av28.com/
0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Date: Wed, 27 Sep 2023 17:56:23 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 27 Sep 2023 18:56:23 GMT
Location: https://av28.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vql2uxMuEp7hQcvgkLeeCgJHbwSmoDl6aTpRbaZvZq6bfdiChmXI2m%2F0a23S%2BW3W2Uq66b9iei7WI7iHK6sNFWHQkOGcYl5QGyYi8UiCKmL6XVNaQ6%2BWqxF0lA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 80d59f7c2a93b500-OSL
alt-svc: h2=":443"; ma=60
av28.com/images/logo/logo.png
200 OK 3.2 kB URL GET HTTP/3 av28.com/images/logo/logo.png
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
File type PNG image data, 196 x 88, 8-bit/color RGBA, non-interlaced\012- data
Hash 20c25172341c4284b2e928dfec66d652
6e20b6dfe112ae6e8aebac9962b5c1a8f86904ab
e1a5095af80229146875130311ba9b7465c1460c0dd4f5c6caf0eda853235a91
GET /images/logo/logo.png HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/png
content-length: 3191
last-modified: Sun, 01 Oct 2017 16:44:45 GMT
etag: "59d11b7d-c77"
expires: Mon, 16 Oct 2023 02:30:53 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1005950
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iDJ4JzTP9LqyK79rF7fUDnpUqr50VPKjL99PY9SX7QGQQHkmR2njZBsXzHo2dLIidOPVSTVuZYErMohz8i3jBSJGhmzulVkLwMi5ebHhbTAEIrXl9967yylp1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f860c9eb52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/users/nopic-Male.gif
3.7 kB URL av28.com/media/users/nopic-Male.gif
IP
File type GIF image data, version 89a, 450 x 450\012- data
Hash 040a34aa6bfded35d355f8457304a2cc
fb506cbdb0ef3b6caf416fd85a34f8de7dc5ffde
e86558ec0e214497d1e95a16125ca9499ae87fe97073bbd7193f0420d2f89647
GET /media/users/nopic-Male.gif HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/gif
content-length: 3684
last-modified: Thu, 28 Sep 2017 21:32:39 GMT
etag: "59cd6a77-e64"
expires: Mon, 02 Oct 2023 11:37:26 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2182755
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXNe5D21%2BcrQiUXkk%2BS4Wag4fCEdBPHN6bu2%2Fdhrdi551ZMqjY8TzLg7qzMnM7Gwu8V%2BYnO3o6u1n4rCdmHDtJvtBUCz89NXib7mLPhbucn7sgreev965YDoJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f862cb9b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103263/1.jpg
9.7 kB URL av28.com/media/videos/tmb3/103263/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash 67baf3847a0cc01cd69833b37cdf4175
fd85d428936605faa1c5da6da585cdb1ae922a0d
c9bd90f69e34912d9219b5fa5b27b8a659218285ecee7459405f3d3e37790928
GET /media/videos/tmb3/103263/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 9669
last-modified: Tue, 19 Sep 2023 11:22:33 GMT
etag: "65098479-25c5"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFHcfsHCIojfrsQHHYUXYdnhmmYpfyTMvj2UJpRAuYbUwSqZXpALUKmo%2F%2Bzje8pPI6OwZcubfJ7ahX1pPSnHMOd0VAzZ7lhdCh6z34IremzF1zPVm%2F1exZIrQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f862cc3b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103262/1.jpg
9.1 kB URL av28.com/media/videos/tmb3/103262/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash c5647e772b51a492126a457c2a548c36
559e7c83e22de7324c3cf6b208dcf9566fdf9eb1
8e6e309d3185c672663be7d8fee45f454e14151e33d5a41ce99e74deb1543061
GET /media/videos/tmb3/103262/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 9072
last-modified: Tue, 19 Sep 2023 11:21:02 GMT
etag: "6509841e-2370"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5TIx8tThmASW%2B2a8ckEIiGRLJ7cHITG9gPCbXv%2FGzmX6IHR9fCBiw6SZ5qXeVIY8rmFWGu7i5QbGhZmQinCRJg2tcZjgR%2Bz0SHm%2F9Iai3xgJLrKvha43fKSpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863cc8b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103261/1.jpg
10 kB URL av28.com/media/videos/tmb3/103261/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash 80e79169357c46ad118d74b0da4a7d7c
1118651b60e204a3c82afe39e73f3d8366d1e037
99c05a6deb0c196fab033282020d28e28cee7ccf9ecc2ab2b4f7e66cb4ba9e35
GET /media/videos/tmb3/103261/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 10536
last-modified: Tue, 19 Sep 2023 11:19:35 GMT
etag: "650983c7-2928"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dl4IdUJNd15d%2B5WoSgPGjsPToidKU%2BCiSR0EQ9BFFDQkaj8Lq7B0gejqerQrkbDMXwB%2BlwSjzJCQn0aEOC3jAQwBQW8WRFcttH91L5z%2FkiX%2BpKb8j43Qii%2B1zg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863cccb52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103260/1.jpg
200 OK 8.6 kB URL GET HTTP/3 av28.com/media/videos/tmb3/103260/1.jpg
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash fe15c7b65d32eb9496426b1a047b6afd
e0c5e1003e15ec3b1e21e6c23302e51ad83f57e7
cb780b181cb837b0e7853f28145e7f1c0b3ffc06b5f6ae1344245b5caddf118c
GET /media/videos/tmb3/103260/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 8648
last-modified: Tue, 19 Sep 2023 11:18:27 GMT
etag: "65098383-21c8"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAzk6Md6RlNnzAgXWh1%2Bd2kUl4U9yc6o9ieZD033JFhKoMLDf2YXTdgXVFoIrqN8NcInIFw62nuZBXbqg5da9R7AFEgbjvZpdNgJlzXbkJWXqxxnUoUlinGClQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863ccdb52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103259/1.jpg
11 kB URL av28.com/media/videos/tmb3/103259/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash d2bb4f91d421b7865ffc1706d9d88528
6a85cd531d14ba88c104e64cec02c82a72dba6b8
ed822496b3da4371f791623f4b06ac09eec28b869592a23ea0fdc5383a02a481
GET /media/videos/tmb3/103259/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 10994
last-modified: Tue, 19 Sep 2023 11:16:57 GMT
etag: "65098329-2af2"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QmfijMkkzqrgBzMT5Qt5S5g5688Jk49VqQBtO7LN85FtF8wsBAZYWSEd3KZb0EbfAjk36PHBTAasRituN2xPgJn9IMx7aH1QVUSsa1n3kTEfyfCiSjzpFL4YMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863cceb52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103258/1.jpg
8.7 kB URL av28.com/media/videos/tmb3/103258/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash 4992db400b8b8c2a9f3f6447cbf8f468
ac6df63b040b4587e0188bbbe652513541023637
6b98aecb0c3e26961a477803710b260cedc32d7838a93c171ef5c8a72ccebb41
GET /media/videos/tmb3/103258/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 8678
last-modified: Tue, 19 Sep 2023 11:16:01 GMT
etag: "650982f1-21e6"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710034
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Epi7Qubz3j8FiBdTrbHE5z%2BogpPC2Idq%2FxF4OIpTRQutXyHVNTMtsSIKUKMgB2yZYKfeZubR8vRpSQ2f%2Bu16RfBOWDE9In9uF1%2FU6vobWlN9v5aiEcw8dtS1zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863cd0b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb3/103257/1.jpg
11 kB URL av28.com/media/videos/tmb3/103257/1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 256x144, components 3\012- data
Hash 5c2468060a682b5098aec9dc3df6bc07
92b0ebf83221566bc8f83ef06c01fc82644ca4cd
ea15010df4525e5a8885af0d05b0db0584feb05f19a3d3cde17a8c53a762495c
GET /media/videos/tmb3/103257/1.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 10606
last-modified: Tue, 19 Sep 2023 11:14:57 GMT
etag: "650982b1-296e"
expires: Thu, 19 Oct 2023 12:42:49 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 710033
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6gNR7FhwDPSPj6JBrnprUCLm%2FCY3%2FGsotRKLWKaufGddkFDwQthcdbZl%2BMrk9HOb61bPy8xcs5fvi8wkmOakU0c7hickCPOyq7YHnxvC3GNNiwmixEGbVdgkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f863cd2b52d-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
471 B IP
Hash ff52e45784a45798b40d6d9feb912438
3efa53511758ea8597e7ffe0bbb9e7343a1102b6
280a37a14ea94283ef151c84b79ebd80c3e52cdac8f94208df994a970f592689
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 27 Sep 2023 17:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
av28.com/media/player/videojs/plugins/videojs-thumbnails-master/videojs.thumbnails.js
2.2 kB URL av28.com/media/player/videojs/plugins/videojs-thumbnails-master/videojs.thumbnails.js
IP
Hash 4fd1c525c54ed14c1197f231615ab7cd
116c27e887b32473254d3624aa13add98839f9e0
0d119b3564451ba6007d49bc5843c85c1b2a88ff6f8a5b41b5a1570146106bd4
GET /media/player/videojs/plugins/videojs-thumbnails-master/videojs.thumbnails.js HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: application/javascript
last-modified: Thu, 28 Sep 2017 21:33:54 GMT
etag: W/"59cd6ac2-191a"
expires: Sun, 01 Sep 2024 11:37:26 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 2182755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YzzRmZsZ4gdJea6KM96Vc5MxEL3pHi%2BhPYSMg8QgDh5zUWTE9LruqQ5Pzb1VrQ9w1BN0N7kasCa2XtEdtxOldAoX3pRiBbuUDkyiHLJ52lUltv%2BUOexU1v%2FCMg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f85fc78b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/templates/frontend/dark-magenta/js/jquery.video-0.2.js
2.7 kB URL av28.com/templates/frontend/dark-magenta/js/jquery.video-0.2.js
IP
Hash 5eb61e88a7037735295e0c3c288e8065
8e5a4ebc6d7fedf1bd040b8df6db09c5636f3735
40fb30593c5546a9e6a3fac2ca592bc84723bbdfb0af2e40a81c1e31f1020eb5
GET /templates/frontend/dark-magenta/js/jquery.video-0.2.js HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: application/javascript
last-modified: Sun, 01 Oct 2017 06:51:43 GMT
etag: W/"59d0907f-2c1e"
expires: Tue, 20 Aug 2024 03:44:26 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 3247934
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ADA48vEZALFRY1X65BM0FuyzEVTRXVI3%2BPQuJFvraq%2F0%2BHPH%2F%2FdgzppApNPaXcr6KNwkQtKRgreqmRs25bwM0YubZYyK4nsDJyexiY%2B82oge4on5mLDVmkEoNw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f861cafb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/media/videos/tmb1/39310/default.jpg
33 kB URL av28.com/media/videos/tmb1/39310/default.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 640x360, components 3\012- data
Hash 3875fbacfc3bed32e3d081efaa27f195
3303bc3faea5ae55e34c12cc1acdbcf922d46f6f
694e77073c6773e36d0d6e191ddf917e0f09edd2b149246bce91b1e32c9de4e1
GET /media/videos/tmb1/39310/default.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: image/jpeg
content-length: 33153
last-modified: Fri, 04 Jan 2019 05:26:03 GMT
etag: "5c2eee6b-8181"
expires: Fri, 27 Oct 2023 17:56:44 GMT
cache-control: public, max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkQGgRq%2BzqWgwi69zQZkbnDaVe8ZCVNGVFtIxwwen89wtHwkL1QgUGrnhSKS9o70v2r0eWf4YJ7kgPwP4bn3Pct2%2FgB0zTPQw6XIN%2BNYW6Ca%2FXHRazQZ9XOGfA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f862cb8b52d-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
471 B IP
Hash 4ee7d428e49497fff831481db3746dd8
7185f93df26c0737f4953ac8b0799a3fe3a7c45f
f9e4c9a81904083be67d904a75c03e6d1c54757d399dc77d1224b42a25c088fe
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 27 Sep 2023 17:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
33 kB URL ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js
IP
File type ASCII text, with very long lines (32086)
Hash 8101d596b2b8fa35fe3a634ea342d7c3
d6c1f41972de07b09bfa63d2e50f9ab41ec372bd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
GET /ajax/libs/jquery/1.11.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 27 Sep 2023 10:18:34 GMT
expires: Thu, 26 Sep 2024 10:18:34 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 27470
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
poweredby.jads.co/js/jads.js
178 B URL poweredby.jads.co/js/jads.js
IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /js/jads.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 27 Sep 2023 17:56:24 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: jads2.js
av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
84 kB URL av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (324), with CRLF, LF line terminators
Hash c6b2a5822916ad7f4f9c75205331d571
65c1828d90e4a35994ddadb8ceb26d547fdf1c72
7d827375a64004351d00c1b20ef2364f01dfb28f9c239fab431b88787c40ece5
GET /video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99 HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/html
last-modified: Wed, 27 Sep 2023 17:56:40 GMT
set-cookie: AVS=qo55c6ud04efb4mgc31sg15j90; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pc%2B5ihybxephHhvK%2BzOTGQKhPFlX8t1hlfbLDow%2BpGrVQ6kDzHi0rV858YIve2kHnJz7IpKzlAbegLaHahzST7fJ%2BFZPFiRuoHgcst5hYmvgkUbTYdp0ilJW9g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80d59f6a29a70b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.rawgit.com/MailOnline/videojs-vast-vpaid/master/bin/videojs.vast.vpaid.min.css
129 B URL cdn.rawgit.com/MailOnline/videojs-vast-vpaid/master/bin/videojs.vast.vpaid.min.css
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 8bec030678ff92998f6af99c4d7246d4
490d952d86444a84d3d8f8e1d6874414e0abeff9
798738661115245e530b3d0ce1034453ffc8140069b940fa0ce7df2b282f06a9
GET /MailOnline/videojs-vast-vpaid/master/bin/videojs.vast.vpaid.min.css HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 27 Sep 2023 17:56:25 GMT
content-type: text/plain; charset=utf-8
content-length: 129
location: https://cdn.jsdelivr.net/gh/MailOnline/videojs-vast-vpaid@master/bin/videojs.vast.vpaid.min.css
server: BunnyCDN-NO1-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 17141
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 09/27/2023 17:56:25
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra-etou8220087-FRA, cache-chi-kigq8000094-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: 339bde240e7d4f3ae53988e63442e553
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
cdn.rawgit.com/MailOnline/videojs-vast-vpaid/master/bin/videojs_5.vast.vpaid.min.js
130 B URL cdn.rawgit.com/MailOnline/videojs-vast-vpaid/master/bin/videojs_5.vast.vpaid.min.js
IP
ASN #34989 ServeTheWorld AS
File type ASCII text, with no line terminators
Hash 344fd53ccf40651c15eb4e9817f95c25
12917557a85ba645de3d3b73232934787efd80eb
69d8c31e0e1ee468749068cc60e8de17e2696736de970f1b4deca8d632254830
GET /MailOnline/videojs-vast-vpaid/master/bin/videojs_5.vast.vpaid.min.js HTTP/1.1
Host: cdn.rawgit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Wed, 27 Sep 2023 17:56:25 GMT
content-type: text/plain; charset=utf-8
content-length: 130
location: https://cdn.jsdelivr.net/gh/MailOnline/videojs-vast-vpaid@master/bin/videojs_5.vast.vpaid.min.js
server: BunnyCDN-NO1-830
cdn-pullzone: 201235
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: *
age: 44452
alt-svc: h3=":443", h3-29=":443", h3-27=":443"
cache-control: public, max-age=2592000
cdn-cachedat: 09/27/2023 17:56:25
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-served-by: cache-fra-etou8220106-FRA, cache-chi-kigq8000128-CHI
x-cache: MISS, HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 301
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 301
cdn-requestid: ed1e815ae4344e98c68ee98a3076d283
cdn-cache: EXPIRED
X-Firefox-Spdy: h2
ocsp.buypass.com/
1.7 kB IP
ASN #20940 Akamai International B.V.
Hash ffa80a88053b1bfab0067fe2da33c7e1
653ad5d9d0aefd452cb3d7e07ccca917818409d6
a1afb7ebfa33a3cb7836969bd7c3dedc546123dd3454e24c480597f752cc2ad8
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: ae25aa35-10e8-4e3c-bd3b-434edaa9fcfd
Content-Length: 1701
Date: Wed, 27 Sep 2023 17:56:25 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
471 B IP
Hash ff52e45784a45798b40d6d9feb912438
3efa53511758ea8597e7ffe0bbb9e7343a1102b6
280a37a14ea94283ef151c84b79ebd80c3e52cdac8f94208df994a970f592689
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 27 Sep 2023 17:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
av28.com/media/player/videojs/video-js.css
16 kB URL av28.com/media/player/videojs/video-js.css
IP
File type ASCII text, with very long lines (12739)
Hash 25c0ee9be005c59ef095ff469f8e9c8f
632c536075800718e6a34f24261675479eb51d21
e98611a5c45de144fbc2595f9f24b414a84acaacc4c066ff5e1fbb51c00fa414
GET /media/player/videojs/video-js.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 21:33:03 GMT
etag: W/"59cd6a8f-b5ae"
expires: Fri, 16 Aug 2024 09:47:41 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 3571738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8pHhr4ZveIR4KbF7cq3XLLAx5RmasJdgScmyqQ7lpJb8bf2A5SV4VTKK19QU6pUqknZUgu1jO6F%2FL3CwW%2BwyOPLhsXMci5KNkpoAHq%2FR%2FQ7XAELXv%2FM8upl4g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c27b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/templates/frontend/dark-magenta/css/style.css
200 OK 7.1 kB URL GET HTTP/3 av28.com/templates/frontend/dark-magenta/css/style.css
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
File type ASCII text, with very long lines (321)
Hash b39175939dd9273d9cac3058c2f8d448
16eff2baae755e016eb37a09ab9b8f9686388785
1207f18b912c9bee5d9556278563e5da75d4539a81073a9a6fc88e36d927a05b
GET /templates/frontend/dark-magenta/css/style.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Sun, 01 Oct 2017 07:09:13 GMT
etag: W/"59d09499-48fa"
expires: Fri, 13 Sep 2024 21:42:44 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 1109638
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VnHyJswsU%2B5C%2BkKCggVB2r2JtQmMJYN21e0sxdQa0Lt%2BcZXumkuTEA5LE%2FNDBTFIj5TrqNvuAPWa55c9ByvNm68bpJ1i7o5ePVb30YFkaEyA4S%2Ff%2B%2BRZfYT2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c1fb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/templates/frontend/dark-magenta/css/bootstrap.css
179 kB URL av28.com/templates/frontend/dark-magenta/css/bootstrap.css
IP
File type ASCII text, with very long lines (540)
Size 179 kB (178889 bytes)
Hash d57ef8e8e64a9a6b75f6442736232604
e7c76b0ce7346db16677264d7fcc73a41d09b9f1
058fc3e7644d2b3104a08c1f99be9adeea8498aa82c3cf366c3ed1e5049cbc44
GET /templates/frontend/dark-magenta/css/bootstrap.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 22:04:47 GMT
etag: W/"59cd71ff-217f6"
expires: Mon, 15 Jul 2024 21:27:00 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 6294575
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h5gkPW4TuIe5w8SbdJPuSjwJcvU0gUByAfaa%2F9HSI8sm75V3wY15J8yhZCS8Xds4ehjSrXdW62j7RUzsop8MDdlYqewRyaaNBOnI2a%2Fzfx5aurQGnDBf4VZYCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c1eb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/templates/frontend/dark-magenta/css/font-awesome.min.css
83 kB URL av28.com/templates/frontend/dark-magenta/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (20604)
Hash bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
GET /templates/frontend/dark-magenta/css/font-awesome.min.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 22:04:47 GMT
etag: W/"59cd71ff-511e"
expires: Fri, 16 Aug 2024 01:44:31 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 3600728
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zOe6hukgpzBagVKAQoDd%2FKuyxsqzTNySMLD7y%2FbBsx%2BGz2nwvaSMg%2Fg0qUCYr53CEINnzxBLH%2FMkx5PHxyWrBMwBS30OR2J1Kdh6SLQhJ6aDuf33NhxKshIeWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c23b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
poweredby.jads.co/js/jads2.js
1.7 kB URL poweredby.jads.co/js/jads2.js
IP
File type ASCII text, with very long lines (3758), with no line terminators
Hash bc8141c4650030c41f6a98026b12ce80
af5618f7e467a207d4c64627be580283ab5640cd
5ad0b5133e45b32908a388c8c6dcfca2c23d1d9d3e2ed6a839a742bab1ffde51
GET /js/jads2.js HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 27 Sep 2023 17:56:25 GMT
Content-Type: application/x-javascript
Last-Modified: Wed, 20 Sep 2023 21:26:09 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"650b6371-eae"
Content-Encoding: gzip
cdn.jsdelivr.net/gh/MailOnline/videojs-vast-vpaid@master/bin/videojs.vast.vpaid.min.css
757 B URL cdn.jsdelivr.net/gh/MailOnline/videojs-vast-vpaid@master/bin/videojs.vast.vpaid.min.css
IP
File type ASCII text, with very long lines (1935)
Hash eb9b9b38d2eb8e7ddc60d875bb518030
6b336bc36cc5ec384bc06f6aeb5e2481093a166c
265cfd4e7cf6e19df72e987d49834238c8a08cf0b1a29943428f2a8c038d81fb
GET /gh/MailOnline/videojs-vast-vpaid@master/bin/videojs.vast.vpaid.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"7c7-azNrw2zF7DhLwG9q614kgQk6Fmw"
content-encoding: br
accept-ranges: bytes
date: Wed, 27 Sep 2023 17:56:25 GMT
age: 15741
x-served-by: cache-fra-etou8220060-FRA, cache-bma1671-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 757
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
471 B IP
Hash c84db2aa974ecd33b439a3a6124cea47
a55ea70feb23dfce1365b7aeb60cd3047b0ca1bb
5b6308af9df276542b1f5542a75827208cc0cb612feffc28efd3ef79da97d97a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 27 Sep 2023 17:56:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
av28.com/templates/frontend/dark-magenta/fonts/glyphicons-halflings-regular.woff
23 kB URL av28.com/templates/frontend/dark-magenta/fonts/glyphicons-halflings-regular.woff
IP
File type Web Open Font Format, TrueType, length 23320, version 1.0\012- data
Hash 68ed1dac06bf0409c18ae7bc62889170
22037a3455914e5662fa51a596677bdb329e2c5c
fc969dc1c6ff531abcf368089dcbaf5775133b0626ff56b52301a059fc0f9e1e
GET /templates/frontend/dark-magenta/fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://av28.com/templates/frontend/dark-magenta/css/bootstrap.css
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:25 GMT
content-type: application/font-woff
content-length: 23320
last-modified: Thu, 28 Sep 2017 22:05:00 GMT
etag: "59cd720c-5b18"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1YvjdJxaKd6XdXURtQW5Cn63LqYEQRa00CJhUr2FmnV0hXht8HwkWcbEJFNHRBveh9QBcgH43QgvruRjai%2Fbm1E3DpHJVWszqeOh5L%2FZBKxaq4Dxpy%2Bt5N5OEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f8d3b8db52d-OSL
alt-svc: h3=":443"; ma=86400
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:56:18 GMT
expires: Wed, 25 Sep 2024 08:56:18 GMT
cache-control: public, max-age=31536000
age: 118807
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
av28.com/templates/frontend/dark-magenta/fonts/fontawesome-webfont.woff?v=4.1.0
84 kB URL av28.com/templates/frontend/dark-magenta/fonts/fontawesome-webfont.woff?v=4.1.0
IP
File type Web Open Font Format, TrueType, length 83760, version 1.0\012- data
Hash fdf491ce5ff5b2da02708cd0e9864719
7f2f3c55c2de192387c351b995115f6b79e09173
66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
GET /templates/frontend/dark-magenta/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://av28.com/templates/frontend/dark-magenta/css/font-awesome.min.css
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:25 GMT
content-type: application/font-woff
content-length: 83760
last-modified: Thu, 28 Sep 2017 22:04:56 GMT
etag: "59cd7208-14730"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JWi%2Bhr7q7DFWex3m3AiZbn1rYVaDwUUqplYUh3NQCZRqFDvPehI7zBRjHu7tedYR0PhoiA%2FeWg8lQHh7NSgi%2BI5Imkr6dVIflAbg8toHYYoVpCvdcrTzCOCj5w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f8d7bb5b52d-OSL
alt-svc: h3=":443"; ma=86400
ocsp.pki.goog/gts1c3
471 B IP
Hash c84db2aa974ecd33b439a3a6124cea47
a55ea70feb23dfce1365b7aeb60cd3047b0ca1bb
5b6308af9df276542b1f5542a75827208cc0cb612feffc28efd3ef79da97d97a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 27 Sep 2023 17:56:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 48 kB URL GET HTTP/2 fonts.gstatic.com/s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT
File type Web Open Font Format (Version 2), TrueType, length 48432, version 1.0\012- data
Hash e2d74c5e631bc53a7240bbfe4be99c8f
eb513857bb01cc4f7249067fc7e969bef415fc90
9b1b9d7cb74a9923d83f36f0026f421940b861fd6e1a51b8f79af45492ed4ed5
GET /s/opensans/v36/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 48432
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 26 Sep 2023 08:56:18 GMT
expires: Wed, 25 Sep 2024 08:56:18 GMT
cache-control: public, max-age=31536000
age: 118808
last-modified: Thu, 14 Sep 2023 00:40:31 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
av28.com/media/player/logo/logo.png
2.0 kB URL av28.com/media/player/logo/logo.png
IP
File type PNG image data, 100 x 45, 8-bit/color RGBA, non-interlaced\012- data
Hash c84763f0d02a29a2082f1b83d574597d
0e202a645f50e4c04e21d884316919bfb524f479
36d345ecc755dad085099a3b4b9148e8bb0c6dfdc961d2248af7edd3370e6a6d
GET /media/player/logo/logo.png HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: image/png
content-length: 2028
last-modified: Sun, 01 Oct 2017 16:47:54 GMT
etag: "59d11c3a-7ec"
expires: Sat, 30 Sep 2023 15:00:55 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2343348
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mEfYtuiqgqHWpehUlhE1WvsiMEItqoxxIwiImm291F5Qmax7P8I0xm%2FUG%2BgK6XmIEaNxlh4Sy2%2FFQnpNPF%2FppHAcXCZtleNxf6JEW0%2B0MxBgAc6Lxm1HUZ1vww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f8fad85b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.css
335 B URL av28.com/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.css
IP
Hash fc88e7c2ed6f630f7730453aaca2e313
771f7dbe7050622d54811945478e7d91df17146c
11545f8cc65c7cd666ed66432a02c684ba6b903bcf5342df43b39aad9fa08377
GET /media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 21:33:59 GMT
etag: W/"59cd6ac7-28b"
expires: Mon, 15 Jul 2024 21:27:54 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 6294521
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFToK2296rC%2Br3byEWKubgb0jVpG1a0quBEAbzgzVm8CvhBOhnVsmu2u%2FbARt%2FuekOg6l3H%2Fo5EEMyxeoqfPwK%2Fudhn8T5LiwmkZ0iR7xcSS1IdDPOCqsuB1DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f858c32b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/media/player/videojs/plugins/videojs-logobrand-master/src/videojs.logobrand.css
260 B URL av28.com/media/player/videojs/plugins/videojs-logobrand-master/src/videojs.logobrand.css
IP
Hash d201f3fa2c3775eeee43476414b69f8b
cd4157f1d64438a3ba6a7af6a059935d90fbc2cb
7b6b562ec62670d8abb9085933dfee2ac00873bed178a68be918d1493127d111
GET /media/player/videojs/plugins/videojs-logobrand-master/src/videojs.logobrand.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 21:33:57 GMT
etag: W/"59cd6ac5-515"
expires: Fri, 30 Aug 2024 15:00:54 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 2343347
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kTh6rkUWolETSrz3biXs57cFMVL2KzcA%2FoeQsXaatGwUrEQETRT2uOIBZTkg7WU8IPQwICKf3gKY7D%2BNZ6N6osBObgey4i%2FXbPPC36XmoEOhWrZHs4IjpiZG6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f858c33b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
av28.com/media/player/videojs/video-js-custom.css
1.6 kB URL av28.com/media/player/videojs/video-js-custom.css
IP
Hash 5daf96bf155afd69cbfd604a20a6668d
d287d8c9832cdbab1b6df5bf1665f785710bdb32
d200cf6a5cf2963fc438f839e62ea32e368069b45d0dcdc809185487d853d94c
GET /media/player/videojs/video-js-custom.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Wed, 20 Mar 2019 13:00:05 GMT
etag: W/"5c923955-1c29"
expires: Sun, 01 Sep 2024 11:37:26 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 2182755
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=otBaEAwh5KsLrKix2dVlyYgpiIb6QG0vEnIfmThECiL9EsDm%2BtJwA6xUf%2FrG70yBlgzJ8tAIsyHEfnzeSlKOlrSa2I3CjUOivH%2Fbjk3A9n%2BRVTW9d5TX%2BJgvww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f85bc4db52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
imasdk.googleapis.com/js/core/bridge3.592.0_en.html
237 kB URL imasdk.googleapis.com/js/core/bridge3.592.0_en.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (48275)
Size 237 kB (236927 bytes)
Hash b7b0c9d3d24765d132d0618d3b3eb626
898f3f4aa83ad6f57401b072341531a9baa44cc7
5c82d27118183cf0379ad722e087e51be3bb63706d7d2ccf4317790dfe774dc5
GET /js/core/bridge3.592.0_en.html HTTP/1.1
Host: imasdk.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 236927
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 25 Sep 2023 19:51:47 GMT
expires: Tue, 24 Sep 2024 19:51:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 25 Sep 2023 19:42:01 GMT
content-type: text/html
vary: Accept-Encoding
age: 165879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.sectigo.com/
471 B IP
Hash 1f16dc481fe293086e25465d95220b96
29e3aca4af823844b36a0efa7b6660bdd68dc7a4
b2e71eef47b71894f4d0c0d201f737fa139e2d46fa4bbf27d8a603f1bbd5b2b8
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 27 Sep 2023 17:56:26 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 26 Sep 2023 07:33:52 GMT
Expires: Tue, 03 Oct 2023 07:33:51 GMT
Etag: "29e3aca4af823844b36a0efa7b6660bdd68dc7a4"
Cache-Control: max-age=480444,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80d59f90ac240b61-OSL
fnbauniukvi.com/chicken.gif?z=1977191&pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=tU1HzsbJTio59UR88tRHphH-ElmsdqyRKaGpnoONAjMGhuFnSgWuxdUaGRn5KXPhpzEXcAZyDJMCCNkyOYDL1XIIf2GAMC1sz1950BgsuNg9F_J9_Kjgt7Rvg0GLEHjAZQ1S8IKPb02EauxPsgSd73tmXVspWxc7PlDejFZXCUK7BT7juOeRI16650Zfou7q-tnjx7svCtX5vWMeVjzIInkd6XCywVxwFLwaJLeh-udul7Vo7qbqF8AKXb3Htaq8JsfJsPns_QnMyUm3R08rluPSd60aX8Uo-qrnpc2_-UXlV2ZOiTtXDVpILdRLLZ_oG6khheCXAVFrwq7pVHk9nxJFgrE-ZDcJMWiQfASLxRnX2oDfEW25C6ypaBd2c4Z6WZo_XdVVkmc3iQfkrPgzEoaQUYTzBZTtQ_KkrMEeuAUmk0Dc0Vj4GvX9rilLSTXTjzghBDyPWtETPjf7soJK3eNA3n_qN0eBVGwmb3OaUo6gL-aNYDLX5TPPGbkCzKtDAsXTCga4owtKmTEjl5WiIs8lGdCbVOtx-m-Tt3hH3JAnaVio9HPex0Abi8urfTcuV0Pq5cxkp7crEHNClMEynAQdVeWryVGGCIcYR18-YmQ9P0ITF9K1eY982LZ-IxMkL2AgUX7ZLOD8hSm3YkSj0jwujKTGCjpsw8kDFWciwlHJZNiCcMUZhq0R0P8w_E2bN1l_ucPfruoQvJWGGLsRhHIsPwJf-D0_0L30-7xEXcHBJvvq3RxQCl0m8MmkqQZyDPwVxXzeQj0X-f1T21dyrpP0aadrbm4COEIyz5M_h3ivJXAkczqjsmqiLaZUpJLExQ4u6FuPPWJnZH0vMeQApB90WN8KZ2FgtTfiM5FfmKIrdgpObf0S3EJx3F1_09_uQPh8Msw3-dzpddhIeo7qDqhx03yWZB1FGXU-1MvthtWJlq4GjtCAWTPAW1luYiOOcU1KxZVhtR3NQC__QFiIDKrMz8jKUy_05HPsYKvfH_VQjVkJO9ZcjRzKK6UdpmTWtNfX8Ua1q8diIV4w3njzLhgN-uRfW7hw-0pXOK5E7ehP_Yy628EVdhOnUH_QHzAb_irMiuGMutmoBCbXwDzVJw74hNbjZPzDHPkp-VuMzCwXuaBs9ofX7Miq9p4Cgj_IzuzVl_BNSR12cMmBUTUmZr6ti0EDbuNZk6kRLFPdMlzEbaVMMIMSfCpA_CrCFkriJYKS4oxSVpuqbcCuCQly8guJ6rVZ5yDMCAWeQcwxUkMLZ71tha_sZt1MUnShla_Jfc_7YJha9AhCFv41C_R3GgOAYf3NIJBT3jhWPDsYf943WKbucFSb6-sah1Uqr00z33AQj65gAb-1DCm-gihZEjuWjUMBisDKZud2f3AD5mtk0dcHHbQZA4FqwnfO8ASQ3o_2-VQFMVIaABWlMuTZAuVv6m8JHxMbntl5VTDpyTrOB-37mgUPpFLt3MDtMsfEmyXrSFq03CQ-CNAHwxN-tFtyg1tyo5fzDElPU1Md__YVGGQPtYhgkA_L-BKboT4j3vujOUCmt-5fHCUVDz4uMEJlP5kYHGRRuq_v6ZhQSyd0q3W7ce5l_U8zZYyR0F9HI4D5MBkUMjfgWWM_018a-ME22A==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=955563329074688&sp=1&im=1
200 OK 43 B URL GET HTTP/2 fnbauniukvi.com/chicken.gif?z=1977191&pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=tU1HzsbJTio59UR88tRHphH-ElmsdqyRKaGpnoONAjMGhuFnSgWuxdUaGRn5KXPhpzEXcAZyDJMCCNkyOYDL1XIIf2GAMC1sz1950BgsuNg9F_J9_Kjgt7Rvg0GLEHjAZQ1S8IKPb02EauxPsgSd73tmXVspWxc7PlDejFZXCUK7BT7juOeRI16650Zfou7q-tnjx7svCtX5vWMeVjzIInkd6XCywVxwFLwaJLeh-udul7Vo7qbqF8AKXb3Htaq8JsfJsPns_QnMyUm3R08rluPSd60aX8Uo-qrnpc2_-UXlV2ZOiTtXDVpILdRLLZ_oG6khheCXAVFrwq7pVHk9nxJFgrE-ZDcJMWiQfASLxRnX2oDfEW25C6ypaBd2c4Z6WZo_XdVVkmc3iQfkrPgzEoaQUYTzBZTtQ_KkrMEeuAUmk0Dc0Vj4GvX9rilLSTXTjzghBDyPWtETPjf7soJK3eNA3n_qN0eBVGwmb3OaUo6gL-aNYDLX5TPPGbkCzKtDAsXTCga4owtKmTEjl5WiIs8lGdCbVOtx-m-Tt3hH3JAnaVio9HPex0Abi8urfTcuV0Pq5cxkp7crEHNClMEynAQdVeWryVGGCIcYR18-YmQ9P0ITF9K1eY982LZ-IxMkL2AgUX7ZLOD8hSm3YkSj0jwujKTGCjpsw8kDFWciwlHJZNiCcMUZhq0R0P8w_E2bN1l_ucPfruoQvJWGGLsRhHIsPwJf-D0_0L30-7xEXcHBJvvq3RxQCl0m8MmkqQZyDPwVxXzeQj0X-f1T21dyrpP0aadrbm4COEIyz5M_h3ivJXAkczqjsmqiLaZUpJLExQ4u6FuPPWJnZH0vMeQApB90WN8KZ2FgtTfiM5FfmKIrdgpObf0S3EJx3F1_09_uQPh8Msw3-dzpddhIeo7qDqhx03yWZB1FGXU-1MvthtWJlq4GjtCAWTPAW1luYiOOcU1KxZVhtR3NQC__QFiIDKrMz8jKUy_05HPsYKvfH_VQjVkJO9ZcjRzKK6UdpmTWtNfX8Ua1q8diIV4w3njzLhgN-uRfW7hw-0pXOK5E7ehP_Yy628EVdhOnUH_QHzAb_irMiuGMutmoBCbXwDzVJw74hNbjZPzDHPkp-VuMzCwXuaBs9ofX7Miq9p4Cgj_IzuzVl_BNSR12cMmBUTUmZr6ti0EDbuNZk6kRLFPdMlzEbaVMMIMSfCpA_CrCFkriJYKS4oxSVpuqbcCuCQly8guJ6rVZ5yDMCAWeQcwxUkMLZ71tha_sZt1MUnShla_Jfc_7YJha9AhCFv41C_R3GgOAYf3NIJBT3jhWPDsYf943WKbucFSb6-sah1Uqr00z33AQj65gAb-1DCm-gihZEjuWjUMBisDKZud2f3AD5mtk0dcHHbQZA4FqwnfO8ASQ3o_2-VQFMVIaABWlMuTZAuVv6m8JHxMbntl5VTDpyTrOB-37mgUPpFLt3MDtMsfEmyXrSFq03CQ-CNAHwxN-tFtyg1tyo5fzDElPU1Md__YVGGQPtYhgkA_L-BKboT4j3vujOUCmt-5fHCUVDz4uMEJlP5kYHGRRuq_v6ZhQSyd0q3W7ce5l_U8zZYyR0F9HI4D5MBkUMjfgWWM_018a-ME22A==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=955563329074688&sp=1&im=1
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerBuypass AS-983163327
Subject
FingerprintAC:8C:60:DF:88:D6:E9:33:1F:77:0E:F1:7A:2E:16:DB:10:EA:52:F9
ValidityWed, 31 May 2023 12:58:33 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1977191&pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=tU1HzsbJTio59UR88tRHphH-ElmsdqyRKaGpnoONAjMGhuFnSgWuxdUaGRn5KXPhpzEXcAZyDJMCCNkyOYDL1XIIf2GAMC1sz1950BgsuNg9F_J9_Kjgt7Rvg0GLEHjAZQ1S8IKPb02EauxPsgSd73tmXVspWxc7PlDejFZXCUK7BT7juOeRI16650Zfou7q-tnjx7svCtX5vWMeVjzIInkd6XCywVxwFLwaJLeh-udul7Vo7qbqF8AKXb3Htaq8JsfJsPns_QnMyUm3R08rluPSd60aX8Uo-qrnpc2_-UXlV2ZOiTtXDVpILdRLLZ_oG6khheCXAVFrwq7pVHk9nxJFgrE-ZDcJMWiQfASLxRnX2oDfEW25C6ypaBd2c4Z6WZo_XdVVkmc3iQfkrPgzEoaQUYTzBZTtQ_KkrMEeuAUmk0Dc0Vj4GvX9rilLSTXTjzghBDyPWtETPjf7soJK3eNA3n_qN0eBVGwmb3OaUo6gL-aNYDLX5TPPGbkCzKtDAsXTCga4owtKmTEjl5WiIs8lGdCbVOtx-m-Tt3hH3JAnaVio9HPex0Abi8urfTcuV0Pq5cxkp7crEHNClMEynAQdVeWryVGGCIcYR18-YmQ9P0ITF9K1eY982LZ-IxMkL2AgUX7ZLOD8hSm3YkSj0jwujKTGCjpsw8kDFWciwlHJZNiCcMUZhq0R0P8w_E2bN1l_ucPfruoQvJWGGLsRhHIsPwJf-D0_0L30-7xEXcHBJvvq3RxQCl0m8MmkqQZyDPwVxXzeQj0X-f1T21dyrpP0aadrbm4COEIyz5M_h3ivJXAkczqjsmqiLaZUpJLExQ4u6FuPPWJnZH0vMeQApB90WN8KZ2FgtTfiM5FfmKIrdgpObf0S3EJx3F1_09_uQPh8Msw3-dzpddhIeo7qDqhx03yWZB1FGXU-1MvthtWJlq4GjtCAWTPAW1luYiOOcU1KxZVhtR3NQC__QFiIDKrMz8jKUy_05HPsYKvfH_VQjVkJO9ZcjRzKK6UdpmTWtNfX8Ua1q8diIV4w3njzLhgN-uRfW7hw-0pXOK5E7ehP_Yy628EVdhOnUH_QHzAb_irMiuGMutmoBCbXwDzVJw74hNbjZPzDHPkp-VuMzCwXuaBs9ofX7Miq9p4Cgj_IzuzVl_BNSR12cMmBUTUmZr6ti0EDbuNZk6kRLFPdMlzEbaVMMIMSfCpA_CrCFkriJYKS4oxSVpuqbcCuCQly8guJ6rVZ5yDMCAWeQcwxUkMLZ71tha_sZt1MUnShla_Jfc_7YJha9AhCFv41C_R3GgOAYf3NIJBT3jhWPDsYf943WKbucFSb6-sah1Uqr00z33AQj65gAb-1DCm-gihZEjuWjUMBisDKZud2f3AD5mtk0dcHHbQZA4FqwnfO8ASQ3o_2-VQFMVIaABWlMuTZAuVv6m8JHxMbntl5VTDpyTrOB-37mgUPpFLt3MDtMsfEmyXrSFq03CQ-CNAHwxN-tFtyg1tyo5fzDElPU1Md__YVGGQPtYhgkA_L-BKboT4j3vujOUCmt-5fHCUVDz4uMEJlP5kYHGRRuq_v6ZhQSyd0q3W7ce5l_U8zZYyR0F9HI4D5MBkUMjfgWWM_018a-ME22A==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=955563329074688&sp=1&im=1 HTTP/1.1
Host: fnbauniukvi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=2309271256931ed87c7d554da4a1050aef81
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACh6CAAAAAAAAAAB; Path=/; Expires=Fri, 27 Oct 2023 17:56:26 GMT; Secure; SameSite=None
OACIBLOCK=ACh6CAAAAABlE7bQ; Path=/; Expires=Fri, 27 Oct 2023 17:56:26 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
av28.com/media/player/videojs/videojs.ima.css
5.5 kB URL av28.com/media/player/videojs/videojs.ima.css
IP
Hash faad6d610a7700f489432ee9abfaf760
ac54dcf6e4291d8a06f7b77586917bcbe99a25d3
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
GET /media/player/videojs/videojs.ima.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Fri, 05 Apr 2019 09:39:43 GMT
etag: W/"5ca7225f-eda"
expires: Fri, 13 Sep 2024 21:42:44 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 1109638
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qtO4JPMQlxHk1J6%2FtFIMYtWTScENw%2FFKSpL2YXTEpJKfftMx7i65uhZ7bNdIxXvTlLLsLy6cSHFctwwW7Xzkk0cakLa8mv0mcZP5gXMXyK7lh7bqWxfTYognFA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c2bb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
limurol.com/ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerBuypass AS-983163327
Subject
FingerprintB4:97:5A:E0:89:F4:2A:6B:FF:80:77:49:35:55:95:AD:70:3B:79:53
ValidityWed, 31 May 2023 15:31:47 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: CHCK=1; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
UID=2309271256cad0077451e94f0b99402e642e; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.buypass.com/
1.7 kB IP
ASN #20940 Akamai International B.V.
Hash c62e6b7f921e238b5b170ef8c12869c8
28f994c16f6706af6ddaef683f82dc00a2ce4fb6
b87cadd8f6fe8ed54e1696ba321df15a0e80e88ef86a23c4af0df84ba2f64c41
POST / HTTP/1.1
Host: ocsp.buypass.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 78
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Access-Control-Allow-Origin: https://www.buypass.no
Access-Control-Allow-Headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Buypass-Session-Id,X-Buypass-Locale
Access-Control-Allow-Credentials: false
Access-Control-Allow-Methods: GET,POST
MDC-correlationId: e2d8b843-8cd4-4d14-a7e6-705f8f249464
Content-Length: 1701
Date: Wed, 27 Sep 2023 17:56:26 GMT
Connection: keep-alive
cdn.pncloudfl.com/pn/fe0/849/bad/fe0849badcd4cacb7e3720ba148b09dcab11a73b.jpg
38 kB URL cdn.pncloudfl.com/pn/fe0/849/bad/fe0849badcd4cacb7e3720ba148b09dcab11a73b.jpg
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2ed9506e5a15572f9fb4a8eea92ef977
6214cb884722506a01cc134f4dc4984cf263e8d4
29ef791ef26f60d3916a963b4f14aaaed303cd751ac44ced4985eb638731889f
GET /pn/fe0/849/bad/fe0849badcd4cacb7e3720ba148b09dcab11a73b.jpg HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: image/webp
content-length: 38124
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=68576
content-disposition: inline; filename="fe0849badcd4cacb7e3720ba148b09dcab11a73b.webp"
etag: 4ad5a2420f06ba1e663485360f7d572b
expires: Thu, 28 Sep 2023 02:40:15 GMT
last-modified: Mon, 25 Sep 2023 07:27:56 GMT
vary: Accept
x-openstack-request-id: txa4b7677153c74fbea27bb-00651139ab
x-proxy-cache: HIT
x-timestamp: 1695626875.37166
x-trans-id: txa4b7677153c74fbea27bb-00651139ab
cf-cache-status: HIT
age: 141371
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 80d59f922a2db512-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
200 OK 7 B URL GET HTTP/2 limurol.com/ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerBuypass AS-983163327
Subject
FingerprintB4:97:5A:E0:89:F4:2A:6B:FF:80:77:49:35:55:95:AD:70:3B:79:53
ValidityWed, 31 May 2023 15:31:47 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1977189/?pb=25a9aa208a01ab4713cf01642a42f1801695844586&psp=-ElgZ_-PneVUSHaBYkQDGkdl1S3YEYtsOtMZH1qavlPkEy2eDMtY6HHnpfyCgbwxDQ84G34Pl19pg4qIub67rX5SBLwWNxVUwsYcIFFkq0KwZPlKDLFAmtQcW6tG2iCpTmzFei8WyUA2bTHZypXaUskqdT0-E7MbX0cvVDeXqppWMMq9cMVBWGl-duDfs5ioaw1tAxpaeIgLaZ61U9iS9Py38UCzVO19Cs0kYkCthu8lQL3vcpKeh-DbrEhcGiNMU4AL-QWX8b5E2Q6IvT8A_4QwjSBUX7GXI8Eir7QE49qchV3d1lcWanbkaA4LakPAon343Rkr-0A8DyyO6eRhWEtmZSNsSd_wpF1pmKRuPpdtlg-rYYxUeh34J0LwKlogPKmJENZilsKB3Mz1pXLj604cIh4rkFji-2NTreSTxHdOVc0rKwKD_2P3DrCKy3pld2b9to4HPRygOTRTxDgq7nZBHTxhKxB1FXkUHAbpeBOqUgMX_5vq1Z-oNeN7k5QDXH6vdF8vyVUSdd4chW0WqTEfrR-Kwt4f7jyGASoSRt4RGlUI-ExTS-gGD-grKJ11xZ0oZoq80lN0WzZj_OcrGGLPGwTP2248gbc6S4fYkY9yJcKHkZwfTnOdIY5BgOqUD-KOJiMCsQWpfCqjkahp0Kq2nF_f-wgBO_HR3XqOsQP3a54ogo7Ey9Tfpqngd2kvEvDVgKNJgmpuLCRTgQeM-bkiJbwlN_dmQsJWPpxCgqvSJ5eQZgU-ykruwyFXYdp5fYXvxdOiQYc2AEO7szvNaXvoz-6XiqPpkj5jpvxzRT36HtqNjMymYmxnD43aPM2b2hTiqVh_nlzWYwz0lE0m9gRhUUPrYt6orCsgU-9mesbYOG4bFeWQOawAVbjRqnQr9mWZsfdm5w0Zgr9AHtdcsGykh8ZAlzpANYkIgrreiNJc1tto_ybY5YloXGkt73q_VGiJLqRvbXAJ9wyQpfKr1SXzVRnNd2u8OsYxKwow&im=1&cb=_cl1yi9ppxmv1h0xduxccti&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2309271256b94ef19467e74ea597a8451b66; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
CHCK=1; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
go.141live.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
200 OK 1.7 kB URL GET HTTP/2 go.141live.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerZeroSSL
Subjectgo.141live.com
FingerprintFE:CA:B2:DE:0F:68:2C:D0:03:75:12:F0:72:F6:00:65:EB:07:73:D5
ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text, with very long lines (1697), with no line terminators
Hash 7e9e1c2c25f51435572ebb338ecded32
14f0469a099f5ee490c1153e9f01947bdec6ed13
eb9d69867fd6a8e9e2f4d140a02ada197c0938ccb39bbcea00643bc53a5b1ce8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1 HTTP/1.1
Host: go.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-origin: https://av28.com
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Wed, 27 Sep 2023 17:56:26 GMT
server: Caddy, nginx
strict-transport-security: max-age=15768000
content-length: 1697
X-Firefox-Spdy: h2
go.141live.com/config?url=https%3A%2F%2Fcreative.141live.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378%26campaignId%3Dslider%26tag%3Dgirls%252Fchinese%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0
2.1 kB URL go.141live.com/config?url=https%3A%2F%2Fcreative.141live.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378%26campaignId%3Dslider%26tag%3Dgirls%252Fchinese%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerZeroSSL
Subjectgo.141live.com
FingerprintFE:CA:B2:DE:0F:68:2C:D0:03:75:12:F0:72:F6:00:65:EB:07:73:D5
ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash c07ed969fb62bac0627e7e8ffdb517d4
1f2b27ccf1c25b0e60fb59ad4c01f3f3c0155dc5
704eadbad41da56b4132d3e83d5429993ef8082e2ec4ebf3f8e679026242a42b
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /config?url=https%3A%2F%2Fcreative.141live.com%2Fwidgets%2FSpot%2Flib.js%3Fautoplay%3Dall%26userId%3D97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378%26campaignId%3Dslider%26tag%3Dgirls%252Fchinese%26hideButton%3D1%26autoclose%3D0%26closeButtonDelay%3D0 HTTP/1.1
Host: go.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-origin: https://av28.com
alt-svc: h3=":443"; ma=2592000
content-encoding: gzip
content-type: application/json
date: Wed, 27 Sep 2023 17:56:26 GMT
server: Caddy, nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-BLW3ECK0PN&l=dataLayer&cx=c
81 kB URL www.googletagmanager.com/gtag/js?id=G-BLW3ECK0PN&l=dataLayer&cx=c
IP
File type ASCII text, with very long lines (5788)
Hash e9295e5c7be1c4e148d29c93bc2a5513
151b42123724eda018734047d4eadab8955033a6
63e26f4f72c1656ea48d1013828eeb7d22049954bc25fcf5d314571e4654a964
GET /gtag/js?id=G-BLW3ECK0PN&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 27 Sep 2023 17:56:26 GMT
expires: Wed, 27 Sep 2023 17:56:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81151
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
poweredby.jads.co/adshow.php?adzone=1003767
1.7 kB URL poweredby.jads.co/adshow.php?adzone=1003767
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (391), with CRLF, LF line terminators
Hash 5fe1dbbaeef62fa7774aa050daa019ae
8aaa7b141c8147322b11b4fd3941c8e2133ea95d
b2ec32f83193dbeeb4da6f61bdb74362d27349dc367fb277143c2b3405caf138
GET /adshow.php?adzone=1003767 HTTP/1.1
Host: poweredby.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 27 Sep 2023 17:56:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Powered-By: PHP/5.6.40
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CUR OUR IND STA"
Set-Cookie: surferid=7e574218ec1464444a80423b3788f2e8; expires=Thu, 26-Sep-2024 17:56:26 GMT; Max-Age=31536000; path=/; SameSite=None; Secure; domain=.jads.co
imps42805=1; expires=Thu, 28-Sep-2023 17:56:26 GMT; Max-Age=86400; path=/; SameSite=None; Secure; domain=.jads.co
juicy_data_1=YToxOntpOjExODA0MDM7aToxNjk2MDk2NTg2O30%3D; expires=Sat, 30-Sep-2023 17:56:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D; expires=Sat, 30-Sep-2023 17:56:26 GMT; Max-Age=259200; path=/; SameSite=None; Secure; domain=jads.co
Content-Encoding: gzip
i.jads.co/network/user500/33261-1578041695-0492553001578041695.png
200 OK 9.9 kB URL GET HTTP/2 i.jads.co/network/user500/33261-1578041695-0492553001578041695.png
IP
Requested by https://poweredby.jads.co/adshow.php?adzone=1003767
Certificate IssuerSectigo Limited
Subject*.jads.co
Fingerprint9E:B2:20:AC:19:4B:72:8F:12:D9:D6:5A:6A:B5:BE:EE:46:13:48:EB
ValidityMon, 26 Dec 2022 00:00:00 GMT - Fri, 26 Jan 2024 23:59:59 GMT
File type PNG image data, 468 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash c41645988ff97df6dc5c57b2cb76d146
b3b57f2b490076f3a1f3dd30ddaa950cfc1e4c97
9d92d08fe102c2a4b71df0dc2ba73f116ff31f76552e8ce3b6652a8273620328
GET /network/user500/33261-1578041695-0492553001578041695.png HTTP/1.1
Host: i.jads.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://poweredby.jads.co/
Cookie: surferid=7e574218ec1464444a80423b3788f2e8; imps42805=1; juicy_data_1=YToxOntpOjExODA0MDM7aToxNjk2MDk2NTg2O30%3D; juicy_data=YToxOntzOjEyOiJqdWljeV9kYXRhXzEiO3M6MToiMSI7fQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:26 GMT
etag: "1578041695"
cache-control: max-age=9503412
content-length: 9929
content-type: image/png
last-modified: Fri, 03 Jan 2020 08:54:55 GMT
accept-ranges: bytes
x-hw: 1695837386.dop003.sk1.t,1695837386.cds010.sk1.hn,1695837386.cds261.sk1.c
X-Firefox-Spdy: h2
av28.com/media/videos/tmb1/39310/sprite.jpg
67 kB URL av28.com/media/videos/tmb1/39310/sprite.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 5120x144, components 3\012- data
Hash b719acba346cd6808c0132052562e6a8
325df32fcdb661b0cb2cf7ec00afed99fd4aed22
79df58116709b89b2b08774d020ad207e0962bf805014e04a8d9e39cfba6a658
GET /media/videos/tmb1/39310/sprite.jpg HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90; __PPU___PPU_SESSION_URL=%2Fvideo%2F39310%2F%25E6%25AF%258D%25E4%25B9%25B3%25E3%2583%259E%25E3%2583%259E%25E5%25A4%25A7%25E5%25A5%25BD%25E3%2581%258D-%25E8%25B5%25A4%25E3%2581%25A1%25E3%2582%2583%25E3%2582%2593%25E3%2581%25B8%25E3%2581%25AE%25E6%258E%2588%25E4%25B9%25B3%25E3%2582%25B7%25E3%2583%25BC%25E3%2583%25B3%25E3%2582%2582%25E3%2581%2582%25E3%2582%258A%25E3%2581%25BE%25E3%2581%2599
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: image/jpeg
content-length: 66708
last-modified: Wed, 27 Sep 2023 17:56:42 GMT
etag: "65146cda-10494"
expires: Fri, 27 Oct 2023 17:56:46 GMT
cache-control: public, max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLLGexcAAUHKMjPcUHx20JN%2FVKJ9PtuxkY%2BezSUFWZO7j0zmhJOoBLD%2BLv87CVWt53LCH5w3p1%2BFsK5iRMcm0qAj9RRTB8qsnFqZUlz5BX2HzOqQiBJfQUrHOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f914ea7b52d-OSL
alt-svc: h3=":443"; ma=86400
av28.com/templates/frontend/dark-magenta/img/webapp-icon.png
200 OK 4.9 kB URL GET HTTP/3 av28.com/templates/frontend/dark-magenta/img/webapp-icon.png
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash d761d77eba1609711eb20c6945348ce8
bfb47907b58dead7d70ac6fedd03253869a03328
6da396dfd17188231604caee65e1994fe4188d94a221a9cfe5cca2b794caf423
GET /templates/frontend/dark-magenta/img/webapp-icon.png HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90; __PPU___PPU_SESSION_URL=%2Fvideo%2F39310%2F%25E6%25AF%258D%25E4%25B9%25B3%25E3%2583%259E%25E3%2583%259E%25E5%25A4%25A7%25E5%25A5%25BD%25E3%2581%258D-%25E8%25B5%25A4%25E3%2581%25A1%25E3%2582%2583%25E3%2582%2593%25E3%2581%25B8%25E3%2581%25AE%25E6%258E%2588%25E4%25B9%25B3%25E3%2582%25B7%25E3%2583%25BC%25E3%2583%25B3%25E3%2582%2582%25E3%2581%2582%25E3%2582%258A%25E3%2581%25BE%25E3%2581%2599; _ga_BLW3ECK0PN=GS1.1.1695837387.1.0.1695837387.0.0.0; _ga=GA1.1.167139191.1695837387
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: image/png
content-length: 4853
last-modified: Thu, 28 Sep 2017 22:05:09 GMT
etag: "59cd7215-12f5"
expires: Sat, 21 Oct 2023 02:18:56 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 574670
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD3QFv7cyOP0Ggy7TWY6t3L1pBatrng2Sf%2BJnwwV22wZr%2Fk2CroNaPjKwpShef26oejJMP0%2B6KmuSz%2BTWsLc9WNEOaRMJmHnGzTpMbd2ejIwG904tTtTmjEtQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f961b63b52d-OSL
alt-svc: h3=":443"; ma=86400
go.141live.com/abc.gif?userId=97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378&campaignId=slider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1
103 B URL go.141live.com/abc.gif?userId=97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378&campaignId=slider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerZeroSSL
Subjectgo.141live.com
FingerprintFE:CA:B2:DE:0F:68:2C:D0:03:75:12:F0:72:F6:00:65:EB:07:73:D5
ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /abc.gif?userId=97227ab916e97477d96eababb73cd85b2cce653f3c224c685a19a31b896e6378&campaignId=slider&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&quality=original&language=en&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Spot&referrer&i=0&ib=0&filtersMatch=1 HTTP/1.1
Host: go.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000
content-type: image/gif
date: Wed, 27 Sep 2023 17:56:27 GMT
server: Caddy, nginx
strict-transport-security: max-age=15768000
content-length: 103
X-Firefox-Spdy: h2
a.realsrv.com/ad-provider.js
200 OK 50 kB URL GET HTTP/2 a.realsrv.com/ad-provider.js
IP
ASN #60068 Datacamp Limited
Requested by https://a.realsrv.com/iframe.php?idzone=2837044&size=300x250
Certificate IssuerLet's Encrypt
Subjectrealsrv.com
FingerprintCC:B9:27:44:89:99:7C:9F:94:A5:01:B6:FD:90:95:3E:AA:18:D8:7B
ValiditySun, 23 Jul 2023 14:21:20 GMT - Sat, 21 Oct 2023 14:21:19 GMT
File type gzip compressed data, from Unix\012- data
Hash 002a8019bdf3cf29b8546ebac5bced0b
ac18ded436147f558c9cc7351cd4dadf8db562d4
000d96d273382fb9c4d5b0067d7cfc2d3e1c899bc49d7a4fd423deab80832b5f
GET /ad-provider.js HTTP/1.1
Host: a.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://a.realsrv.com/iframe.php?idzone=2837044&size=300x250
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"f61f83c359ed90aabf24cfad697"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Wed, 27 Sep 2023 11:24:26 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-cache-op: HIT
server: CDN77-Turbo
x-77-nzt: AblMCQ14llv/3gYAAA
x-77-nzt-ray: c0a4cc285f4a054fcb6c146572b8f003
x-accel-expires: @1695846429
x-accel-date: 1695835629
x-cache: HIT
x-age: 1758
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 1758
content-encoding: gzip
X-Firefox-Spdy: h2
syndication.realsrv.com/v1/api.php
1.3 kB URL syndication.realsrv.com/v1/api.php
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type JSON data\012- , ASCII text, with very long lines (1733), with no line terminators
Hash 19608764b50bf95c53af0139fc289235
fe1ed1b87f10b6a51ac9c8e76da2321e4080cbfd
94907f777f798cfc3735a7b7a6388c3e38571a4b13b4d04515ca14603a224b2b
POST /v1/api.php HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 302
Origin: https://a.realsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.realsrv.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 27 Sep 2023 17:56:27 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Headers: Authorization, Content-Type
Access-Control-Request-Method: POST
Access-Control-Allow-Credentials: true
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265146ccb3bf4d6.705499453100642344%22%3B%7D; expires=Fri, 26-Sep-2025 17:56:27 GMT; Max-Age=63072000; path=/; domain=realsrv.com; secure; SameSite=None
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PwWoDMQxEf6U/EDOWZFvOub22kJIP8G52odBSSCHkMB9f7baFeg6W5MdoLBA9oB+kPWQ9lnqUxp5TRzJJuRifX060zHETT/PnB00qSqd466WyQV09Om0wY++05q20Sg8MgspcqERIigYSVQLUWu0VVrV0i43g+fWRT+cTc0INm99LqMBdCpj3JDTQosZ9cyw+z4hlPc+Xae15ccWYRDBsXVyWDeRI12W8f11ve3z8KCGrxLP8DUKHjdZsKhEzDriP39br+FjIf+SmtpvHrzorzbeA7Auyuy916OTSxqXJKA0r5uliU52/AQnjg55tAQAA
20 B URL syndication.realsrv.com/cimp.php?t=api&data=H4sIAAAAAAAAA02PwWoDMQxEf6U/EDOWZFvOub22kJIP8G52odBSSCHkMB9f7baFeg6W5MdoLBA9oB+kPWQ9lnqUxp5TRzJJuRifX060zHETT/PnB00qSqd466WyQV09Om0wY++05q20Sg8MgspcqERIigYSVQLUWu0VVrV0i43g+fWRT+cTc0INm99LqMBdCpj3JDTQosZ9cyw+z4hlPc+Xae15ccWYRDBsXVyWDeRI12W8f11ve3z8KCGrxLP8DUKHjdZsKhEzDriP39br+FjIf+SmtpvHrzorzbeA7Auyuy916OTSxqXJKA0r5uliU52/AQnjg55tAQAA
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type gzip compressed data, max speed, from Unix\012- data
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /cimp.php?t=api&data=H4sIAAAAAAAAA02PwWoDMQxEf6U/EDOWZFvOub22kJIP8G52odBSSCHkMB9f7baFeg6W5MdoLBA9oB+kPWQ9lnqUxp5TRzJJuRifX060zHETT/PnB00qSqd466WyQV09Om0wY++05q20Sg8MgspcqERIigYSVQLUWu0VVrV0i43g+fWRT+cTc0INm99LqMBdCpj3JDTQosZ9cyw+z4hlPc+Xae15ccWYRDBsXVyWDeRI12W8f11ve3z8KCGrxLP8DUKHjdZsKhEzDriP39br+FjIf+SmtpvHrzorzbeA7Auyuy916OTSxqXJKA0r5uliU52/AQnjg55tAQAA HTTP/1.1
Host: syndication.realsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://a.realsrv.com
DNT: 1
Connection: keep-alive
Referer: https://a.realsrv.com/
Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%2265146ccb3bf4d6.705499453100642344%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 27 Sep 2023 17:56:27 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: https://a.realsrv.com
Access-Control-Allow-Credentials: true
Set-Cookie: __upt=%7B%22v%22%3A1%2C%22id%22%3A%220%22%2C%22pcma%22%3A%22%22%2C%22acma%22%3A%2299.0199%22%7D; expires=Fri, 26 Sep 2025 17:56:27 GMT; path=/; domain=.realsrv.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
go.141live.com/thumbs/view
217 B URL go.141live.com/thumbs/view
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerZeroSSL
Subjectgo.141live.com
FingerprintFE:CA:B2:DE:0F:68:2C:D0:03:75:12:F0:72:F6:00:65:EB:07:73:D5
ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT
File type JSON data\012- , ASCII text
Hash d63cd32f81da2c4207ae90ced9b651cf
d008791a1594316b57838928c6e02cd19a825a36
10f681eb01877835a8bee169a92397621066d359b04bd37b0502db41f83311ad
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /thumbs/view HTTP/1.1
Host: go.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 86
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-origin: https://av28.com
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Wed, 27 Sep 2023 17:56:27 GMT
server: Caddy, nginx
strict-transport-security: max-age=15768000
content-length: 217
X-Firefox-Spdy: h2
av28.com/ajax/video_tag
14 kB IP
Hash 9bef4f964337b6d35030ef108fb2f692
2d70fd109e1c0ce3bc31d2628ac5172815d8a6ee
22648b3599799e8538e9e5ebec79389fac77a795cbe00d6178e8ee3a0370dfdf
POST /ajax/video_tag HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 22
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90; __PPU___PPU_SESSION_URL=%2Fvideo%2F39310%2F%25E6%25AF%258D%25E4%25B9%25B3%25E3%2583%259E%25E3%2583%259E%25E5%25A4%25A7%25E5%25A5%25BD%25E3%2581%258D-%25E8%25B5%25A4%25E3%2581%25A1%25E3%2582%2583%25E3%2582%2593%25E3%2581%25B8%25E3%2581%25AE%25E6%258E%2588%25E4%25B9%25B3%25E3%2582%25B7%25E3%2583%25BC%25E3%2583%25B3%25E3%2582%2582%25E3%2581%2582%25E3%2582%258A%25E3%2581%25BE%25E3%2581%2599; _ga_BLW3ECK0PN=GS1.1.1695837387.1.0.1695837387.0.0.0; _ga=GA1.1.167139191.1695837387
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: text/html
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G%2Ft8v53s%2Fj58zMSBe%2F4Q%2FCCa1Z0Xblnt1%2Bzm20XY2nOtMgdlaBLShbY%2BGqZcXHf8HmV2M09plP9QZyyfHFhMomF6io%2F1pZilDHQBhlnUI4PGD8BW1%2BSRI8q%2Fog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80d59f961b65b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.xlivesex.com/checkUrl
200 OK 15 B IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerCloudflare, Inc.
Subjectgo.xlivesex.com
Fingerprint12:12:AD:50:C3:B2:0B:3E:A8:3A:9E:36:09:26:1F:A1:69:75:60:19
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sun, 04 Feb 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: go.xlivesex.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: application/json
content-length: 15
access-control-allow-origin: https://av28.com
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuDFRFiBZBvMSLtrt9a1bWqoF8S1xaGEcN9XQivLag; SameSite=None; Secure; path=/; expires=Thu, 28-Sep-23 17:56:27 GMT; HttpOnly
server: cloudflare
cf-ray: 80d59f97df991c16-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.141live.com/widgets/Spot/lib.js
82 kB URL creative.141live.com/widgets/Spot/lib.js
IP
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, from Unix\012- data
Hash a375f18a6b3196e85c875f77a3864e5c
b2dbaf2ac3c7fc534ba7d49f756fbc3578883106
913230f894c2a7281cd78ae93412316905fe6f7202658ad692ceede20c7798c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /widgets/Spot/lib.js HTTP/1.1
Host: creative.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=10
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Wed, 27 Sep 2023 17:56:25 GMT
etag: W/"65112d87-45ea5"
expires: Wed, 27 Sep 2023 17:56:35 GMT
last-modified: Mon, 25 Sep 2023 06:49:43 GMT
pragma: public
report-to: { "url": "https://go.141live.com/report", "max_age": 1048576 }
server: Caddy, nginx
strict-transport-security: max-age=15768000
vary: Accept-Encoding
X-Firefox-Spdy: h2
go.141live.com/checkDomainResult
0 B URL go.141live.com/checkDomainResult
IP
ASN #39572 DataWeb Global Group B.V.
Certificate IssuerZeroSSL
Subjectgo.141live.com
FingerprintFE:CA:B2:DE:0F:68:2C:D0:03:75:12:F0:72:F6:00:65:EB:07:73:D5
ValidityMon, 14 Aug 2023 00:00:00 GMT - Sun, 12 Nov 2023 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST /checkDomainResult HTTP/1.1
Host: go.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av28.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 175
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
access-control-allow-origin: https://av28.com
alt-svc: h3=":443"; ma=2592000
date: Wed, 27 Sep 2023 17:56:27 GMT
server: Caddy, nginx
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2
b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_init_AySLa0qSdNNnLOeu.mp4
1.2 kB URL b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_init_AySLa0qSdNNnLOeu.mp4
IP
File type ISO Media, MP4 Base Media v5 \012- data
Hash 6b5797c6c875d29631baaee559ea21d3
c3e01d126cde8b9f0718715a548c329078c4d3f2
3327593730e719c4d6a584a01f1026c924bf4f296e50b9d9890e8951c8525939
GET /hls/63188730/63188730_480p_init_AySLa0qSdNNnLOeu.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: video/mp4
content-length: 1218
last-modified: Wed, 27 Sep 2023 15:26:23 GMT
etag: "6514499f-4c2"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 7
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f9a3ce7b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_4540_ea1WU7JFd3ncK2Yl_1695837378.mp4
200 OK 294 kB URL GET HTTP/2 b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_4540_ea1WU7JFd3ncK2Yl_1695837378.mp4
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 294 kB (293619 bytes)
Hash d8633541d8eb66a154c4882b01403721
76a6b6f46659ee0f27e800d855bc159164691df2
d9b88ae24d59b63bbed9ef2390ac5516fdb03e700a1de9f7ded31e4d9954ce91
GET /hls/63188730/63188730_480p_4540_ea1WU7JFd3ncK2Yl_1695837378.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 27 Sep 2023 17:56:27 GMT
content-type: video/mp4
content-length: 293619
last-modified: Wed, 27 Sep 2023 17:56:20 GMT
etag: "65146cc4-47af3"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 4
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f9a7d10b518-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_4541_vK98zO9nGOPaq0o2_1695837380.mp4
200 OK 312 kB URL GET HTTP/3 b-hls-17.doppiocdn.com/hls/63188730/63188730_480p_4541_vK98zO9nGOPaq0o2_1695837380.mp4
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 312 kB (311646 bytes)
Hash 24bf5da3c383c8772141ba5c88277772
86e3ef88e63dcc9e5db5f698782b208600fec714
7ac6eb4eca682933ac4918e9616aa77206cc81518b45c2dae44d10b27319baa3
GET /hls/63188730/63188730_480p_4541_vK98zO9nGOPaq0o2_1695837380.mp4 HTTP/1.1
Host: b-hls-17.doppiocdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://av28.com
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:28 GMT
content-type: video/mp4
content-length: 311646
last-modified: Wed, 27 Sep 2023 17:56:22 GMT
etag: "65146cc6-4c15e"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f9b2e5cb51b-OSL
alt-svc: h3=":443"; ma=86400
av28.com/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.js
200 OK 14 kB URL GET HTTP/3 av28.com/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.js
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
Hash e41c5f55265638f2d9e6bea96e2e63a7
eae53bd6e481a4de33455ae284a21a5114ceba53
d825a9df663f280b8e0fc90257001b2aa39689d4a2fc13b5f8ef60a0c0d73562
GET /media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.js HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: application/javascript
last-modified: Thu, 28 Sep 2017 21:33:59 GMT
etag: W/"59cd6ac7-3604"
expires: Fri, 30 Aug 2024 15:00:54 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 2343346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zscSvGnmO%2B6UaMdfsPMNfwIz5qt9hslMyVL9t%2B026dRCIo0Wc3mAzeuq6m7T1w7FUU6Xw6324TEqBCTZj8n9GbFUgI4JL23Pd66fQqZ89CBX4lfM6T64mztOVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f85fc76b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fnbauniukvi.com/i/npage/1977191/code.js
200 OK 144 kB URL GET HTTP/2 fnbauniukvi.com/i/npage/1977191/code.js
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerBuypass AS-983163327
Subject
FingerprintAC:8C:60:DF:88:D6:E9:33:1F:77:0E:F1:7A:2E:16:DB:10:EA:52:F9
ValidityWed, 31 May 2023 12:58:33 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with very long lines (65107)
Size 144 kB (144148 bytes)
Hash 645599d45fa95fbbb001e2d51677c46d
00f787dbc0e7411000e9e0937c39433c83f8ae2c
8f7784b6f64ca77132fe19d65ae166b55b941cf3056512b1f2499fc24ebfa662
GET /i/npage/1977191/code.js HTTP/1.1
Host: fnbauniukvi.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 27 Sep 2023 17:56:25 GMT
content-type: application/javascript
last-modified: Tue, 26 Sep 2023 14:32:48 GMT
vary: Accept-Encoding
etag: W/"6512eb90-2335d"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
creative.141live.com/widgets/Spot/hls.4cfa5b780bfed20a8b26.js
200 OK 61 B URL GET HTTP/2 creative.141live.com/widgets/Spot/hls.4cfa5b780bfed20a8b26.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerLet's Encrypt
Subjectcreative.141live.com
Fingerprint74:7A:73:89:9B:1F:F2:3D:FE:08:25:CF:DA:F8:2D:31:72:9F:BE:B2
ValidityTue, 22 Aug 2023 13:29:07 GMT - Mon, 20 Nov 2023 13:29:06 GMT
File type ASCII text, with no line terminators
Hash 22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /widgets/Spot/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.141live.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=10
content-type: application/javascript; charset=utf-8
date: Wed, 27 Sep 2023 17:56:27 GMT
etag: "65112d87-3d"
expires: Wed, 27 Sep 2023 17:56:37 GMT
last-modified: Mon, 25 Sep 2023 06:49:43 GMT
pragma: public
report-to: { "url": "https://go.141live.com/report", "max_age": 1048576 }
server: Caddy, nginx
strict-transport-security: max-age=15768000
content-length: 61
X-Firefox-Spdy: h2
av28.com/templates/frontend/dark-magenta/css/responsive.css
200 OK 2.1 kB URL GET HTTP/3 av28.com/templates/frontend/dark-magenta/css/responsive.css
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerGoogle Trust Services LLC
Subjectav28.com
FingerprintE3:80:32:3B:D6:D8:65:E6:56:66:22:62:4B:AB:62:15:3D:6C:55:E2
ValidityThu, 17 Aug 2023 05:23:15 GMT - Wed, 15 Nov 2023 05:23:14 GMT
File type ASCII text, with very long lines (2382), with no line terminators
Hash 7dcfe810f20f5ebd3ad24f77059912ef
f46d7034ef7eac7432b0eca0bf299ed336ac5535
9cf33a1f17af6c96df0eebb39975c38f990fe8c615e2d0b16e73a24b477114b2
GET /templates/frontend/dark-magenta/css/responsive.css HTTP/1.1
Host: av28.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Cookie: AVS=qo55c6ud04efb4mgc31sg15j90
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 27 Sep 2023 17:56:24 GMT
content-type: text/css
last-modified: Thu, 28 Sep 2017 22:04:48 GMT
etag: W/"59cd7200-848"
expires: Fri, 30 Aug 2024 13:09:41 GMT
cache-control: public, max-age=31536000
cf-cache-status: HIT
age: 2350020
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMnIHM%2BjNSZq7UJ3zabiXZjGAnZr0aEdDEm87kxBRQID0RNsIwaqHKnb2AwsneQagDjtzfRgvezzLzVq0HADoGjR%2FR1lMxu1WAOHI9XFjLjenIa0Ed46f1hh5g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80d59f857c22b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
media2.drivecdn.com/media/videos/hd/39310.mp4?st=kzgZ-vyiUi_7VZRY9wqOVA&e=1695841003
206 Partial Content 639 kB URL GET HTTP/1.1 media2.drivecdn.com/media/videos/hd/39310.mp4?st=kzgZ-vyiUi_7VZRY9wqOVA&e=1695841003
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerSectigo Limited
Subjectmedia2.drivecdn.com
FingerprintCB:7A:81:EB:F5:CD:CD:07:70:BD:FE:C8:99:EC:12:C4:3C:D3:E2:41
ValiditySun, 02 Apr 2023 00:00:00 GMT - Wed, 03 Apr 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 639 kB (638619 bytes)
Hash 1a91b8d95b02b077c8ccf08447d241ae
9ceb7ea837fc9cc622cb8027781a83ad39190505
a2f32e7fa6c4e8dfc7994fe525d0e897aec7512272807359dd2b5f190f9d2958
GET /media/videos/hd/39310.mp4?st=kzgZ-vyiUi_7VZRY9wqOVA&e=1695841003 HTTP/1.1
Host: media2.drivecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 206 Partial Content
Server: nginx/1.10.2
Date: Wed, 27 Sep 2023 17:56:25 GMT
Content-Type: video/mp4
Content-Length: 131137536
Last-Modified: Fri, 04 Jan 2019 05:26:12 GMT
Connection: keep-alive
ETag: "5c2eee74-7d10000"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Range: bytes 0-131137535/131137536
lwonclbench.com/get/1977189?zoneid=1977189&jp=_clafbjei4v1vmdjh3ppc53&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
200 OK 4.2 kB URL GET HTTP/2 lwonclbench.com/get/1977189?zoneid=1977189&jp=_clafbjei4v1vmdjh3ppc53&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1
IP
Requested by https://av28.com/video/39310/%E6%AF%8D%E4%B9%B3%E3%83%9E%E3%83%9E%E5%A4%A7%E5%A5%BD%E3%81%8D-%E8%B5%A4%E3%81%A1%E3%82%83%E3%82%93%E3%81%B8%E3%81%AE%E6%8E%88%E4%B9%B3%E3%82%B7%E3%83%BC%E3%83%B3%E3%82%82%E3%81%82%E3%82%8A%E3%81%BE%E3%81%99
Certificate IssuerBuypass AS-983163327
Subject
Fingerprint95:12:7F:5F:DE:9F:23:25:E3:DE:0C:01:AA:16:11:E5:1D:29:CC:DB
ValidityWed, 31 May 2023 13:50:30 GMT - Sun, 26 Nov 2023 22:59:00 GMT
File type ASCII text, with very long lines (4549), with no line terminators
Hash 1c89ea73e947d7aa3b7f74bbce7e04dd
f316941b2123323ac6b11fa53c06e40390bb8635
a486e78509fb9c09deb3a080c1fd799da822d9182bfe66edbcbedbbd7d939765
GET /get/1977189?zoneid=1977189&jp=_clafbjei4v1vmdjh3ppc53&nojs=0&abvar=0&febuild=1.0.158&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=1280&y=1024&md=0&cid=8273912723596800&sp=1&im=1 HTTP/1.1
Host: lwonclbench.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av28.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 27 Sep 2023 17:56:26 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
UID=230927125621df2c4f79224ec1be3e71bcdb; Path=/; Expires=Wed, 30 Oct 2024 17:56:26 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
172.67.166.129
45.131.145.131
185.76.9.18
23.36.76.200
62.122.171.6
104.22.58.221
192.99.91.19
0.0.0.0