missav.com/fonts/inter-v3-latin-500.woff2
104.26.15.15200 OK 18 kB URL GET HTTP/3 missav.com/fonts/inter-v3-latin-500.woff2
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 17996, version 1.0\012- data
Hash 4f63cf7f7cf530285668c21675dd86ea
8c60c678adc8c2c18e74219fc74441ef1015727d
73f41ad718ee0f9f8e9af244dabe4f9b947efe7748d1c05aac7db2c267de226e
GET /fonts/inter-v3-latin-500.woff2 HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: application/octet-stream
content-length: 17996
last-modified: Thu, 13 Jul 2023 10:37:00 GMT
etag: "64afd3cc-464c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=7200
cf-cache-status: HIT
age: 4376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDUmw5E9%2FOz9ZQjBxCPN7lzimRpqzmi6fnUqRF%2FqtkxWUSw3GTbunvyan97k2tg%2BuuKIdaQ7PElHMWwx9ojeOgoNwD7j00Wg5tXoYQaHxOWgqMfq1RvE5dT450w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af76b93a56bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/fonts/halant-v8-latin-500.woff2
104.26.15.15200 OK 19 kB URL GET HTTP/3 missav.com/fonts/halant-v8-latin-500.woff2
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 19160, version 1.0\012- data
Hash 4260fc7f9c31933da88df7ae54b736fd
2b27fbb34bc625848060800256cc4c3ef07b6413
9b6ed215c7918c932945b4b47580c4c612d98bd0ae9b1821dce7bb74e5abb627
GET /fonts/halant-v8-latin-500.woff2 HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: font/woff2
content-length: 19160
last-modified: Sun, 08 Oct 2023 22:32:42 GMT
etag: "65232e0a-4ad8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=7200
cf-cache-status: HIT
age: 4376
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gd4VdLFP7%2B2lqMbU%2FUVzWSduTVylwP7UmKoBvO85NUjAntME8bqSO6EpJAom8EkeiGhboZ0%2FBtUtYo%2B2xVHeR7PQisq2FtCNNhYvqRIok4Q2TKea9yjkSLdiGuc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af76d94956bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/south-korea.png
104.26.15.15200 OK 800 B URL GET HTTP/3 missav.com/img/flags/south-korea.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash eed448191de1694fe2a03e059f5cf57f
adca687ccbf44fe8e56fdfd360c166c1d2859982
32ff39f3afd12b6b3e100bc0389cb658ffd5a0947c0e74d4222f1eddddec9ebc
GET /img/flags/south-korea.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1614
content-disposition: inline; filename="south-korea.webp"
vary: Accept
etag: "6514d831-64e"
last-modified: Thu, 28 Sep 2023 01:34:41 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIGD7E6vsJYhJUqC15V3ZHBopD1EIq0tBdRG68PfeE9mNaVJYPq%2FkUkx%2FMJTnLsezv4tLajOKR%2BNzJTjrR%2F90bl0T4MDPSpPFZdRqW6ynKZAhftalJUUSMKPD%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096356bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/japan.png
104.26.15.15200 OK 304 B URL GET HTTP/3 missav.com/img/flags/japan.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5ee028d1ae6e1d1e5a39988095b4d431
e7c58e576838e9f215d86f805fc9aad594d49f18
01daf16de512296e8acafc94dabb547b8bbfaef11a6aeb6b3104008f12db9933
GET /img/flags/japan.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 304
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=441
content-disposition: inline; filename="japan.webp"
vary: Accept
etag: "65232e00-1b9"
last-modified: Sun, 08 Oct 2023 22:32:32 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCIpHVPHoOoxnI7PjIKs8iXfeDUaU9eAbUdzdjolhlQRiMIadZljHxRiSNSie6cM6rB%2FzRLU%2FwxEKnPbsq8oBbUihDHcbtAEAUFHU2Ck2Bx6rTBLJR2zWs4Ry2I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096256bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/hong-kong.png
104.26.15.15200 OK 512 B URL GET HTTP/3 missav.com/img/flags/hong-kong.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7afc3d806446c40787cb93f5413a80e3
21c2dc2d7aa5594f2cf0e814f907439b0c6b7583
42903119529288eebafc4851f0cc061bb33459c0ab62853cbded6f490db75191
GET /img/flags/hong-kong.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 512
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=821
content-disposition: inline; filename="hong-kong.webp"
vary: Accept
etag: "65232df9-335"
last-modified: Sun, 08 Oct 2023 22:32:25 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1m2Ko0vSs9kPlH%2BwzFw85%2FFA34QVToQwqhZ0ePo5d7jWJv5Qel9ZmHWbttp7G1pZU71r3TxBfD8EJI7KUcBqqgzm%2FGdv0BAmsbiq6WjRCHxnVoJ6fPjheIrGeHA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096056bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/malaysia.png
104.26.15.15200 OK 784 B URL GET HTTP/3 missav.com/img/flags/malaysia.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash f57406ae56047f6ed7f045851c0844c8
dcc7488775578d1d04e30baadbfde4c0ef3313d6
189cfe86b591369f69806f31bb3fe4be9c377d97168cf20f1e1e55f9cd3b3d0d
GET /img/flags/malaysia.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 784
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1332
content-disposition: inline; filename="malaysia.webp"
vary: Accept
etag: "6501a96f-534"
last-modified: Wed, 13 Sep 2023 12:22:07 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DqAoO18t5EnYlDqqz8YTqlKL1NPttVspKg4A7Ubgz46dDor49PfohP%2Fkhf49p5wgIuRAg%2FKYw0S2W18BXsKPMvyFBN5oyJ%2FJ6u%2Fgwyn2oFDX01HdSZJDau5C1Fg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096456bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/united-kingdom.png
104.26.15.15200 OK 2.2 kB URL GET HTTP/3 missav.com/img/flags/united-kingdom.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 6beb452cb7d148df9efce53c739698fd
f4a800da733a2f279c4f0f2d17faf7c221c2f173
ad9ea974ebbf56a618323a91635cb0c538c26714a40e03c5040f608d06b56dab
GET /img/flags/united-kingdom.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/png
content-length: 2243
cf-bgj: imgq:100,h2pri
cf-polished: status=cannot_optimize
etag: "64afd3cc-8c3"
last-modified: Thu, 13 Jul 2023 10:37:00 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gnrlLbBVUkwFh3th2R9HVhzWx%2BvAJOQ1TYrYhupQGMJjhxS6Q%2Bavx%2B4HkwAN5tARX%2FBmzvpVzW4ITuI%2FLeuiUh2JFL%2FlOypYt2vG6kXduj8LVM1lXNuhSOCQvrQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77095f56bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/china.png
104.26.15.15200 OK 578 B URL GET HTTP/3 missav.com/img/flags/china.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0e7274e3cf633b5c0d810458fab597a5
b6d6f7d6a84ba30c846be7803715388b6203b8a1
6443a48da4b91109cdc2a92b7b98773cbbb24b71993b0ef7edc98997e66a47c7
GET /img/flags/china.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 578
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=1205
content-disposition: inline; filename="china.webp"
vary: Accept
etag: "65232ddb-4b5"
last-modified: Sun, 08 Oct 2023 22:31:55 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xI1EwdLC4fnWNRA%2FQ%2FBuCDuRjLtqUTM5G6YfpimN0csI1IUQwnWRXPt4L8T1k8LnMoSVv6xiX8GdjE7RiwXbcFSEq9HAQ4%2F3fHcfbIRZCh8QIWUNp5xavfqsbNU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096156bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/thailand.png
104.26.15.15200 OK 512 B URL GET HTTP/3 missav.com/img/flags/thailand.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash bb09cc6b90f0d7ca807d9961424c154f
fc086295735f7515d85e56f8c81c745e3613c77a
48346ebaca6a370a0b6f15aa6760dc1397fa8a231c0b8df013c9f8b6cc8e4945
GET /img/flags/thailand.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 512
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=916
content-disposition: inline; filename="thailand.webp"
vary: Accept
etag: "6501a96f-394"
last-modified: Wed, 13 Sep 2023 12:22:07 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ft%2BP9S%2BlAmJJzGZ7CITKnBWdp1DGV4IOrfCVEGff0e2ekTYMOrECJLaZ1y9hO8czDmnyJfWVFd39Ammt0JhzYOajx7TVDIyD8h11fc%2B7EqoMGp13vYLRXNjMGDI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096556bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/germany.png
104.26.15.15200 OK 462 B URL GET HTTP/3 missav.com/img/flags/germany.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9dff18560dda0f5629cd95a5d5958486
29bd0db0bcdbb83348aeef9e2a798dac38b44365
c8ebcf74ade106acd12b611cc26337d79735e86d899a2295eee0946a1735916f
GET /img/flags/germany.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 462
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=714
content-disposition: inline; filename="germany.webp"
vary: Accept
etag: "65232e00-2ca"
last-modified: Sun, 08 Oct 2023 22:32:32 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M7mH%2B5ZcCrJQua2VyqTsD3OmuN4QhjHo9gcgnlcCU36RbUdyo4BsBowK4x3QznwiCOuT4nZxxbDdO0X5j749dK7O7l6A%2FcVQzNc%2BTjFRAGqmSrmuCTCEQjUzxGo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77096656bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/france.png
104.26.15.15200 OK 558 B URL GET HTTP/3 missav.com/img/flags/france.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 09376fea835ce4485e54c26fd14df413
f8fea532bd557ebcd7eb5ae40b661d4ae49cc473
9c805192cb0481546c598914a0a545fa6e68e77cfbf4fd631fcfc5cf5f154490
GET /img/flags/france.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 558
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=970
content-disposition: inline; filename="france.webp"
vary: Accept
etag: "65232dd2-3ca"
last-modified: Sun, 08 Oct 2023 22:31:46 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8VOTRc4sdmUhrx7qnaf7YYIE1byAddvYGiyy%2Bj5yBIDJmhjsC7sGu76xyh3t39QS1Jq5AFd34qhuyTJG4Nv%2FqyOb19ARJ0FJnk4SzQzLYL8DU9yh%2BxYu%2BM8mUtE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77197156bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/vietnam.png
104.26.15.15200 OK 1.8 kB URL GET HTTP/3 missav.com/img/flags/vietnam.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ce01165fbf9ac4d43458904f5c2447a1
607ef5a689831cc4f193cc97d475f9c7f87f9728
2fd8952acf4e60016fe64bd442bce003cea766e5525629c37da7763e1909009e
GET /img/flags/vietnam.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/png
content-length: 1807
cf-bgj: imgq:100,h2pri
cf-polished: status=cannot_optimize
etag: "6514d831-70f"
last-modified: Thu, 28 Sep 2023 01:34:41 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5g4kBUvHSlN88bVQbGiHOngSVrZC90PpBVtpu4r9e2U8c1TVWMVKZnwjUsbMWFvjt1WFlQFQPl9s8LvzT5pujMnsv2BkXt1mrQk8fjhne4Ib6Q7CfEJExFL64VU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77197256bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/indonesia.png
104.26.15.15200 OK 1.4 kB URL GET HTTP/3 missav.com/img/flags/indonesia.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d154d29effd0af1d62340d1ca8aa9da
2b2006cbf5bf3761c5df758f3244d7ae8c5a249c
d870bff0bea4df160ffe1e7e40417adf65dc04d32189ff53342e535c35ca6c81
GET /img/flags/indonesia.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/png
content-length: 1392
cf-bgj: imgq:100,h2pri
cf-polished: status=cannot_optimize
etag: "65232df9-570"
last-modified: Sun, 08 Oct 2023 22:32:25 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AQ1YN%2BcnVFkG8hCJeF4TWSmdiDEFDForF%2FAda%2BSlvPd02qEcZe6AERb0c2IczOR7GIc%2BP%2FLftMLDzl4ATEMa%2Fpsc1RwfAYeqp8c5IUHhjxwBDTWHKeh7WqMUQHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77297956bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/philippines.png
104.26.15.15200 OK 2.3 kB URL GET HTTP/3 missav.com/img/flags/philippines.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash ad4982ee0e7674c030d72d58cedd508c
f05efe1242d8ea90d7c8a42099db0c49bb998a07
85d0d543ae4a197e385142a8bfa4f14c006564de74e48ea3e109cbe776fb3dc3
GET /img/flags/philippines.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/png
content-length: 2331
cf-bgj: imgq:100,h2pri
cf-polished: status=cannot_optimize
etag: "647fb540-91b"
last-modified: Tue, 06 Jun 2023 22:37:52 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PiOp0yw8RJE9AxNtxB3r%2FifKfG86mzK7GwvLcyQN7LNYc4CeImJQ5nilA1AeWAzYj8uKmz2GKHyDdejDjnZzL3WjpyShJOI9VM3T2gjILGF8McjRhjjn2KJ6wAY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77297a56bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/flags/brazil.png
104.26.15.15200 OK 2.9 kB URL GET HTTP/3 missav.com/img/flags/brazil.png
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash c0e37d29f00b5b263083ab6be7530519
63237073d3a8f753091616758046864412bf6571
4c8aa26ffd2bfbf03a772c35b67c729173beb625b445df05fc3e6d059a276c7a
GET /img/flags/brazil.png HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/png
content-length: 2937
cf-bgj: imgq:100,h2pri
cf-polished: status=cannot_optimize
etag: "647fb543-b79"
last-modified: Tue, 06 Jun 2023 22:37:55 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4893
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5I%2BU6V%2F%2Fz%2FTk8dfLZiBkCDshcZR2xHpXT65vja10ctH890iJ0QorVbjI07j2VXqStWmRVTfG9MGGlq8qSdFSsaR7hw3gouCfMxAcbi2h%2BPhGEMsu%2BJih9nuzNYA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77598656bd-OSL
alt-svc: h3=":443"; ma=86400
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.min.js
104.17.24.14200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.min.js
IP 104.17.24.14:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b51ba0c331aa677c2ebfbf39679c613a
df7fcc8f8c7490020fca08a9527d2b36abd8215e
f034c3fb782f8ef29764a041013abbcc04b69c9ca8467706f413c2ba541d7120
GET /ajax/libs/plyr/3.6.8/plyr.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 28118
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60be4789-6dd6"
last-modified: Mon, 07 Jun 2021 16:21:29 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 855094
expires: Sat, 23 Nov 2024 05:35:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKTy%2BQTWCBfBvHRooAoqBmviCwVjbU%2FLlNeAumDt7bTswhwEnFVQBd5%2FygjNoMCLd19UkYz7hHiJB1VXVjijlagJJ7JL3hKCS05sn2V1QBHZ2Z4gk9tFTLk4si8Vc7IWIuw2pJIQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8301af77796f712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.css
104.17.24.14200 OK 4.6 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.css
IP 104.17.24.14:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (34636), with no line terminators
Hash cdcdf7547a296a9e24ddb81b86256a43
f2b55380b5a008e674c556ed7b4143a4e526d3d1
2e42e95156a96676901f6d3e83d9eb24e5b92f47dbdcd35a902ce979d2c07149
GET /ajax/libs/plyr/3.6.8/plyr.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: text/css; charset=utf-8
content-length: 4566
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "60be4789-11d6"
last-modified: Mon, 07 Jun 2021 16:21:29 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1034322
expires: Sat, 23 Nov 2024 05:35:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w3eHeAJgxgK7ECtmRP9Ng0%2BNHSkQ6QehEu7szRsIwzXpm6txdmNvdOto7W59vX75ZSPJvrMJAFl41uSPnwRDvG3x4q8shrmBPMMqIjXzyflimqWL8bkkLFDK%2BPfO%2FGLnBnCRNTXq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8301af778976712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.3/hls.min.js
104.17.24.14200 OK 92 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.3/hls.min.js
IP 104.17.24.14:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b023020b9cdbb9730a17a100594384f1
ef0ca4d7fb76bbf30807807b2cdbca7c72812260
d259dc4b99fe853191f5ff0117e279493e334fb2abe4b19d910698f3a7c8d00d
GET /ajax/libs/hls.js/1.4.3/hls.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 92412
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "64c91f15-168fc"
last-modified: Tue, 01 Aug 2023 15:04:53 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1036492
expires: Sat, 23 Nov 2024 05:35:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jVdT%2Fkh%2FdoIe9SVCbQtJhgYRZnx6aJzPp5dIcBFGj6EA033CMm06XTJ97wkUXmeRYKCUsbf8fmwFoJrQqYAFQolCVgRZXvTXDSxNoZzZGjBfG3EXpPrmA4BrAjHX4NtsDdqKt7Ju"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8301af77b986712b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
missav.com/dm54/en/prtd-022
104.26.15.15200 OK 28 kB URL User Request GET HTTP/2 missav.com/dm54/en/prtd-022
IP 104.26.15.15:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (904)
Hash ab1074355e51e52e9fe78e7b9d80b72d
71c653e70b0deb3657396fa24af5ce1c00e77749
ba78ab5e0999d32dc7cf18a6f352ee87bdf252b559daa904d5f9aa9df4053209
GET /dm54/en/prtd-022 HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:19 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: private, max-age=7200
link: <https://cdn82.bestjavcdn.com/prtd-022/cover.jpg?class=normal>; rel="preconnect", <https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.min.js>; rel="preconnect", <https://missav.com/js/plyr-plugin-thumbnail.js>; rel="preconnect", <https://cdnjs.cloudflare.com/ajax/libs/hls.js/1.4.3/hls.min.js>; rel="preconnect", <https://cdnjs.cloudflare.com/ajax/libs/plyr/3.6.8/plyr.css>; rel="preconnect", <https://missav.com/build/assets/app.b429f00f.css>; rel="preconnect", <https://missav.com/build/assets/app.1aad5686.js>; rel="preconnect", <https://missav.com/fonts/inter-v3-latin-500.woff2>; rel="preconnect", <https://missav.com/fonts/halant-v8-latin-500.woff2>; rel="preconnect", <https://missav.com/img/flags/hong-kong.png>; rel="preconnect", <https://missav.com/img/flags/china.png>; rel="preconnect", <https://missav.com/img/flags/united-kingdom.png>; rel="preconnect", <https://missav.com/img/flags/japan.png>; rel="preconnect", <https://missav.com/img/flags/south-korea.png>; rel="preconnect", <https://missav.com/img/flags/malaysia.png>; rel="preconnect", <https://missav.com/img/flags/thailand.png>; rel="preconnect", <https://missav.com/img/flags/germany.png>; rel="preconnect", <https://missav.com/img/flags/france.png>; rel="preconnect", <https://missav.com/img/flags/vietnam.png>; rel="preconnect", <https://missav.com/img/flags/indonesia.png>; rel="preconnect", <https://missav.com/img/flags/philippines.png>; rel="preconnect", <https://missav.com/img/flags/brazil.png>; rel="preconnect"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
last-modified: Mon, 04 Dec 2023 05:34:42 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofF6hdQi92uqtJf6ydGhW%2FKSiNBDL5PNorus7EePW%2F2G12O%2B3p9q7P18JPPDS%2FQMGtGJf0mXuZwWAnCM1BazkX9QqapbNgNeovTiOcaLzFkLr%2B2Yxvs4TtVx8%2FU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af72bc05b50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn82.bestjavcdn.com/prtd-022/cover.jpg?class=normal
138.199.37.232200 OK 638 kB URL GET HTTP/2 cdn82.bestjavcdn.com/prtd-022/cover.jpg?class=normal
IP 138.199.37.232:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn82.bestjavcdn.com
Fingerprint63:42:6A:9C:F4:D6:2B:40:EB:58:57:F7:16:73:57:79:63:44:24:F4
ValidityTue, 14 Nov 2023 13:39:47 GMT - Mon, 12 Feb 2024 13:39:46 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 638 kB (638544 bytes)
Hash e9bc6eccbbe70c86f77989364f57e4b7
2df7332f989566cf99afe7c85e99de6fc041a872
a2c473c8b82f621d3d7ae8e01b0b8bfe99a78c6eb115e58307790310d49a185e
GET /prtd-022/cover.jpg?class=normal HTTP/1.1
Host: cdn82.bestjavcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: image/webp
content-length: 638544
server: BunnyCDN-DE1-874
cdn-pullzone: 411370
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Sun, 03 Dec 2023 23:47:46 GMT
x-bo-server: DE-223
x-downloadsize: 195293
x-bo-origindownloadtime: 56
x-bo-processingtime: 5
x-bo-compressionratio: 0%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 12/03/2023 23:47:46
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: 80325c6dcc8c028cf7d330f4e5fc37bf
cdn-cache: HIT
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PWZZCPP
142.250.74.168200 OK 64 kB URL GET HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PWZZCPP
IP 142.250.74.168:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3026)
Hash 679e086d82a1e580b347617247fabf11
2f85e7ab7095dfd169e1edc6f3473bb9be225056
3d637e3bfd17a9f88f75883f199d1c3cae0d16857b625a303b074276e0e99a2d
GET /gtm.js?id=GTM-PWZZCPP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 05:35:20 GMT
expires: Mon, 04 Dec 2023 05:35:20 GMT
cache-control: private, max-age=900
last-modified: Mon, 04 Dec 2023 03:51:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 63953
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
video.ktkjmp.com/adsbygoogle.js
104.18.62.235200 OK 16 B URL GET HTTP/2 video.ktkjmp.com/adsbygoogle.js
IP 104.18.62.235:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectvideo.ktkjmp.com
Fingerprint02:C1:75:9D:DD:6A:66:20:9E:A3:46:1B:5E:A4:87:83:5A:09:92:93
ValiditySun, 02 Jul 2023 00:00:00 GMT - Mon, 01 Jul 2024 23:59:59 GMT
Hash 3d7f7a60216d40dea48e495fef6903c9
fecdb5184f55cf012563d78940eb97b10b9cc99b
96d83ac9f20fc0b88404f307f135e212642e02d6ea295c96b28aed0d771a224f
GET /adsbygoogle.js HTTP/1.1
Host: video.ktkjmp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:21 GMT
content-type: application/javascript
content-length: 16
x-amz-id-2: xnEiGtzlNOz2wnH88WIP1p+gsvfjdwt/cku9K+LlTNShfNdf2Sf6cxYAer61+1HWFneWGw5Aihc=
x-amz-request-id: QAQ1XC89DJZVWHJQ
last-modified: Thu, 10 Mar 2022 13:52:07 GMT
etag: "3d7f7a60216d40dea48e495fef6903c9"
x-amz-meta-s3cmd-attrs: atime:1646920284/ctime:1646920283/gid:20/gname:staff/md5:3d7f7a60216d40dea48e495fef6903c9/mode:33188/mtime:1646920283/uid:501/uname:mikhailchubar
x-amz-version-id: eIgLIBoMMcsEXtxOH6UDjWyfAquRpkIG
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
cf-cache-status: HIT
age: 4885
expires: Mon, 04 Dec 2023 09:35:21 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af81ad6d568f-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hartattenuate.com/62/bd/ca/62bdca270715b3b43fbac98597c038f1.js
173.233.137.44200 OK 16 kB URL GET HTTP/1.1 hartattenuate.com/62/bd/ca/62bdca270715b3b43fbac98597c038f1.js
IP 173.233.137.44:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjecthartattenuate.com
Fingerprint96:FA:B4:8A:81:F5:8F:84:BC:29:2D:D8:98:E5:F9:02:2F:1F:09:3A
ValidityMon, 06 Nov 2023 06:45:58 GMT - Sun, 04 Feb 2024 06:45:57 GMT
File type ASCII text, with very long lines (42864), with no line terminators
Hash 7eeb24271f7c2be848fcc5d4dabd08ec
09535469953ba8adf36289e8315eaafeaceb4fe0
2e2477a59dcbde52188bffa09444591974a2fcec89dadfd2a8f0b6693be040c8
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /62/bd/ca/62bdca270715b3b43fbac98597c038f1.js HTTP/1.1
Host: hartattenuate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 05:35:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ba10f02b7e95f3a69349de5d08082735
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
go.myavlive.com/abc.gif?quality=240p&campaignId=side_player&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Player&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A1996%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A108%2C%22transferSize%22%3A67826%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A92%2C%22transferSize%22%3A2099%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A1992%2C%22duration%22%3A0%7D%5D&mh=-1281742857
104.18.63.130200 OK 103 B URL GET HTTP/3 go.myavlive.com/abc.gif?quality=240p&campaignId=side_player&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Player&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A1996%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A108%2C%22transferSize%22%3A67826%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A92%2C%22transferSize%22%3A2099%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A1992%2C%22duration%22%3A0%7D%5D&mh=-1281742857
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash 8c99886486b9a004383cb4df29011c43
d79ca4754481fc59598bc08fcdf354900918bffe
bda00b0f6892b1c6991e793b42654ad1807694e2ffabcbc4eb1399379737ef6c
GET /abc.gif?quality=240p&campaignId=side_player&modelsLimit=1&stripcashR=0&thumbType=default&thumbFit=cover&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=1&segment=hls-newAPI&landing=Player&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A1996%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A108%2C%22transferSize%22%3A67826%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A723%2C%22duration%22%3A92%2C%22transferSize%22%3A2099%7D%2C%7B%22type%22%3A%22first-contentful-paint%22%2C%22startTime%22%3A1992%2C%22duration%22%3A0%7D%5D&mh=-1281742857 HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Cookie: __cflb=02DiuGyDLPvii6XBe55WcQA8xYvUArStVjtr2D7VU84uA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: image/gif
content-length: 103
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8301af871a2b56a4-OSL
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701668070/103721484_webp
104.18.63.124200 OK 9.6 kB URL GET HTTP/2 img.strpst.com/thumbs/1701668070/103721484_webp
IP 104.18.63.124:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0026c90450298a9f06756faedc544e13
a6c1c9e712d6e732e03439d31e4b7c1c1b913031
56e664f9ecbbbf4adf32f2f5e041e9937ac6952bae08c123920c18b216bcb945
GET /thumbs/1701668070/103721484_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: image/webp
content-length: 9640
etag: "0026c90450298a9f06756faedc544e13"
last-modified: Mon, 04 Dec 2023 05:33:45 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 17
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af87cd2f56a8-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.r2m03.amazontrust.com/
54.230.218.11 471 B URL ocsp.r2m03.amazontrust.com/
IP 54.230.218.11:0
Hash ebc0f19a7067085e95ff0e35ee441f4d
23c3d68afd4c1c6cdecce9007aa3bddc793bc52d
6a07099ef655ed036e4a865236f8a6e5549e9a468e207691923634fc51c3186d
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Mon, 04 Dec 2023 05:35:22 GMT
Last-Modified: Mon, 04 Dec 2023 05:32:05 GMT
Server: ECAcc (amb/6B51)
X-Cache: Miss from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zESLFKUm-Zo2KSvLTXnX9mMkMcOVHKTGeIYq3DdAfPy2cvAhwFcEGA==
Age: 197
xhamster.com/pwa/isXHamsterOk
104.17.172.190200 OK 14 B URL GET HTTP/2 xhamster.com/pwa/isXHamsterOk
IP 104.17.172.190:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectxhamster.com
FingerprintDF:50:88:50:DF:DE:AA:37:A3:D4:23:73:B1:CA:D3:72:C1:33:8C:37
ValidityTue, 24 Oct 2023 15:59:39 GMT - Mon, 22 Jan 2024 15:59:38 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 5adb849d1e5031fa27c14f861f6700da
a5b1658db04aa9183a780d00838f638c7936446a
c45272c1b33373d94fb6786698d5145ba0cb558fc7494d91cbbb380b4fc561a8
GET /pwa/isXHamsterOk HTTP/1.1
Host: xhamster.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/json
content-length: 14
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: *
cf-cache-status: HIT
age: 3268
last-modified: Mon, 04 Dec 2023 04:40:54 GMT
expires: Mon, 04 Dec 2023 07:35:22 GMT
cache-control: public, max-age=7200
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taEuM4Gc9o2EIBAb5yfT4A%2BXoGXko3kgUiCAEicN8mHO3ucaSEZdSktBPgEHUXN9NdYJ6QI4gkjoqLRk9AuXC03V%2B%2BPVg%2Fe93pbc6lT%2BIJkVbjq1Mx8UXB96jrYPDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af885f6e0b3d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
proftrafficcounter.com/stats
18.184.210.76200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP 18.184.210.76:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 7b0ba875d65c3903ec07626474d5cab2
305ab55baec1ff62c1b3bf9a004adaeaeb283733
b76d4ef311128b48e73617e7a0688b473600e658fc2fcc10f6332ae04b49fbcd
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://missav.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7abc03c6-992f-4005-b1e1-a82bee795614:2:1; expires=Thu, 01 Dec 2033 05:35:23 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
missav.com/api/items/f8zs7sxp/view
104.26.15.15200 OK 46 B URL GET HTTP/3 missav.com/api/items/f8zs7sxp/view
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash a1e14bc28c28b00b6ce66e31f031f359
ff966c659cbfe9b55d7ef414ed0a5f7ea9fed658
5ec6f03620d72a4fb22d653aa81a676b0927e0fd1bcb534aaf30361394c85dcf
GET /api/items/f8zs7sxp/view HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/json
content-length: 46
cache-control: no-cache, private
access-control-allow-origin: *
set-cookie: XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; expires=Mon, 04-Dec-2023 07:35:23 GMT; Max-Age=7200; path=/; samesite=lax
missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; expires=Mon, 04-Dec-2023 07:35:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; expires=Mon, 04-Dec-2023 07:35:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sm2epOlz9Nc5WR%2F1%2BoLZ6uhjrnZ7qMlm8vlU6s87bNjm3cGqj5mKYV4jHIgKedcfXTsvA8iluoiiOURYcMn2eVH2VbEzT2SO385u%2Ftl8T4VzgfzbGlBSE3wuL0A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af899b0b56bd-OSL
alt-svc: h3=":443"; ma=86400
go.myavlive.com/app/domain-checker/get-check
104.18.63.130200 OK 1.8 kB URL GET HTTP/3 go.myavlive.com/app/domain-checker/get-check
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type JSON data\012- , ASCII text
Hash 77a967dde4e57bed4b5f6c850627dbb6
1fd8959955e682e661735a5cea2e4b0584e055c0
d1ff38658efbfba7e48624cdaecd2444b83912b191ba2de3bb876807768844a4
GET /app/domain-checker/get-check HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/json
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe56JvubV3FmnADLrT96Yu1r2LVfQ8; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:22 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af86da0d56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/cdn-cgi/challenge-platform/h/b/jsd/r/8301af7ac847568d
104.18.63.130200 OK 1.7 kB URL POST HTTP/3 creative.myavlive.com/cdn-cgi/challenge-platform/h/b/jsd/r/8301af7ac847568d
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash 6feb53401008b7457e1b9269ee218a7e
6980b7fc1725d4e76053d074178146f31be6a208
28621458b91c33be6e3e1a2bd6426399c4182639cd8c30a04b612f7401835957
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8301af7ac847568d HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12171
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122; path=/; expires=Tue, 03-Dec-24 05:35:22 GMT; domain=.creative.myavlive.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8301af8699f656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-Z3V6T9VBM6&l=dataLayer&cx=c
142.250.74.168200 OK 86 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-Z3V6T9VBM6&l=dataLayer&cx=c
IP 142.250.74.168:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3034)
Hash f5ecba5822c271ff862e8c21525eb726
f2dabd8938bceaa998df2a58e88a90477637f698
a2fb6342d036d6a0132aa24698b4ed7ccd9364f133b758caea77122a12da45b6
GET /gtag/js?id=G-Z3V6T9VBM6&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 05:35:23 GMT
expires: Mon, 04 Dec 2023 05:35:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 85539
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
go.myavlive.com/app/domain-checker/check-result
104.18.63.130204 No Content 0 B URL POST HTTP/3 go.myavlive.com/app/domain-checker/check-result
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 175
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 04 Dec 2023 05:35:23 GMT
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vf6sQBvhykduxUFRSycLJhnaoYpteUKuH4CmoPa; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:23 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af8b3c3656a4-OSL
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
104.18.63.130200 OK 81 kB URL GET HTTP/3 creative.myavlive.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type Unicode text, UTF-8 text, with very long lines (32011), with LF, NEL line terminators
Hash 149fd3a87101adfb731800f02f11e73b
9a9a0f6f14028d913e63fc012a80378a5c4d5896
420332e58487b55b58db2c2edbe69162c5d23170061d16addce87762ef224f4b
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-44bd4"
expires: Mon, 04 Dec 2023 05:35:23 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
server: cloudflare
cf-ray: 8301af8bbc7956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
client-rapi-missav.recombee.com/missav-default/batch/?frontend_timestamp=1701668128&frontend_sign=e962cccb36608f785b83671007f355cdc025c5ba
147.135.98.111200 OK 0 B URL OPTIONS HTTP/1.1 client-rapi-missav.recombee.com/missav-default/batch/?frontend_timestamp=1701668128&frontend_sign=e962cccb36608f785b83671007f355cdc025c5ba
IP 147.135.98.111:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoDaddy.com, Inc.
Subject*.recombee.com
FingerprintC4:9B:27:E3:69:CF:8B:87:F5:3D:E2:01:88:2D:24:86:B6:3F:49:E9
ValidityFri, 30 Dec 2022 15:12:01 GMT - Wed, 31 Jan 2024 15:12:01 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /missav-default/batch/?frontend_timestamp=1701668128&frontend_sign=e962cccb36608f785b83671007f355cdc025c5ba HTTP/1.1
Host: client-rapi-missav.recombee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://missav.com/
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 05:35:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token, Authorization
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
missav.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.26.15.15302 Found 0 B URL GET HTTP/3 missav.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 302 Found
date: Mon, 04 Dec 2023 05:35:22 GMT
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
access-control-allow-origin: *
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZszD6eL7w1lIGoBvsAg6VKcIjPBougGkjyF5WN7wnUlcw66iz2sUsGRm5Tb%2FzqPOjR0JXtiQxcUePcKFSOeX1yYhpqY%2FpJy6tRKuQVHeONqAtppXcSnpmoxRgIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af8739ea56bd-OSL
alt-svc: h3=":443"; ma=86400
gsjln04hd.com/lvesnk.html?zoneid=1998829
212.117.190.201200 OK 39 kB URL GET HTTP/2 gsjln04hd.com/lvesnk.html?zoneid=1998829
IP 212.117.190.201:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 85ecb804937dc318551c52ea9a3a8712
93fd17ef879d9ccc0f7ad220ae9e116c8f212621
d1bf2f069c968d09bcf81d175ee01f08221fb52a47a14fa94e2e5d12c1a3888e
GET /lvesnk.html?zoneid=1998829 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html
last-modified: Tue, 21 Nov 2023 12:25:12 GMT
vary: Accept-Encoding
etag: W/"655ca1a8-e1"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
tournamentfosterchild.com/sbar.json?key=62bdca270715b3b43fbac98597c038f1
173.233.137.36200 OK 4.3 kB URL GET HTTP/1.1 tournamentfosterchild.com/sbar.json?key=62bdca270715b3b43fbac98597c038f1
IP 173.233.137.36:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjecttournamentfosterchild.com
Fingerprint4B:68:95:61:87:54:D0:21:EB:3B:60:5F:51:15:23:32:77:12:F0:79
ValidityTue, 28 Nov 2023 10:42:36 GMT - Mon, 26 Feb 2024 10:42:35 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5950), with no line terminators
Hash 94b1d055c3bac5d85f7d54d9f6ec17bc
e3cbd6f057402044e15bcb3226a0741c67c04b86
a8e14fd48f67668cc1d10f248995409fc199ac155dac1e78b83bd0771c24f031
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=62bdca270715b3b43fbac98597c038f1 HTTP/1.1
Host: tournamentfosterchild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 05:35:24 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://missav.com
Access-Control-Allow-Origin: https://missav.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17184448; expires=Tue, 05 Dec 2023 05:35:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Tue, 05 Dec 2023 05:35:24 GMT; secure; SameSite=None
uncs=1; expires=Tue, 05 Dec 2023 05:35:24 GMT; secure; SameSite=None
pdhtkv29=true; expires=Tue, 05 Dec 2023 05:35:24 GMT; secure; SameSite=None
uncs29=1; expires=Tue, 05 Dec 2023 05:35:24 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2881421aa03e02573e59e49980cdcb2b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
client-rapi-missav.recombee.com/missav-default/detailviews/?frontend_timestamp=1701668128&frontend_sign=61ae8de70311ba1df25128b92b4b1ff0e286d08f
147.135.98.111200 OK 4 B URL POST HTTP/1.1 client-rapi-missav.recombee.com/missav-default/detailviews/?frontend_timestamp=1701668128&frontend_sign=61ae8de70311ba1df25128b92b4b1ff0e286d08f
IP 147.135.98.111:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoDaddy.com, Inc.
Subject*.recombee.com
FingerprintC4:9B:27:E3:69:CF:8B:87:F5:3D:E2:01:88:2D:24:86:B6:3F:49:E9
ValidityFri, 30 Dec 2022 15:12:01 GMT - Wed, 31 Jan 2024 15:12:01 GMT
File type ASCII text, with no line terminators
Hash 72054d9a6fbdcc7df012e19f32345b65
52dd4c74c813db3790179c4f236ceadaca3467a8
c48b5b1a9776c84602de2306d7903a7241158a5077e7a8519af75c33441b8334
POST /missav-default/detailviews/?frontend_timestamp=1701668128&frontend_sign=61ae8de70311ba1df25128b92b4b1ff0e286d08f HTTP/1.1
Host: client-rapi-missav.recombee.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 106
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 05:35:24 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 4
Connection: keep-alive
x-recombee-request-id: f5d3abf950019e9998e072f6d6962933
cache-control: no-cache
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token, Authorization
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_init_jqJnPt3fBly2vGoI.mp4
104.18.63.134200 OK 1.2 kB URL GET HTTP/2 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_init_jqJnPt3fBly2vGoI.mp4
IP 104.18.63.134:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 Base Media v5 \012- data
Hash 67ac8230f2ea5af0eb12c9e62ed1094c
f8e9c68763e91129b3997a369b4d161f9295bdbe
ff7a6a0be139b984e80db980721590ce63b1d0c79b944744e504bec2dc231cb9
GET /hls/103721484/103721484_240p_init_jqJnPt3fBly2vGoI.mp4 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: video/mp4
content-length: 1217
last-modified: Mon, 04 Dec 2023 04:50:54 GMT
etag: "656d5aae-4c1"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af904c3856cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
missav.com/build/assets/app.1aad5686.js
104.26.15.15200 OK 35 kB URL GET HTTP/3 missav.com/build/assets/app.1aad5686.js
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (38393)
Hash 852f4be76d469ab96253db71d3f498c4
6eeac3a943e8cf82f8069e570f5601ff620f798f
50d15ed32c6c9b576c94e445784e16698042a260f15ec2177251970769477e8d
GET /build/assets/app.1aad5686.js HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=97813
etag: W/"656c6a90-17e15"
last-modified: Sun, 03 Dec 2023 11:46:24 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4376
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMk51urEA6ytrqHEkJLtozT43iUEdwjaL1itqcU1GQHneibGgEpCSPeeJKNQkRHg%2BdmBIzM1Srj%2B9FQlxkHO%2Faryg9knUbOn83amIMzQ1W8FwTRP76LH510xq44%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77095d56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.myavlive.com/config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2Fv4%2FUniversal%3FthumbsMargin%3D20%26gridRows%3D1%26gridColumns%3D4%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe%26campaignId%3Dunder_player%26tag%3Dgirls%2Fchinese
104.18.63.130200 OK 165 kB URL GET HTTP/3 go.myavlive.com/config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2Fv4%2FUniversal%3FthumbsMargin%3D20%26gridRows%3D1%26gridColumns%3D4%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe%26campaignId%3Dunder_player%26tag%3Dgirls%2Fchinese
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type JSON data\012- , ASCII text
Size 165 kB (164892 bytes)
Hash 638476e5aa4577bc6b4f29a9ff35db16
135df32981b5e9e254df1e96db7ccc94a53e9c89
7aca266512cd7d924f49911397487c9c7860ec9251278d22f468d0d9e957f3e5
GET /config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2Fv4%2FUniversal%3FthumbsMargin%3D20%26gridRows%3D1%26gridColumns%3D4%26responsive%3D0%26hideButton%3D1%26hideTitle%3D1%26userId%3D050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe%26campaignId%3Dunder_player%26tag%3Dgirls%2Fchinese HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
last-modified: Mon, 04 Dec 2023 05:13:48 GMT
cf-cache-status: HIT
age: 231
server: cloudflare
cf-ray: 8301af8ebe6756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701668070/103721484_webp
104.18.63.124200 OK 9.6 kB URL GET HTTP/2 img.strpst.com/thumbs/1701668070/103721484_webp
IP 104.18.63.124:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0026c90450298a9f06756faedc544e13
a6c1c9e712d6e732e03439d31e4b7c1c1b913031
56e664f9ecbbbf4adf32f2f5e041e9937ac6952bae08c123920c18b216bcb945
GET /thumbs/1701668070/103721484_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/webp
content-length: 9640
etag: "0026c90450298a9f06756faedc544e13"
last-modified: Mon, 04 Dec 2023 05:33:45 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 19
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af912c6256b7-OSL
alt-svc: h3=":443"; ma=86400
missav.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
104.26.15.15200 OK 15 kB URL GET HTTP/3 missav.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (7374), with no line terminators
Hash eaaf3d91f1fbc42c27eb849cd186d376
e6c3a970dadf77b9cc407efda70c45b9684461bf
c526ca1841ce48bfdda575ec92d7a2c529e466df8cbef8dd93f75f97587d8fee
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQnLCTKofTWgQhRVOlQeyXQ%2Boxi2w5sWuKiPYu89u%2BGpn7eTl9%2BKF4PD3Ty3SaQJ925BfTpUnG0RWdL7dn2l4NlqR1Vk5fZ22LuXjHnbdJgusiqcEdwTicSplCQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af8a7b7756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
img.strpst.com/thumbs/1701668070/129981264_webp
104.18.63.124200 OK 6.7 kB URL GET HTTP/3 img.strpst.com/thumbs/1701668070/129981264_webp
IP 104.18.63.124:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 270x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 05806738eaa0cf044a22fb76da2e9125
c01a7b3561c94a19109bc748c26c4a34add696f7
8116f52e9206932bcceb4100714c0b681c5302a792f43582bce312e96485098d
GET /thumbs/1701668070/129981264_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/webp
content-length: 6694
etag: "05806738eaa0cf044a22fb76da2e9125"
last-modified: Mon, 04 Dec 2023 05:33:37 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 17
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af913c6656b7-OSL
alt-svc: h3=":443"; ma=86400
missav.com/build/assets/app.b429f00f.css
104.26.15.15200 OK 27 kB URL GET HTTP/3 missav.com/build/assets/app.b429f00f.css
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash e06667c2b85a72e5e56757922ff3d6b4
b48b5af83a391c41f8d087e34641b811e07e6ea1
30d9ca662aa6f82f0853acd42d34c5c4024851a5d1fe803a9a029c03987541d9
GET /build/assets/app.b429f00f.css HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=74878
etag: W/"656c6a92-1247e"
last-modified: Sun, 03 Dec 2023 11:46:26 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4881
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ub7XPLEtYQFpRvhw6jaV2ug8dOmn9iHwfF9UYYT6%2FRO6SUbZpW0IpsbSCPzK442vTdz2CuIf3LDcKuEj2WdBLwNVbvd%2FPISl1AXku7xiLl6YkTFVvv4QZBdrCdk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af77095c56bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.myavlive.com/app/domain-checker/get-check
104.18.63.130200 OK 209 B URL GET HTTP/3 go.myavlive.com/app/domain-checker/get-check
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type JSON data\012- , ASCII text
Hash 7b7e3314bbed2d6c6b07d4044365a2b1
4a13077ca04c63307401fc9413fecb112f5ae793
3afdd86bd4c778315dee5a5b60f0c18cde303c1b8182b8ebc07028f43356f5aa
GET /app/domain-checker/get-check HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: application/json
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe55VL9ybMrjEzDagp9w19ozHyNn8L; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:24 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af905f7356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
strip.chat/checkUrl
45.131.145.131200 OK 15 B IP 45.131.145.131:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectstrip.chat
Fingerprint32:43:98:B3:F1:A4:7F:EA:CD:7E:ED:A8:AD:61:E3:B9:56:E7:03:A5
ValidityMon, 16 Oct 2023 04:48:18 GMT - Sun, 14 Jan 2024 04:48:17 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 7fb97eb7c8636552ad068f6d56b5ea34
b69679936779fb02503bc0fe1374a737cc762ecb
e78008828abaa93c4462e326ef384dcda1443352a0f24bdeedada6a6fdbfd1d5
GET /checkUrl HTTP/1.1
Host: strip.chat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://creative.myavlive.com
alt-svc: h3=":443"; ma=2592000
content-type: application/json
date: Mon, 04 Dec 2023 05:35:24 GMT
content-length: 15
X-Firefox-Spdy: h2
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_1331_VJomSwxgEN7PwkAP_1701668116.mp4
104.18.63.122200 OK 176 kB URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_1331_VJomSwxgEN7PwkAP_1701668116.mp4
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 176 kB (175931 bytes)
Hash 9202c45e80b605d6359bcbd573bcb503
646b1510e091c3da3f149ca46442c782f7667458
4b5b1ec521575420e100ff221c2eaa14e0be4e1b6df6d1d1157ebdc390f748d9
GET /hls/103721484/103721484_240p_1331_VJomSwxgEN7PwkAP_1701668116.mp4 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: video/mp4
content-length: 175931
last-modified: Mon, 04 Dec 2023 05:35:18 GMT
etag: "656d6516-2af3b"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 3
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af92df7956c1-OSL
alt-svc: h3=":443"; ma=86400
go.myavlive.com/app/domain-checker/check-result
104.18.63.130204 No Content 0 B URL POST HTTP/3 go.myavlive.com/app/domain-checker/check-result
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /app/domain-checker/check-result HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 176
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 04 Dec 2023 05:35:24 GMT
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe56JvubV3FmnADLrTAaBwQyKb2zNx; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:24 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af92d85c56a4-OSL
alt-svc: h3=":443"; ma=86400
missav.com/img/favicon.ico
104.26.15.15200 OK 1.8 kB URL GET HTTP/3 missav.com/img/favicon.ico
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 873cb2cefd06621161b5d0badf276f9a
8825d2ab21a8aa6d5ba6045ac201f82fc7fbdfa5
77ba87f988860da018e51fa65f02b422a6cd03a42c6156e412ad7f4ebcffc751
GET /img/favicon.ico HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: image/x-icon
last-modified: Thu, 28 Sep 2023 01:34:41 GMT
vary: Accept-Encoding
etag: W/"6514d831-3c2e"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=7200
cf-cache-status: HIT
age: 4882
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FU6ZQZ%2ByGIsPuJkXwEbuPYlBdqtOnYwCqY0kRa615ER0sJe5n4Qxvk3hnz3jQp63Dcs%2BiPK6HRVJ0u4EjdjMOCDAtTZXlZ9ZlZVYirpsky0Wn5E68zlu22JY6Ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af85e96656bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif
104.22.58.221200 OK 143 kB URL GET HTTP/2 cdn.pncloudfl.com/pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif
IP 104.22.58.221:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998877
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintC6:42:10:11:EB:FA:38:01:62:34:DA:19:86:B6:89:D4:EF:B3:37:A8
ValidityFri, 31 Mar 2023 00:00:00 GMT - Sat, 30 Mar 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 143 kB (142898 bytes)
Hash a3ef7f4652e064704fb9063bd2c44761
f83f6204fcc6dd4d51a6f737641961ca5a7ce1b3
ee156c275bc22e471034353c9756885a303aed35c194098a42e017d07b0d40a8
GET /pn/60e/2ff/94b/60e2ff94b54c66aa2f634b00630b994c2fe7936d.gif HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/webp
content-length: 142898
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=gif, origSize=367393
content-disposition: inline; filename="60e2ff94b54c66aa2f634b00630b994c2fe7936d.webp"
etag: 9fb78950119432648d8d5fb853c3eba4
expires: Tue, 05 Dec 2023 05:20:42 GMT
last-modified: Tue, 02 May 2023 12:11:05 GMT
vary: Accept
x-openstack-request-id: tx607d5e6bd8c04629a2dab-0064ad512f
x-proxy-cache: HIT
x-timestamp: 1683029464.37580
x-trans-id: tx607d5e6bd8c04629a2dab-0064ad512f
cf-cache-status: HIT
age: 87282
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 8301af949dc656b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
gsjln04hd.com/get/1998877?zoneid=1998877&jp=_cl2ctb5x8x3x20fjcf4lsf&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&freq=0
212.117.190.201200 OK 3.0 kB URL GET HTTP/2 gsjln04hd.com/get/1998877?zoneid=1998877&jp=_cl2ctb5x8x3x20fjcf4lsf&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&freq=0
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998877
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type gzip compressed data, from Unix\012- data
Hash cec50535fa4404d1d907e94781066de4
4dd3c975fdf7bc05d424d2dba4c5aa2635a6a3d0
902af548bc01c86430684086d467f12c9c12e5efea867b8222f077396e9cdc43
GET /get/1998877?zoneid=1998877&jp=_cl2ctb5x8x3x20fjcf4lsf&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gsjln04hd.com/lvesnk.html?zoneid=1998877
Cookie: CHCK=1; UID=23120400357fe1909ab86b42adbdcf0c9ef5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r.trackwilltrk.com/s1/115943b0-3815-4fab-802c-c421a48b5d61?externalId=23120400350cd64b5f16aa4667a072e0a3e0&cost=0.000012999999&cv1=1998829&cv2=2658183
45.131.147.145200 OK 757 B URL GET HTTP/1.1 r.trackwilltrk.com/s1/115943b0-3815-4fab-802c-c421a48b5d61?externalId=23120400350cd64b5f16aa4667a072e0a3e0&cost=0.000012999999&cv1=1998829&cv2=2658183
IP 45.131.147.145:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998829
Certificate IssuerLet's Encrypt
Subjectr.trackwilltrk.com
Fingerprint7C:C7:38:E4:D4:9A:D8:A7:4E:3B:33:43:DA:B9:1E:86:98:DA:B1:71
ValidityTue, 14 Nov 2023 07:21:50 GMT - Mon, 12 Feb 2024 07:21:49 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (561)
Hash fd8c8405eefaaf1da65bef3aa422ca68
77bfc3da80e406b4e683c6d3b5b667991e85b807
f1030a31261bbb3f295d17a4f70628f725e52235cefaf87b08cd1f970b9cd844
GET /s1/115943b0-3815-4fab-802c-c421a48b5d61?externalId=23120400350cd64b5f16aa4667a072e0a3e0&cost=0.000012999999&cv1=1998829&cv2=2658183 HTTP/1.1
Host: r.trackwilltrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gsjln04hd.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Mon, 04 Dec 2023 05:35:25 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 757
Connection: close
Set-Cookie: uid=FZ-FWQ9zM; Path=/; Domain=trackwilltrk.com; Expires=Tue, 05 Dec 2023 05:35:25 GMT; HttpOnly
X-Request-Id: c568b402-4983-4444-8b9b-f5ab42c2537f
gsjln04hd.com/chicken.gif?z=1998877&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=ICoavV3ildHHKmlyy-GXtIsMRHV1o5k219h24jkq00jhf50_6xUce0RTGRa1Sav6L9TQT5IH-66E_eY-xbPw0M6GF4qhtQSkjeXna4UzM45OwSnlNRF8gLeZv_Pua6MqVpyb7tUb_RWHP7AjnQOkQG-VNfszMl1xLUF2nWZMVyV3v4J0PPhUVjpA21Deqn4akdQBmsIVpdaHHk4vtakK1sFDo95GRKqYwkQ78NUJiCT7GZkBlpM8NS7_giUSBC4r0E1WG7zHtTPN9apRPcI-05XzuORlTjO98LNfG7qpJMuFLibGKLy_p31rq4D-DP5_7j003MyMSfkMBH6JpUX4K_3MXbt3ackct3gnoY5ma3L2q5eP0NTWi-VnPOFqn0I_9A0P5jeiTOEl7cVnpYE_VaprMUBh9cmlVcPKBWMJ_nEgVsqGgEgTKHCAUC7pKmGHxXaK4t2C0lR34v36XUTsmiJnhge8GQusaWONlA1ITwIOe77YoHWmHjV_xb8AghyqZTuEYSZx-XAA-alGH-cFaC851g__nxXoQWBFERKTVXJ3zdcPa8txu3Nvatn0h2jW51OnzIdbY2KnlbmC_uFZBBiQtS46lTJnkNT8Buom35uLaMqxCx1YKPtNZWSFtx7gO989_neTWsTqcmkUulpFWULiW8FREaMP_N9O0c_wxQKUZ0LNIw5xYEjia2KO5pfRNhqJXS2tkOAUN0evY-CSSr3TdEjCyB5D8EfZ9wQMVOienl-_YGqQxqWQkSClHurRVis1L69gRdp4WCGFMVS3IoQBCp2OEKJhvpj8Kj_S1z_5_rLcGx2lK2JFipPtfyfLUtD4hHBYyGaMaBNMVTzIbHfC0zLXbRnRXCkOrR8H8jbzrcGAAJTEiAUmE7Vjhv4xf5ev4uWhgvxP2fvOUQWOSTyVLXsCs1yigtyAtXjk4dKnksLc1yTi0vG35GWGzMmSOBSnT-mhPHWR-byWhPzJrTHbxDGlSLZ1h9ofzlVvALUqdzAxdwnbXWljPdRDR_ksM4hCqKKDnZiAvRbCJvvi0w3IltDn09HWqjuq2vJgLzidXY2RDRz9-dCXVo6TcF444WE00mn5BQ0CLv7amWV6uYngIDGEq7WMdGzfWl7DsC8l7zqwbLHHvhmILYcOphRb5fH3Lun28u2tQH0MJlXgtwl8Uf6ARN8HGcxtUN_Jxeqvc53f5RIw9mmYuzwM8qkCLbuxjzGkBlu_LsE3UqiXlMsAf79dBn07VGnxffU6nw9u71WNs8SOxaLpVZI04jAdbejqOlDFzC26IyO9EBUDSJqRwmdTTL8QoJqaPlDG19LyImienZUamvpmHBF6ZjXDQJzY1xMgCYaOV90IN2hGl1XRdvw_Oze0OpHgOPAPaAi0krISXcZwGG8jXRWCTI4EXCVgHINAwFwZoSmixZbo2-3XJp_Y0weSuNb4HHm4wawJZhVjPD0o79b12R0_QO88CxqLs8AB0mHXRYz1zPH1iGAf22w9zuqJu-093sVyjPz22eS3kMVB559PBnIjvmIxuOs0kOcaAWuKJHBv16jicX65b7t9_uxP9sSmsHmxSlAJBSYTvO3q0sWeMKUCVGgwnidIIsv5oLsKhjs2wi0Gv_SjCx-zk9rHix5AO6qXckFx7BikQ239i1AArLa_-JxOYcEGeAp-nNw-AKmdVh2UYIm4PTv31f8u_fQp0B3uy2jFvS-sgPgKhem5fvDEryykulEZXhI3Bt1zkhGra6ePOWgWXNY5h46Z55KiAI2S3EDhi3UW_GlHLSVUQiO82OfLFvaTPqIaZEVSRUaxVU3iJOWl9Bbyp-4cMdzLVrGFr-39BKNsrwUTcSnlkclqkCl1syshjc5j25IYT0_TmYleVlTPi_WcAX7r6qiv3SimXOOJUk44mSltZnVWmV3ex2g2njRGE62hyYrPQc_RgDJRnxFUPxuZypKD-BOTcYkb_-63_NqXKrorjsrL5ioCWBtlGQ8qNE-xmCCK9uO1Jv0EyVhtcDkXYDtwDhIPNB054VzSqOtDo4mDY2G-Bzhax4YC86rKl1YtwHOV5ClbiMunnJ3vQDwJ59O5n0PNfLEhX989v1ueZxBfDquSxns75EKhqNvmP1jVNh_hNCAFJa7bEejF4lUjaVm87dEQMSXpY-tDw9PLn4VpMjyuvEIjvXFGamm8__K0PKHP9R4W02xOHNuihI4lJLYhPM2xcebw9b7yP2mTB3YQ8KDDE03rL68E48hAm2Si76F364Pt5z7L4snC3HP7Q7F38W7mlP0CQs2ev6bkn9_PbpsbGahMDjKL5fsChwmHK654W_1cbo6WcBshoTFrEHF9QEIpTWcR&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&pload=305
212.117.190.201200 OK 43 B URL GET HTTP/2 gsjln04hd.com/chicken.gif?z=1998877&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=ICoavV3ildHHKmlyy-GXtIsMRHV1o5k219h24jkq00jhf50_6xUce0RTGRa1Sav6L9TQT5IH-66E_eY-xbPw0M6GF4qhtQSkjeXna4UzM45OwSnlNRF8gLeZv_Pua6MqVpyb7tUb_RWHP7AjnQOkQG-VNfszMl1xLUF2nWZMVyV3v4J0PPhUVjpA21Deqn4akdQBmsIVpdaHHk4vtakK1sFDo95GRKqYwkQ78NUJiCT7GZkBlpM8NS7_giUSBC4r0E1WG7zHtTPN9apRPcI-05XzuORlTjO98LNfG7qpJMuFLibGKLy_p31rq4D-DP5_7j003MyMSfkMBH6JpUX4K_3MXbt3ackct3gnoY5ma3L2q5eP0NTWi-VnPOFqn0I_9A0P5jeiTOEl7cVnpYE_VaprMUBh9cmlVcPKBWMJ_nEgVsqGgEgTKHCAUC7pKmGHxXaK4t2C0lR34v36XUTsmiJnhge8GQusaWONlA1ITwIOe77YoHWmHjV_xb8AghyqZTuEYSZx-XAA-alGH-cFaC851g__nxXoQWBFERKTVXJ3zdcPa8txu3Nvatn0h2jW51OnzIdbY2KnlbmC_uFZBBiQtS46lTJnkNT8Buom35uLaMqxCx1YKPtNZWSFtx7gO989_neTWsTqcmkUulpFWULiW8FREaMP_N9O0c_wxQKUZ0LNIw5xYEjia2KO5pfRNhqJXS2tkOAUN0evY-CSSr3TdEjCyB5D8EfZ9wQMVOienl-_YGqQxqWQkSClHurRVis1L69gRdp4WCGFMVS3IoQBCp2OEKJhvpj8Kj_S1z_5_rLcGx2lK2JFipPtfyfLUtD4hHBYyGaMaBNMVTzIbHfC0zLXbRnRXCkOrR8H8jbzrcGAAJTEiAUmE7Vjhv4xf5ev4uWhgvxP2fvOUQWOSTyVLXsCs1yigtyAtXjk4dKnksLc1yTi0vG35GWGzMmSOBSnT-mhPHWR-byWhPzJrTHbxDGlSLZ1h9ofzlVvALUqdzAxdwnbXWljPdRDR_ksM4hCqKKDnZiAvRbCJvvi0w3IltDn09HWqjuq2vJgLzidXY2RDRz9-dCXVo6TcF444WE00mn5BQ0CLv7amWV6uYngIDGEq7WMdGzfWl7DsC8l7zqwbLHHvhmILYcOphRb5fH3Lun28u2tQH0MJlXgtwl8Uf6ARN8HGcxtUN_Jxeqvc53f5RIw9mmYuzwM8qkCLbuxjzGkBlu_LsE3UqiXlMsAf79dBn07VGnxffU6nw9u71WNs8SOxaLpVZI04jAdbejqOlDFzC26IyO9EBUDSJqRwmdTTL8QoJqaPlDG19LyImienZUamvpmHBF6ZjXDQJzY1xMgCYaOV90IN2hGl1XRdvw_Oze0OpHgOPAPaAi0krISXcZwGG8jXRWCTI4EXCVgHINAwFwZoSmixZbo2-3XJp_Y0weSuNb4HHm4wawJZhVjPD0o79b12R0_QO88CxqLs8AB0mHXRYz1zPH1iGAf22w9zuqJu-093sVyjPz22eS3kMVB559PBnIjvmIxuOs0kOcaAWuKJHBv16jicX65b7t9_uxP9sSmsHmxSlAJBSYTvO3q0sWeMKUCVGgwnidIIsv5oLsKhjs2wi0Gv_SjCx-zk9rHix5AO6qXckFx7BikQ239i1AArLa_-JxOYcEGeAp-nNw-AKmdVh2UYIm4PTv31f8u_fQp0B3uy2jFvS-sgPgKhem5fvDEryykulEZXhI3Bt1zkhGra6ePOWgWXNY5h46Z55KiAI2S3EDhi3UW_GlHLSVUQiO82OfLFvaTPqIaZEVSRUaxVU3iJOWl9Bbyp-4cMdzLVrGFr-39BKNsrwUTcSnlkclqkCl1syshjc5j25IYT0_TmYleVlTPi_WcAX7r6qiv3SimXOOJUk44mSltZnVWmV3ex2g2njRGE62hyYrPQc_RgDJRnxFUPxuZypKD-BOTcYkb_-63_NqXKrorjsrL5ioCWBtlGQ8qNE-xmCCK9uO1Jv0EyVhtcDkXYDtwDhIPNB054VzSqOtDo4mDY2G-Bzhax4YC86rKl1YtwHOV5ClbiMunnJ3vQDwJ59O5n0PNfLEhX989v1ueZxBfDquSxns75EKhqNvmP1jVNh_hNCAFJa7bEejF4lUjaVm87dEQMSXpY-tDw9PLn4VpMjyuvEIjvXFGamm8__K0PKHP9R4W02xOHNuihI4lJLYhPM2xcebw9b7yP2mTB3YQ8KDDE03rL68E48hAm2Si76F364Pt5z7L4snC3HP7Q7F38W7mlP0CQs2ev6bkn9_PbpsbGahMDjKL5fsChwmHK654W_1cbo6WcBshoTFrEHF9QEIpTWcR&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&pload=305
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998877
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1998877&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=ICoavV3ildHHKmlyy-GXtIsMRHV1o5k219h24jkq00jhf50_6xUce0RTGRa1Sav6L9TQT5IH-66E_eY-xbPw0M6GF4qhtQSkjeXna4UzM45OwSnlNRF8gLeZv_Pua6MqVpyb7tUb_RWHP7AjnQOkQG-VNfszMl1xLUF2nWZMVyV3v4J0PPhUVjpA21Deqn4akdQBmsIVpdaHHk4vtakK1sFDo95GRKqYwkQ78NUJiCT7GZkBlpM8NS7_giUSBC4r0E1WG7zHtTPN9apRPcI-05XzuORlTjO98LNfG7qpJMuFLibGKLy_p31rq4D-DP5_7j003MyMSfkMBH6JpUX4K_3MXbt3ackct3gnoY5ma3L2q5eP0NTWi-VnPOFqn0I_9A0P5jeiTOEl7cVnpYE_VaprMUBh9cmlVcPKBWMJ_nEgVsqGgEgTKHCAUC7pKmGHxXaK4t2C0lR34v36XUTsmiJnhge8GQusaWONlA1ITwIOe77YoHWmHjV_xb8AghyqZTuEYSZx-XAA-alGH-cFaC851g__nxXoQWBFERKTVXJ3zdcPa8txu3Nvatn0h2jW51OnzIdbY2KnlbmC_uFZBBiQtS46lTJnkNT8Buom35uLaMqxCx1YKPtNZWSFtx7gO989_neTWsTqcmkUulpFWULiW8FREaMP_N9O0c_wxQKUZ0LNIw5xYEjia2KO5pfRNhqJXS2tkOAUN0evY-CSSr3TdEjCyB5D8EfZ9wQMVOienl-_YGqQxqWQkSClHurRVis1L69gRdp4WCGFMVS3IoQBCp2OEKJhvpj8Kj_S1z_5_rLcGx2lK2JFipPtfyfLUtD4hHBYyGaMaBNMVTzIbHfC0zLXbRnRXCkOrR8H8jbzrcGAAJTEiAUmE7Vjhv4xf5ev4uWhgvxP2fvOUQWOSTyVLXsCs1yigtyAtXjk4dKnksLc1yTi0vG35GWGzMmSOBSnT-mhPHWR-byWhPzJrTHbxDGlSLZ1h9ofzlVvALUqdzAxdwnbXWljPdRDR_ksM4hCqKKDnZiAvRbCJvvi0w3IltDn09HWqjuq2vJgLzidXY2RDRz9-dCXVo6TcF444WE00mn5BQ0CLv7amWV6uYngIDGEq7WMdGzfWl7DsC8l7zqwbLHHvhmILYcOphRb5fH3Lun28u2tQH0MJlXgtwl8Uf6ARN8HGcxtUN_Jxeqvc53f5RIw9mmYuzwM8qkCLbuxjzGkBlu_LsE3UqiXlMsAf79dBn07VGnxffU6nw9u71WNs8SOxaLpVZI04jAdbejqOlDFzC26IyO9EBUDSJqRwmdTTL8QoJqaPlDG19LyImienZUamvpmHBF6ZjXDQJzY1xMgCYaOV90IN2hGl1XRdvw_Oze0OpHgOPAPaAi0krISXcZwGG8jXRWCTI4EXCVgHINAwFwZoSmixZbo2-3XJp_Y0weSuNb4HHm4wawJZhVjPD0o79b12R0_QO88CxqLs8AB0mHXRYz1zPH1iGAf22w9zuqJu-093sVyjPz22eS3kMVB559PBnIjvmIxuOs0kOcaAWuKJHBv16jicX65b7t9_uxP9sSmsHmxSlAJBSYTvO3q0sWeMKUCVGgwnidIIsv5oLsKhjs2wi0Gv_SjCx-zk9rHix5AO6qXckFx7BikQ239i1AArLa_-JxOYcEGeAp-nNw-AKmdVh2UYIm4PTv31f8u_fQp0B3uy2jFvS-sgPgKhem5fvDEryykulEZXhI3Bt1zkhGra6ePOWgWXNY5h46Z55KiAI2S3EDhi3UW_GlHLSVUQiO82OfLFvaTPqIaZEVSRUaxVU3iJOWl9Bbyp-4cMdzLVrGFr-39BKNsrwUTcSnlkclqkCl1syshjc5j25IYT0_TmYleVlTPi_WcAX7r6qiv3SimXOOJUk44mSltZnVWmV3ex2g2njRGE62hyYrPQc_RgDJRnxFUPxuZypKD-BOTcYkb_-63_NqXKrorjsrL5ioCWBtlGQ8qNE-xmCCK9uO1Jv0EyVhtcDkXYDtwDhIPNB054VzSqOtDo4mDY2G-Bzhax4YC86rKl1YtwHOV5ClbiMunnJ3vQDwJ59O5n0PNfLEhX989v1ueZxBfDquSxns75EKhqNvmP1jVNh_hNCAFJa7bEejF4lUjaVm87dEQMSXpY-tDw9PLn4VpMjyuvEIjvXFGamm8__K0PKHP9R4W02xOHNuihI4lJLYhPM2xcebw9b7yP2mTB3YQ8KDDE03rL68E48hAm2Si76F364Pt5z7L4snC3HP7Q7F38W7mlP0CQs2ev6bkn9_PbpsbGahMDjKL5fsChwmHK654W_1cbo6WcBshoTFrEHF9QEIpTWcR&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8274294847145984&eclog=0&sp=1&im=1&pload=305 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=23120400357fe1909ab86b42adbdcf0c9ef5
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACl2VgAAAAAAAAAB; Path=/; Expires=Wed, 03 Jan 2024 05:35:25 GMT; Secure; SameSite=None
OACIBLOCK=ACl2VgAAAABlbVzQ; Path=/; Expires=Wed, 03 Jan 2024 05:35:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
gsjln04hd.com/lvesnk.html?zoneid=1998909
212.117.190.201200 OK 42 kB URL GET HTTP/2 gsjln04hd.com/lvesnk.html?zoneid=1998909
IP 212.117.190.201:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type gzip compressed data, max speed, from Unix\012- data
Hash 5b591a73beceac509fc90871e769812f
bfeb22b7195f9f643e2fe56b78658cef2e24b697
62b1f8238124c3fa814bfa901049a1032b714326fcd73d4b6dbfc9ba8a7ef77d
GET /lvesnk.html?zoneid=1998909 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html
last-modified: Tue, 21 Nov 2023 12:25:12 GMT
vary: Accept-Encoding
etag: W/"655ca1a8-e1"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
zerossl.ocsp.sectigo.com/
172.64.149.23 727 B URL zerossl.ocsp.sectigo.com/
IP 172.64.149.23:0
Hash 31920e1aacd1d5fa9f3cfb7ca592eccb
b2edd8c6b37c49971114f623c7502c86893154d1
5a460ea7ed23917406c09cfa5ebce414abaa08cc796236f27e2058e8704bc9dd
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 04 Dec 2023 05:35:25 GMT
Content-Type: application/ocsp-response
Content-Length: 727
Connection: keep-alive
Last-Modified: Sat, 02 Dec 2023 01:31:53 GMT
Expires: Sat, 09 Dec 2023 01:31:52 GMT
Etag: "b2edd8c6b37c49971114f623c7502c86893154d1"
Cache-Control: max-age=416923,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 8301af9558e8b50f-OSL
cdn82.bestjavcdn.com/prtd-015/cover.jpg?class=thumbnail
138.199.37.232200 OK 118 kB URL GET HTTP/2 cdn82.bestjavcdn.com/prtd-015/cover.jpg?class=thumbnail
IP 138.199.37.232:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn82.bestjavcdn.com
Fingerprint63:42:6A:9C:F4:D6:2B:40:EB:58:57:F7:16:73:57:79:63:44:24:F4
ValidityTue, 14 Nov 2023 13:39:47 GMT - Mon, 12 Feb 2024 13:39:46 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 118 kB (118416 bytes)
Hash 987030551fbf676a7daa129dad26447a
14dc5bc3ed893bf1bc9994314db520934fe1c002
1fe852ded254894ff1ae69939b7c89e7a9fb3c53dce14b9de970285e63f141ab
GET /prtd-015/cover.jpg?class=thumbnail HTTP/1.1
Host: cdn82.bestjavcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/webp
content-length: 118416
server: BunnyCDN-DE1-874
cdn-pullzone: 411370
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Thu, 30 Nov 2023 19:06:45 GMT
x-bo-server: DE-185
x-downloadsize: 206909
x-bo-origindownloadtime: 50
x-bo-processingtime: 11
x-bo-compressionratio: 42.77%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/30/2023 19:06:45
cdn-edgestorageid: 1077
cdn-status: 200
cdn-requestid: f987c31a7521ff662bef20bfeeb3e68f
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn82.bestjavcdn.com/prtd-026/cover.jpg?class=thumbnail
138.199.37.232200 OK 112 kB URL GET HTTP/2 cdn82.bestjavcdn.com/prtd-026/cover.jpg?class=thumbnail
IP 138.199.37.232:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn82.bestjavcdn.com
Fingerprint63:42:6A:9C:F4:D6:2B:40:EB:58:57:F7:16:73:57:79:63:44:24:F4
ValidityTue, 14 Nov 2023 13:39:47 GMT - Mon, 12 Feb 2024 13:39:46 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 112 kB (111822 bytes)
Hash 8105c2dc77da9ccb07cd7e146a82a67d
85281325aa45adcdb0d8d06c6225e7f2a1885be2
e259f8b1b343697ab426f84afec1dd401c998f088f11a9bb3b502124a7a6279c
GET /prtd-026/cover.jpg?class=thumbnail HTTP/1.1
Host: cdn82.bestjavcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/webp
content-length: 111822
server: BunnyCDN-DE1-874
cdn-pullzone: 411370
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Sun, 12 Nov 2023 17:47:46 GMT
x-bo-server: DE-259
x-downloadsize: 185290
x-bo-origindownloadtime: 57
x-bo-processingtime: 7
x-bo-compressionratio: 39.65%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/12/2023 17:47:46
cdn-edgestorageid: 752
cdn-status: 200
cdn-requestid: eed6eb544b6468a57ae65e6c63efae78
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn82.bestjavcdn.com/prtd-027/cover.jpg?class=thumbnail
138.199.37.232200 OK 111 kB URL GET HTTP/2 cdn82.bestjavcdn.com/prtd-027/cover.jpg?class=thumbnail
IP 138.199.37.232:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn82.bestjavcdn.com
Fingerprint63:42:6A:9C:F4:D6:2B:40:EB:58:57:F7:16:73:57:79:63:44:24:F4
ValidityTue, 14 Nov 2023 13:39:47 GMT - Mon, 12 Feb 2024 13:39:46 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 111 kB (110670 bytes)
Hash 3636be84eacddd1ebe2a57d6f8a312d6
5094a55bb144dc5017f337de606c3e59b35ed468
53d9e208e949634ea8205a0f18b096848619559f517f8118fae3d9afbc3beed9
GET /prtd-027/cover.jpg?class=thumbnail HTTP/1.1
Host: cdn82.bestjavcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/webp
content-length: 110670
server: BunnyCDN-DE1-874
cdn-pullzone: 411370
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Mon, 13 Nov 2023 15:37:20 GMT
x-bo-server: DE-243
x-downloadsize: 188001
x-bo-origindownloadtime: 64
x-bo-processingtime: 12
x-bo-compressionratio: 41.13%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/13/2023 15:37:20
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requestid: ce9614be3919979c63829eaa19e67e7f
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn82.bestjavcdn.com/atid-403/cover.jpg?class=thumbnail
138.199.37.232200 OK 111 kB URL GET HTTP/2 cdn82.bestjavcdn.com/atid-403/cover.jpg?class=thumbnail
IP 138.199.37.232:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn82.bestjavcdn.com
Fingerprint63:42:6A:9C:F4:D6:2B:40:EB:58:57:F7:16:73:57:79:63:44:24:F4
ValidityTue, 14 Nov 2023 13:39:47 GMT - Mon, 12 Feb 2024 13:39:46 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Size 111 kB (111250 bytes)
Hash e4dbc441201d17954611592c441ffe0c
35d59d922de3d04a3983f874c89ad47e98a08fdc
e2fa9123c285f4eb83adf2ffb8e6c1800325d8bd3b2bcec7d0b1e92ae42ecc95
GET /atid-403/cover.jpg?class=thumbnail HTTP/1.1
Host: cdn82.bestjavcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/webp
content-length: 111250
server: BunnyCDN-DE1-874
cdn-pullzone: 411370
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Wed, 08 Nov 2023 23:18:04 GMT
x-bo-server: DE-234
x-downloadsize: 196707
x-bo-origindownloadtime: 54
x-bo-processingtime: 7
x-bo-compressionratio: 43.44%
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/08/2023 23:18:04
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: e653ba49857264fd6add462bb0524e98
cdn-cache: HIT
X-Firefox-Spdy: h2
cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4
45.133.44.20206 Partial Content 357 kB URL GET HTTP/2 cdn.cloudfrale.com/bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4
IP 45.133.44.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998909
Certificate IssuerZeroSSL
Subjectcdn.cloudfrale.com
Fingerprint4A:96:98:80:5E:E5:82:7D:6B:94:C6:1F:EC:1E:3C:FD:39:13:0A:41
ValidityMon, 30 Oct 2023 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 357 kB (357139 bytes)
Hash d4938e1a3b06ac9ac6dd49f43af75fc2
db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807
6bfb40cb5c5f9367a399aa9804488db58012b397688884903eb7da571f53f5bb
GET /bn/db1/fc8/a8d/db1fc8a8dadd8a66dc20bacce73a0d2e9e9e2807.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: video/mp4
content-length: 357139
server: nginx/1.24.0
etag: d4938e1a3b06ac9ac6dd49f43af75fc2
last-modified: Sun, 05 Nov 2023 16:31:37 GMT
x-timestamp: 1699201896.46460
x-trans-id: txfdb7c2e279204d359a5e6-006547cce9
x-openstack-request-id: txfdb7c2e279204d359a5e6-006547cce9
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Wed, 06 Dec 2023 05:35:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-357138/357139
X-Firefox-Spdy: h2
go.myavlive.com/thumbs/view
104.18.63.130200 OK 328 kB URL POST HTTP/3 go.myavlive.com/thumbs/view
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type JSON data\012- , ASCII text
Size 328 kB (328539 bytes)
Hash b310fe360c34c31e7318b71c888365ba
71af7b030eecfd3d2055f30bdb735a11f7e81bac
6232d459ae4855a3d26a35047c9b7955efd0ac0d7c54e5e0b5b031cc4fba5a92
POST /thumbs/view HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 88
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/json
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
set-cookie: __cflb=0H28vf6sQBvhykduxUFRSycLJhnaoYpsueohiQaW8uA; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:22 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af87da9656a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
172.64.108.10200 OK 1.1 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/img/close.svg
IP 172.64.108.10:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 9b6de0f3dcaf1865d3c9e4de8056f645
fd4ac1731b122cca5e6f211470d7bf51f6ba0403
57227495afbf96096535f7fc5f814627ea0498c97d75fc74a88cbc8a2417f0f5
GET /sb/ssp/utility/social-media/facebook/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Feb 2021 15:13:59 GMT
etag: W/"602549b7-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1728837
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PJekspOas9k8jtHAKcdQztu36uBKs3usYSqVnRi6JK2hV1bJZQhJotRXZ3ocowIJ7L%2BKpms3YDjDJ7Hm%2Bryu16B0jAFiF3EhVuwMcH2fA6hkUTXf5iv9rURkMAZHO9qXt%2BtnMyVeG%2Bss"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af966b506558-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg
45.133.44.10200 OK 13 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg
IP 45.133.44.10:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash 47e747449351084fe5ef429526819017
827962eecfdd9a9858d1e25c8f403d35acb58927
0291133ac72562f0b1ecbfd6b490b474e551d2bfa29d43598ed88feefe4e5d59
GET /si/52/97/c1/5297c1fb64175109fb5f09fefd0f9a13/1658144766.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/jpeg
content-length: 13212
server: nginx/1.21.6
last-modified: Mon, 18 Jul 2022 11:46:14 GMT
etag: "62d54806-339c"
expires: Wed, 06 Dec 2023 05:35:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
partwithner.com/partners/kaiyunhk/300x250.gif
138.199.36.10200 OK 85 kB URL GET HTTP/2 partwithner.com/partners/kaiyunhk/300x250.gif
IP 138.199.36.10:443
ASN #60068 Datacamp Limited
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpartwithner.com
Fingerprint51:8E:5C:B0:38:AD:C8:FF:70:3A:E6:C6:DC:1C:07:63:3A:17:EC:DC
ValidityTue, 28 Nov 2023 23:10:06 GMT - Mon, 26 Feb 2024 23:10:05 GMT
File type GIF image data, version 89a, 300 x 250\012- data
Hash d01e7cf5ce70f5321f512dbb08b441c2
da0c56e828e814df7c33c816a15024f292a44ffa
7b6a60a844a08cc875eecaa605a266228b2bf818bd2f4541a837a40376da5bad
GET /partners/kaiyunhk/300x250.gif HTTP/1.1
Host: partwithner.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/gif
content-length: 85327
server: BunnyCDN-DE1-1053
cdn-pullzone: 180951
cdn-uid: 2d5753f4-83f9-44b8-a305-1d8c574bb6ef
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000
last-modified: Wed, 08 Nov 2023 10:52:56 GMT
cdn-storageserver: DE-663
cdn-fileserver: 648
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 206
cdn-cachedat: 11/08/2023 10:55:26
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: 319ecc2be556fb22f840a5239a4ec57a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
172.64.108.10200 OK 1.5 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/style.css
IP 172.64.108.10:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash d482af3feea0098cfb3c87d087773c42
c88ecc253746699fe6f6bb395c076527e2f4c576
c20aa1538df5b42ea9a3e46b1cd9de4f82c33fd47bad6875ef78b9c98a05fb85
GET /sb/ssp/utility/social-media/facebook/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 12:19:14 GMT
etag: W/"6128d842-18be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2768633
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RE%2BijpYug7LeeB7%2BSlmJVFc4xhaq6x86oya5%2Bz3K2yZnGvgCdybcBTVLB4EDYAd9IqkOc2HWxVWCnCm1QWDeHLTIxsL5vFhWyhWqeci%2BRNNzML6F6sUMeQrSmk4uin5qrjlRKmkAu9Xi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af960ad66558-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 347871
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
45.133.44.4200 OK 16 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html
IP 45.133.44.4:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 3419d3b4c38d42b9698fb2096ef6337c
75f5eac62db508f71bd71c2d0c7a804a767ce082
98bc48f08c4ba43682f190672e1d144568e377cee2285d695df12ed0ce478bb9
GET /sb/au/b6/cf/48/b6cf48ca3e8ab4bdbcfaa2279b0fb2bc/1613726822.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 19 Feb 2021 09:27:09 GMT
etag: W/"602f846d-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Mon, 04 Dec 2023 06:35:24 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
tournamentfosterchild.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL GET HTTP/1.1 tournamentfosterchild.com/pixel/sbs?c=1
IP 173.233.137.36:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjecttournamentfosterchild.com
Fingerprint4B:68:95:61:87:54:D0:21:EB:3B:60:5F:51:15:23:32:77:12:F0:79
ValidityTue, 28 Nov 2023 10:42:36 GMT - Mon, 26 Feb 2024 10:42:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: tournamentfosterchild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Cookie: u_pl=17184448; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 05:35:25 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
static.javhdhello.com/h5/files/overlay/1602-overlay-preview.png
185.76.9.14200 OK 1.5 kB URL GET HTTP/2 static.javhdhello.com/h5/files/overlay/1602-overlay-preview.png
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 7083a71bc40e5d85670940c518cacca2
a2caeb7c6ca3960af2881434fb0df0c2241d7288
7c4049c76ecd35b05855df0c6ce7e1157213d9fb92c3b2b05ebf9b5d9bdff03a
GET /h5/files/overlay/1602-overlay-preview.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/png
content-length: 1546
last-modified: Wed, 20 Apr 2022 13:56:48 GMT
etag: "62601120-60a"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3TMcAAQ
x-77-nzt-ray: c0a4cc28aa1068391d656d65fbcfe92f
x-accel-expires: @1716375889
x-accel-date: 1684839889
x-cache-lb: HIT
x-age-lb: 16828236
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16828236
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/overlay/1602-overlay.png
185.76.9.14200 OK 1.8 kB URL GET HTTP/2 static.javhdhello.com/h5/files/overlay/1602-overlay.png
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash f4403fc07b7c414db6ec613317885035
457d3e8f9e9fb0456292efdbd5f18b318e804ea7
00ffbfa9483f4a6e8b85b6ab368a9547cf29e54c1aeb2bfcf81f34ec2bf50ee7
GET /h5/files/overlay/1602-overlay.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/png
content-length: 1839
last-modified: Wed, 20 Apr 2022 13:56:47 GMT
etag: "6260111f-72f"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3TMcAAQ
x-77-nzt-ray: c0a4cc28aa1068391d656d65b78bfe2f
x-accel-expires: @1716375889
x-accel-date: 1684839889
x-cache-lb: HIT
x-age-lb: 16828236
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16828236
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/button/29-button.png
185.76.9.14200 OK 733 B URL GET HTTP/2 static.javhdhello.com/h5/files/button/29-button.png
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Hash 82a66a2d222379716ca9a03ff50d8f42
ae43d917ff791f9172edc527baa6266416182aaa
cc5da7b40e498d30bf5eaae43e59cae32202737076422676489dd8d3030803de
GET /h5/files/button/29-button.png HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: image/png
content-length: 733
last-modified: Tue, 22 Dec 2015 18:41:22 GMT
etag: "56799952-2dd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3TMcAAQ
x-77-nzt-ray: c0a4cc28aa1068391d656d65cf4c3030
x-accel-expires: @1716375889
x-accel-date: 1684839889
x-cache-lb: HIT
x-age-lb: 16828236
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16828236
accept-ranges: bytes
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/video/7027-18130-300x250.medium.mp4
185.76.9.14206 Partial Content 792 kB URL GET HTTP/2 static.javhdhello.com/h5/files/video/7027-18130-300x250.medium.mp4
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]\012- data
Size 792 kB (791970 bytes)
Hash 3b87f68904870e5f29f8cb28ae12c3a2
0628bf376aee08642b0742081951300e59121b06
62bcd9ef005e6c6130a96eafe2575022a787d57d3bf408963b95b9159a8c91d9
GET /h5/files/video/7027-18130-300x250.medium.mp4 HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 206 Partial Content
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: video/mp4
content-length: 791970
last-modified: Thu, 06 Apr 2023 08:22:14 GMT
etag: "642e8136-c15a2"
expires: Tue, 06 Jun 2023 15:27:55 GMT
cache-control: max-age=86400
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3ZygBAA
x-77-nzt-ray: c0a4cc28aa1068391d656d656bbb7138
x-accel-expires: @1701678644
x-accel-date: 1701592246
x-cache-lb: HIT
x-age-lb: 75879
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 75879
content-range: bytes 0-791969/791970
X-Firefox-Spdy: h2
missav.com/fonts/inter-v3-latin-500.woff2
104.26.15.15200 OK 18 kB URL GET HTTP/3 missav.com/fonts/inter-v3-latin-500.woff2
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 17996, version 1.0\012- data
Hash 4f63cf7f7cf530285668c21675dd86ea
8c60c678adc8c2c18e74219fc74441ef1015727d
73f41ad718ee0f9f8e9af244dabe4f9b947efe7748d1c05aac7db2c267de226e
GET /fonts/inter-v3-latin-500.woff2 HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=1; sb_main_62bdca270715b3b43fbac98597c038f1=1; sb_count_62bdca270715b3b43fbac98597c038f1=1; XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7abc03c6-992f-4005-b1e1-a82bee795614%3A2%3A1; cf_clearance=YjVwLSHD67PqNqpXuwgq1ATvr5FEql5IvX95h2QHcbg-1701668124-0-1-730ca2d2.73a07051.5b213570-0.2.1701668124; _ga_Z3V6T9VBM6=GS1.1.1701668129.1.0.1701668129.0.0.0; _ga=GA1.1.1082638699.1701668130; pbpr0tpuw4isk85t8yg3jb2lj5vqf=tournamentfosterchild.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:26 GMT
content-type: application/octet-stream
content-length: 17996
last-modified: Thu, 13 Jul 2023 10:37:00 GMT
etag: "64afd3cc-464c"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=7200
cf-cache-status: HIT
age: 4382
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TNhz8NlvkTPGRR2tTtMqH2d%2FyJu2wZ8LtKh4rjwQaGaZyRheaLmZ%2BF16%2BaBEo8CG4KA7RhaOHLRRDFy8gva13xxVSwu%2BROuSmLtYBJ%2FQ32LuSnVA2gLYjevMYgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af9bbbd256bd-OSL
alt-svc: h3=":443"; ma=86400
missav.com/fonts/halant-v8-latin-500.woff2
104.26.15.15200 OK 19 kB URL GET HTTP/3 missav.com/fonts/halant-v8-latin-500.woff2
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 19160, version 1.0\012- data
Hash 4260fc7f9c31933da88df7ae54b736fd
2b27fbb34bc625848060800256cc4c3ef07b6413
9b6ed215c7918c932945b4b47580c4c612d98bd0ae9b1821dce7bb74e5abb627
GET /fonts/halant-v8-latin-500.woff2 HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=1; sb_main_62bdca270715b3b43fbac98597c038f1=1; sb_count_62bdca270715b3b43fbac98597c038f1=1; XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7abc03c6-992f-4005-b1e1-a82bee795614%3A2%3A1; cf_clearance=YjVwLSHD67PqNqpXuwgq1ATvr5FEql5IvX95h2QHcbg-1701668124-0-1-730ca2d2.73a07051.5b213570-0.2.1701668124; _ga_Z3V6T9VBM6=GS1.1.1701668129.1.0.1701668129.0.0.0; _ga=GA1.1.1082638699.1701668130; pbpr0tpuw4isk85t8yg3jb2lj5vqf=tournamentfosterchild.com
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:26 GMT
content-type: font/woff2
content-length: 19160
last-modified: Sun, 08 Oct 2023 22:32:42 GMT
etag: "65232e0a-4ad8"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: max-age=7200
cf-cache-status: HIT
age: 4382
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdmGO8mEL0Xo2gMGfqX7z82F8jhdZHEZhDNRxuxBzZdgF6IIPaWpH0xA1A31wI9y%2Bk7XKexCSVXs1ukPzDOxaj4Ww3Uo%2BiC4ciH%2B0KGkzO%2FT8FVO87rBjTLK5vM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af9bbbd356bd-OSL
alt-svc: h3=":443"; ma=86400
gsjln04hd.com/chicken.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492
212.117.190.201200 OK 43 B URL GET HTTP/2 gsjln04hd.com/chicken.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998829
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /chicken.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=23120400357fe1909ab86b42adbdcf0c9ef5; OACICAP=ACl2VgAAAAAAAAAB; OACIBLOCK=ACl2VgAAAABlbVzQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
gsjln04hd.com/whob.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492
212.117.190.201200 OK 43 B URL GET HTTP/2 gsjln04hd.com/whob.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998829
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
GET /whob.gif?z=1998829&pb=30fc5bf3a473098909f61829acbe3cb91701675324&psp=pSZHNoS8nhVjUMJwL8MlOYAvI2s_IEZogkZdKiERlzMsRKQBym51pf-9DNLiT4QSy7KLDw0QSpkBTN50refHNiMqT_1kDl0EDZADRLKjauyrxIxXG4eHzlOqCT6KXBxYPLUYmKTL3cxtGE89ATq-iUh0XNmMwO4Qa3vD32t8UWq7eWi1P1Tvk6m_J-5HH3lvmV1_xHUoNrGyGzfM_SnbCdMSrVP1xgyy2BzXq1ORR4mcD1CiNyOoK6b29YucQT5N5sPsu5C6jf-h1CKyhhl7s2rU5Qi8_kUgxorm6z_2Sab57T24glSXKj6CD8rRzOyKYDzyZV76lPvcP12hv2rSBzSrMQ5QQAe-Qwr5n1x7Shvz3WyTGRq9pDi5ni9Y7oRLaQCcVJWqDb9jyuZFA71eNPLV9FV0mHvurqFt9PndhXClNR30ct9XG_FCPFVtaNBrM856y7J3aYo0QPww7rJiwR_sNEseNd5_pqQWXL9mYxQpe8ZZ1e5LZDEydnA3YWQru77CrtbekCoYgrsXMwjvvJNJQM8xNLbfnv_wP6XRsyVuvs5qWbGgyb7eO7ufAGV2coXQUD_VH-cWXAsTEwxYiFmLH6xI61WjOxWPMmkE1jJIkzAaqdcrH2R_O65-59IRzyey4ah2xH7-vvdAbh6IdZwBK4jaHevGLPVhifXEND44d48-6FgQeMizhblDyh2avF9IRIdxHwkGS-hcUFGQu6YucxV0ecpaDO5P5s2XqZQlMHUui3YgZ9xTCCnaWfSoja6eUI1Eatcz7bj5F3EE6Oa88RnCJcij-GzjLR0_yqKPPoHq5oBnlB-au5Yr9pkHevTXQkFh0-Licg3DPvG_iC-D78Y-L8efOXZRAwC7vK4omEDBZKafOX1--JLHkQELvX82tV4F335-Oya7xy4h_gAWLg-4hKR3yZYGqo07M3lEuE_2oRQWqAYJi_SicbCesfhmYMcuFQO85e4uRBpKJdpOSsYAgJWgQoJlEEiAjBDZ0hGUsTkqmZ9sYAXYM33QYhtkMF4D9RutdXFZHnvop3WspRkx8CjJK_7qTF0dNK1x53obXKLCdV8e94wRPREf3XsnWPwk7znd9AjyKjFoGlJJlgowdK0bQLqqUDnu4YrcfpbD9ToSFvoqkOw6FYL6hSR8neIzUuOyG-TAYuCKPzh-96TwWsf0C8A3f2qkMoc4sV6d2-M_AzIO7PmIsDOqPTS_v7krNU10a2bh_4ak28q6jAZ7vkP9MidJLW2sD9hp5jc_0aIJ7rha3AZ9R1fUXaXsx1I32g==&im=1&freq=0&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&pload=1492 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: CHCK=1; UID=23120400357fe1909ab86b42adbdcf0c9ef5; OACICAP=ACl2VgAAAAAAAAAB; OACIBLOCK=ACl2VgAAAABlbVzQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:26 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video0.ts
104.21.70.145200 OK 119 kB URL GET HTTP/2 psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video0.ts
IP 104.21.70.145:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpsjeufks.com
FingerprintB1:A3:6A:41:3F:49:63:19:F3:A7:90:F4:B8:90:B9:A6:D6:5E:13:81
ValidityTue, 28 Nov 2023 19:03:38 GMT - Mon, 26 Feb 2024 19:03:37 GMT
Size 119 kB (119192 bytes)
Hash cb511d01c683f038f9215e67358b0426
7cbbb0deb837bd7fb64973c321a2b57d117c317a
233557fdb72bafa852862288aced4af370a15ba97abc7a22d7afb6c05d819973
GET /f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video0.ts HTTP/1.1
Host: psjeufks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:26 GMT
content-type: video/mp2t
content-length: 119192
access-control-allow-origin: https://missav.com
etag: "cb511d01c683f038f9215e67358b0426"
last-modified: Fri, 01 Dec 2023 15:12:12 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uqaw5IUhRw2xMxvHwOkPaOhW1T72UbOo8CPrmPiv8r6CCsAtsj5tqFg6qaOWdbmmqPhgLEV747QHc6WsXByTUfSpQGsejmfk19oRJ4DJ0gpqo1hc6zGKJ4nTxQi2SN0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af953996b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
missav.com/cdn-cgi/rum?
104.26.15.15204 No Content 0 B IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
content-type: application/json
Content-Length: 17354
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=1; sb_main_62bdca270715b3b43fbac98597c038f1=1; sb_count_62bdca270715b3b43fbac98597c038f1=1; XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7abc03c6-992f-4005-b1e1-a82bee795614%3A2%3A1; cf_clearance=YjVwLSHD67PqNqpXuwgq1ATvr5FEql5IvX95h2QHcbg-1701668124-0-1-730ca2d2.73a07051.5b213570-0.2.1701668124; _ga_Z3V6T9VBM6=GS1.1.1701668129.1.0.1701668129.0.0.0; _ga=GA1.1.1082638699.1701668130; pbpr0tpuw4isk85t8yg3jb2lj5vqf=tournamentfosterchild.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
date: Mon, 04 Dec 2023 05:35:26 GMT
access-control-allow-origin: https://missav.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8301af9e1d0a56bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video1.ts
104.21.70.145200 OK 83 kB URL GET HTTP/2 psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video1.ts
IP 104.21.70.145:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpsjeufks.com
FingerprintB1:A3:6A:41:3F:49:63:19:F3:A7:90:F4:B8:90:B9:A6:D6:5E:13:81
ValidityTue, 28 Nov 2023 19:03:38 GMT - Mon, 26 Feb 2024 19:03:37 GMT
Hash 831cb8443020d9c8ed8e334f5c25b1ac
5c950b7451b6a4f1cd5814bd269f4a3fe7ccb4a6
f4af1098272af7a71669efa3c340f3304eb9b7b1d3cb2eb686129816246d3f35
GET /f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video1.ts HTTP/1.1
Host: psjeufks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:27 GMT
content-type: video/mp2t
content-length: 82908
access-control-allow-origin: https://missav.com
etag: "831cb8443020d9c8ed8e334f5c25b1ac"
last-modified: Fri, 01 Dec 2023 15:12:14 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NM%2FZMpqMdzASnyf3C2Hmz5zT%2BqxwD3Sf7PhyvitF6Xdsmljdx3jR643upIDukRn0JvSJPjc1%2Fd3mPYLfYdhOMy9oX6IXm8kV5cgvrVCEtAjBaLpPIPECIq0N0mFy9mc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301afa07f20b51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=7abc03c6-992f-4005-b1e1-a82bee795614&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=62bdca270715b3b43fbac98597c038f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
192.243.59.12200 OK 1 B URL GET HTTP/1.1 unseenreport.com/pxf.gif?uuid=7abc03c6-992f-4005-b1e1-a82bee795614&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=62bdca270715b3b43fbac98597c038f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5
IP 192.243.59.12:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pxf.gif?uuid=7abc03c6-992f-4005-b1e1-a82bee795614&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=62bdca270715b3b43fbac98597c038f1&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=5 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 04 Dec 2023 05:35:27 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e1f6e5815453f1310acb4c77b6bbdb3a
Strict-Transport-Security: max-age=0; includeSubdomains
psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video2.ts
104.21.70.145200 OK 153 kB URL GET HTTP/2 psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video2.ts
IP 104.21.70.145:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpsjeufks.com
FingerprintB1:A3:6A:41:3F:49:63:19:F3:A7:90:F4:B8:90:B9:A6:D6:5E:13:81
ValidityTue, 28 Nov 2023 19:03:38 GMT - Mon, 26 Feb 2024 19:03:37 GMT
Size 153 kB (152844 bytes)
Hash 98eccef65a51efbc00b9d27214d3cdeb
73727b9d2ac830647afc6f8b238e36ef26d4d634
ce06c08e020a08ce76b1c0604ad1982b3e6e85ee9c6d03babcae61a4770f4aee
GET /f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video2.ts HTTP/1.1
Host: psjeufks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:27 GMT
content-type: video/mp2t
content-length: 152844
access-control-allow-origin: https://missav.com
etag: "98eccef65a51efbc00b9d27214d3cdeb"
last-modified: Fri, 01 Dec 2023 15:47:06 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tABf18q1goVVuvswFORQ4X%2F7Nwscm5Luo59%2B49w5xcI2GYkHgXXOTYwwrxVmcdy4c9gWhrVv%2BqBHn%2BK9JH4I%2FaN08ZshBM1GmLA6QlPKv3OZMWiJrrO24zIV0AfZIt8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301afa2d80cb51d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
missav.com/cdn-cgi/rum?
104.26.15.15204 No Content 0 B IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
Content-Type: application/json
Content-Length: 500
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=1; sb_main_62bdca270715b3b43fbac98597c038f1=1; sb_count_62bdca270715b3b43fbac98597c038f1=1; XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7abc03c6-992f-4005-b1e1-a82bee795614%3A2%3A1; cf_clearance=YjVwLSHD67PqNqpXuwgq1ATvr5FEql5IvX95h2QHcbg-1701668124-0-1-730ca2d2.73a07051.5b213570-0.2.1701668124; _ga_Z3V6T9VBM6=GS1.1.1701668129.1.0.1701668129.0.0.0; _ga=GA1.1.1082638699.1701668130
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/3 204 No Content
date: Mon, 04 Dec 2023 05:35:38 GMT
access-control-allow-origin: https://missav.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 8301afe92a1d56bd-OSL
x-frame-options: DENY
x-content-type-options: nosniff
creative.myavlive.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
104.18.63.130200 OK 13 kB URL GET HTTP/3 creative.myavlive.com/widgets/v4/Universal/main.672e6e87c69b0c60653e.css
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with very long lines (13396), with no line terminators
Hash d55b785d72863fbb8425a36b7d675ec2
546cda15b6fb2a67ce1f102dc82eefb6f749f9c3
a4d09f6a50b6d96e7f22ab12f406dcf44be0d815105018cc5c7f1105fbf597f7
GET /widgets/v4/Universal/main.672e6e87c69b0c60653e.css HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-3454"
expires: Mon, 04 Dec 2023 05:35:23 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
server: cloudflare
cf-ray: 8301af8b9c6956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.myavlive.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1
104.18.63.130200 OK 6.2 kB URL GET HTTP/3 go.myavlive.com/api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type troff or preprocessor input, ASCII text, with very long lines (6641), with no line terminators
Hash add83c9071620665b7cc54e905b8d13e
5b3e413ac26fe9ce02224428c471f936326a655c
a2c226554ade1a078efc8cb40a829cdf1f0d0c9bfebe69d2a30ec9bcf818722a
GET /api/models?tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=4&usePreroll&webp=1 HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Cookie: __cflb=02DiuGyDLPvii6XBe55WcQA8xYvUArStVjtr2D7VU84uA
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
last-modified: Mon, 04 Dec 2023 05:35:09 GMT
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 8301af903f6456a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
go.myavlive.com/api/models?quality=240p&tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
104.18.63.130200 OK 1.7 kB URL GET HTTP/3 go.myavlive.com/api/models?quality=240p&tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type troff or preprocessor input, ASCII text, with very long lines (1844), with no line terminators
Hash abad0b6e46cd680ce4ba291dc03841a1
d7f655a44decc62b578e2a3096c029f452c9ae71
6645132dc56afc75fb49db100a7157759427b48f5aa53582f02548e37792ca6f
GET /api/models?quality=240p&tag=girls%2Fchinese&forceClient=1&stripcashR=0&limit=1&usePreroll&webp=1 HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/json
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
last-modified: Mon, 04 Dec 2023 05:26:07 GMT
cf-cache-status: EXPIRED
set-cookie: __cflb=02DiuGyDLPvii6XBe55WcQA8xYvUArStVjtr2D7VU84uA; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:22 GMT; HttpOnly
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af83189956a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.javhdhello.com/h5/files/css/style.css
185.76.9.14200 OK 2.0 kB URL GET HTTP/2 static.javhdhello.com/h5/files/css/style.css
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type ASCII text, with very long lines (2098), with no line terminators
Hash 17e0f04a6abd6363cebb6b78ace070ca
f5913c8083b7bb7d31a03722a2504f55530f9959
4ff86eaa04fe436210b5190d598eb3e4122d2962ada68abadb7ec554a5f1862e
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3TccAAQ
x-77-nzt-ray: c0a4cc28aa1068391d656d654165d72f
x-accel-expires: @1716375888
x-accel-date: 1684839888
x-cache-lb: HIT
x-age-lb: 16828237
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16828237
content-encoding: gzip
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1701668070/115587642_webp
104.18.63.124200 OK 12 kB URL GET HTTP/3 img.strpst.com/thumbs/1701668070/115587642_webp
IP 104.18.63.124:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c66f33cea2e4783f346c2550bedf676f
386626e70226bd4b844e199512fec859231f60a1
18c2c9fc182b76fb9782fa2fa19d565d5a5e5b74b3d71af492dd9477dde7be53
GET /thumbs/1701668070/115587642_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/webp
content-length: 11874
etag: "c66f33cea2e4783f346c2550bedf676f"
last-modified: Mon, 04 Dec 2023 05:33:35 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 27
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af913c6456b7-OSL
alt-svc: h3=":443"; ma=86400
cdn.cloudfrale.com/bn/681/72c/d48/68172cd48777e890d377b5fba39d218a84cfd02d.mp4
45.133.44.20206 Partial Content 328 kB URL GET HTTP/2 cdn.cloudfrale.com/bn/681/72c/d48/68172cd48777e890d377b5fba39d218a84cfd02d.mp4
IP 45.133.44.20:443
ASN #39572 DataWeb Global Group B.V.
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998875
Certificate IssuerZeroSSL
Subjectcdn.cloudfrale.com
Fingerprint4A:96:98:80:5E:E5:82:7D:6B:94:C6:1F:EC:1E:3C:FD:39:13:0A:41
ValidityMon, 30 Oct 2023 00:00:00 GMT - Sun, 28 Jan 2024 23:59:59 GMT
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 328 kB (328456 bytes)
Hash 27c5c28512a603c8d25a7ee3e0debe25
68172cd48777e890d377b5fba39d218a84cfd02d
9b82808c30e8b16094ff418069b9bbdfe0c5b0fb144b0914eed9ad26386e726b
GET /bn/681/72c/d48/68172cd48777e890d377b5fba39d218a84cfd02d.mp4 HTTP/1.1
Host: cdn.cloudfrale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 206 Partial Content
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: video/mp4
content-length: 328456
server: nginx/1.24.0
etag: 27c5c28512a603c8d25a7ee3e0debe25
last-modified: Sun, 05 Nov 2023 16:31:28 GMT
x-timestamp: 1699201887.17116
x-trans-id: tx23e898a581b64f9b82934-006547ff21
x-openstack-request-id: tx23e898a581b64f9b82934-006547ff21
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
expires: Wed, 06 Dec 2023 05:35:25 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
access-control-allow-origin: *
content-range: bytes 0-328455/328456
X-Firefox-Spdy: h2
gsjln04hd.com/lvesnk.html?zoneid=1998875
212.117.190.201200 OK 103 kB URL GET HTTP/2 gsjln04hd.com/lvesnk.html?zoneid=1998875
IP 212.117.190.201:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64991)
Size 103 kB (103134 bytes)
Hash fd8c7e272fc5d722a633a35115138a6f
02f8cbddb05f0d024e2d1742c824c7560197068b
6c03cbb64dbfe439299664ff71f3c5491b3af939d576ddaf2380c74eff848cf2
GET /lvesnk.html?zoneid=1998875 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html
last-modified: Tue, 21 Nov 2023 12:25:12 GMT
vary: Accept-Encoding
etag: W/"655ca1a8-e1"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
creative.myavlive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
104.18.63.130200 OK 7.4 kB URL GET HTTP/3 creative.myavlive.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with very long lines (7426), with no line terminators
Hash accb14524d737f4e6f0f1431a1336c61
c8288e3630bb6777c052827b334c0e5e2a6532c8
ac8831d4db77d60f11e3c34cc2363dc9c7f0f2e76ba6299a5d0e6af8fdfc1f7d
GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
vary: accept-encoding
server: cloudflare
cf-ray: 8301af83289e56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
tournamentfosterchild.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3k1E0IOKBwWFOXhQkEn39Exmxj0sxjUSjEncH%2BRcv3pSprqrreqenuQUXJA9eBhv6qnzTbJh10XcP0BYOl7WgLDjQXIw%2F4SwJw8yk4HRB1XvffW9w%2Fe9V18f5hckQE7Ptz4z%2B0prutSq%2B7V3t1UiTOFqG7drgV%2F3r9W2VbLcvFYbTC7b%2FyDwW3X%2Fvdonku%2BapYYf%2BH7gB7VVZWVkBktTFip91A3qXb%2FebNSDVhMD%2B3%2Fscg%2BOehD9C%2FIalBgv7jx9DMUrJPHPN6TbzUz6%2FsdxrmlmLPri5E6ym5giQTwvI%2BshSk5m3TBuTMh3V2CSk5kDmP7RxAGYGhPvzwAsOZnJBOsfXyplGjIBEy%2Bh6FeQuoKiFbi5CyWeEYALbGwiie9vGFvQvUuWTtgxWXj%2BN1QxJgt%2FvY4k%2FmlFq0HtltF5pkziMIhKqEEF1auQ5qfI9j2o4hQ8%2BwpK%2FE6Wnq8jiY82nTZQopy6V6qCiipoOQR1HvLJUR7yyEOeeojFeY22upHvtyMWhWGnyTkPQ85bnWXREmGzE%2FnI%2BUTeEFk6BNdDcHuA1B5gVw1h8ydwOyWc8OCyMfE%2BP0BflCgkQeEICkpQKIIiIyj65bHQruHK%2B0K7nAWz3JjlsByZrHdIj03WkwkBtcPD9IK8OpmN98LyE%2BzK89pygwlOG22%2FHbRYyJphxCjvdlrdNvfDThTAqRLKXZna3Vdj8saLXyJVY7K4%2BA8YPYXTp%2BDqFdD8bdBi1G74oDujZsfHfvIwVs7Rfp2bGMKUSLMFZHveob4gb043tLKUQvKz60%2B%2Fn8QP4LZEakt8oX4l6Ol7o5umIEc3TeHI4800U7Hap5Pt3cpoJq8%2B%2FFTuFcaKtRtu%2BOBDPiEm5aPb0mXrNBEq6Tny44oSQtpVY7kkv6y5bcm2crezktskT9e3Plpdi1MrnVMmqUDVM%2FcNuBqTl%2B%2F8Nv2X78QPoGwFm5eI8zMyCyhTgacHcOlcvTMEVs97WOqhyMuRbbD5o1YEWs4xZSXcfzCb14fuHnrWA83uIolL9G2Jvi5B9RAuvzrKUnt2%2FY9wGmDaGzFtvSOmrf72crROnddaQVN2WKfNhWCSi6DdCDuh7zeEaLa7Mugic2MZy7f%2BBQAA%2F%2F8BAAD%2F%2FzvUSEVvBAAA
173.233.137.36200 OK 0 B URL GET HTTP/1.1 tournamentfosterchild.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3k1E0IOKBwWFOXhQkEn39Exmxj0sxjUSjEncH%2BRcv3pSprqrreqenuQUXJA9eBhv6qnzTbJh10XcP0BYOl7WgLDjQXIw%2F4SwJw8yk4HRB1XvffW9w%2Fe9V18f5hckQE7Ptz4z%2B0prutSq%2B7V3t1UiTOFqG7drgV%2F3r9W2VbLcvFYbTC7b%2FyDwW3X%2Fvdonku%2BapYYf%2BH7gB7VVZWVkBktTFip91A3qXb%2FebNSDVhMD%2B3%2Fscg%2BOehD9C%2FIalBgv7jx9DMUrJPHPN6TbzUz6%2FsdxrmlmLPri5E6ym5giQTwvI%2BshSk5m3TBuTMh3V2CSk5kDmP7RxAGYGhPvzwAsOZnJBOsfXyplGjIBEy%2Bh6FeQuoKiFbi5CyWeEYALbGwiie9vGFvQvUuWTtgxWXj%2BN1QxJgt%2FvY4k%2FmlFq0HtltF5pkziMIhKqEEF1auQ5qfI9j2o4hQ8%2BwpK%2FE6Wnq8jiY82nTZQopy6V6qCiipoOQR1HvLJUR7yyEOeeojFeY22upHvtyMWhWGnyTkPQ85bnWXREmGzE%2FnI%2BUTeEFk6BNdDcHuA1B5gVw1h8ydwOyWc8OCyMfE%2BP0BflCgkQeEICkpQKIIiIyj65bHQruHK%2B0K7nAWz3JjlsByZrHdIj03WkwkBtcPD9IK8OpmN98LyE%2BzK89pygwlOG22%2FHbRYyJphxCjvdlrdNvfDThTAqRLKXZna3Vdj8saLXyJVY7K4%2BA8YPYXTp%2BDqFdD8bdBi1G74oDujZsfHfvIwVs7Rfp2bGMKUSLMFZHveob4gb043tLKUQvKz60%2B%2Fn8QP4LZEakt8oX4l6Ol7o5umIEc3TeHI4800U7Hap5Pt3cpoJq8%2B%2FFTuFcaKtRtu%2BOBDPiEm5aPb0mXrNBEq6Tny44oSQtpVY7kkv6y5bcm2crezktskT9e3Plpdi1MrnVMmqUDVM%2FcNuBqTl%2B%2F8Nv2X78QPoGwFm5eI8zMyCyhTgacHcOlcvTMEVs97WOqhyMuRbbD5o1YEWs4xZSXcfzCb14fuHnrWA83uIolL9G2Jvi5B9RAuvzrKUnt2%2FY9wGmDaGzFtvSOmrf72crROnddaQVN2WKfNhWCSi6DdCDuh7zeEaLa7Mugic2MZy7f%2BBQAA%2F%2F8BAAD%2F%2FzvUSEVvBAAA
IP 173.233.137.36:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjecttournamentfosterchild.com
Fingerprint4B:68:95:61:87:54:D0:21:EB:3B:60:5F:51:15:23:32:77:12:F0:79
ValidityTue, 28 Nov 2023 10:42:36 GMT - Mon, 26 Feb 2024 10:42:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3k1E0IOKBwWFOXhQkEn39Exmxj0sxjUSjEncH%2BRcv3pSprqrreqenuQUXJA9eBhv6qnzTbJh10XcP0BYOl7WgLDjQXIw%2F4SwJw8yk4HRB1XvffW9w%2Fe9V18f5hckQE7Ptz4z%2B0prutSq%2B7V3t1UiTOFqG7drgV%2F3r9W2VbLcvFYbTC7b%2FyDwW3X%2Fvdonku%2BapYYf%2BH7gB7VVZWVkBktTFip91A3qXb%2FebNSDVhMD%2B3%2Fscg%2BOehD9C%2FIalBgv7jx9DMUrJPHPN6TbzUz6%2FsdxrmlmLPri5E6ym5giQTwvI%2BshSk5m3TBuTMh3V2CSk5kDmP7RxAGYGhPvzwAsOZnJBOsfXyplGjIBEy%2Bh6FeQuoKiFbi5CyWeEYALbGwiie9vGFvQvUuWTtgxWXj%2BN1QxJgt%2FvY4k%2FmlFq0HtltF5pkziMIhKqEEF1auQ5qfI9j2o4hQ8%2BwpK%2FE6Wnq8jiY82nTZQopy6V6qCiipoOQR1HvLJUR7yyEOeeojFeY22upHvtyMWhWGnyTkPQ85bnWXREmGzE%2FnI%2BUTeEFk6BNdDcHuA1B5gVw1h8ydwOyWc8OCyMfE%2BP0BflCgkQeEICkpQKIIiIyj65bHQruHK%2B0K7nAWz3JjlsByZrHdIj03WkwkBtcPD9IK8OpmN98LyE%2BzK89pygwlOG22%2FHbRYyJphxCjvdlrdNvfDThTAqRLKXZna3Vdj8saLXyJVY7K4%2BA8YPYXTp%2BDqFdD8bdBi1G74oDujZsfHfvIwVs7Rfp2bGMKUSLMFZHveob4gb043tLKUQvKz60%2B%2Fn8QP4LZEakt8oX4l6Ol7o5umIEc3TeHI4800U7Hap5Pt3cpoJq8%2B%2FFTuFcaKtRtu%2BOBDPiEm5aPb0mXrNBEq6Tny44oSQtpVY7kkv6y5bcm2crezktskT9e3Plpdi1MrnVMmqUDVM%2FcNuBqTl%2B%2F8Nv2X78QPoGwFm5eI8zMyCyhTgacHcOlcvTMEVs97WOqhyMuRbbD5o1YEWs4xZSXcfzCb14fuHnrWA83uIolL9G2Jvi5B9RAuvzrKUnt2%2FY9wGmDaGzFtvSOmrf72crROnddaQVN2WKfNhWCSi6DdCDuh7zeEaLa7Mugic2MZy7f%2BBQAA%2F%2F8BAAD%2F%2FzvUSEVvBAAA HTTP/1.1
Host: tournamentfosterchild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Cookie: u_pl=17184448; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 05:35:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 931895543f17bb060c5c84c8d96d4ac7
Strict-Transport-Security: max-age=0; includeSubdomains
creative.myavlive.com/widgets/Player/main.a4a2518a3cc568b9c8a2.css
104.18.63.130200 OK 4.5 kB URL GET HTTP/3 creative.myavlive.com/widgets/Player/main.a4a2518a3cc568b9c8a2.css
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with very long lines (4550), with no line terminators
Hash c0593fd2c46b8a5d06769bf4a4493d12
46f525644df025b2221f59e9127311c009a33b46
2f1ee6a18846773d238e3d58572fe01b383087aebb88c46cb21485a73c0d8c0f
GET /widgets/Player/main.a4a2518a3cc568b9c8a2.css HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:21 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-11bf"
expires: Mon, 04 Dec 2023 05:35:22 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
server: cloudflare
cf-ray: 8301af7ecef356a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gsjln04hd.com/get/1998829?zoneid=1998829&jp=_cl1tazlk2zwy6zzhxydgze&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&freq=0
212.117.190.201200 OK 6.5 kB URL GET HTTP/2 gsjln04hd.com/get/1998829?zoneid=1998829&jp=_cl1tazlk2zwy6zzhxydgze&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&freq=0
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998829
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (6613), with no line terminators
Hash 642f6f80b2fe6ef3365000ebadd85ed3
5341c4d53312d24038705d77e482e86e45f33b49
9e86935a8e151f7e6c00edf91b584c7371002bcb72bed48ee84f84da821951fa
GET /get/1998829?zoneid=1998829&jp=_cl1tazlk2zwy6zzhxydgze&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=7429869917018112&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gsjln04hd.com/lvesnk.html?zoneid=1998829
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=23120400357fe1909ab86b42adbdcf0c9ef5; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
185.76.9.14200 OK 3.4 kB URL GET HTTP/2 static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://r.trackwilltrk.com/s1/115943b0-3815-4fab-802c-c421a48b5d61?externalId=23120400350cd64b5f16aa4667a072e0a3e0&cost=0.000012999999&cv1=1998829&cv2=2658183
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3586), with no line terminators
Hash 1c13a64fb37b4d41bcaaf0450c60a1f2
b35c410dc33ed3bcaaadc037e2d2f9553d099b05
f1b64ca66984768c1fcb73274033b0e45515f1f4c3a3c3cd9a34192aa2bf5f8e
GET /h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://r.trackwilltrk.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Mon, 27 Nov 2023 08:51:08 GMT
etag: W/"6564587c-d2a"
expires: Wed, 03 Jan 2024 05:35:25 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-77-nzt: EwgBuUwJDQFBCAG5TAoJAUEIAdRmOJkBQQ
x-77-nzt-ray: c0a4cc28aa1068391d656d659ff5a31f
x-77-cache: MISS
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: MISS, MISS
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.134200 OK 734 B URL GET HTTP/2 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.134:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash 16d49c7d749177c1b1c4c22e41fa3325
6808cd84e6d4ac4c099b29ab5df7a09eecad6a51
4fa786114a6f03c7cf37c199aaa79125d9263867eaf9f6da0a70a289e5285943
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:22 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 8301af8fbbff56cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
edge-hls.doppiocdn.com/hls/103721484/master/103721484_240p.m3u8
104.18.63.134200 OK 226 B URL GET HTTP/2 edge-hls.doppiocdn.com/hls/103721484/master/103721484_240p.m3u8
IP 104.18.63.134:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash 9e5d17f2aa56f981cc0a744ea3b1118b
9964adf4455f65729f335111d19697614be81123
2c7780871211e7b4189372207b595e379f5c11733159c49e3fa5cdee5da6b90d
GET /hls/103721484/master/103721484_240p.m3u8 HTTP/1.1
Host: edge-hls.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:17 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=3, s-maxage=3
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 1
server: cloudflare
cf-ray: 8301af8deb6356cc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.plyr.io/3.6.8/plyr.svg
104.27.195.88200 OK 5.8 kB URL GET HTTP/2 cdn.plyr.io/3.6.8/plyr.svg
IP 104.27.195.88:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectcdn.plyr.io
FingerprintFF:35:46:8D:1D:83:62:00:F8:34:EB:16:F5:68:58:8E:B1:61:55:A9
ValidityWed, 12 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document, ASCII text, with very long lines (5911), with no line terminators
Hash 0515cfb132a7e4e063467814f50e32c4
2d89955170c71b3c1678526168318edd55e16996
f5322aaaaa48e83be4443010300845989622757a8b98ccab908f1e650171e4e2
GET /3.6.8/plyr.svg HTTP/1.1
Host: cdn.plyr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
etag: W/"3a727a9b7eef825081d78cc6e48aaadf"
last-modified: Thu, 20 Apr 2023 10:33:44 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 945100
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohNqmm22I7SyDcySmGcA5LW33om2KM5TdjzNJ%2FJMvAKLSj3DUqu%2BM3xDzzyz1UdTxiapyRLTPxZQArk1hPTq%2Fv9JggvZgzrPfwxIwWR%2BGVccqkLaUHOrdWHqaOd8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af906ace5685-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
172.64.108.10200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/css/animate.css
IP 172.64.108.10:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/ssp/utility/social-media/facebook/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: text/css
last-modified: Sat, 20 Feb 2021 08:44:40 GMT
etag: W/"6030cbf8-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1734639
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZLR7z6%2BZwwn4%2FPYjZnKf3LV6eMwH%2FHKl1OaBU7jx9mUPfopYvmt%2Fmc8CBUjuIF1mgau0zeBn7VxhzSfmoORZF3NAerJIlvYczV7ZPMgLjqVxPgc1DCNpYXE7EIht6JsVPR1P2w07Gs%2FZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af961ad96558-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
missav.com/js/plyr-plugin-thumbnail.js
104.26.15.15200 OK 7.5 kB URL GET HTTP/3 missav.com/js/plyr-plugin-thumbnail.js
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (7533), with no line terminators
Hash 11d8ce57d4ae806d7594a2a0e77122cd
f0a0bf347562cd24a6a853fcb5c4863e857139db
3dd31870744c00b8023784cbbff2aeb814df0bc39dcdb13bcd106913e48a8f64
GET /js/plyr-plugin-thumbnail.js HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://missav.com/dm54/en/prtd-022
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: application/javascript; charset=utf-8
cf-bgj: minify
cf-polished: origSize=7462
etag: W/"65232dd2-1d26"
last-modified: Sun, 08 Oct 2023 22:31:46 GMT
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cache-control: max-age=7200
cf-cache-status: HIT
age: 4718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYsocW1c8%2FqU7KwjqxUSck5XJY8kXmD3osQd84TIZtIB4inatOF9fFY5zWTy0o1k2jMjet%2BgHgTDKo%2F3zwSVF9JoQxFduNxY3t9LiVHS9LcmFcBhR7eKd%2Bw1X8k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af76f95756bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
gsjln04hd.com/lvesnk.html?zoneid=1998877
212.117.190.201200 OK 103 kB URL GET HTTP/2 gsjln04hd.com/lvesnk.html?zoneid=1998877
IP 212.117.190.201:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (64991)
Size 103 kB (103134 bytes)
Hash 580932a2a25d01147b04eea87c89c57f
449e41316b470a8d46061ec08ff1cf790db5452c
1809b80c9780a454bda401772a051cda2887381aa806622b77b3f8882378b7db
GET /lvesnk.html?zoneid=1998877 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html
last-modified: Tue, 21 Nov 2023 12:25:12 GMT
vary: Accept-Encoding
etag: W/"655ca1a8-e1"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.122200 OK 734 B URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash 18ff1072e6ad4ef5a26eef4cdccedf8b
6b4a13fa6d699a76edf3c8edfbf95aae660962f4
f9d3ac99ce5676339f283fb93399c819692a496d671928123f86c412f7b44c03
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:24 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8301af9b3cbb56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/widgets/v4/Universal/lang/en.json
104.18.63.130200 OK 172 B URL GET HTTP/3 creative.myavlive.com/widgets/v4/Universal/lang/en.json
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with no line terminators
Hash 402f4a06b5dcf96d25dd4ff1f840784b
edebb253af01ef1882f424ee6278368485898d62
bd570b38d9d687c593545a7b250570605c601381f3d3d5263346b295e12a55ba
GET /widgets/v4/Universal/lang/en.json HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
DNT: 1
Connection: keep-alive
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/json
last-modified: Thu, 30 Nov 2023 11:57:19 GMT
etag: W/"6568789f-ac"
expires: Mon, 04 Dec 2023 05:35:33 GMT
cache-control: max-age=10
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8301af8eae6156a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
missav.com/cdn-cgi/challenge-platform/h/b/jsd/r/8301af72bc05b50c
104.26.15.15200 OK 0 B URL POST HTTP/3 missav.com/cdn-cgi/challenge-platform/h/b/jsd/r/8301af72bc05b50c
IP 104.26.15.15:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintB0:C4:00:C7:FA:8A:4D:86:31:47:35:84:28:9A:7B:33:08:6E:77:00
ValidityMon, 22 May 2023 00:00:00 GMT - Tue, 21 May 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/challenge-platform/h/b/jsd/r/8301af72bc05b50c HTTP/1.1
Host: missav.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12187
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/dm54/en/prtd-022
Cookie: user_uuid=593479cf-0e66-4802-9d9d-3d58b60e8dae; sb_page_62bdca270715b3b43fbac98597c038f1=1; sb_onpage_62bdca270715b3b43fbac98597c038f1=1; sb_main_62bdca270715b3b43fbac98597c038f1=1; sb_count_62bdca270715b3b43fbac98597c038f1=1; XSRF-TOKEN=eyJpdiI6IlhUWFFTSmI2d1Fxc28remU5RDhrQnc9PSIsInZhbHVlIjoiNjBlQ0JScW1lbE5sMUxqU3JvZ0FsSEg0MVF4ekk1MG5sRGFhSjJ0MzJ0bHVwdTdVL2VnYkd6KzEwRTZLM2RJM09uUnkzVkErTHk0Sy9ESEtqcDNKYlBIUnpvVW9XNUloYWJBQklGbXNObWF5NksrdjN6RDV5L0Fqd0VpSEtWVnUiLCJtYWMiOiIwYmQwMjQ4MzMwOGFiODZlMTgwMGI3MTM5YjA1OWM0YjYzM2Y2Nzk2OGI0MGZjZWZlNjllY2E1NzRiNGYwZDkyIiwidGFnIjoiIn0%3D; missav_session=eyJpdiI6ImhUckdUTVhqaWkwR0ZUd2JreHFjeUE9PSIsInZhbHVlIjoiMkEvc2J3bzQwZ2ZtMStmWm9uT25vdENiN3VlNXJtbllXdkdINHJCYVdQSFd4NS9pT3RBZWdhT21iVExKbGFhRWs1YTI0ck56SDNLT2VGV1h3VGp2Yk1xcTU1Zkp2UEdaVkU5ZWJVUGN0KzVyWFBsNVZRSlNNWU9ZYmM1Z3I2akciLCJtYWMiOiJlMTliNzcyNmJlYmQzNjAzNGQxMWE5OGMyMDE5N2RjOWE3MDIwYjdlZWI5YWZlODk1MWM5YTc3MDBkODEyYmE4IiwidGFnIjoiIn0%3D; itoOuToH0Vb1ue2mLqvLFkqoSknsB1RqjNm0jOXj=eyJpdiI6InkwUEtVZmErNTdOakR6VkxzbURNSkE9PSIsInZhbHVlIjoiT0RHNjRESzJ4V09sNksvUk9zYUE1eTM4RzhqUkNRWG4yTm1UanF3ZDF5bmdyVVFrdWdIRUlrTDRRdG8xNERJZlZpTFpyOTZOdFB0TXRLVmN1OFpvRTkzYXFMd0kzV2tKTG5MV0lVM0kzKzVFVHhWVnM3bzVMNlVJalg2YjQwNkdSVXR6WHpQWFRJWFBpVlVCUkxBWVhzc0VuWEZ0OFhCOTZUSjVMN2lHSVJtamVqL213TkVZOEFOc2NPUjhiRkc1S1FqdXRxcldvemtPL3Y2ejU4b01CNzFsbzhZOFRnczE2S3R1Q3BsYlR3dGtWVng4OG9od0d3K1RNUk9UcnpDWkZuWGxSenpQWXVIR2JwVExjL2JSY0VxN3BvZUtQRE4xREdndGJXQ1lKYXZNMGh3cjRVWTBBTlFoVVNRZHZ1Qm5jeXYrb3ZtOEpQTERkYkYveW9rUWQ3K3VOTDk0L3dIM2N0ckpOenQwTTJaVURCRUZ0WEtWc1JrYzYweDFmZHpWTUlCQmZUY1RnN1RqMSsyTEtOMFc3dz09IiwibWFjIjoiZjkxZWY3ZDczNjlmYjc1ZTBjMDFiNjU1Zjg1Mjg1N2I4YTlkNGFlMDM0NmZlMjlmZjAyMGJmZTdhNzNmMTdlZiIsInRhZyI6IiJ9; dom3ic8zudi28v8lr6fgphwffqoz0j6c=7abc03c6-992f-4005-b1e1-a82bee795614%3A2%3A1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/plain; charset=UTF-8
set-cookie: cf_clearance=YjVwLSHD67PqNqpXuwgq1ATvr5FEql5IvX95h2QHcbg-1701668124-0-1-730ca2d2.73a07051.5b213570-0.2.1701668124; path=/; expires=Tue, 03-Dec-24 05:35:24 GMT; domain=.missav.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Fk1839n6P%2B9gsLtB%2B%2B30K0WZ1ZI6iaz2ELn4ebXUWdXrTEsYkTPAj%2Fi42fEoAaBF9H8a2zPQfgTL3tBFeYduwcz7RbUF98cABb0wctVwQ82bC3w8zI3y0iiLLA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af8f7dd556bd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/widgets/Player/vendors~hls.5499a65d0c176235a5e2.js
104.18.63.130200 OK 178 kB URL GET HTTP/3 creative.myavlive.com/widgets/Player/vendors~hls.5499a65d0c176235a5e2.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with very long lines (45140)
Size 178 kB (177865 bytes)
Hash 65a8da064493d0e9642391b22d61bfd1
3fd2753ae2dfb1cbe52f22c70c01b81d0c2859fb
6204dac7bbefec97df566df4120d930295eeeb2eedb38861a1453df7fa9f6b81
GET /widgets/Player/vendors~hls.5499a65d0c176235a5e2.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-2b6c9"
expires: Mon, 04 Dec 2023 05:35:24 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
server: cloudflare
cf-ray: 8301af8abbfe56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.122200 OK 734 B URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash 6d38eabfa9cb7db2f3a3a4bdc15d216d
04aa47cda2bb5f63136e1a4f522dbf12649ed1d9
b7ea5064bd7b5d8f6b199eb36f85b90b231cdd8335a2b7c84641bb5309ba4611
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:33 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:32 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8301afcd2e6256c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/widgets/Player/main.a4a2518a3cc568b9c8a2.js
104.18.63.130200 OK 236 kB URL GET HTTP/3 creative.myavlive.com/widgets/Player/main.a4a2518a3cc568b9c8a2.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Size 236 kB (236113 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widgets/Player/main.a4a2518a3cc568b9c8a2.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:21 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-39a51"
expires: Mon, 04 Dec 2023 05:35:23 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
server: cloudflare
cf-ray: 8301af7edef756a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
creative.myavlive.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
104.18.63.130302 Found 7.4 kB URL GET HTTP/3 creative.myavlive.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 302 Found
date: Mon, 04 Dec 2023 05:35:22 GMT
vary: accept-encoding
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/56d3063b/main.js
server: cloudflare
cf-ray: 8301af82a86a56a4-OSL
alt-svc: h3=":443"; ma=86400
gsjln04hd.com/get/1998909?zoneid=1998909&jp=_clshg2v17ueqd09h0qi0r6&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=1237420429344768&eclog=0&sp=1&im=1&freq=0
212.117.190.201200 OK 5.0 kB URL GET HTTP/2 gsjln04hd.com/get/1998909?zoneid=1998909&jp=_clshg2v17ueqd09h0qi0r6&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=1237420429344768&eclog=0&sp=1&im=1&freq=0
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998909
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (5091), with no line terminators
Hash 51e82e7e63ab807f6eb250bdf2feb344
cc77ded199f0030b28ca66f982887a6290963cc9
66278d4087bfcd1e5e90bda63368cc67dbf6c7fb66241f2ea6481d568d99497e
GET /get/1998909?zoneid=1998909&jp=_clshg2v17ueqd09h0qi0r6&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=1237420429344768&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gsjln04hd.com/lvesnk.html?zoneid=1998909
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
UID=231204003558b1ce0ac9634915a2b2b94080; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 375689
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
gsjln04hd.com/get/1998875?zoneid=1998875&jp=_clqiy1mhb7p3itrjswiew8&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8555769823881216&eclog=0&sp=1&im=1&freq=0
212.117.190.201200 OK 5.0 kB URL GET HTTP/2 gsjln04hd.com/get/1998875?zoneid=1998875&jp=_clqiy1mhb7p3itrjswiew8&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8555769823881216&eclog=0&sp=1&im=1&freq=0
IP 212.117.190.201:443
Requested by https://gsjln04hd.com/lvesnk.html?zoneid=1998875
Certificate IssuerBuypass AS-983163327
Subject
FingerprintDA:95:D2:66:69:4B:84:11:36:30:38:95:5B:DD:82:8F:04:B3:76:0D
ValiditySat, 28 Oct 2023 12:06:25 GMT - Wed, 24 Apr 2024 21:59:00 GMT
File type ASCII text, with very long lines (5091), with no line terminators
Hash 42a076b3048e469b433d9cb0b459a4eb
cf0c3f10ecb9098f9404170554dd575db96bcae7
2ff576deb409315384e4f0c37b842da0219a0f6b2202db77dcbb8d325230dfe9
GET /get/1998875?zoneid=1998875&jp=_clqiy1mhb7p3itrjswiew8&nojs=0&abvar=0&febuild=1.0.179&t=0&wcks=1&wgl=0&cnvs=1&os=0&ss=1&ls=1&bb=0&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&ix=0&x=801&y=801&md=0&afid=8555769823881216&eclog=0&sp=1&im=1&freq=0 HTTP/1.1
Host: gsjln04hd.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://gsjln04hd.com/lvesnk.html?zoneid=1998875
Cookie: CHCK=1; UID=23120400357fe1909ab86b42adbdcf0c9ef5
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Mon, 06 Jan 2025 05:35:24 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
tournamentfosterchild.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWtkRRStN5OIoAsVFwoKvXChIJ33%2BiPd7SwG4xgJxiTOB1nX1%2BuUqffqWfU%2BOlkFB2QWLtqduno5nUyYcRDnBwjDi5sxIEy7kCzMnxBm5UK609B6oereU%2Bcuzrm3vj7MLkiAjJ5vfWb2ldZ0qV33a%2B9uq1iYwtU2btcCv%2B5fq22reLl1rTaYXDb%2FIPDbdf%2B92ieS75qlhh%2F4fuAHtVVlZWgGS1MWKnnUC%2Bo9v95q1IN2CwP7f%2BwyD456EPkFeQ1KjBd3nj6G4hXi6Ocb0u2mJnn%2F4yjTNDUWuTi5E%2B%2FGpogRzcvQegjjk1k3jBsT8t0VmPhk5gAmP5o4AFNj4v0ZgMUnM5lg%2BfGlUqYhYzDxEoq8gtQVFK3AzV0o8YwAXGBjE3F0f8PYgu5dsnTCjsnC87%2BhijFZ%2BOt1xNFPK1oNareMzlJlYodBWEINKqh%2BhSQ7RbrvQRWn4OlXUOJ3svR8HXF0tOm0gRLl1L1SFVRYQcshqPOQTY7ykIUessRDJM5rtN0Lfb8TsrDZ7LY4580m5%2B3usmiLZqsb%2Bsj4RN4QaTIE10Nwe4DEHmBXDWGzJ3A7JZzw4NIx8T4%2FQC5KFJKgcAQFJSgUQZESFHl5LLRruPK%2B0C5jwSw3ZrlZjkzaP6THJu3LmIDa4WFyQV6dzMZ7YfkJduV5bbnBBKeNjt8J2qzJWs2QUd7rtnsd7je7YQCnSih3ZWp3X43JGy9%2BiUSNyeLiP2D0FE6fgqtXQLO3QYtRp%2BGD7oxaXR%2F78cNIOUfzOjcRhCmRpAtI97xDfUHenG5oZSmB5GfXn34%2FiR%2FAbYnElvhC%2FUrQ1%2FdGN01Bjm6awpHHm0mqIrVPJ9u7ldJUXn34qdwrjBVrN9zwwYd8QkzKR7elS9dpLFTcd%2BTHFSWEtKvGckl%2BWXPbkm1lbmcls3GWrG99tLoWJVY6p0xcgapn7htwNSYv3%2Flt%2Bi%2FfiR5A2Qo2KxFlZ2QWUKYCTw7gkrl6ZwisnvewxEORlSPbYPNHrQi0nGPKSrj%2FYDavD9099K0Hmt5FHJXIbYlcl6B6CJddHaWJPbv%2BR3MaYNobMW29I6at%2FvZytE6d12Q79EPpNyQLeyzsUF%2F0wlaP0V4gO6xNA6RuLCP51r8AAAD%2F%2FwEAAP%2F%2FL9zGo28EAAA%3D
173.233.137.36200 OK 0 B URL GET HTTP/1.1 tournamentfosterchild.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTWtkRRStN5OIoAsVFwoKvXChIJ33%2BiPd7SwG4xgJxiTOB1nX1%2BuUqffqWfU%2BOlkFB2QWLtqduno5nUyYcRDnBwjDi5sxIEy7kCzMnxBm5UK609B6oereU%2Bcuzrm3vj7MLkiAjJ5vfWb2ldZ0qV33a%2B9uq1iYwtU2btcCv%2B5fq22reLl1rTaYXDb%2FIPDbdf%2B92ieS75qlhh%2F4fuAHtVVlZWgGS1MWKnnUC%2Bo9v95q1IN2CwP7f%2BwyD456EPkFeQ1KjBd3nj6G4hXi6Ocb0u2mJnn%2F4yjTNDUWuTi5E%2B%2FGpogRzcvQegjjk1k3jBsT8t0VmPhk5gAmP5o4AFNj4v0ZgMUnM5lg%2BfGlUqYhYzDxEoq8gtQVFK3AzV0o8YwAXGBjE3F0f8PYgu5dsnTCjsnC87%2BhijFZ%2BOt1xNFPK1oNareMzlJlYodBWEINKqh%2BhSQ7RbrvQRWn4OlXUOJ3svR8HXF0tOm0gRLl1L1SFVRYQcshqPOQTY7ykIUessRDJM5rtN0Lfb8TsrDZ7LY4580m5%2B3usmiLZqsb%2Bsj4RN4QaTIE10Nwe4DEHmBXDWGzJ3A7JZzw4NIx8T4%2FQC5KFJKgcAQFJSgUQZESFHl5LLRruPK%2B0C5jwSw3ZrlZjkzaP6THJu3LmIDa4WFyQV6dzMZ7YfkJduV5bbnBBKeNjt8J2qzJWs2QUd7rtnsd7je7YQCnSih3ZWp3X43JGy9%2BiUSNyeLiP2D0FE6fgqtXQLO3QYtRp%2BGD7oxaXR%2F78cNIOUfzOjcRhCmRpAtI97xDfUHenG5oZSmB5GfXn34%2FiR%2FAbYnElvhC%2FUrQ1%2FdGN01Bjm6awpHHm0mqIrVPJ9u7ldJUXn34qdwrjBVrN9zwwYd8QkzKR7elS9dpLFTcd%2BTHFSWEtKvGckl%2BWXPbkm1lbmcls3GWrG99tLoWJVY6p0xcgapn7htwNSYv3%2Flt%2Bi%2FfiR5A2Qo2KxFlZ2QWUKYCTw7gkrl6ZwisnvewxEORlSPbYPNHrQi0nGPKSrj%2FYDavD9099K0Hmt5FHJXIbYlcl6B6CJddHaWJPbv%2BR3MaYNobMW29I6at%2FvZytE6d12Q79EPpNyQLeyzsUF%2F0wlaP0V4gO6xNA6RuLCP51r8AAAD%2F%2FwEAAP%2F%2FL9zGo28EAAA%3D
IP 173.233.137.36:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjecttournamentfosterchild.com
Fingerprint4B:68:95:61:87:54:D0:21:EB:3B:60:5F:51:15:23:32:77:12:F0:79
ValidityTue, 28 Nov 2023 10:42:36 GMT - Mon, 26 Feb 2024 10:42:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTWtkRRStN5OIoAsVFwoKvXChIJ33%2BiPd7SwG4xgJxiTOB1nX1%2BuUqffqWfU%2BOlkFB2QWLtqduno5nUyYcRDnBwjDi5sxIEy7kCzMnxBm5UK609B6oereU%2Bcuzrm3vj7MLkiAjJ5vfWb2ldZ0qV33a%2B9uq1iYwtU2btcCv%2B5fq22reLl1rTaYXDb%2FIPDbdf%2B92ieS75qlhh%2F4fuAHtVVlZWgGS1MWKnnUC%2Bo9v95q1IN2CwP7f%2BwyD456EPkFeQ1KjBd3nj6G4hXi6Ocb0u2mJnn%2F4yjTNDUWuTi5E%2B%2FGpogRzcvQegjjk1k3jBsT8t0VmPhk5gAmP5o4AFNj4v0ZgMUnM5lg%2BfGlUqYhYzDxEoq8gtQVFK3AzV0o8YwAXGBjE3F0f8PYgu5dsnTCjsnC87%2BhijFZ%2BOt1xNFPK1oNareMzlJlYodBWEINKqh%2BhSQ7RbrvQRWn4OlXUOJ3svR8HXF0tOm0gRLl1L1SFVRYQcshqPOQTY7ykIUessRDJM5rtN0Lfb8TsrDZ7LY4580m5%2B3usmiLZqsb%2Bsj4RN4QaTIE10Nwe4DEHmBXDWGzJ3A7JZzw4NIx8T4%2FQC5KFJKgcAQFJSgUQZESFHl5LLRruPK%2B0C5jwSw3ZrlZjkzaP6THJu3LmIDa4WFyQV6dzMZ7YfkJduV5bbnBBKeNjt8J2qzJWs2QUd7rtnsd7je7YQCnSih3ZWp3X43JGy9%2BiUSNyeLiP2D0FE6fgqtXQLO3QYtRp%2BGD7oxaXR%2F78cNIOUfzOjcRhCmRpAtI97xDfUHenG5oZSmB5GfXn34%2FiR%2FAbYnElvhC%2FUrQ1%2FdGN01Bjm6awpHHm0mqIrVPJ9u7ldJUXn34qdwrjBVrN9zwwYd8QkzKR7elS9dpLFTcd%2BTHFSWEtKvGckl%2BWXPbkm1lbmcls3GWrG99tLoWJVY6p0xcgapn7htwNSYv3%2Flt%2Bi%2FfiR5A2Qo2KxFlZ2QWUKYCTw7gkrl6ZwisnvewxEORlSPbYPNHrQi0nGPKSrj%2FYDavD9099K0Hmt5FHJXIbYlcl6B6CJddHaWJPbv%2BR3MaYNobMW29I6at%2FvZytE6d12Q79EPpNyQLeyzsUF%2F0wlaP0V4gO6xNA6RuLCP51r8AAAD%2F%2FwEAAP%2F%2FL9zGo28EAAA%3D HTTP/1.1
Host: tournamentfosterchild.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Cookie: u_pl=17184448; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 04 Dec 2023 05:35:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f682903ccdb48527edd2c7c0e79e8f67
Strict-Transport-Security: max-age=0; includeSubdomains
go.myavlive.com/config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2FPlayer%3Fquality%3D240p%26autoplay%3Dall%26tag%3Dgirls%2Fchinese%26campaignId%3Dside_player
104.18.63.130200 OK 7.2 kB URL GET HTTP/2 go.myavlive.com/config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2FPlayer%3Fquality%3D240p%26autoplay%3Dall%26tag%3Dgirls%2Fchinese%26campaignId%3Dside_player
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with very long lines (9398), with no line terminators
Hash 6cc05336e9c825d6a12c249e36806f62
f4cd56e2ba259447ea1dbea01194c027831ddc51
fc02e8355230c502725c86901037714a7cdf17d069f3db94f4f09846b652e0e3
GET /config?url=https%3A%2F%2Fcreative.myavlive.com%2Fwidgets%2FPlayer%3Fquality%3D240p%26autoplay%3Dall%26tag%3Dgirls%2Fchinese%26campaignId%3Dside_player HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://creative.myavlive.com/
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:21 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: https://creative.myavlive.com
access-control-allow-credentials: true
last-modified: Mon, 04 Dec 2023 05:26:44 GMT
cf-cache-status: HIT
age: 73
server: cloudflare
cf-ray: 8301af819d7a56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.33200 OK 86 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.33:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: f3dd4d632e09f3fc0afb73ab8aaa87de
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Mon, 04 Dec 2023 05:35:21 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rmvak3EmDaIa8heuJqKPL8apa32jDW4XAC%2FbnPPxjUpFOSaAmgY6LGcBpv0D3q%2BzEdP%2FX49POado9RLOcnVIPW9myYtnRFDca%2FJy8l5EuEJULR59x9a%2BlIzKOT7kHHUozARZrUI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af876ecf376e-HEL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_1330_CUYAfhWoA3DZNmsT_1701668114.mp4
104.18.63.134200 OK 161 kB URL GET HTTP/2 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p_1330_CUYAfhWoA3DZNmsT_1701668114.mp4
IP 104.18.63.134:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
Size 161 kB (161068 bytes)
Hash fc1c56344dd7550e28908e0372872ed1
146f535911b8c052131e0e55292240efa1546478
e489a697f8330987576ecacba1ae88532a64c490c0d9f09872f11abd4c244680
GET /hls/103721484/103721484_240p_1330_CUYAfhWoA3DZNmsT_1701668114.mp4 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: video/mp4
content-length: 161068
last-modified: Mon, 04 Dec 2023 05:35:16 GMT
etag: "656d6514-2752c"
cache-control: public, max-age=60, s-maxage=60
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 5
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af90bc5756cc-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
142.250.74.106200 OK 6.8 kB URL GET HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP 142.250.74.106:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 04 Dec 2023 05:35:25 GMT
date: Mon, 04 Dec 2023 05:35:25 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
104.18.63.130200 OK 811 B URL GET HTTP/3 creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
IP 104.18.63.130:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (872), with no line terminators
Hash c72e056cd01671e0e53e1be37e5b29ec
44d2211f84a922401458d095aa595a3320040c96
5609d268dd4d7959a25a6a7f3c8ec2c1c4f93f54819a1623dfc4bc46bb0084e0
GET /widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 30 Nov 2023 11:57:19 GMT
expires: Mon, 04 Dec 2023 05:35:33 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }, { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8301af88eb5056a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.122200 OK 734 B URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash 06c5876fff1762d8a3c3ac99a25ce806
3b39a5acee2e2f2fedc8f0c42716061bd7959792
e47ac077cecb8677f480994bd7404463806d69c16c1397e430442ade44ab580c
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:31 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:30 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8301afc0a85e56c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video.m3u8
104.21.70.145200 OK 68 kB URL GET HTTP/2 psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video.m3u8
IP 104.21.70.145:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpsjeufks.com
FingerprintB1:A3:6A:41:3F:49:63:19:F3:A7:90:F4:B8:90:B9:A6:D6:5E:13:81
ValidityTue, 28 Nov 2023 19:03:38 GMT - Mon, 26 Feb 2024 19:03:37 GMT
Hash 6a363f246b4682ee6c99bc9f3b2ee94f
19f6faa4371c8fc112b55bf55d8dc2cea2900ae4
507e814824e5c7734558cf3f6754d2f72739752dc5fe9d07ac916ea05420c78e
GET /f0b24f12-1465-4542-b0d6-db3097e20b45/1280x720/video.m3u8 HTTP/1.1
Host: psjeufks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://missav.com
etag: W/"6a363f246b4682ee6c99bc9f3b2ee94f"
last-modified: Fri, 01 Dec 2023 15:12:10 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0afz8OWAZ63wrZ4IahZILp7m1WaUmJ1m3hoSFDnoZAHn2BTdOXV7DkmVBJPyo034pV4W0ViJj7xbjzGwpg1wBppteO%2Fmzpcej%2FXSPOq6VhKWYsjqCS2AHjHqp82Nuo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af903fb4b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
creative.myavlive.com/widgets/Player/hls.4cfa5b780bfed20a8b26.js
104.18.63.130200 OK 61 B URL GET HTTP/3 creative.myavlive.com/widgets/Player/hls.4cfa5b780bfed20a8b26.js
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type ASCII text, with no line terminators
Hash 22f22b49cc901aa95826401f7ce0930c
6471abdd35ab6d511b67d73ad1375f1ee0f255de
0fae8b03858a764bad3e9af19bfc924ead5b9e25c760432c19e91cba3dff1cf3
GET /widgets/Player/hls.4cfa5b780bfed20a8b26.js HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; cf_clearance=XqWAXV8aUDgFTRLFlIRonMW4CIBMbwMa2XuKKQZHddY-1701668122-0-1-730ca2d2.73a07051.5b213570-0.2.1701668122
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 30 Nov 2023 11:58:38 GMT
etag: W/"656878ee-3d"
expires: Mon, 04 Dec 2023 05:35:24 GMT
cache-control: max-age=14400
pragma: public
strict-transport-security: max-age=15768000
report-to: { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: HIT
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af8abbff56a4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
104.16.57.101200 OK 20 kB URL GET HTTP/2 static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
IP 104.16.57.101:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint89:79:35:ED:04:A2:CA:50:F7:9A:B8:FE:DF:A5:0C:B1:F2:E6:DD:E8
ValidityMon, 10 Apr 2023 00:00:00 GMT - Tue, 09 Apr 2024 23:59:59 GMT
File type ASCII text, with very long lines (19986), with no line terminators
Hash dd1d068fdb5fe90b6c05a5b3940e088c
0d96f9df8772633a9df4c81cf323a4ef8998ba59
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af77be2156af-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
104.18.63.130200 OK 1.9 kB URL GET HTTP/2 creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
IP 104.18.63.130:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1937), with no line terminators
Hash 0db6e962c720dcfb95df5155d9a6a766
e5e9e66743400200ad48ae59592fa178464168ab
115395d0b0b516b29a5f7b0cc48c9cbb9e1854bfee1480437fb22f9a8359fb49
GET /widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player HTTP/1.1
Host: creative.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:20 GMT
content-type: text/html; charset=utf-8
last-modified: Thu, 30 Nov 2023 11:56:36 GMT
expires: Mon, 04 Dec 2023 05:35:30 GMT
cache-control: max-age=10
strict-transport-security: max-age=15768000
pragma: public
report-to: { "endpoints":[{ "url": "https://go.stripchat.com/report" }], "group": "default", "max_age": 1048576 }, { "url": "https://go.myavlive.com/report", "max_age": 1048576 }
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
set-cookie: __cflb=02DiuGyDLPvii6XBe57uvfNJUFkxLJd5CiNEwpzFn7yT2; SameSite=None; Secure; path=/; expires=Tue, 05-Dec-23 05:35:20 GMT; HttpOnly
server: cloudflare
cf-ray: 8301af7ac847568d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
go.myavlive.com/abc.gif?userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&modelsLimit=4&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=4&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A968%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A509%2C%22duration%22%3A122%2C%22transferSize%22%3A4903%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A511%2C%22duration%22%3A144%2C%22transferSize%22%3A81003%7D%5D&mh=1072667199
104.18.63.130200 OK 0 B URL GET HTTP/3 go.myavlive.com/abc.gif?userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&modelsLimit=4&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=4&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A968%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A509%2C%22duration%22%3A122%2C%22transferSize%22%3A4903%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A511%2C%22duration%22%3A144%2C%22transferSize%22%3A81003%7D%5D&mh=1072667199
IP 104.18.63.130:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerLet's Encrypt
Subjectmyavlive.com
Fingerprint06:60:FE:40:92:25:99:E4:82:3E:F5:A0:EA:99:CD:15:CF:DE:45:C2
ValiditySat, 02 Dec 2023 19:03:39 GMT - Fri, 01 Mar 2024 19:03:38 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /abc.gif?userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&modelsLimit=4&actionButtonPlacement=bottom&thumbSizeKey=big&hideButtonOnSmallSpots=1&hideTitleOnSmallSpots=1&hideModelNameOnSmallSpots=1&buttonColor=%23DC0C2C&liveBadgeColor=%2300bd8f&language=en&thumbFit=cover&quality=original&stripcashR=0&thumbType=default&kbLimit=0&modelsInWatchHistoryCount=-1&modelsInFavoritesCount=-1&userType=newuser&modelsCount=4&segment=hls-newAPI&landing=WidgetV4Universal&referrer=https%3A%2F%2Fmissav.com%2F&i=0&ib=0&filtersMatch=1&m=%5B%7B%22type%22%3A%22navigation%22%2C%22startTime%22%3A0%2C%22duration%22%3A968%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A509%2C%22duration%22%3A122%2C%22transferSize%22%3A4903%7D%2C%7B%22type%22%3A%22resource%22%2C%22startTime%22%3A511%2C%22duration%22%3A144%2C%22transferSize%22%3A81003%7D%5D&mh=1072667199 HTTP/1.1
Host: go.myavlive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Cookie: __cflb=02DiuGyDLPvii6XBe55WcQA8xYvUArStVjtr2D7VU84uA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/gif
content-length: 103
strict-transport-security: max-age=15768000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8301af913fcc56a4-OSL
alt-svc: h3=":443"; ma=86400
cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
172.64.108.10200 OK 444 B URL GET HTTP/2 cdn.creative-bars1.com/sb/ssp/utility/social-media/facebook/js/script.js
IP 172.64.108.10:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (458), with no line terminators
Hash 982ab6e275f01f07609f7a83b9ded288
00cae17857fd26867610c5287a75c107ab8a150f
2f60a6c44dff7939447126884982a613420b55459abf4ddc27144c2d09fe992c
GET /sb/ssp/utility/social-media/facebook/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: application/javascript
last-modified: Sat, 20 Feb 2021 08:47:14 GMT
etag: W/"6030cc92-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2928024
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aSHtwYmgIk3UOQsPZVfiCwmFt9fJpjJCsChTuGL9CKRI6kQzQfioBBIdq%2FcjJYYEZP2gs0Z7DuWC04lWhc8uhAPgECakLXYdUce8ERJjUX5DzAT%2BFP819qDH6iut3h%2FxiuCwJi0U0PQK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af960ad26558-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.122200 OK 734 B URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash 6c586569e73397bfc4fed3e3bc342554
806dde964e6e7be2bfbe9bfccd12820fb32c9921
0000fa34f8cd77e70b63d56bc37b33c9d6197425b21129a109366bc8b41e5a17
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:27 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:26 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8301afa7bbe256c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
104.18.63.122200 OK 734 B URL GET HTTP/3 b-hls-19.doppiocdn.com/hls/103721484/103721484_240p.m3u8
IP 104.18.63.122:443
Requested by https://creative.myavlive.com/widgets/Player?quality=240p&autoplay=all&tag=girls/chinese&campaignId=side_player
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint99:FA:E1:1F:E8:F6:A1:57:63:A7:AA:BD:3E:C1:94:58:E7:83:02:13
ValiditySat, 21 Jan 2023 00:00:00 GMT - Sun, 21 Jan 2024 23:59:59 GMT
File type M3U playlist, ASCII text, with very long lines (752), with no line terminators
Hash b61a5c66c1dd5cf9c40a8b8d1324413e
c715971c0c741b73b48f83baaa151060d5fccbaa
c913408968112e2adacac993aa506b58588ae194d321af586694f1f5460038a1
GET /hls/103721484/103721484_240p.m3u8 HTTP/1.1
Host: b-hls-19.doppiocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://creative.myavlive.com
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:29 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
last-modified: Mon, 04 Dec 2023 05:35:28 GMT
x-proxy-cache: EXPIRED
cache-control: public, max-age=1, s-maxage=1
access-control-allow-origin: *
timing-allow-origin: *
cf-cache-status: HIT
age: 0
server: cloudflare
cf-ray: 8301afb43a3056c1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/playlist.m3u8
104.21.70.145200 OK 248 B URL GET HTTP/2 psjeufks.com/f0b24f12-1465-4542-b0d6-db3097e20b45/playlist.m3u8
IP 104.21.70.145:443
Requested by https://missav.com/dm54/en/prtd-022
Certificate IssuerLet's Encrypt
Subjectpsjeufks.com
FingerprintB1:A3:6A:41:3F:49:63:19:F3:A7:90:F4:B8:90:B9:A6:D6:5E:13:81
ValidityTue, 28 Nov 2023 19:03:38 GMT - Mon, 26 Feb 2024 19:03:37 GMT
File type M3U playlist, ASCII text, with no line terminators
Hash a141aa29fc60a0221f7a465aaa26ac4f
1bd8ab9b58c9deb03dc75ae183f054404fb481c8
991ab16b55af7768ba7197e9b80e5b0046e8608ee4784255513df68461299216
GET /f0b24f12-1465-4542-b0d6-db3097e20b45/playlist.m3u8 HTTP/1.1
Host: psjeufks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://missav.com
DNT: 1
Connection: keep-alive
Referer: https://missav.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:23 GMT
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: https://missav.com
etag: W/"814be56815c0de65bb59f51c7e428dc5"
last-modified: Fri, 01 Dec 2023 18:23:13 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpCCCRqZ%2FdpJD2fVcFA66EPmXiWv1MqPWDBnd8d4yTiGZBauIpMc6lL%2BPYJTARlV5ngCUxmbWqnzTfAgvmjZyPrDwTRROB8aJWQTLcCti9ZT4KAwFLyZ2RaZFn0OvMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8301af87ec67b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
img.strpst.com/thumbs/1701668070/126063126_webp
104.18.63.124200 OK 15 kB URL GET HTTP/3 img.strpst.com/thumbs/1701668070/126063126_webp
IP 104.18.63.124:443
Requested by https://creative.myavlive.com/widgets/v4/Universal?thumbsMargin=20&gridRows=1&gridColumns=4&responsive=0&hideButton=1&hideTitle=1&userId=050103608cf9b4d04684e5804b8637ff881d466e3ceaf77c1cc78be33cb1f3fe&campaignId=under_player&tag=girls/chinese
Certificate IssuerCloudflare, Inc.
Subjectimg.strpst.com
FingerprintED:62:74:FE:E4:F5:89:43:B3:49:55:FE:18:19:0D:29:24:96:75:BC
ValidityMon, 03 Apr 2023 00:00:00 GMT - Tue, 02 Apr 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x360, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f5f1e72c3edec8e18808d80342396370
ca3f617a7c44908f0332e1930ff5295a5f885f4f
9992be4146c5be4b09acdcce11b1b8ad4c73aa533aa6acfc8126e089824a5c11
GET /thumbs/1701668070/126063126_webp HTTP/1.1
Host: img.strpst.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://creative.myavlive.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 04 Dec 2023 05:35:24 GMT
content-type: image/webp
content-length: 14652
etag: "f5f1e72c3edec8e18808d80342396370"
last-modified: Mon, 04 Dec 2023 05:33:28 GMT
cache-control: public, max-age=1800, s-maxage=1800
access-control-allow-origin: *
access-control-allow-methods: GET
cf-cache-status: HIT
age: 22
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8301af913c6856b7-OSL
alt-svc: h3=":443"; ma=86400
static.javhdhello.com/h5/files/css/style.css
185.76.9.14200 OK 2.0 kB URL GET HTTP/2 static.javhdhello.com/h5/files/css/style.css
IP 185.76.9.14:443
ASN #60068 Datacamp Limited
Requested by https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Certificate IssuerLet's Encrypt
Subject1079288232.rsc.cdn77.org
FingerprintCA:61:0A:35:4F:C7:B1:E1:31:B5:5E:F5:C5:D9:FA:D7:9D:0B:51:63
ValiditySat, 30 Sep 2023 02:57:06 GMT - Fri, 29 Dec 2023 02:57:05 GMT
File type ASCII text, with very long lines (2098), with no line terminators
Hash 17e0f04a6abd6363cebb6b78ace070ca
f5913c8083b7bb7d31a03722a2504f55530f9959
4ff86eaa04fe436210b5190d598eb3e4122d2962ada68abadb7ec554a5f1862e
GET /h5/files/css/style.css HTTP/1.1
Host: static.javhdhello.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.javhdhello.com/h5/files/17100/300x250.html?targetUrl=http%3A%2F%2Fr.trackwilltrk.com%2Fc1%2F37dc9e56-0f26-4b1c-a064-ccc24386ecfa%3Fcost%3D0.000012999999%26cv1%3D1998829%26cv2%3D2658183%26externalId%3D23120400350cd64b5f16aa4667a072e0a3e0%26p%3DeyJiIjoyODAyMTAsImJoIjoyNTAsImJ3IjozMDAsImYiOjEsIm8iOjIsInAiOjEsInMiOjMwNDgyfQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 05:35:25 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 25 May 2016 08:29:12 GMT
etag: W/"57456258-7bd"
expires: Tue, 23 May 2023 11:04:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: EQwBuUwJDQH3TccAAQ
x-77-nzt-ray: c0a4cc28aa1068391d656d6520348830
x-accel-expires: @1716375888
x-accel-date: 1684839888
x-cache-lb: HIT
x-age-lb: 16828237
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 16828237
content-encoding: gzip
X-Firefox-Spdy: h2