCMyVFOSU4MCVCQyVFRiVCQyU4QyVFNCVCRSU4NiVFNSU5QiU5RSVFNiU4QSVCRCVFNiU4RiU5MiVFOCU4NyVBQSVFNiU4NSVCMCVFRiVCQyU4QyVFNyVCNSVBNiVFNyU5NCVCNyVFNSU4RiU4QiVFNSU4RiVBMyVFNCVCQSVBNCVFNyU4NCVBMSVFNSVBNSU5NyVFNyU4OSVCOSVFNSVBRiVBQiVFNyU4OCU4NiVFOCU4RCU4OSVFNCVCOCU4MCVFNyVCNyU5QSVFNSVBNCVBOSUyQ01PQVYuQ09NJTJDQWZyZWVjYVRWJTJDS29yZWFuJTJDQkolMkMyNzExMjAyMjAwOCVFQyU5NSU4NCVFRCU5NCU4NCVFQiVBNiVBQyVFQyVCOSVCNFRWJTJDJUVDJTk3JUFDJUVDJTg0JUIxQkolMkMlRUMlOTUlOEMlRUIlQUElQjglMkMlRUIlODUlQjglRUMlQjYlOUMlMkMlRUIlQjAlQTklRUMlODYlQTElRUMlODIlQUMlRUElQjMlQTAlMkNBZnJlZWNhVFYlMkNWT0QlMkNLQkolMkNLT1JFQU4lMkNCSiUyQ0xFU0JJQU4lMkMxODA4MjAxOTAwNCUyQyVFMiU5NiVCNjAlM0EyMGMwOTMwLWhpdG96dW1hMDY3My1GSEQlMkNTaGl6dXJ1JTJDSGFyeXUlMkMyLiJ9 HTTP/1.1
Host: 1273ddea5a.5a114f2436.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 03f283b0a98cad1248916738afd3b219
3e0ddbe4d1db5efedb6dbc26436c7541cef7a40e
fc6ca8625785185d44d07292d99de863f4927ffa03d1d32f99b6b95a6363e57d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC6CA8625785185D44D07292D99DE863F4927FFA03D1D32F99B6B95A6363E57D"
Last-Modified: Sat, 14 Jan 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8984
Expires: Mon, 16 Jan 2023 12:21:42 GMT
Date: Mon, 16 Jan 2023 09:51:58 GMT
Connection: keep-alive
www.jav24.com/favicon.ico
200 OK 28 kB URL HTTP/2 www.jav24.com/favicon.ico
IP
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 46b50f334592999de808f68f4cfaa70f
3cb4dc8f4cbd575822a6a36e21d7e927496b46f6
6a40103f15d088fad2247902140d9c7acefa438255f18c8c3841f9dbd37b0ee8
GET /favicon.ico HTTP/1.1
Host: www.jav24.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Wed, 28 Dec 2022 15:41:05 GMT
cache-control: public, max-age=1800, stale-while-revalidate=300
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 6148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yFzlJ4TCrO2oBybQ9QG8C6%2FCJf2DPJlJAbFACGr0dSLkZw1L5zADjV0yEbr2MUcOdyyopfk1QOHcIUwOzKq85yuDz%2FZTr6WiFaohxD0iRos9LpOsg3xFPqV%2FDr%2FR3NAR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49c2fcbb506-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
18j.tv/
403 Forbidden 4.8 kB IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 108b33463d06d4c58414c4981341bbe8
5fc9614a21e80f35582d2a4d4cf720b4766b149c
1ec6d1331df802b5f2747475078a940050780a839bd07d434f65d381621c7e98
GET / HTTP/1.1
Host: 18j.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=afj8a9AzuJc%2B5JxWBWfSqm2iIvIOFbEb3hRs7%2BDo4iAQbY8AVEVN4sVkfr1sKVhO68a52GANZ94jylKI5nqfEwyOa61d7hrpLuTmT92w%2BOqoNHOsLAbspIA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49f4f39b50b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3
200 OK 683 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 2d35d59dde508251dd65329fb60a4aaf
5848877303328923578277eeb6db0cc92c91f90c
a387ef58dad3ebbf4cedc6e494e98c31caa4d3cbd5175d623191237a98f4cd49
GET /v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/71/ed/749d112, lfm-1-23397, lmd-23397, lud-2229816, xfvlen-2061175, fsize-643530, played-3
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/88199/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019002//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkOYj2BT2tBPl2UnYNtA4kPkUu6hskkE7AbbMv4EQtLCKQg%2Fzh5IuMl9uwawin2%2F5uiUlcGLXKBgX5V0AwOIZVlRK58VheW0Ug07GasaXcmXpkRijWNAxb%2BlVDT%2FqatiJwQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bed23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sample.heydouga.com/contents/4017/234/player_thumb.jpg
200 OK 327 kB URL HTTP/1.1 sample.heydouga.com/contents/4017/234/player_thumb.jpg
IP
Size 327 kB (327365 bytes)
Hash 8bf068da9622349d6770375b720c68f6
0cec925cb638860d7ad51aa287842c66328c1ac2
31f198263b56049b04e0ad6f6065fe712a36b6af3c5a354ddb9acb3de168e590
GET /contents/4017/234/player_thumb.jpg HTTP/1.1
Host: sample.heydouga.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:57 GMT
Server: Apache
Last-Modified: Mon, 01 May 2017 02:30:26 GMT
ETag: "4e7e4-54e6d34bc3e34"
Accept-Ranges: bytes
Content-Length: 321508
X-ServerID: hmedia-movies01
Strict-Transport-Security: max-age=63072000; includeSubdomains
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Age: 566
X-Cache-Detail: "cache hit" from sample.heydouga.com
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: image/jpeg
rz.nakadashi.pw/v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3
200 OK 231 B URL HTTP/2 rz.nakadashi.pw/v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 243045ced57681601ca55987b70e838b
8a92b0774832444fc8b0ebee27ed71bf61059c0b
f8a9c7cc1e4f441a8a79627686093ac9e23f2c39c8f63fc0aa70e1724ea3d3f7
GET /v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/91/2e/4707148, lfm-1-18556, lmd-18556, lud-439382, xfvlen-2600309, fsize-833905, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javdoe.to/watch/fc2-ppv-3107984-lt-somebody-help-me-gt-i-resisted-while-the-busty-gal-was-missing-but-i-took-turns-with-the-two-of-them-www-2weV/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DdvBRjf%2BQ5TZZJfn27%2F7TlTCJr0iN4QztsmqeXAnaTckQPzR5nXHOCxwBP%2BdRqeQuVIsZvAeLo%2BZvZ75UsvwNGmEO0EydqrubXyjlsiqUvk%2BtVnk0Z8ZdoQEp044m1Ub6ys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15beb23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3
200 OK 96 B URL HTTP/2 rz.nakadashi.pw/v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash a30e444f540091d6875c6debbd5bbc84
9e1ff48eacbbb06b489aa2dd42d2969556914c19
f42321d143630813913f96529bf484e81961e21766f68837e75b19aefd39d499
GET /v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/0a/05/4be0206, lfm-4-3167, lmd-3167, lud-24914, xfvlen-2755709, fsize-763177, played-30
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tokyomotion.net/video/839748/%E7%84%A1%E4%BF%AE%E6%AD%A3-fc2ppv-1074591-%E7%BE%8E%E9%A3%9F%E5%B1%8B-%E6%92%AE%E3%82%8A%E5%A8%98-o-%E5%9B%97-o%CF%88-%EF%BD%B2%EF%BE%80%EF%BE%80%EF%BE%9E%EF%BD%B7%EF%BE%8F%EF%BD%BD-%E4%B8%AD%E5%87%BA%E3%81%97-%E3%81%8A%E6%8E%83%E9%99%A4%E3%83%95%E3%82%A7%E3%83%A9-%E7%BE%8E%E4%B9%B3-%E7%BE%8E%E8%84%9A-%E3%82%A8%E3%83%AD%E7%BE%8E%E3%83%9C%E3%83%87%E3%82%A3%E5%A5%B3%E5%AD%90%E5%A4%A7%E7%94%9F-%E3%81%82%E3%82%84%E3%81%BF%E3%81%A1%E3%82%83%E3%82%93/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8XbQW2pMlNVg7myPK2HjpIvC8HwZ7ceSPTQu6A1gqEE4MePmQEljSwMtNubmAfEPoHtjG%2F6CaCb%2FzzI2wr0Dh30WVWNDjRymnzQcnOHTQTIdaz7jhuf%2BbYSJU7rALG7hQ6Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12baf23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3
200 OK 599 B URL HTTP/2 rz.nakadashi.pw/v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 7fb93489340abe919dffc767f4667136
4196de4e343bb348b82fba608221b728429e4e54
9ce96409650f3a02e7dba94eac5dea61792697edd59243e6148b2dc388c6864e
GET /v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/00/cf/6b17127, lfm-1-62412, lmd-62412, lud-301499, xfvlen-2637409, fsize-1134592, played-423
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tokyomotion.net/video/734810/karennshino-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-%E8%A5%BF%E9%87%8E%E8%8A%B1%E6%81%8B-part2-bfaa-006/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qablSZEwjP23JN7slnbGaLcTjqJtUhbBMw1wYIXAJ6q6mgnWZX4SsXMKlDZb6GfxJAz3%2FsA3dR1okfq93spmw0xkx2UuCz2ReSskdSJHB08lyDoPGJood0kQJ6krmYh9t3Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf923be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
click.d2pass.com/?md5%3D0a3c91cd948cfd65809b3f9bc3169155%26r%3Dhttps%253A%252F%252Fbn.dxlive.com%252F%253Fage_check%253D0%26dxlive%3D14321-103-2.1673862718.1676454718%26dtiAff2%3D14321-2.1676454718%26dtiFromSite%3D103.1676454718%26_c%3D1432-14321-103-2.1673862718.1676454718
302 Found 313 B URL HTTP/2 click.d2pass.com/?md5%3D0a3c91cd948cfd65809b3f9bc3169155%26r%3Dhttps%253A%252F%252Fbn.dxlive.com%252F%253Fage_check%253D0%26dxlive%3D14321-103-2.1673862718.1676454718%26dtiAff2%3D14321-2.1676454718%26dtiFromSite%3D103.1676454718%26_c%3D1432-14321-103-2.1673862718.1676454718
IP
File type ASCII text, with very long lines (312)
Hash aacd56cd674c4126dc3bd9712d6c84c1
afeec07fcecaade3cb3a6cae5795def2b78458cb
a8a774076d57b218b506be80613c8c907cb3f0af183484f9c0fe738af89d3325
GET /?md5%3D0a3c91cd948cfd65809b3f9bc3169155%26r%3Dhttps%253A%252F%252Fbn.dxlive.com%252F%253Fage_check%253D0%26dxlive%3D14321-103-2.1673862718.1676454718%26dtiAff2%3D14321-2.1676454718%26dtiFromSite%3D103.1676454718%26_c%3D1432-14321-103-2.1673862718.1676454718 HTTP/1.1
Host: click.d2pass.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html
content-length: 0
set-cookie: dtiFromSite=103; domain=.d2pass.com; path=/; expires=Wed, 15-Feb-23 09:51:58 GMT; SameSite=None; Secure
dtiAff2=14321-2; domain=.d2pass.com; path=/; expires=Wed, 15-Feb-23 09:51:58 GMT; SameSite=None; Secure
_c=1432-14321-103-2.1673862718; domain=.d2pass.com; path=/; expires=Wed, 15-Feb-23 09:51:58 GMT; SameSite=None; Secure
dxlive=14321-103-2.1673862718; domain=.d2pass.com; path=/; expires=Wed, 15-Feb-23 09:51:58 GMT; SameSite=None; Secure
location: https://bn.dxlive.com/?age_check=0
etag: "59cb5881-0"
x-sh: 2bmk
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3
200 OK 95 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3
IP
File type ASCII text, with no line terminators
Hash 03bab42d3d938605decd99f6e796e79e
05362cf2cd08245fc79c055ca9161d62841b28fd
cebaab7027adc734315aff120c500ee993a1ce3df3b9af98cf2bf5577fbd98ef
GET /v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a8/c2/3f5c73, lfm-1-12219, lmd-12219, lud-685702, xfvlen-3005980, fsize-1241927, played-95
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114149/c0930-hitozuma0625-fhd-haruko-okamura/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=89BakjgC990982jzT1djkp3fx%2Fm2qNlP1gIPm9B3vq08R%2B8Z0j%2B6BzygLXA7ecavUrg%2BxhhSiKy80AQC9PvAeL4Air%2FQd9zjiAhjwNkMcEcFC84fYT0K3WYW1EbAaq6BsPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12bae23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 6da3db6df85cb642075c8722919e20ec
fa15df15dfad0498abe91378ff3d34077aa770f4
d09f36e1ec66513581468b1b64901f3d65a23009318b70b4959358ede3d683dd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D09F36E1EC66513581468B1B64901F3D65A23009318B70B4959358EDE3D683DD"
Last-Modified: Sun, 15 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5622
Expires: Mon, 16 Jan 2023 11:25:40 GMT
Date: Mon, 16 Jan 2023 09:51:58 GMT
Connection: keep-alive
www.javbangers.com/contents/videos_screenshots/114000/114211/preview.jpg
200 OK 136 kB URL HTTP/2 www.javbangers.com/contents/videos_screenshots/114000/114211/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 136 kB (136485 bytes)
Hash f7e1d09bfd7e131be0578b2ac714790f
0e55d2b5027cb95069f88108688fa016587cc26c
a8445798143395dcbb620d604258104295c54d39196541aecc2089b4c7f57972
GET /contents/videos_screenshots/114000/114211/preview.jpg HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: image/jpeg
content-length: 136485
last-modified: Tue, 17 Nov 2020 10:56:02 GMT
etag: "5fb3ac42-21525"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
notification.tubecup.net/in/subscription-offers?href=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&tcid=0&spot_id=9046&site=tcpublisher&source_id=0&custom_p=1
200 OK 0 B URL HTTP/2 notification.tubecup.net/in/subscription-offers?href=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&tcid=0&spot_id=9046&site=tcpublisher&source_id=0&custom_p=1
IP
ASN #24940 Hetzner Online GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /in/subscription-offers?href=http%3A%2F%2Fjp.co-vid.win%2Fv%2Fs%3A%2Fwww.moav.com%2Fvideos%2F27597%2Fb4f40aa06591329854eec329efd1077d%2Ftitle%2F%25E9%2595%25B7%25E7%259B%25B8%25E7%259A%2584%25E5%258F%25AF%25E6%2584%259B%25E7%259A%2584%25E5%25A6%25B9%25E5%25AD%2590%25EF%25BC%258C%25E7%25B5%2595%25E7%25BE%258E%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%25E6%2589%258B%25E6%258C%2587%25E6%2591%25B3%25E9%2580%25BC%25EF%25BC%258C%25E4%25BE%2586%25E5%259B%259E%25E6%258A%25BD%25E6%258F%2592%25E8%2587%25AA%25E6%2585%25B0%25EF%25BC%258C%25E7%25B5%25A6%25E7%2594%25B7%25E5%258F%258B%25E5%258F%25A3%25E4%25BA%25A4%25E7%2584%25A1%25E5%25A5%2597%25E7%2589%25B9%25E5%25AF%25AB%25E7%2588%2586%25E8%258D%2589%25E4%25B8%2580%25E7%25B7%259A%25E5%25A4%25A9%2520-%2520MOAV.COM%2520%5B24%3A54x270p%5D&tcid=0&spot_id=9046&site=tcpublisher&source_id=0&custom_p=1 HTTP/1.1
Host: notification.tubecup.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.18.0
date: Mon, 16 Jan 2023 09:51:58 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
www.javbangers.com/contents/videos_screenshots/114000/114149/preview.jpg
200 OK 79 kB URL HTTP/2 www.javbangers.com/contents/videos_screenshots/114000/114149/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Hash 59c6bea8c42daeab18036e74f60aecda
7298e7953e4c4ded323c20fff6fae1244057aaf4
20997541782e6666dd0a7acb5dcf65120c89db7e6673972b03ea0cdd8d84fae7
GET /contents/videos_screenshots/114000/114149/preview.jpg HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: image/jpeg
content-length: 78581
last-modified: Tue, 17 Nov 2020 07:31:01 GMT
etag: "5fb37c35-132f5"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
realjav.stream/cgi-sys/suspendedpage.cgi
503 Service Unavailable 23 kB URL HTTP/2 realjav.stream/cgi-sys/suspendedpage.cgi
IP
Hash 7d6bf6a5f2fd142e4412ed69aea813c0
a4f7ecc7d83441f9df7746965aecd58701444e0e
2a63ac34e629d7bd19b357f4d1a6ae713ae2387005350d59b9a1a2a533bbe241
GET /cgi-sys/suspendedpage.cgi HTTP/1.1
Host: realjav.stream
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 503 Service Unavailable
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6wRdotP5UFkRdWtdt7bjMR1rn9%2BUb0N26sSYyCLcL%2FVd69JB%2FJemQXCMDEfTJ4l592l5wTUqCl2DSHCFg%2BNi3CWafeTqIKqZWRHj2fFVDXg9du1NH2D0RVxIczef7yO0FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49d98fc0b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.javbangers.com/contents/videos_screenshots/114000/114215/preview.jpg
200 OK 174 kB URL HTTP/2 www.javbangers.com/contents/videos_screenshots/114000/114215/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Size 174 kB (174436 bytes)
Hash c331d070bcbf2d56bf07f586fa3ebec2
0a48e08f7cdae8cf1afa8d9f632ac8d912e83bef
b7453d13cd814d23773f7b3d87f706b49957edffcef928aad204aa801ae45cf2
GET /contents/videos_screenshots/114000/114215/preview.jpg HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: image/jpeg
content-length: 174436
last-modified: Tue, 17 Nov 2020 11:57:02 GMT
etag: "5fb3ba8e-2a964"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
duga.jp/favicon.ico
200 OK 408 kB IP
ASN #7684 SAKURA Internet Inc.
File type MS Windows icon resource - 7 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size 408 kB (408142 bytes)
Hash 5425e9f6487051730183128ce840ae37
1e27308af6582504eed9294644ea448eaf9d4987
ab4bf8e5d8fb9f0bb09869175fbab745dc1557a46784643ba55db5f3b73d10de
GET /favicon.ico HTTP/1.1
Host: duga.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
server: Apache/2.4.46 (Unix) OpenSSL/1.0.2k-fips mod_antiloris/0.7.0
last-modified: Sun, 03 Mar 2019 07:34:13 GMT
etag: "63a4e-5832baaa00740"
accept-ranges: bytes
content-length: 408142
content-type: image/x-icon
X-Firefox-Spdy: h2
www.javbangers.com/contents/videos_screenshots/114000/114225/preview.jpg
200 OK 58 kB URL HTTP/2 www.javbangers.com/contents/videos_screenshots/114000/114225/preview.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.54.100", baseline, precision 8, 1920x1080, components 3\012- data
Hash 336f0a5e36632f743336b5b0ed8bf452
a90dafbf1b89edc7304142e2e752eab7d6c34791
d196e2e6df6afdd569a25777329be5f88c845457f866bab6ab7aaacff9022340
GET /contents/videos_screenshots/114000/114225/preview.jpg HTTP/1.1
Host: www.javbangers.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: openresty
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: image/jpeg
content-length: 57577
last-modified: Tue, 17 Nov 2020 11:03:02 GMT
etag: "5fb3ade6-e0e9"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2
kissjav.li/media/videos/tmb/000/223/288/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/223/288/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/223/288/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 7309a22ae415da449ae7e5cc37d6a45d
84e9dd96f3e172308ec15ef31f35457b0dcfb63a
431f36a9e1ed013fd4dcbc4bd53343a62a988468a1f94483b42846fb3a877eee
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Mon, 16 Jan 2023 09:51:58 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 16 Jan 2023 00:29:22 GMT
Expires: Tue, 17 Jan 2023 00:29:22 GMT
ETag: "84e9dd96f3e172308ec15ef31f35457b0dcfb63a"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
bn.dxlive.com/?age_check=0
200 OK 14 kB URL HTTP/1.1 bn.dxlive.com/?age_check=0
IP
ASN #30212 HYPERMEDIA-SYSTEMS
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (510), with CRLF, LF line terminators
Hash f8823bc0eb25e7ad4506da9b1ee99ed3
21a9b02d8fcd8f928bd314e5262febfe3df8261b
a7d681ce5ebc4ea59203ce0d4491069f95051c63b84d0ad14756c634aa977e42
GET /?age_check=0 HTTP/1.1
Host: bn.dxlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 16 Jan 2023 09:51:59 GMT
Server: Apache
Last-Modified: Mon, 16 Jan 2023 09:51:21 GMT
Cache-Control: max-age=604800
Expires: Mon, 23 Jan 2023 09:51:59 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Length: 13621
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
cdndoe.xyz/files/wm/200589_1665639191.jpg
200 OK 366 kB URL HTTP/2 cdndoe.xyz/files/wm/200589_1665639191.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1554x1552, components 3\012- data
Size 366 kB (366041 bytes)
Hash 374581c4cc414f5d751a32c525c6ed3b
000c2a3362a104034e87446f2d06673e6f4f9e2d
450e492632c6e70e5cd3a55ccf8c7fcff1c6c72c3cb530e9653be4048c260725
GET /files/wm/200589_1665639191.jpg HTTP/1.1
Host: cdndoe.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:59 GMT
content-type: image/jpeg
content-length: 366041
last-modified: Thu, 13 Oct 2022 05:19:39 GMT
etag: "63479feb-595d9"
access-control-allow-origin: *
cache-control: max-age=14400
cf-cache-status: HIT
age: 7108
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxRd7WdOp3%2BKW1DnYs10EfhhCexatAgbCKDKPZWKDY5gbf%2FqNPIK9KfZyTFlojcUW9l3gNedF6thVvo7x7rQDicZfsADQfnrY4Jgxan2N%2FvZ%2FD3G8sDFDiXTnMmT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4ab184d240c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
7a8ba6e850.bc40aaccb7.com/in/multy
200 OK 21 kB URL HTTP/2 7a8ba6e850.bc40aaccb7.com/in/multy
IP
ASN #24940 Hetzner Online GmbH
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (20904), with no line terminators
Hash a0ff31ef56fa74a6850c30acdd27e773
16d981da9bbffb5539e568d0cf8f90ddf0f86102
2e00fae12aca3d292ca05366ac0b8df2003ce84c5749f5986e53ae1e740b3a1b
Analyzer Verdict Alert quad9 Sinkholed
POST /in/multy HTTP/1.1
Host: 7a8ba6e850.bc40aaccb7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1409
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 16 Jan 2023 09:51:59 GMT
content-type: application/json
content-length: 20906
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2
kissjav.li/media/videos/tmb/000/088/199/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/088/199/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/088/199/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
kissjav.li/media/videos/tmb/000/088/195/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/088/195/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/088/195/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
kissjav.li/media/videos/tmb/000/094/815/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/094/815/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/094/815/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:51:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
kissjav.li/media/videos/tmb/000/094/818/1.jpg
301 Moved Permanently 162 B URL HTTP/1.1 kissjav.li/media/videos/tmb/000/094/818/1.jpg
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /media/videos/tmb/000/094/818/1.jpg HTTP/1.1
Host: kissjav.li
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 16 Jan 2023 09:52:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://mrjav.net/
cdn.tokyo-motion.net/media/videos/tmb21/696381/18.jpg
403 Forbidden 0 B URL HTTP/2 cdn.tokyo-motion.net/media/videos/tmb21/696381/18.jpg
IP
GET /media/videos/tmb21/696381/18.jpg HTTP/1.1
Host: cdn.tokyo-motion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7Bx0h9Ayfdj%2F0T7wtwDsnjaTYJFwdZpKgEGW2cOXQJcp0CJdnbEml6EpsS7SxvaMZpzxp%2BJA2pvZdml4I%2BlUGJpHk74Klea%2BcS%2BiDIYcnkb6MDkOPYXOumtq5XW9%2FemUEkXPoK1Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4a73c7b730f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3
IP
GET /v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/ff/2f/f070116, lfm-1-5361, lmd-5361, lud-382761, xfvlen-3209065, fsize-1072087, played-179
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/97655/kbj-korean-bj-afreecatv-21102019001-%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%88%9C%EC%B2%9C-%EC%82%AC%EB%AC%B4%EC%8B%A4%EB%85%80-%ED%9A%8C%EC%82%AC%EC%97%90%EC%84%9C-%EC%98%AC%EB%85%B8%EC%B6%9C//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gtm9x673JaMLgdPHBtcnQ1t4Spom27Orh9H9JfphLnMP6lT9X0enTO7Zy99WUTaxnrOWpJ%2FYYOIpDHYIgoww32meGqZZ3ix0VCtIGz5O1MPOzuJdK5%2BxrpUFZHGBTWsDksA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bfb23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
click.dtiserv2.com/redir.fcgi?click=1432&site=103&b=14321&lang=tokyo
301 Moved Permanently 0 B URL HTTP/2 click.dtiserv2.com/redir.fcgi?click=1432&site=103&b=14321&lang=tokyo
IP
GET /redir.fcgi?click=1432&site=103&b=14321&lang=tokyo HTTP/1.1
Host: click.dtiserv2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 16 Jan 2023 09:51:57 GMT
p3p: CP="NOI DSP COR CURa ADMa IVAa IVDa OUR NOR"
location: http://click.dtiserv2.com/Click1432/14321-103-2
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: DENY
x-content-type-options: nosniff
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
m.sextvx.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: m.sextvx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Thu, 01 Jan 2015 05:27:22 GMT
vary: Accept-Encoding
etag: W/"54a4daba-57e"
strict-transport-security: max-age=63072000; includeSubdomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3427
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kibwWbYZ5SmfpIHefXuc7I0taSMcoe5nni8tCP1bQVN4kSp6nXCDa0qIVmks%2BSUnGsrMB5WodoKpei3NCX6wE06dYc0mKI8ySk5%2Fgx1uh0I84G%2FZkOsTbWxdIqSO1PM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f49c5e36b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
manymv.com/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: manymv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Mon, 03 Jan 2022 19:58:34 GMT
etag: W/"61d3556a-3c2e"
strict-transport-security: max-age=31536000
cache-control: max-age=14400
cf-cache-status: HIT
age: 4823
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FlNOEE1xxWDBDvF2bvi9FSSryNhrub9N9t55obDJ18wt5sEym0suSd8HUV9uRPeBYty60wYm2ejASZr97WvaX09SfYERCv6GhkPkBgefGlIy6J1hIwHZWimAgrG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49ccf49b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3
IP
GET /v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/d5/9c/0c50109, lfm-1-3583, lmd-3583, lud-811976, xfvlen-3083693, fsize-934625, played-260
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/88195/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-korean-bj-18082019003//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qr5Jg61SKuZcw9NyIBUlBmP%2ByP6%2FHlCqP0GBNQjOAVin%2ByDNvI%2BOGDmERpP6dYn2v%2BZTc3mXF9RPuXmiiqGoI1Qs961wnUPy%2BI57QLzKgYOTqGCgm1eEXssrZackmJQFNog%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bef23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/76/f5/562d70, lfm-1-34959, lmd-34959, lud-899709, xfvlen-2835866, fsize-598748, played-40
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114155/c0930-hitozuma0643-fhd-mao-ezaki-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2Nu5ugLXJGpaVvPk7eH9AzRcRRUdxpUmDre1tPWLmWCMRDIkmhr5hXuIA22gfwhVNw9ODrOv6nLcm1MvhbxH26LYG1kmS%2FPtyvVdfVMpp4RCi7SVar3sQB%2BQh6v2KhiNp4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bfd23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
200 OK 0 B URL HTTP/2 cdn.sc.gl/videojs-hotkeys/latest/videojs.hotkeys.min.js
IP
GET /videojs-hotkeys/latest/videojs.hotkeys.min.js HTTP/1.1
Host: cdn.sc.gl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: application/javascript
last-modified: Sun, 28 Aug 2022 02:39:12 GMT
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 5263
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2QAE03DsnBhomAvAJeCvQQQNp3jH3sRmDPtE%2FafbQq%2BteGRabzscwPCNwY84DaaRRXIm%2BDAxrZRJr%2FogCh9ADFvmN5JH7oJ2LNJE%2FPhxm8th3mOy1wG9ZFzHA4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4861fa5b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
av.dmm.monster/favicon.ico
200 OK 0 B URL HTTP/2 av.dmm.monster/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: av.dmm.monster
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-av.dmm.monster127.0.0.1-myhost-av.dmm.monster127.0.0.1/favicon.ico
phost: av.dmm.monster
line1066: notjp-dmm-myhost-av.dmm.monster-filteron-
line2430: notjp-/favicon.ico-myhost-av.dmm.monster-filteron-
cache-control: public, max-age=14400
access-control-allow-origin: *
x-proxy-cache-5950: EXPIRED
xkey-5950: av.dmm.monster/favicon.ico--av.dmm.monster-av.dmm.monster-cacpdo0---yes
x-proxy-cache-la2: MISS
xkey-la2: av.dmm.monster/favicon.ico--av.dmm.monster-av.dmm.monster-my_zone
x-proxy-cache-gjp: HIT
xkey-g-jp: av.dmm.monster/favicon.ico--av.dmm.monster--my_zone
cf-cache-status: HIT
age: 218
last-modified: Mon, 16 Jan 2023 09:48:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52hkjNyA9OJcZeWq8c0frHOiPojV3x2R3%2FPwz%2BXo7z9GBNy2ESj4pOXkuD5sebeGJavtzfQKlDrmUq%2FLfPnajden7qkrtUGEXXWbvyi7kGvtOCWMr54qEDRahfoV0s5Rzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f49e3c711c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3
IP
GET /v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/24/83/c0a885, lfm-1-28943, lmd-28943, lud-2588638, xfvlen-1998579, fsize-771478, played-20
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://japanesebeauties.one/jp/tube/tokyohot/mika.minami/n0667_mika_minami_bf_j.html/64//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d8kYAt71cVbwwo%2FhxxKNiBvafMIaU%2FJRYnk1ZY2FyDu4L9hLzc2%2Bi%2BG05q0iMZRF3dNK33JCA8wV2tCxZWZtUYxClXv6jiMBJz7RlQ4YMbnSQBry08%2FCD1nOLJOtqx9xexc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0423be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3
IP
GET /v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/47/6a/b5dc94, lfm-1-167075, lmd-167075, lud-208413, xfvlen-2010002, fsize-657362, played-5
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tokyomotion.net/video/660550/honoka-nitta-%E6%96%B0%E7%94%B0%E5%B8%86%E5%A4%8F-%E6%81%8B%E7%B3%B8%E3%83%A9%E3%83%97%E3%82%BD%E3%83%87%E3%82%A3-mbr-aa107/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mA8yc5z1dUFtxytTp3V9fh3b6Naa6lzaZT6x7552QbGYcrhFaqt46FGY3dpuFoL%2Fh0anDvJDdprBRLsmCCWsxxMTfMlwJe6l6M82%2BjQODWnQ2vokVSVQWxPRuQx9%2FSB62NA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a19c7923be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.1pondo.tv/moviepages/092415_001/images/str.jpg
302 Found : Moved Temporarily 0 B URL HTTP/1.1 www.1pondo.tv/moviepages/092415_001/images/str.jpg
IP
ASN #30212 HYPERMEDIA-SYSTEMS
GET /moviepages/092415_001/images/str.jpg HTTP/1.1
Host: www.1pondo.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://jp.co-vid.win/
HTTP/1.1 302 Found : Moved Temporarily
Location: https://www.1pondo.tv/moviepages/092415_001/images/str.jpg
Connection: close
Cache-Control: no-cache
Pragma: no-cache
cdn.tokyo-motion.net/media/videos/tmb21/696381/14.jpg
403 Forbidden 0 B URL HTTP/2 cdn.tokyo-motion.net/media/videos/tmb21/696381/14.jpg
IP
GET /media/videos/tmb21/696381/14.jpg HTTP/1.1
Host: cdn.tokyo-motion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ILWI%2BoMrnEGDrW1KRVwHvKrJepSmMjAdOlhIUPJ%2FFOkscjXz9KGkMWcvFvOdiry39YEv6dX7twF2TnXCR9xRBqZWF0IA2l3D5jSc0MM%2F%2B70MCEKCoZAo91gd9UjUx1GWjBUvKd46g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4a73c7f730f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3
IP
GET /v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/18/ff/661d109, lfm-1-24827, lmd-24827, lud-916196, xfvlen-2321029, fsize-786311, played-58
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/94815/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019007//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E%2FhEPNOHmkJ5VFZY2zXgSLEUGZjCIutWBpLb3qdrtHCcvm4Vt1dpLo8fTrWxPQuWYsoveTeXg8W1r0u8CTFKHcWdPjw1Eg39YvALYEE63YXFKTY0C6ob3hvzYfF99D8xm7M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf323be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3
IP
GET /v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/60/f1/700a114, lfm-1-25975, lmd-25976, lud-27466, xfvlen-2181721, fsize-598290, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javmobile.mobi/to/88234/%E3%83%87%E3%83%AA%E3%83%98%E3%83%AB%E5%91%BC%E3%82%93%E3%81%A0%E3%82%89%E3%81%BE%E3%81%98%E3%81%A3%E3%81%99%E3%81%8B%E2%80%A6-%E9%9A%A3%E5%AE%B6%E3%81%AE%E5%AB%8C%E3%81%AA%E4%BA%BA%E5%A6%BB%E3%81%8C%E2%80%A6%EF%BC%81-faa-190.html/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aS%2FsrKD1TxHKkBK6tetDwgQ3at716OPvFmCwA2vNDxz3%2F%2Bfi6SMYLqqOBCG6ThYr9hzYgcpOhD0%2F3GTrOTjqyyN7yIMAVJZ%2BbIO1j2Sdm3m4mFLPgq2SLgXKXwkWPbfm3Qo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0823be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/93/9a/481e74, lfm-1-57451, lmd-57451, lud-89207, xfvlen-358729, fsize-85915, played-
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114229/c0930-hitozuma0673-fhd-shizuru-haryu-2/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl77phPBYo8Uc1yXVaNKuk%2BuBhqiGn3t%2F%2B60%2F8wO6pDDqMBGomxw9voSPRN%2BS%2FCRryjSCRKriFScDHKqwzD1XQxgqXjy40q9uQ9qmNTohMg1CnijMIP7RCw0Ri1rukbetnY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf623be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-flash/dist/videojs-flash.js
302 Found 0 B URL HTTP/2 unpkg.com/videojs-flash/dist/videojs-flash.js
IP
GET /videojs-flash/dist/videojs-flash.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-flash@2.2.1/dist/videojs-flash.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPWZNAMCSZZ60GS96N4QWH9Q-ams
cf-cache-status: HIT
age: 222
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78a5f48609fa0b02-OSL
X-Firefox-Spdy: h2
www.appav1.xyz/favicon.ico
200 OK 0 B URL HTTP/2 www.appav1.xyz/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.appav1.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 3668
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCRbvq8vrP7Vn2qA1T3dLo%2FTRTuTZpYhdwuOfi02kWNoT%2BFoHe8XnhwX4XOgXqHhfAkMEg145Ej1dFsuJVTmJKHY3gz1T0lu4%2FtKzAI2zNCwCCnH4%2FqSmDs3DGLJFXtUtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49ecf89b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ccdb8b0a9f.f1bb4e5049.com/5567d8ac1e204ec767f2bda8294aa1f1.js
200 OK 0 B URL HTTP/2 ccdb8b0a9f.f1bb4e5049.com/5567d8ac1e204ec767f2bda8294aa1f1.js
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /5567d8ac1e204ec767f2bda8294aa1f1.js HTTP/1.1
Host: ccdb8b0a9f.f1bb4e5049.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 13 Jan 2023 14:07:40 GMT
etag: W/"63c165ac-188ee"
content-encoding: gzip
expires: Mon, 16 Jan 2023 09:56:55 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
xxavs.com/favicon.ico
404 Not Found 0 B IP
GET /favicon.ico HTTP/1.1
Host: xxavs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw0lA3GlKeP2en5mGvJ0pVpJbopqHqTHR5KFuZi3KFo3lhw9c2GC%2BrwtYXud1ru4TEFG1md5wlRoPa8j5Y%2FMXY9QOiKK0y9VxWwFAlDC0EgLAbb42LBz0izkWUo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f49dcb84b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/f5/22/fc5072, lfm-1-52147, lmd-52147, lud-3165917, xfvlen-2259054, fsize-799454, played-80
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114215/c0930-hitozuma0662-fhd-manami-mine-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6MlcefOTxmoidOdxmH%2F2OnoxZYfFzAWznfBAQNrortAlrr0%2FaYkzkPCretVqEYcXbYglrec8Vv4xjYryi%2BoMR9c8NYbBoPMoUI09nX1GSiiVkIOcV61HzE4j1IdGfx0zkMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a13bb523be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
thepervs.com/thumbs/32264.jpg
403 Forbidden 0 B URL HTTP/2 thepervs.com/thumbs/32264.jpg
IP
GET /thumbs/32264.jpg HTTP/1.1
Host: thepervs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhZBSHmNhZaRtZMufD0hl5Lb6AgIFfiKqHQwpG1%2BblSNQClUiqjKCpK8mVZRLom44A4%2FFhqYkJVch%2BRVCGVNkTq%2FsCdF3tJP6u4ExMvQDSECfQB9iSwbhdMvmB8cVeI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4963f86fac8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
mypornvid.fun/videos/
200 OK 0 B IP
ASN #399045 DEDIOUTLET-NETWORKS
GET /videos/ HTTP/1.1
Host: mypornvid.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=604800
expires: Mon, 23 Jan 2023 09:51:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3
IP
GET /v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/7e/6e/b7cf88, lfm-1-20430, lmd-20430, lud-4349566, xfvlen-1492725, fsize-551799, played-264
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://avgle.com/video/XcUKWKBCtKz/mar-aa107-%E5%A4%A9%E7%BE%BD%E6%88%90%E7%BE%8E-%E7%A7%81%E7%AB%8Bsmash%E5%AD%A6%E5%9C%92-%E5%AD%A6%E7%B4%9A%E5%A7%94%E5%93%A1%E9%95%B7/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=02gVUPsNemcf29K6lYQTtJ4iVgFmiI7lDJC77TbXDo0K28slqAqFPmqRH4IJnMyvTTCHKPJPYHx%2F5fRRca9NPrMxAHOCdZOvw3jAON4zLThd1Q8KaQ1O1vaTLNJaeW%2FxJOA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12ba823be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
purejapanese.com/favicon.ico
200 OK 0 B URL HTTP/2 purejapanese.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: purejapanese.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Tue, 15 Dec 2015 06:07:41 GMT
etag: W/"566fae2d-47e"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 561
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I82B2TaX2ufJ6fcDs%2BRPxja521lWVuDntMSE7EinAIxHvBslCu02B08Z4X9lH0WPjfWdnBGOSSdlaS6SlwfSNw5ngOqoce3wJcujpT1VK77Gzuw5b13VBHliOmy3fmXUfbi6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49bbd5b778f-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nztyy.live/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: nztyy.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html;charset=UTF-8
cache-control: max-age=14400
cf-cache-status: HIT
age: 3032
last-modified: Mon, 16 Jan 2023 09:01:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYJ2PIdn9X%2BmvavEcK3%2BmamR6ANbid7ApcdhfXiylE77lR%2BnxABMyS1bsk%2FAOCP1BDwVErKNeij9XtsMTqWfGQs7DfFEGCdDdAZaKGl8WDEQ5AelzgmJ7VO7BJFr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49cbf201c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.wpshsdk.com/npc/sdk/push/styles.css
200 OK 0 B URL HTTP/2 js.wpshsdk.com/npc/sdk/push/styles.css
IP
ASN #39572 DataWeb Global Group B.V.
GET /npc/sdk/push/styles.css HTTP/1.1
Host: js.wpshsdk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/css
server: nginx/1.18.0
last-modified: Tue, 30 Aug 2022 09:15:33 GMT
etag: W/"630dd535-10f4"
content-encoding: gzip
expires: Mon, 16 Jan 2023 09:56:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
realjav.stream/favicon.ico
302 Found 0 B URL HTTP/2 realjav.stream/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: realjav.stream
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=iso-8859-1
location: https://realjav.stream/cgi-sys/suspendedpage.cgi
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYOqtO29Imjxwv5FdE2KDKWqAqAne90VtfQ36VR5iYW9Ds567U7R37TkBxhqhiWCI%2FpPuVTmjDeH1f9BVeLMs0Q7F%2BfPbktubtF3xuhgZIQRgs39uKkg2Z8k5ScmSZVBkA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49a0d380b06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3
IP
GET /v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/12/68/a57f116, lfm-1-1819, lmd-1819, lud-601506, xfvlen-2486859, fsize-787813, played-31
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/91850/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%95%84%EB%A6%AC%EC%83%A4-%ED%99%94%EB%A9%B4-%EB%8B%A4%EA%B0%80%EB%A6%B0%EC%A4%84-%EC%95%8C%EC%95%98%EB%8A%94%EB%8D%B0-kbj-korean-bj-afreecatv-16092019001//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u3ov%2FMPVY6e8FHquc6dti7BINpxAlHwWEejSSoSsYtO46QL6kfd12sh7yE3I5gdWvyCzrSNEpMTiU71fF7HRKzZuVRSzcvQG7fjdbvoM%2BnKwlSOdblW1hY%2Bvjy1tsV6NUPk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0323be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a6/eb/85a373, lfm-1-107399, lmd-107399, lud-107400, xfvlen-1615339, fsize-461192, played-15
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114224/c0930-hitozuma0669-fhd-yuuko-hiyama-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5wYG2mfsWGNlvRyyWB%2Fa278MxugXL8CjyImgUNXwXiv1%2B5sS7RTrqCWnuRy4%2FD7iCMnz4Sga1kUvTauS5ALemctygla%2Bip2YivfOf9aibmqwWBs4IbtVevcBpWt07gqYDJ8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf023be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img.yavtube.com/caribbeancom/moviepages/101108-881/images/l_l.jpg
200 OK 0 B URL HTTP/2 img.yavtube.com/caribbeancom/moviepages/101108-881/images/l_l.jpg
IP
GET /caribbeancom/moviepages/101108-881/images/l_l.jpg HTTP/1.1
Host: img.yavtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:54 GMT
content-type: image/jpeg
vary: Accept-Encoding
x-serverid: jim.dl
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Oct 2008 20:52:41 GMT
cache-control: public, max-age=31536000
expires: Sun, 22 Jan 2023 15:30:43 GMT
x_cache: HIT
cf-cache-status: HIT
age: 2053270
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BDzk%2B3hlZitktqLJO4u2jbDNWqhjrr%2Bp2ibWCpcnhLXusrnfcXdCihtwsMxCVoJst8PfuMhkxSKOGWklPiWGas1oKKABmEBHPZXwh8TigLNL7Lv1WyTMNyg6t7VrNn%2BeBw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78a5f48a6ba423ea-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m.thisav.com/favicon.ico
403 Forbidden 0 B IP
GET /favicon.ico HTTP/1.1
Host: m.thisav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
content-encoding: gzip
content-type: text/html
date: Mon, 16 Jan 2023 09:51:56 GMT
server: NginX
vary: Accept-Encoding
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3
IP
GET /v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/b7/19/ea6a121, lfm-1-2469, lmd-2469, lud-449059, xfvlen-1622328, fsize-555616, played-619
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/88186/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4tv-%EC%97%AC%EC%84%B1bj-%EC%95%8C%EB%AA%B8-%EB%85%B8%EC%B6%9C-%EB%B0%A9%EC%86%A1%EC%82%AC%EA%B3%A0-afreecatv-vod-kbj-korean-bj-lesbian-18082019004//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyRS6w0PQpP7eIGvZiky%2FfVlxNh5Q34HAKk0ulSUMUfm4CX37yqWnjU3R6AaWFBHrIK%2BQ6BcZguMrEsE%2Bo0Zr4Xqo2TTqUm%2F9%2F5OpHAy9IBdMc0iN6c%2B0yJ3O6bMSs%2Br9Zk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bec23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pornking.fun/hd/
200 OK 0 B IP
ASN #399045 DEDIOUTLET-NETWORKS
GET /hd/ HTTP/1.1
Host: pornking.fun
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://jp.co-vid.win/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=604800
expires: Mon, 23 Jan 2023 09:51:58 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: sameorigin
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3
IP
GET /v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a7/3d/efb893, lfm-1-251766, lmd-251766, lud-251790, xfvlen-2713129, fsize-675403, played-15
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: MISS
xkey-la2: rz./v/s://kissjav.com/91707/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019003/?playlist=10440/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsqSrDCIUkp48CBsnpH0tFDB1C%2B8tmqROE6H%2FJ%2FLrjsLNyUrcCZ1X84%2FNQT8FZ7mVeR%2BkGBUF0blJD0dJnSo4ncwkbpRTvNnoLInkpnnziLSTaXuapbYRc%2FcPmCiWV1R4ys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0e23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3
IP
GET /v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/46/36/caf4110, lfm-1-1380, lmd-1380, lud-139486, xfvlen-2305821, fsize-826955, played-157
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.tokyomotion.net/video/696381/asamikondo-%E8%BF%91%E8%97%A4%E3%81%82%E3%81%95%E3%81%BF-%E3%83%8B%E3%83%BC%E3%83%8F%E3%82%A4%E3%82%B3%E3%83%AC%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3-%E6%96%B0%E7%AB%A0-bfaa-004/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xTX%2BbEJp9AuI9Bq1V%2BIge2VkmHiZ1b33CnM%2BmD5cHIlr560kP0SKeBv8l%2BkqEL8oBJL5TFAKiplEhe2EDYSh0bdNWnftTw2ZY5RIE7SGNdQzrtH7%2BSwSW%2FZmluxcllBHG5c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12bb023be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/3b/64/930977, lfm-1-2983, lmd-2983, lud-287771, xfvlen-2224820, fsize-827988, played-107
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114151/c0930-hitozuma0635-fhd-yumiko-teranishi-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cn9NEvo5t62LCH7CoRK1aIvdwU%2BFpX3TSyoHpndD%2FZnBYcBsID5Agtn9OjPx7fzeg%2FCpEPyLuODe%2B%2BqFBbivARuJHN4zQAbqwFrpcgVPLB2hAcT0RSfqP8t8UuymTP7djro%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf823be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3
IP
GET /v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/8b/74/7465106, lfm-1-10070, lmd-10070, lud-887433, xfvlen-3014017, fsize-955613, played-17
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/94819/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-bj%ED%95%9C%EB%AF%B8%EB%AA%A8-%EB%85%B8%ED%8C%AC%ED%8B%B0-%EC%98%81%EC%A0%95%EB%B0%A9%EC%86%A1-kbj-korean-bj-afreecatv-27092019003//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M9ssH0EfOcsMvjn7AqTZqcZcQteq3aCOPHxD98%2BkcEp6hUm1CZKgCiDzjudl9BOqi9AunVfQVGXkvloFreEhBzzzL801gqlAEZ2i04syCCWOuvbeRW9GQ1aT1yikimnIUVY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0723be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3
IP
GET /v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/dc/c7/0f8293, lfm-1-7986, lmd-7986, lud-446990, xfvlen-2164518, fsize-627669, played-176
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/91703/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019002/?playlist=24783/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4DI67TF1qIJj0E7zfoWw3PYY6lFjBkM5bO9hvTR2L13SjPcP%2BeTac%2B4LAwD1C96hxwGhgVATi63N%2BsA0ElX1OlWkWITVTQqyu8HkbgICufzQvDGMbA8CIYTa2Wqo3e9nLxc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15c0a23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3
IP
GET /v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/87/29/8229108, lfm-1-19639, lmd-19639, lud-1605276, xfvlen-2145694, fsize-657888, played-2
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://mypornvid.fun/videos/2/SXFooen46H8/saaya-suzuki-xvideo/%E9%88%B4%E6%9C%A8%E6%B2%99%E5%BD%A9-sayarvenus-in-memory-of-saaya-suzuki/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P4GKfRJ7KZoBKesFJFohm3mn%2BepWRFfaGwgq4Zxr3p5rk9fNIF1pZg48JBIohZ2RHuh8xhdBWWTQ43xmBJ3tXhB0KMcM%2F8JpibprmBla9KzfsoYhmuRoIYEOPLZppU3cjJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf123be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tubepatrol2.com/000/427/427337/427337.webp
403 Forbidden 0 B URL HTTP/2 cdn.tubepatrol2.com/000/427/427337/427337.webp
IP
GET /000/427/427337/427337.webp HTTP/1.1
Host: cdn.tubepatrol2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:55 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbRpaqmKDjJNj4%2Fl%2FEsr1f8unk3s6i1c3up7bbv%2FjJCN89wXqneKkxKZO%2BaqOY759wllPQiuZ4%2BduIbGMt2lBDFbYofVIZHbSr5POgMjD49cDAc6hpNiQJHJM9OM8cuxUakjDV0E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4914f9cfab4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tokyo-motion.net/media/videos/tmb26/839748/18.jpg
403 Forbidden 0 B URL HTTP/2 cdn.tokyo-motion.net/media/videos/tmb26/839748/18.jpg
IP
GET /media/videos/tmb26/839748/18.jpg HTTP/1.1
Host: cdn.tokyo-motion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:59 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEPRGzJckZiZgNP%2Bq4jsllf%2FDv6FDTtNYuhBjX8RpNoVRRGpFtbdDG4pyCAxZ5IB4rUaLbkRN9vTXr%2FBbLiM%2F%2FH5aRjeT1pt%2BZKQlHqKK2SVN4antGWLIN031KoglXB5NdL8qaLcdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4a6fc1d730f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo6/98/b3/444c72, lfm-1-88106, lmd-88106, lud-320289, xfvlen-2288818, fsize-616671, played-56
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114211/c0930-hitozuma0660-fhd-sawa-karaki-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WM3oBMO210KjE5EdZV07O1Fdwub0TPGrwKq0f9douRjhGZD6YQJNaCCBH4Uc5t1lWBuE1MusPnGs0uDe5EN8hIruoqKW0FwHvVngpBOu7ODzxVHeRVFcCRDQ1X8F6EvhXrg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12ba423be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/1d/ee/b82173, lfm-1-1138, lmd-1138, lud-830678, xfvlen-2046280, fsize-533810, played-28
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114225/c0930-hitozuma0669-fhd-yuuko-hiyama-2/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QDlvQFM1CBczWAtqtackjIFJPVvZNRoPPqki4pjDzRsnotupJDxEIVLARrKRS3USwbhp9JCD%2FTPb80B5t7Im8Rerfrg04wdyfGugbb8kNQiEk1ixLZU8%2FQgLiCXMcQAgrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a13bb423be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3
IP
GET /v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/05/c2/998867, lfm-1-150784, lmd-150784, lud-2468634, xfvlen-2456640, fsize-627979, played-1
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3-A-rz.nakadashi.pw--ssdzone---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://javtube.net/129328/afreecatv-korean-bj-nipple-slip-31072021001//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kVFQGrTbeJSzUitpp%2B4eIatIUsah%2Ff4vUR292cPW8uqDdEUBcMI%2FphW2zEB0c16bLXFVA6ho0Auy1ChqDB8GKA7eW7rHNmXhmgisUOS6hfh929iIGpJJgynuhGHXu4IaLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf423be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
japanesebeauties.one/favicon.ico
200 OK 0 B URL HTTP/2 japanesebeauties.one/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: japanesebeauties.one
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Mon, 31 May 2010 16:51:06 GMT
etag: W/"4c03e8fa-57e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6596
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PHUVrNkjoNHNYrR%2BmxMJDDzFbEsUQtPbrAuStzOwbhBqk%2BRC6lMNVFnA3Tlsl3pC0gkEYTYfiABJAvtoHXQN0%2FTDn%2BOdJKbUlVxDLucrv%2Bztd5TD8bi0qkIkKrrntrgVn9nRiu9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4977f85b4f3-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.appav.site/favicon.ico
200 OK 0 B URL HTTP/2 www.appav.site/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 903
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBAQ%2Bd04By72Pw2lNTLSdzp2hvsxK%2FsDM0qtNiE%2BOQuwrPqjCNY5KHqGqc5Iv3CUnKBIsTJu2MqCrKqE1kMhcl2q7BTLPLmYoFZnew1fmvbR7OA5dBCBamExRTJ1Zh7UBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49aea24fab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aviui.com/favicon.ico
403 Forbidden 0 B IP
GET /favicon.ico HTTP/1.1
Host: aviui.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: text/html; charset=UTF-8
permissions-policy: accelerometer=(),autoplay=(),camera=(),clipboard-read=(),clipboard-write=(),fullscreen=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2R4ReDlThDpYplcmT8wuhvxL3p9S%2B9Jl%2FdbO%2F1R770d0GacqUKHoSq%2BIfqRXHgH%2BNpXZmVwCsuiuHnMp4Xe521S%2Fh6qpiVawL%2B9i%2FrfIBNTjuTSyIQRAP8mmrsQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49bded61bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo2/a8/f5/c44973, lfm-1-974, lmd-974, lud-462094, xfvlen-2850530, fsize-925997, played-65
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114242/c0930-hitozuma0695-fhd-yua-hirasawa-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1UMz08OWQ7J41xeq2yEyWDsVJvPVsfu7K7BR7wU05Y77uzKDdfqPRkWoeU1k038Frt2BHFwOZpU%2F9jNSyWqOjWD2%2BxtKm3%2FBjCdwkiV5MNJQgYXUIuAIrdlB3xkG%2BQDopyk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf523be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ccdb8b0a9f.f1bb4e5049.com/e83d4a700329f17e529b85cf03a67aad/23782?version_name=d
200 OK 0 B URL HTTP/2 ccdb8b0a9f.f1bb4e5049.com/e83d4a700329f17e529b85cf03a67aad/23782?version_name=d
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /e83d4a700329f17e529b85cf03a67aad/23782?version_name=d HTTP/1.1
Host: ccdb8b0a9f.f1bb4e5049.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Mon, 16 Jan 2023 09:56:56 GMT
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/d0/ce/9c, lfm-9-95170, lmd-95170, lud-300080, xfvlen-220860, fsize-468693, played-2
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: MISS
xkey-la2: rz./v/s://www.javbangers.com/video/198953/kaad-65-my-beautiful-mother-in-law-sumie-hirota/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5eV2W7jWNUREkabUj8DXLUKpIxxN4fMEmipjEDd5MlZ6OSHJt%2B%2Fy2XP%2FG7eqJ9bqCXkAFZfjVA3fVgFtrak3a8PyEdsjmeon5qF1iGEaMSi3B%2BLfcwTHuuinYliYriM4To%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf223be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
aipaw2.xyz/favicon.ico
301 Moved Permanently 0 B IP
GET /favicon.ico HTTP/1.1
Host: aipaw2.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 16 Jan 2023 09:51:56 GMT
location: http://18j.tv
cache-control: max-age=3600
expires: Mon, 16 Jan 2023 10:51:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSqe2SvQpPYlspWqa5tY4BoIqWAXticSI0%2Fw3GyHxZvBDiQSPWgtxgJ2P7nnCP%2FtBzB320uPSCXzwGYfhBsgKU4i%2BimzriGj1bM4Osb6EkA5wA1bw%2Bb47Eo6nFRU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f498cb6a1c06-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.qrxly.xyz/favicon.ico
301 Moved Permanently 0 B URL HTTP/2 www.qrxly.xyz/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.qrxly.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 16 Jan 2023 09:51:56 GMT
location: http://www.nanrenb.xyz/favicon.ico
cache-control: max-age=3600
expires: Mon, 16 Jan 2023 10:51:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wX7BxZisD4S0mfcd5yDc6QHMWWxcj%2BCjZG%2BQltW1zwrUgbcbOXBl4LI8XcSHYPHQJ2kbUkuhWONfXwtN9HgcdmuzpL5hnMV6eInAd6RbMV6rv%2ByNFbhoziJqYBnbK4OX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49b7a92fab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d
404 Not Found 0 B URL HTTP/2 www.moav.com/videos/27597/b4f40aa06591329854eec329efd1077d
IP
GET /videos/27597/b4f40aa06591329854eec329efd1077d HTTP/1.1
Host: www.moav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Mon, 16 Jan 2023 09:51:53 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KAxoH1SF78RHJStqP8PCgvD9r%2FWGvuTRatGjLpyy05j055Feh4CGK2hjrzvgT6XlF28eMV7KXiCxSzBnUzeO9%2BtPiSxf%2Bnxu88OehZxohYn3PgJCQdwwPxdU2OEA0Kg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f487de297725-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
appav.site/favicon.ico
200 OK 0 B IP
GET /favicon.ico HTTP/1.1
Host: appav.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Tue, 22 Nov 2022 21:29:12 GMT
etag: W/"637d3f28-10be"
cache-control: max-age=14400
cf-cache-status: HIT
age: 2437
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uooHyb2FEI61KTun3p%2F%2FEcB49c%2FIndWrxGkn2ozNll7d9DkwBOyNRzXTTz%2BGc1O%2B0msMNLtN4hgBGzKn%2F5WrF9Bfio1ipRp9961t459BdKl0Opz6%2FCl0tbd9gRN5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49b19f1b4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3
IP
GET /v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo1/0a/ba/4306101, lfm-1-13530, lmd-13530, lud-394979, xfvlen-2739915, fsize-815538, played-6
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://biguz.net/watch.php?id=3191998&name=japanese-movie-107-i-need-my-boy-for-sex-makiko-miyashita-xlx/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 4901
last-modified: Mon, 16 Jan 2023 08:30:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9d2ThMtfPxtjQq6b7Ijdk9D4uUStb8J3SpK4hJdC1gqX6TLQFBvlb8dO8DIaynZBA8Qi1zAeopasAiFcrAlVhCAal6bWG0iN6064CQZlhFjVsxyN2kYivle1dFe77IetBVI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a12bac23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3
IP
GET /v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo3/c0/6b/bafd125, lfm-1-3998, lmd-3998, lud-427127, xfvlen-1938109, fsize-564982, played-63
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/zh/97411/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%B0%A9%EC%86%A1%EC%A4%91%EC%97%90-%EC%84%B9%EC%8A%A4%ED%95%98%EB%8A%94-%EC%BB%A4%ED%94%8C-kbj-korean-bj-couple-uncensored-afreecatv-19102019001//title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: HIT
age: 42616
last-modified: Sun, 15 Jan 2023 22:01:41 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w7gFtA6cLGtIzOSDNDVO74nx0RgyvO5lGPxm9QkN86GnenDxi4PcS090fKYhnpm%2F0vKzsnQtYtGRIAge86xL0MT%2FrTDxFPcgBPAeKhSZS7%2B7V4B%2BWr%2B7BufhTxdgH8g9Qkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bea23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4kpornvideos.tv/favicon.ico
200 OK 0 B URL HTTP/2 4kpornvideos.tv/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: 4kpornvideos.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:56 GMT
content-type: image/x-icon
last-modified: Mon, 05 Dec 2022 11:47:34 GMT
etag: W/"638dda56-47e"
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f49bac140af6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3
IP
GET /v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo9/6b/2a/8ca393, lfm-1-1458, lmd-1458, lud-364680, xfvlen-2844423, fsize-818530, played-364
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://kissjav.com/91704/%EC%95%84%ED%94%84%EB%A6%AC%EC%B9%B4-%EB%85%B8%EC%B6%9C-kbj-korean-bj-afreecatv-16092019004/?playlist=14458/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zqsY5WBzzkjhsk%2ByQTkzQ13aO%2BqGKmiQPaRpn4ZgqoaiE6LB%2Bcnybe1A1mGYfXt2%2FIo1ebievF1NnwsiSobjOPnXoqZGs%2FjTuWyER1niS4aq2LLg5ZG7Ho58ak0yALZIOrU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bfc23be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.tokyo-motion.net/media/videos/tmb26/839748/14.jpg
403 Forbidden 0 B URL HTTP/2 cdn.tokyo-motion.net/media/videos/tmb26/839748/14.jpg
IP
GET /media/videos/tmb26/839748/14.jpg HTTP/1.1
Host: cdn.tokyo-motion.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Mon, 16 Jan 2023 09:51:59 GMT
content-type: text/html
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRS0aEZoShQ65xnqzn01vcPjkbbrVbPW69f%2B%2BfBclQYr4NCKSUYoWiO519jnTk%2B6xWeJwMLJ194dg6EXttjBiOR65y6vSCQDtMbbZ1zEI10V8UrpqMNc0%2FwsRThTQ17%2FTAXfoGjCTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78a5f4a6fc1c730f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
rz.nakadashi.pw/v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3
200 OK 0 B URL HTTP/2 rz.nakadashi.pw/v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3
IP
GET /v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3 HTTP/1.1
Host: rz.nakadashi.pw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://jp.co-vid.win
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:57 GMT
content-type: text/html; charset=UTF-8
vary: Host,Accept-Encoding
pdo-line8: host-rz.nakadashi.pw127.0.0.1-myhost-127.0.0.1/v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3
phost: rz.nakadashi.pw
line1066: notjp-nakadashi-myhost--filteron-
pdo106: feedvid-, cachefileb-cacpdo4/19/83/6b3c74, lfm-1-24169, lmd-24169, lud-888091, xfvlen-1983888, fsize-636764, played-97
access-control-allow-headers: X-Requested-With
cache-control: public, max-age=3600000
access-control-allow-origin: *
x-proxy-cache-5950: HIT
xkey-5950: rz./v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3-A-rz.nakadashi.pw--cacpdo0---yes
x-proxy-cache-la2: HIT
xkey-la2: rz./v/s://www.javbangers.com/video/114228/c0930-hitozuma0673-fhd-shizuru-haryu-1/title/myhash/3-A-rz.nakadashi.pw--my_zone
cf-cache-status: MISS
last-modified: Mon, 16 Jan 2023 09:51:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7tjTUILkXWeqMNBr3hmNlQkVKQHD0mvwTUIfePVAWBtFWdl2hZRhU5v%2BLU3P1eExRwWpvbUkh7Vt7A4DSdoC%2B0tmZL9yYsn07Rr%2BpIydAOE8TXZ%2FKAOpxmB6iXk4ZstSLSQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78a5f4a15bf723be-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ccdb8b0a9f.f1bb4e5049.com/f043731316678c84d66f3617a4aeca35.js
200 OK 0 B URL HTTP/2 ccdb8b0a9f.f1bb4e5049.com/f043731316678c84d66f3617a4aeca35.js
IP
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert quad9 Sinkholed
GET /f043731316678c84d66f3617a4aeca35.js HTTP/1.1
Host: ccdb8b0a9f.f1bb4e5049.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://jp.co-vid.win/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 16 Jan 2023 09:51:58 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 27 Dec 2022 15:00:56 GMT
etag: W/"63ab08a8-aef6"
content-encoding: gzip
expires: Mon, 16 Jan 2023 09:56:58 GMT
cache-control: max-age=300
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
148.72.246.38
94.130.33.133
104.21.82.199
204.155.28.20
188.114.97.1
153.126.247.101
93.184.220.29
195.181.166.15
51.77.35.190
185.197.163.38
82.118.242.43
192.199.199.113
87.250.250.119
141.94.248.40
23.36.76.226
185.94.237.100
123.1.183.40