| static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 |  104.16.80.73 | 200 OK | 20 kB |
URL GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP104.16.80.73:443
Requested byhttps://91porn.work/anyalytics?v=_9a7b82db3a3 CertificateIssuerGoogle Trust Services Subjectcloudflareinsights.com FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18 ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT
File typeJavaScript source, ASCII text, with very long lines (19948), with no line terminators Hashec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92bc40c388a6b4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/91porn/css/web.91porn.css?7a3378b90ccf3d6 | 104.21.80.1 | 200 OK | 753 kB |
URL GET laixiaol.xyz/91porn/css/web.91porn.css?7a3378b90ccf3d6 IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint65:42:5B:61:45:D3:D7:DD:D8:B3:23:B6:40:4E:17:31:EA:8C:D0:68 ValidityWed, 19 Feb 2025 13:00:47 GMT - Tue, 20 May 2025 13:59:44 GMT
Size753 kB (753083 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /91porn/css/web.91porn.css?7a3378b90ccf3d6 HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 04 Apr 2025 03:21:27 GMT
vary: Accept-Encoding
etag: "67ef5037-b7dbb"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=2073600
cf-cache-status: HIT
cf-ray: 92bc40afcda9b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| timg210.top/videos/8e05d6ac6d7f876533d4e57aceb20e10/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 28 kB |
URL GET timg210.top/videos/8e05d6ac6d7f876533d4e57aceb20e10/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash66abab58df191db8e737dbbdf428f4e1 c41d0ba4b3d0bb64d50ece64117b73aeaf566538 a3b88394b1ba754849edcfd1c3b089f05a4d8c6894c6b075981d8e970c14aa38
GET /videos/8e05d6ac6d7f876533d4e57aceb20e10/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 27668
last-modified: Tue, 04 Mar 2025 09:50:49 GMT
etag: "67c6ccf9-6c14"
expires: Thu, 24 Apr 2025 15:47:52 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 14618
accept-ranges: bytes
vary: Accept-Encoding
x-referer: no
server: cloudflare
cf-ray: 92bc40c40f7356b9-OSL
X-Firefox-Spdy: h2
|
|
| timg210.top/videos/ef5eda43c0acdbac9233e067e669d3274de64329/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 34 kB |
URL GET timg210.top/videos/ef5eda43c0acdbac9233e067e669d3274de64329/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash731e87551715e65b019e15659f8935e2 a7a18453f19e679fc99f65aeaee4623bb28f892c ff314ee77c47d519775701bc6ac1389162b617de947e774272a90cb6edb8f663
GET /videos/ef5eda43c0acdbac9233e067e669d3274de64329/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 33742
last-modified: Wed, 05 Mar 2025 05:31:52 GMT
etag: "67c7e1c8-83ce"
expires: Thu, 24 Apr 2025 15:47:57 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 156234
accept-ranges: bytes
vary: Accept-Encoding
x-referer: no
server: cloudflare
cf-ray: 92bc40c3ff4556b9-OSL
X-Firefox-Spdy: h2
|
|
| timg210.top/videos/165e23fb236876074f52807508ee9898824d33078d581e891a594c2dff859de5/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 57 kB |
URL GET timg210.top/videos/165e23fb236876074f52807508ee9898824d33078d581e891a594c2dff859de5/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash25c7dd27a895a4850630f9cc2c305053 df97bbf444ed2abb098e1ca52314b6a7df288918 c7d61893252edcefa26cbf9133b4d47f3f120c02d8d10fa1a4fca9d381c96b63
GET /videos/165e23fb236876074f52807508ee9898824d33078d581e891a594c2dff859de5/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 57408
t-cache: MISS
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
e2-id: 23a507
etag: "25c7dd27a895a4850630f9cc2c305053"
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 28 Mar 2025 00:49:18 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 14618
accept-ranges: bytes
x-referer: no
server: cloudflare
cf-ray: 92bc40c40f7056b9-OSL
X-Firefox-Spdy: h2
|
|
| | 172.67.161.49 | 301 Moved Permanently | 86 kB |
IP172.67.161.49:443
CertificateIssuerGoogle Trust Services Subject91p1225.cc Fingerprint79:A8:B0:3C:10:79:DE:89:03:40:2F:DC:EE:C3:53:84:87:14:17:8D ValidityWed, 26 Feb 2025 16:02:42 GMT - Tue, 27 May 2025 17:00:15 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 91p1225.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Sat, 05 Apr 2025 21:48:57 GMT
location: https://91porn.work/
server: cloudflare
cf-ray: 92bc40a8eec20b4d-OSL
X-Firefox-Spdy: h2
|
|
| 91porn.work/anyalytics?v=_9a7b82db3a3 | 188.114.96.1 | 200 OK | 1.3 kB |
URL GET 91porn.work/anyalytics?v=_9a7b82db3a3 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typeHTML document, ASCII text, with very long lines (1308), with no line terminators Hashf15a5d5496f7add2a0abed8a2501ede8 5e1cd07d59e16fccf2ade5b9c1d89635a5abf563 364b67375d42f52202b6a677bb66e3826da739798aaef73e0b5e4ac2e899b1e6
GET /anyalytics?v=_9a7b82db3a3 HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
DNT: 1
Connection: keep-alive
Cookie: tguest=guest06149565a1caa67ccd417c2e6ac5ff0fc0d4e937
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:00 GMT
content-type: text/html
content-encoding: br
cf-ray: 92bc40bd89881c06-OSL
vary: Accept-Encoding
f: opr
last-modified: Sat, 05 Apr 2025 07:12:42 GMT
cache-control: max-age=31536000
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=63gSs0fuDh1cSULl6TT2QQX16Bh0I7jySK3As8UJGxBt1QdAkwkg7yGGVxGp4rSbfM1MnBQDJExqXtCs8AteRL4JXTt%2BXh6xDHimdxupvZu5PnB%2BFau8Tn4oTCAz8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=QUIC&rtt=7176&min_rtt=1513&rtt_var=6615&sent=54&recv=17&lost=0&retrans=0&sent_bytes=45454&recv_bytes=2424&delivery_rate=1477&cwnd=48000&unsent_bytes=0&cid=266bf018c857f8d3&ts=3128&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| y.gtimg.cn/music/photo_new/T053M0000001YHYo361axS.gif |  95.101.10.34 | 200 OK | 431 kB |
URL GET y.gtimg.cn/music/photo_new/T053M0000001YHYo361axS.gif IP95.101.10.34:443 ASN#20940 Akamai International B.V.
CertificateIssuerDigiCert Inc Subjectwetv.acc.qq.com Fingerprint63:66:F6:13:09:B0:E7:FC:86:1C:D7:0F:6E:E2:20:35:3B:DF:A8:5A ValiditySun, 01 Sep 2024 00:00:00 GMT - Wed, 03 Sep 2025 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Size431 kB (430794 bytes) Hash24b27eca7fa7d19f0da2e148098b6ec8 2394bede7e79fc6efb1c418241bf6d094fd358b5 00fc19f43a097a594d8847ce755b83628a565ac12d17e7db894a832607ee1362
GET /music/photo_new/T053M0000001YHYo361axS.gif HTTP/1.1
Host: y.gtimg.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/webp
content-length: 430794
server: tws
last-modified: Sat, 29 Mar 2025 17:23:07 GMT
x-delay: 7457 us
x-info: real data
x-bcheck: 0_1
x-cpt: filename=0
user-returncode: 0
x-datasrc: 1
x-reqgue: 0
size: 430794
chid: 0
fid: 0
cache-control: max-age=1946134
date: Sat, 05 Apr 2025 21:49:01 GMT
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/static/css/themes/default/assets/fonts/icons.woff2?aw11 | 104.21.80.1 | 200 OK | 40 kB |
URL GET laixiaol.xyz/static/css/themes/default/assets/fonts/icons.woff2?aw11 IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint94:05:54:C0:7F:CE:CE:C5:5B:BA:B5:97:A2:2C:CD:DA:D5:74:8D:44 ValidityWed, 19 Feb 2025 13:00:55 GMT - Tue, 20 May 2025 14:00:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 40148, version 1.0 Hash0ab54153eeeca0ce03978cc463b257f7 6ec6d36cb2464b4e821cfabb532f310bd342601c 434466b59545a8a1cac6ddb38197cdc6b35995a98c3f3812fb88d61b1c300dd3
GET /static/css/themes/default/assets/fonts/icons.woff2?aw11 HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Referer: https://laixiaol.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:00 GMT
content-type: font/woff2
content-length: 40148
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJLJaxuqjVhwdg4nx8%2F%2BAWnAdZsOS3GJ54kLYdPrUfOLWWpcxhB4sU2uCpc8Fcn6FDfuzIMP%2BS8HM0Si62cNDXgWgJ27%2FT5sA9RCAzS6uMLu8X%2FBsXuIz%2Fp%2B6ORJgps%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 24 Feb 2025 05:07:17 GMT
etag: "67bbfe85-9cd4"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=2073600, stale-if-error=7200
cf-cache-status: HIT
accept-ranges: bytes
cf-ray: 92bc40bb3c480b45-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19429&min_rtt=8637&rtt_var=10947&sent=12&recv=8&lost=0&retrans=0&sent_bytes=3767&recv_bytes=1610&delivery_rate=68073&cwnd=12000&unsent_bytes=0&cid=636a6d51152344f0&ts=569&x=16"
|
|
| timg210.top/videos/3ded233040fdd8360cabfd1a48320cadda0282f072771e701bed5ac4cd013578/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 41 kB |
URL GET timg210.top/videos/3ded233040fdd8360cabfd1a48320cadda0282f072771e701bed5ac4cd013578/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash1c02da35b9eedd0aaf81976f07d0dc19 c194a8217322d895856aa85f3510fe3de03d92e9 ab6e2210875cb5cff2ad3ac6d53767bc48400402651c88247836a5da8c20bc04
GET /videos/3ded233040fdd8360cabfd1a48320cadda0282f072771e701bed5ac4cd013578/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 41264
t-cache: MISS
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
e2-id: 245333
x-xss-protection: 1; mode=block
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
etag: "1c02da35b9eedd0aaf81976f07d0dc19"
last-modified: Fri, 28 Mar 2025 03:38:22 GMT
cf-cache-status: HIT
age: 655517
accept-ranges: bytes
x-referer: no
server: cloudflare
cf-ray: 92bc40c45ff456b9-OSL
X-Firefox-Spdy: h2
|
|
| gif1.hstq99.com/am1991-960x80.gif |  123.6.18.40 | 200 OK | 325 kB |
URL GET gif1.hstq99.com/am1991-960x80.gif IP123.6.18.40:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerUnizeto Technologies S.A. Subjectgif1.hstq99.com Fingerprint42:9F:CC:28:9F:FE:E1:9C:9F:39:D9:D9:11:C7:F6:15:AD:0E:CA:91 ValidityWed, 02 Apr 2025 11:35:25 GMT - Sat, 02 May 2026 11:35:24 GMT
File typeGIF image data, version 89a, 960 x 80 Size325 kB (324884 bytes) Hash76c92abac3549e5c0d2617877777fc85 5c24dec769a78278fcde3b783567af3ee0c6dbe8 86644637eae7c8932e3738c56f14aeff3c23f7f864a64e32fbea8ce936f6be8e
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /am1991-960x80.gif HTTP/1.1
Host: gif1.hstq99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 05 Apr 2025 21:49:05 GMT
content-type: image/gif
content-length: 324884
x-oss-request-id: 67EE48255A789D8B36BF167D
etag: "76C92ABAC3549E5C0D2617877777FC85"
last-modified: Sun, 23 Mar 2025 06:33:37 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 1133992588214598428
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
content-disposition: attachment
x-oss-force-download: true
content-md5: dskqusNUnlwNJheHd3f8hQ==
x-oss-server-time: 3
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif |  47.254.186.254 | 301 Moved Permanently | 386 kB |
URL GET xpj46-xz.oss-accelerate.aliyuncs.com/xpj.gif IP47.254.186.254:443 ASN#45102 Alibaba US Technology Co., Ltd.
CertificateIssuerGlobalSign nv-sa Subject*.oss-eu-central-1.aliyuncs.com FingerprintB3:BB:12:E7:D4:6D:F1:5A:23:12:6C:19:FB:2A:F7:79:1A:67:C7:FA ValidityThu, 02 Jan 2025 06:31:08 GMT - Tue, 03 Feb 2026 06:31:07 GMT
Size386 kB (385649 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xpj.gif HTTP/1.1
Host: xpj46-xz.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: AliyunOSS
Date: Sat, 05 Apr 2025 21:49:02 GMT
Content-Length: 0
Connection: keep-alive
x-oss-request-id: 67F1A54EE5E9637100F51597
Location: https://xx4848.3us9fc.com/1372.gif
|
|
| static.wixstatic.com/media/432808_36cfc63b7132438ca3de1d6888663d09~mv2.gif |  143.204.55.40 | 200 OK | 1.7 MB |
URL GET static.wixstatic.com/media/432808_36cfc63b7132438ca3de1d6888663d09~mv2.gif IP143.204.55.40:443
CertificateIssuerLet's Encrypt Subject*.wixstatic.com Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT
File typeGIF image data, version 89a, 600 x 360 Size1.7 MB (1728881 bytes) Hash35586aa5180924fda2b2773d841b53c3 137ae901e2f1c9b8d29db5480dd604a7a4d771ba d55a66fa9ae3bd1f1976bde3be6036d96890c6d8be1e514fca93f5862f477f3e
GET /media/432808_36cfc63b7132438ca3de1d6888663d09~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 1728881
server: openresty/1.27.1.1
date: Wed, 22 Jan 2025 17:00:32 GMT
expires: Wed, 22 Jan 2025 18:00:32 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Wed, 22 Jan 2025 16:36:35 GMT
etag: "35586aa5180924fda2b2773d841b53c3"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-d4w9h
via: 1.1 google, 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ZkpbjAMAbxRrq83dvEtJkDc9nTBh0LzHLQaKb4MGFaBtv5GmEgaViw==
age: 6324509
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/91porn/css/b.css?84f7268a563c221126b6c698966f0 | 104.21.80.1 | 200 OK | 144 kB |
URL GET laixiaol.xyz/91porn/css/b.css?84f7268a563c221126b6c698966f0 IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint65:42:5B:61:45:D3:D7:DD:D8:B3:23:B6:40:4E:17:31:EA:8C:D0:68 ValidityWed, 19 Feb 2025 13:00:47 GMT - Tue, 20 May 2025 13:59:44 GMT
File typeASCII text, with very long lines (65536), with no line terminators Size144 kB (144106 bytes) Hash984f7268a563c221126b6c698966f044 6e905ac42fdd8dbf46ee0ffe0ff6dc7c43a35b78 3619600ffceb74d86b18b31d3f5249ae70e10e00aeba9535fc38a6957d199644
GET /91porn/css/b.css?84f7268a563c221126b6c698966f0 HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 04 Apr 2025 03:21:27 GMT
vary: Accept-Encoding
etag: "67ef5037-232ea"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=2073600
cf-cache-status: HIT
cf-ray: 92bc40afad7ab4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 91porn.work/static/images/placeholder.png?v=1 | 188.114.96.1 | 200 OK | 1.1 kB |
URL GET 91porn.work/static/images/placeholder.png?v=1 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typePNG image data, 505 x 259, 8-bit/color RGBA, non-interlaced Hash1f5665f8bdc8aed6cf6f2aa10e48ac18 e44c3c49bd2f14eaadef5b3775fc3f5da039288e 9a66cac0788d315c4909b62c9290287c0ff9db72ea53bed8754661ca423c2014
GET /static/images/placeholder.png?v=1 HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: image/png
last-modified: Thu, 03 Apr 2025 02:48:57 GMT
vary: Accept-Encoding
etag: W/"67edf719-466"
expires: Mon, 05 May 2025 06:39:50 GMT
cache-control: max-age=31536000
content-encoding: gzip
age: 54547
cf-cache-status: HIT
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EEb3YPdQcP1h%2Fpe0GK3pPjVqExai%2BqBVgpBRfx6vyxv820GIz737zQ0Kn1yyPnD%2FiV%2FFs7QsLjxuzKDtQUvxTayMEIHyTa%2BWVbk31roGe4YxPOhcK87Dizy%2F8jL5ow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92bc40ae7b2c1c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6371&min_rtt=3614&rtt_var=3324&sent=15&recv=11&lost=0&retrans=0&sent_bytes=4226&recv_bytes=1599&delivery_rate=164358&cwnd=12000&unsent_bytes=0&cid=266bf018c857f8d3&ts=690&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 | 104.16.80.73 | 200 OK | 20 kB |
URL GET static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP104.16.80.73:443
CertificateIssuerGoogle Trust Services Subjectcloudflareinsights.com FingerprintAD:90:D1:30:C9:77:BF:DE:1F:AB:8C:0D:6E:67:CB:6A:E8:42:DB:18 ValidityThu, 27 Feb 2025 14:42:34 GMT - Wed, 28 May 2025 15:42:17 GMT
File typeJavaScript source, ASCII text, with very long lines (19948), with no line terminators Hashec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 92bc40aefe1eb4ff-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ky2025.tu5858417496.cc:8686/8888/xm/508/80.gif |  185.200.64.156 | 200 OK | 322 kB |
URL GET ky2025.tu5858417496.cc:8686/8888/xm/508/80.gif IP185.200.64.156:8686 ASN#3258 xTom Japan Co., Ltd.
CertificateIssuerLet's Encrypt Subjectky2025.tu5858417496.cc Fingerprint8E:00:14:22:1B:9B:81:FE:73:D0:66:83:C5:00:93:8B:D0:8D:E9:3C ValidityTue, 18 Mar 2025 11:37:45 GMT - Mon, 16 Jun 2025 11:37:44 GMT
File typeGIF image data, version 89a, 960 x 80 Size322 kB (321991 bytes) Hash8eb97ba562904f64f2af2389f0d3eda9 d484a2e519bf260b9eb53cfa5605220cd47879f2 e1d1188c5ea2f2e00d0bb7212087e87ab63c898e2795c95bd1ca8ee0d09725fc
GET /8888/xm/508/80.gif HTTP/1.1
Host: ky2025.tu5858417496.cc:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Sat, 05 Apr 2025 20:01:00 GMT
etag: "66b3688a-4e9c7"
expires: Mon, 05 May 2025 20:01:00 GMT
last-modified: Sat, 05 Apr 2025 20:01:09 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 321991
X-Firefox-Spdy: h2
|
|
| static.wixstatic.com/media/432808_40861266e22e4489b3ba6fe33ff1835a~mv2.gif | 143.204.55.40 | 200 OK | 498 kB |
URL GET static.wixstatic.com/media/432808_40861266e22e4489b3ba6fe33ff1835a~mv2.gif IP143.204.55.40:443
CertificateIssuerLet's Encrypt Subject*.wixstatic.com Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT
File typeGIF image data, version 89a, 960 x 80 Size498 kB (498155 bytes) Hash279d9f53d66404a42fc4e56745c2137e 8830058ed1ea487282bb2886f34728fea1bed836 45b33337c7f3833a47eff9b3462368b6f17b52eabb6a1d9d4c75c147056cef5d
GET /media/432808_40861266e22e4489b3ba6fe33ff1835a~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 498155
server: openresty/1.27.1.1
date: Wed, 22 Jan 2025 13:32:05 GMT
expires: Wed, 22 Jan 2025 14:32:05 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Wed, 22 Jan 2025 13:29:41 GMT
etag: "279d9f53d66404a42fc4e56745c2137e"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-26hc4
via: 1.1 google, 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: spMKT5F20LuC6o-SpesefuElFnguixWsdUB54fwI_dacgN60oj-aTw==
age: 6337016
X-Firefox-Spdy: h2
|
|
| pg2025.tu9215594236.cc:8686/8888/pg1101/80.gif | 185.200.64.156 | 200 OK | 430 kB |
URL GET pg2025.tu9215594236.cc:8686/8888/pg1101/80.gif IP185.200.64.156:8686 ASN#3258 xTom Japan Co., Ltd.
CertificateIssuerLet's Encrypt Subjectpg2025.tu9215594236.cc FingerprintAE:4C:51:C6:0C:D1:0D:5F:D1:E1:74:AF:EE:0D:CF:BE:6C:82:E3:FE ValidityTue, 18 Mar 2025 11:37:49 GMT - Mon, 16 Jun 2025 11:37:48 GMT
File typeGIF image data, version 89a, 960 x 80 Size430 kB (430454 bytes) Hash98bf6761ee5a2e4481c4161aedc56280 37861640b8fed49f9fc0a36cfb27cb5d359aff35 d6dbf6147a833fecad7fa88d482e94bf68ba0e2b94cf9c57335ac9d24420575d
GET /8888/pg1101/80.gif HTTP/1.1
Host: pg2025.tu9215594236.cc:8686
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
cache-control: max-age=2592000
content-type: image/gif
date: Sat, 05 Apr 2025 20:06:47 GMT
etag: "67ee6006-69176"
expires: Mon, 05 May 2025 20:06:47 GMT
last-modified: Sat, 05 Apr 2025 20:06:56 GMT
server: nginx
x-cache: HIT, policy, disk
content-length: 430454
X-Firefox-Spdy: h2
|
|
| 5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif | 47.254.187.165 | 301 Moved Permanently | 324 kB |
URL GET 5845-xxpp.oss-accelerate.aliyuncs.com/5845.gif IP47.254.187.165:443 ASN#45102 Alibaba US Technology Co., Ltd.
CertificateIssuerGlobalSign nv-sa Subject*.oss-eu-central-1.aliyuncs.com FingerprintB3:BB:12:E7:D4:6D:F1:5A:23:12:6C:19:FB:2A:F7:79:1A:67:C7:FA ValidityThu, 02 Jan 2025 06:31:08 GMT - Tue, 03 Feb 2026 06:31:07 GMT
Size324 kB (324299 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /5845.gif HTTP/1.1
Host: 5845-xxpp.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: AliyunOSS
Date: Sat, 05 Apr 2025 21:49:02 GMT
Content-Length: 0
Connection: keep-alive
x-oss-request-id: 67F1A54E156760E438F03B55
Location: https://xx4848.jjcclt.com/5845.gif
|
|
| cc999img.dqsldz.com/i/2025/01/31/2.gif | 180.163.146.91 | 200 OK | 79 kB |
URL GET cc999img.dqsldz.com/i/2025/01/31/2.gif IP180.163.146.91:443 ASN#4812 China Telecom Group
CertificateIssuerTrustAsia Technologies, Inc. Subjectcc999img.dqsldz.com FingerprintCA:F5:F3:1D:0E:B1:9E:33:B4:C2:D7:29:44:79:45:BC:C5:30:B3:04 ValidityThu, 20 Mar 2025 00:00:00 GMT - Tue, 17 Jun 2025 23:59:59 GMT
File typeGIF image data, version 89a, 960 x 80 Hash71b96ce643f9b0aebc2e67258f353428 20431d9d96ff113119c493ee0d44cd6c7681211a 6cc77a69aafcb032b5b4bc55a109bdad2bab06ab375ca5f611f29feebe7c0954
GET /i/2025/01/31/2.gif HTTP/1.1
Host: cc999img.dqsldz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 79345
strict-transport-security: max-age=5184000
date: Thu, 20 Mar 2025 13:26:09 GMT
last-modified: Fri, 31 Jan 2025 13:36:18 GMT
vary: Accept-Encoding
etag: "679cd1d2-135f1"
expires: Sat, 19 Apr 2025 13:26:09 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache57.l2cn7831[0,0,200-0,H], cache7.l2cn7831[1,0], kunlun10.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
age: 1412574
ali-swift-global-savetime: 1742477169
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 20 Mar 2025 13:27:16 GMT
x-swift-cachetime: 2591933
timing-allow-origin: *
eagleid: b4a3921517438897431998818e
X-Firefox-Spdy: h2
|
|
| gif.zhidi66.com/388-960x80.gif | 154.82.90.61 | 302 Found | 283 kB |
URL GET gif.zhidi66.com/388-960x80.gif IP154.82.90.61:443
CertificateIssuerUnizeto Technologies S.A. Subjectgif.zhidi66.com Fingerprint9C:B5:97:BC:19:88:96:53:FF:B1:C4:D2:98:3D:26:57:B8:71:53:D3 ValiditySun, 23 Mar 2025 06:58:52 GMT - Wed, 22 Apr 2026 06:58:51 GMT
Size283 kB (282970 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /388-960x80.gif HTTP/1.1
Host: gif.zhidi66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: NgxFence
date: Sat, 05 Apr 2025 21:49:03 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://gif1.hstq99.com/388-960x80.gif
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
|
|
| 91porn.work/static/favicon.ico?aaff | 188.114.96.1 | 200 OK | 23 kB |
URL GET 91porn.work/static/favicon.ico?aaff IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typeMS Windows icon resource - 5 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel Hash35f1e14e50d974238de71ef760ce8654 fbe80a732d47b692f08ebeb251b61c367846064e c76cbe87f501f4d935e90e4df2869e9070bb6e9c447909a63b5ff53860670b2d
GET /static/favicon.ico?aaff HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
DNT: 1
Connection: keep-alive
Cookie: tguest=guest06149565a1caa67ccd417c2e6ac5ff0fc0d4e937
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:06 GMT
content-type: image/x-icon
last-modified: Thu, 03 Apr 2025 02:48:57 GMT
etag: W/"67edf719-5939"
expires: Mon, 05 May 2025 06:40:56 GMT
cache-control: max-age=31536000
age: 54488
cf-cache-status: HIT
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kNHkhCUZSNge4HGFKr2KkGvGYHFUePe4hAFTI6TmNwnJGBRXx8c1l%2ByUTqoHNfY541wkW2zFr6NCBtES20xbR4N5cTiwtzqo%2FZ4wR69B1DYczGq%2FfxNnr7g8vB7wbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92bc40e0792c1c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8034&min_rtt=1513&rtt_var=5346&sent=59&recv=22&lost=0&retrans=0&sent_bytes=47178&recv_bytes=4575&delivery_rate=4401&cwnd=48000&unsent_bytes=0&cid=266bf018c857f8d3&ts=8687&x=1", cfExtPri, cfHdrFlush;dur=0
|
|
| timg210.top/videos/17da87752fc6408c068313e17dfc836dd3fe66f1/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 23 kB |
URL GET timg210.top/videos/17da87752fc6408c068313e17dfc836dd3fe66f1/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash001a43290c37050d39cbcca4febb6191 5e740cb8c83605ce729a4390ed1dfa87246d0bfa ba08e4ebea504b3e849a45073dd362d682297e7b1059f8068c1a4b47c4c4368c
GET /videos/17da87752fc6408c068313e17dfc836dd3fe66f1/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 22714
last-modified: Tue, 04 Mar 2025 10:06:57 GMT
etag: "67c6d0c1-58ba"
expires: Thu, 24 Apr 2025 15:44:33 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 961317
accept-ranges: bytes
vary: Accept-Encoding
x-referer: no
server: cloudflare
cf-ray: 92bc40c3ff4956b9-OSL
X-Firefox-Spdy: h2
|
|
| attg121-2069990678.ap-northeast-2.elb.amazonaws.com/?shareName=7681x1 | 0.0.0.0 | | 0 B |
URL GET attg121-2069990678.ap-northeast-2.elb.amazonaws.com/?shareName=7681x1 IP0.0.0.0:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?shareName=7681x1 HTTP/1.1
Host: attg121-2069990678.ap-northeast-2.elb.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| timg210.top/videos/1b5f875b5b41a972105fa68ed4244f02a3444749/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 31 kB |
URL GET timg210.top/videos/1b5f875b5b41a972105fa68ed4244f02a3444749/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hashc87696c3a7eb0ac750b159cc574df4cf aa9740aaa28f10327fa5309d69ad32e6c6fd92d8 e248286aa910c016b0ecf02f9b9d09a976c5f671731cfb059bc0eceb8d5758ea
GET /videos/1b5f875b5b41a972105fa68ed4244f02a3444749/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 30920
last-modified: Wed, 05 Mar 2025 06:26:59 GMT
etag: "67c7eeb3-78c8"
expires: Thu, 24 Apr 2025 15:47:52 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 961317
accept-ranges: bytes
vary: Accept-Encoding
x-referer: no
server: cloudflare
cf-ray: 92bc40c40f7b56b9-OSL
X-Firefox-Spdy: h2
|
|
| zz.bdstatic.com/linksubmit/push.js | 157.255.63.48 | 200 OK | 308 B |
URL GET zz.bdstatic.com/linksubmit/push.js IP157.255.63.48:443 ASN#136958 China Unicom Guangdong IP network
CertificateIssuerGlobalSign nv-sa Subjectbaidu.com FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0 ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
File typeASCII text, with very long lines (322), with no line terminators Hasha498658e3623a4285649fd750e8e7f17 03f671b76709d9ecadce4a82348c852b6a1d5149 399125132825b666ee5d39bf0849d027d2ca21783be029cb001673f86579dd8a
GET /linksubmit/push.js HTTP/1.1
Host: zz.bdstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: JSP3/2.0.14
date: Sat, 05 Apr 2025 21:49:04 GMT
content-type: application/x-javascript
last-modified: Wed, 12 Feb 2025 00:44:26 GMT
etag: "67abeeea-134"
cache-control: max-age=86400
content-encoding: br
age: 67771
accept-ranges: bytes
tracecode: 35681325050184983306040510
ohc-global-saved-time: Sat, 05 Apr 2025 02:59:28 GMT
ohc-cache-hit: gz5un69 [2], zhuzuncache60 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2
|
|
| 91porn.work/cdn-cgi/rum? | 188.114.96.1 | 404 Not Found | 151 B |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typeHTML document, ASCII text, with no line terminators Hashf881a8d5c091a058c57c9a0a39c25273 a0278a1d1cac199fa7e5d1678c61b5e74197a061 214074544b89b4b0bb7b0ff09d7ff12a8c129fc6579a65101ca8780aca0f5d32
POST /cdn-cgi/rum? HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
content-type: application/json
Content-Length: 1302
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Cookie: tguest=guest06149565a1caa67ccd417c2e6ac5ff0fc0d4e937
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Sat, 05 Apr 2025 21:49:07 GMT
priority: u=3,i=?0
server: cloudflare
cf-ray: 92bc40ea19071c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| cc999img.dqsldz.com/i/2025/01/31/1.gif | 180.163.146.91 | 200 OK | 85 kB |
URL GET cc999img.dqsldz.com/i/2025/01/31/1.gif IP180.163.146.91:443 ASN#4812 China Telecom Group
CertificateIssuerTrustAsia Technologies, Inc. Subjectcc999img.dqsldz.com FingerprintCA:F5:F3:1D:0E:B1:9E:33:B4:C2:D7:29:44:79:45:BC:C5:30:B3:04 ValidityThu, 20 Mar 2025 00:00:00 GMT - Tue, 17 Jun 2025 23:59:59 GMT
File typeGIF image data, version 89a, 960 x 80 Hash84977cadbbada49680bb24809cafcb7f 3ddd868ca673268bf99af222f2e4ecb50ea7df29 fe76de03cea3be7ba52fa285409396e88458114b8c57629b9258accbf130400b
GET /i/2025/01/31/1.gif HTTP/1.1
Host: cc999img.dqsldz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 85422
strict-transport-security: max-age=5184000
date: Thu, 20 Mar 2025 13:25:46 GMT
last-modified: Fri, 31 Jan 2025 13:36:18 GMT
vary: Accept-Encoding
etag: "679cd1d2-14dae"
expires: Sat, 19 Apr 2025 13:25:46 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache31.l2cn8047[0,0,200-0,H], cache43.l2cn8047[1,0], kunlun10.cn7174[0,0,200-0,H], kunlun1.cn7174[1,0]
age: 1412597
ali-swift-global-savetime: 1742477146
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Thu, 20 Mar 2025 13:26:25 GMT
x-swift-cachetime: 2591961
timing-allow-origin: *
eagleid: b4a3921517438897431868758e
X-Firefox-Spdy: h2
|
|
| xx4848.jjcclt.com/1.gif | 123.6.18.24 | 200 OK | 524 kB |
IP123.6.18.24:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerLet's Encrypt Subjectxx4848.jjcclt.com FingerprintFA:59:19:F0:D9:BF:EB:79:6E:97:50:67:F5:CA:32:9D:BA:82:BB:D9 ValidityTue, 11 Feb 2025 06:52:12 GMT - Mon, 12 May 2025 06:52:11 GMT
File typeGIF image data, version 89a, 960 x 80 Size524 kB (523764 bytes) Hash8102b307619a90c2245da75bc7445fd9 21ed3095f76e34fe8134cf4575c75b785616c4a7 c2e316430822c76ff6bb32ba2b68876d2d930398f8e3f88cb70578c0b8fe03d7
GET /1.gif HTTP/1.1
Host: xx4848.jjcclt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 05 Apr 2025 21:49:05 GMT
content-type: image/gif
content-length: 523764
last-modified: Wed, 25 Dec 2024 12:48:17 GMT
etag: "676bff11-7fdf4"
expires: Sat, 01 Feb 2025 22:01:58 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| | 188.114.96.1 | 200 OK | 86 kB |
IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:48:57 GMT
content-type: text/html; charset=UTF-8
content-encoding: br
cf-ray: 92bc40a9ed33b4f1-OSL
vary: Accept-Encoding
ghash: _9a7b82db3a3
t-ray: wsnn3
ipcountry: UA
cache-key: 91porn:_9a7b82db3a3:/
expires: Wed, 04 Jun 2025 06:36:14 GMT
cache-control: public, max-age=31536000, stale-if-error=1209600
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
w-cache: HIT
age: 54684
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vIvS3qoRBT8zZP4vXprP9RozZh4abgdBVHVHk3Mcyv63FqR48ZGP4KWChvWhrBRMK5m7FE%2BJZEwdfYmCqjUL3MqffV3UMuazEVXUysyBupDd3vsa0HpLRiq1geg%2BOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="HIT", cfL4;desc="?proto=TCP&rtt=738&min_rtt=402&rtt_var=587&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3272&recv_bytes=1247&delivery_rate=3455847&cwnd=253&unsent_bytes=0&cid=2634b26284911f10&ts=63&x=0"
X-Firefox-Spdy: h2
|
|
| 91porn.work/app/user/info?reactive=true | 188.114.96.1 | 200 OK | 216 B |
URL GET 91porn.work/app/user/info?reactive=true IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typetroff or preprocessor input, ASCII text, with no line terminators Hash519b38cac36d21f97821bcdc5b2495f5 68ca7a3a40bcef501ad83333bb80f6f55f37a988 74adf2eba931414dd45ca84a426d410b32f48aa54297d6860e85585fb9d8ee57
GET /app/user/info?reactive=true HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:48:59 GMT
content-type: text/html; charset=UTF-8
ghash: _9a7b82db3a3
t-ray: wsnn3
server: cloudflare
access-control-allow-credentials: True
access-control-allow-origin: *, *
access-control-allow-headers: x-requested-with,content-type,Authorization,token,app-lang,uuid,version
access-control-allow-methods: POST, GET, OPTIONS, GET,HEAD,OPTIONS
x-ray: wsnn3-8b7850aa7b1e424196851f7ab68bbbc8
priority: u=3,i=?0
cache-control: public, max-age=31536000, stale-if-error=1209600
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: tguest=guest06149565a1caa67ccd417c2e6ac5ff0fc0d4e937; Path=/
cf-ray: 92bc40b569f61c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| seyoutupian.dqntwl.com/960x80.gif | 180.163.146.91 | 200 OK | 340 kB |
URL GET seyoutupian.dqntwl.com/960x80.gif IP180.163.146.91:443 ASN#4812 China Telecom Group
CertificateIssuerTrustAsia Technologies, Inc. Subjectseyoutupian.dqntwl.com Fingerprint7A:F2:37:B4:6E:3A:C4:DC:54:0F:0E:73:13:92:E8:DF:8D:9B:97:44 ValidityMon, 24 Feb 2025 00:00:00 GMT - Sat, 24 May 2025 23:59:59 GMT
File typeGIF image data, version 89a, 960 x 80 Size340 kB (339723 bytes) Hashb58b6b1221c88b281476b143f8065afd 8ab029042de18f365e0d885beb43f16f34231a38 e98878d5096bfda3db02eadb4a30edbaf518b62f2ff997b417429cf5291e2fb2
GET /960x80.gif HTTP/1.1
Host: seyoutupian.dqntwl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: Tengine
content-type: image/gif
content-length: 339723
strict-transport-security: max-age=5184000
date: Mon, 10 Mar 2025 09:03:05 GMT
last-modified: Wed, 12 Feb 2025 08:43:53 GMT
vary: Accept-Encoding
etag: "67ac5f49-52f0b"
expires: Wed, 09 Apr 2025 09:03:05 GMT
cache-control: max-age=2592000
accept-ranges: bytes
via: cache49.l2cn3132[0,0,200-0,H], cache52.l2cn3132[2,0], kunlun9.cn7174[0,0,200-0,H], kunlun9.cn7174[1,0]
age: 2292358
ali-swift-global-savetime: 1741597385
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-swift-savetime: Mon, 10 Mar 2025 10:50:28 GMT
x-swift-cachetime: 2585557
timing-allow-origin: *
eagleid: b4a3921d17438897432254404e
X-Firefox-Spdy: h2
|
|
| xx4848.3us9fc.com/1372.gif | 123.6.18.26 | 200 OK | 386 kB |
URL GET xx4848.3us9fc.com/1372.gif IP123.6.18.26:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerLet's Encrypt Subjectxx4848.3us9fc.com Fingerprint07:0C:98:DF:2F:81:DE:2C:BB:A3:83:F2:EA:03:6F:AD:AD:4D:AD:4B ValidityTue, 04 Mar 2025 08:32:07 GMT - Mon, 02 Jun 2025 08:32:06 GMT
File typeGIF image data, version 89a, 960 x 80 Size386 kB (385649 bytes) Hash99420771ab574e6197a995c28a8e22fb eb51cd497134b44e1c957b10caf4d2c9569668a5 e0f9613ae55c18751ed65c2b466290eec01e4d71bc4881c52d71578456582d8a
GET /1372.gif HTTP/1.1
Host: xx4848.3us9fc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 05 Apr 2025 21:49:04 GMT
content-type: image/gif
content-length: 385649
last-modified: Tue, 04 Feb 2025 08:08:31 GMT
etag: "67a1caff-5e271"
expires: Mon, 07 Apr 2025 07:39:08 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/91porn/js/t.91porn.js?133f652d0d2c42ff9ff | 104.21.80.1 | 200 OK | 816 kB |
URL GET laixiaol.xyz/91porn/js/t.91porn.js?133f652d0d2c42ff9ff IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint65:42:5B:61:45:D3:D7:DD:D8:B3:23:B6:40:4E:17:31:EA:8C:D0:68 ValidityWed, 19 Feb 2025 13:00:47 GMT - Tue, 20 May 2025 13:59:44 GMT
Size816 kB (815541 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /91porn/js/t.91porn.js?133f652d0d2c42ff9ff HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: application/javascript
last-modified: Fri, 04 Apr 2025 03:21:27 GMT
vary: Accept-Encoding
etag: "67ef5037-c71b5"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=2073600
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n8jSR8zpJvJg1fjDnGe2K0e5fUKDdTrhXA7DrctPXYQRiVznKvxeUNRQYDxA1%2BOmEbc6ebHGNmFCObRKcVm6l1M0kBPnJhXewpkaXJwSxu5zjczErf3pnmUQpStRGcg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92bc40afad84b4fd-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2123&min_rtt=764&rtt_var=1888&sent=10&recv=13&lost=0&retrans=0&sent_bytes=5065&recv_bytes=1303&delivery_rate=6878859&cwnd=255&unsent_bytes=0&cid=41c7c8338cae7364&ts=237&x=0"
X-Firefox-Spdy: h2
|
|
| 5454ylylgh.oss-accelerate.aliyuncs.com/1.gif | 47.254.187.152 | 301 Moved Permanently | 524 kB |
URL GET 5454ylylgh.oss-accelerate.aliyuncs.com/1.gif IP47.254.187.152:443 ASN#45102 Alibaba US Technology Co., Ltd.
CertificateIssuerGlobalSign nv-sa Subject*.oss-eu-central-1.aliyuncs.com FingerprintB3:BB:12:E7:D4:6D:F1:5A:23:12:6C:19:FB:2A:F7:79:1A:67:C7:FA ValidityThu, 02 Jan 2025 06:31:08 GMT - Tue, 03 Feb 2026 06:31:07 GMT
Size524 kB (523764 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1.gif HTTP/1.1
Host: 5454ylylgh.oss-accelerate.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 301 Moved Permanently
Server: AliyunOSS
Date: Sat, 05 Apr 2025 21:49:02 GMT
Content-Length: 0
Connection: keep-alive
x-oss-request-id: 67F1A54E0B9F10BADB26B94A
Location: https://xx4848.jjcclt.com/1.gif
|
|
| 91porn.work/cdn-cgi/rum? | 188.114.96.1 | 204 No Content | 0 B |
IP188.114.96.1:443
Requested byhttps://91porn.work/anyalytics?v=_9a7b82db3a3 CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /cdn-cgi/rum? HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1375
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/anyalytics?v=_9a7b82db3a3
Cookie: tguest=guest06149565a1caa67ccd417c2e6ac5ff0fc0d4e937
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 204 No Content
date: Sat, 05 Apr 2025 21:49:02 GMT
access-control-allow-origin: https://91porn.work
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 92bc40cbde911c06-OSL
x-frame-options: DENY
x-content-type-options: nosniff
|
|
| xx4848.jjcclt.com/5845.gif | 123.6.18.24 | 200 OK | 324 kB |
URL GET xx4848.jjcclt.com/5845.gif IP123.6.18.24:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerLet's Encrypt Subjectxx4848.jjcclt.com FingerprintFA:59:19:F0:D9:BF:EB:79:6E:97:50:67:F5:CA:32:9D:BA:82:BB:D9 ValidityTue, 11 Feb 2025 06:52:12 GMT - Mon, 12 May 2025 06:52:11 GMT
File typeGIF image data, version 89a, 960 x 80 Size324 kB (324299 bytes) Hash4b824f5452a8379a4bb6fa2fb82e8f45 0f97bfec583629d21f1737c3c806ba51ab7c9293 92ba0c5c9930dc38fbd04c327b93437aba42e38f4fcc846b87a16b4df7ebfd45
GET /5845.gif HTTP/1.1
Host: xx4848.jjcclt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 05 Apr 2025 21:49:05 GMT
content-type: image/gif
content-length: 324299
last-modified: Sat, 15 Feb 2025 12:04:27 GMT
etag: "67b082cb-4f2cb"
expires: Mon, 17 Mar 2025 12:05:50 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
x-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/static/css/themes/default/assets/fonts/brand-icons.woff2?q2a | 104.21.80.1 | 200 OK | 54 kB |
URL GET laixiaol.xyz/static/css/themes/default/assets/fonts/brand-icons.woff2?q2a IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint94:05:54:C0:7F:CE:CE:C5:5B:BA:B5:97:A2:2C:CD:DA:D5:74:8D:44 ValidityWed, 19 Feb 2025 13:00:55 GMT - Tue, 20 May 2025 14:00:53 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 54488, version 1.0 Hashe8c322de9658cbeb8a774b6624167c2c db06af71da4197a4e1bd553d124725a8081c13f0 e7d4d5340bbe57a01d8f7992142e2763d438d5783890c76748306eebfa056a69
GET /static/css/themes/default/assets/fonts/brand-icons.woff2?q2a HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://91porn.work
DNT: 1
Connection: keep-alive
Referer: https://laixiaol.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:00 GMT
content-type: font/woff2
content-length: 54488
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n2caev8pmSV3SriAgRcalheTd3ktDXTl2IeJCFw9Cbq%2BfOQULDyYC2ZzZ0RpirGq2jmJ3C8%2B0lWs08pvNJBDIVsNsfqTi8uIXH7TObPRdzTfUbGEIIBKF3p1jmCGxRE%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 24 Feb 2025 05:07:17 GMT
etag: "67bbfe85-d4d8"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=2073600, stale-if-error=7200
accept-ranges: bytes
age: 104643
cf-cache-status: HIT
cf-ray: 92bc40bb3c470b45-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=19429&min_rtt=8637&rtt_var=10947&sent=12&recv=8&lost=0&retrans=0&sent_bytes=3767&recv_bytes=1610&delivery_rate=68073&cwnd=12000&unsent_bytes=0&cid=636a6d51152344f0&ts=62&x=16"
|
|
| gif1.hstq99.com/388-960x80.gif | 123.6.18.40 | 200 OK | 283 kB |
URL GET gif1.hstq99.com/388-960x80.gif IP123.6.18.40:443 ASN#4837 CHINA UNICOM China169 Backbone
CertificateIssuerUnizeto Technologies S.A. Subjectgif1.hstq99.com Fingerprint42:9F:CC:28:9F:FE:E1:9C:9F:39:D9:D9:11:C7:F6:15:AD:0E:CA:91 ValidityWed, 02 Apr 2025 11:35:25 GMT - Sat, 02 May 2026 11:35:24 GMT
File typeGIF image data, version 89a, 960 x 80 Size283 kB (282970 bytes) Hashaa45cc96703850ec0193212a950c0f10 093c3dc4d498a20afdb58d3f79df6bbafa922baa 285347a74deb2ff669f9e3a1e15e7191c5a6239c8381b165ec87403eab4aa34f
| Analyzer | Verdict | Alert |
|---|
| Quad9 DNS | malicious | Sinkholed |
GET /388-960x80.gif HTTP/1.1
Host: gif1.hstq99.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: NgxFence
date: Sat, 05 Apr 2025 21:49:05 GMT
content-type: image/gif
content-length: 282970
x-oss-request-id: 67EE4823E2DC5A55C8225D4C
etag: "AA45CC96703850EC0193212A950C0F10"
last-modified: Sun, 23 Mar 2025 06:32:58 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 4708328741112908902
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
content-disposition: attachment
x-oss-force-download: true
content-md5: qkXMlnA4UOwBkyEqlQwPEA==
x-oss-server-time: 3
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| laixiaol.xyz/91porn/js/b.91porn.js?e21b67bfb2f34bee788 | 104.21.80.1 | 200 OK | 328 kB |
URL GET laixiaol.xyz/91porn/js/b.91porn.js?e21b67bfb2f34bee788 IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint94:05:54:C0:7F:CE:CE:C5:5B:BA:B5:97:A2:2C:CD:DA:D5:74:8D:44 ValidityWed, 19 Feb 2025 13:00:55 GMT - Tue, 20 May 2025 14:00:53 GMT
Size328 kB (327839 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /91porn/js/b.91porn.js?e21b67bfb2f34bee788 HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:00 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAv8VgbiM4rz1zYd0WjT92QbVLckEruhMzjzm6WvfJ5YoHWluFkwm7O7mn3lXNyfJWwddY7pms%2Fi60PslhV9ANSK%2FNrlRWoyn58GcjPOJKAT%2BJZ%2FxD7iHbo2HOvp2Qw%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 04 Apr 2025 03:21:27 GMT
vary: Accept-Encoding
etag: W/"67ef5037-5009f"
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
cache-control: max-age=2073600
cf-cache-status: HIT
cf-ray: 92bc40bd6f8d0b4d-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3324&min_rtt=2061&rtt_var=1314&sent=79&recv=84&lost=0&retrans=1&sent_bytes=7331&recv_bytes=5181&delivery_rate=3469&cwnd=12000&unsent_bytes=0&cid=22140957b004385b&ts=2191&x=16"
|
|
| txdytuchuang1.oss-cn-beijing.aliyuncs.com/1329.gif | 39.103.20.63 | 200 OK | 324 kB |
URL GET txdytuchuang1.oss-cn-beijing.aliyuncs.com/1329.gif IP39.103.20.63:443 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
CertificateIssuerGlobalSign nv-sa Subjectcn-beijing.oss.aliyuncs.com Fingerprint8A:3B:CD:6E:33:73:41:A6:84:C1:C1:D4:33:14:D9:08:13:FC:B3:FD ValidityThu, 02 Jan 2025 06:32:06 GMT - Thu, 04 Sep 2025 00:00:00 GMT
File typeGIF image data, version 89a, 960 x 80 Size324 kB (323784 bytes) Hashccd7e7f2ead489596a0e092d3d763c7a b6bc1f350e3944cded69da6004fb38c3da1272ae 0b2e1cb25f8d400b2ffa3b3de2fd34535a2fd8f714722bb924844065fbce7012
GET /1329.gif HTTP/1.1
Host: txdytuchuang1.oss-cn-beijing.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 05 Apr 2025 21:49:02 GMT
Content-Type: image/gif
Content-Length: 323784
Connection: keep-alive
x-oss-request-id: 67F1A54EE48B2B3934218844
Accept-Ranges: bytes
ETag: "CCD7E7F2EAD489596A0E092D3D763C7A"
Last-Modified: Wed, 26 Feb 2025 08:41:31 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 17686081832368253187
x-oss-storage-class: Standard
x-oss-ec: 0048-00000104
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: zNfn8urUiVlqDgktPXY8eg==
x-oss-server-time: 3
|
|
| 365guanggao.oss-cn-shenzhen.aliyuncs.com/365-960x60.gif | 120.78.115.82 | 200 OK | 158 kB |
URL GET 365guanggao.oss-cn-shenzhen.aliyuncs.com/365-960x60.gif IP120.78.115.82:443 ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
CertificateIssuerGlobalSign nv-sa Subject*.oss-cn-shenzhen.aliyuncs.com Fingerprint03:70:E9:00:74:25:16:B5:BF:FF:00:CD:AB:10:06:8B:47:77:44:19 ValidityFri, 03 Jan 2025 03:21:02 GMT - Wed, 04 Feb 2026 03:21:01 GMT
File typeGIF image data, version 89a, 960 x 60 Size158 kB (157877 bytes) Hash2a23da3c3d5c32a6eeb00deeb9e28873 c198d9b5428705f502b71f689ef55dafbd4ab416 d9d5b315c193203487e2cc905c86cda3f48007c80805622459e533c8d166fdef
GET /365-960x60.gif HTTP/1.1
Host: 365guanggao.oss-cn-shenzhen.aliyuncs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Sat, 05 Apr 2025 21:49:02 GMT
Content-Type: image/gif
Content-Length: 157877
Connection: keep-alive
x-oss-request-id: 67F1A54E9CA69D38361AC087
Accept-Ranges: bytes
ETag: "2A23DA3C3D5C32A6EEB00DEEB9E28873"
Last-Modified: Mon, 10 Mar 2025 05:31:19 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 7805553243335478259
x-oss-storage-class: Standard
x-oss-ec: 0048-00000103
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: KiPaPD1cMqbusA3uueKIcw==
x-oss-server-time: 2
|
|
| 91porn.work/static/logo-91porn.png?1 | 188.114.96.1 | 200 OK | 40 kB |
URL GET 91porn.work/static/logo-91porn.png?1 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services Subject91porn.work FingerprintE0:4F:58:08:E5:53:EF:35:63:BA:D1:CD:C9:A9:97:68:D0:B8:DC:9F ValidityTue, 25 Mar 2025 15:06:15 GMT - Mon, 23 Jun 2025 16:04:40 GMT
File typePNG image data, 1280 x 458, 8-bit/color RGBA, non-interlaced Hash89691fd3f3abadd932df9fd1c92c5aeb d404cf5a6b220263a2d2bf4067251bb09a4c5db9 6897122c37335bb5058d6bc9fedbe1f320381d007d4168d7a6f97a13847e0d7b
GET /static/logo-91porn.png?1 HTTP/1.1
Host: 91porn.work
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://91porn.work/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:48:58 GMT
content-type: image/png
server: cloudflare
last-modified: Thu, 03 Apr 2025 02:48:57 GMT
vary: Accept-Encoding
etag: W/"67edf719-9be6"
expires: Mon, 05 May 2025 06:39:50 GMT
cache-control: max-age=31536000
content-encoding: gzip
age: 54547
cf-cache-status: HIT
priority: u=4,i=?0
cf-ray: 92bc40ae7b281c06-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
|
|
| laixiaol.xyz/static/img/cd-top-arrow.svg | 104.21.80.1 | 200 OK | 555 B |
URL GET laixiaol.xyz/static/img/cd-top-arrow.svg IP104.21.80.1:443
CertificateIssuerGoogle Trust Services Subjectlaixiaol.xyz Fingerprint94:05:54:C0:7F:CE:CE:C5:5B:BA:B5:97:A2:2C:CD:DA:D5:74:8D:44 ValidityWed, 19 Feb 2025 13:00:55 GMT - Tue, 20 May 2025 14:00:53 GMT
File typeSVG Scalable Vector Graphics image Hash9b5337173d863220042a4934ff31b914 c9b296941b0c14a3e1c884a3a753ec2d3c55b400 929afeb8889315e3dac73815bbb91c337c00350ee64dc9fb82bf10d221939cea
GET /static/img/cd-top-arrow.svg HTTP/1.1
Host: laixiaol.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://laixiaol.xyz/91porn/css/web.91porn.css?7a3378b90ccf3d6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 05 Apr 2025 21:49:00 GMT
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwZ09GLBnZ%2B7NHEDDhvoo6IZxwme0FgBtDwj23x%2FaQrah2p7LpfPovnAFzydFUuXd%2BEWytJRArWHXY%2FbOMcNE747ZTCc01z4L2iJrRT2SSx9nVPXZzidh%2F6PEY3tKvc%3D"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 24 Feb 2025 05:07:17 GMT
etag: W/"67bbfe85-22b"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: *
cache-control: public, max-age=2073600, stale-if-error=7200
age: 171518
cf-cache-status: HIT
content-encoding: br
cf-ray: 92bc40bd0f8c0b4d-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3324&min_rtt=2061&rtt_var=1314&sent=79&recv=84&lost=0&retrans=1&sent_bytes=7331&recv_bytes=5181&delivery_rate=3469&cwnd=12000&unsent_bytes=0&cid=22140957b004385b&ts=1951&x=16"
|
|
| timg210.top/videos/1755c4840a18249d3df15e29e8b045aaf51672b7903b8e9d70195f401f30cf92/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 28 kB |
URL GET timg210.top/videos/1755c4840a18249d3df15e29e8b045aaf51672b7903b8e9d70195f401f30cf92/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash43b5edeb5c50490a25e7f1ebce59317a 9566a8bde96f6ae0cde771299b7c88a362ff3f80 b81ff396343837d13027c015d77be2995a1a84e10337cf505c542526ecc1bc2f
GET /videos/1755c4840a18249d3df15e29e8b045aaf51672b7903b8e9d70195f401f30cf92/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 27512
t-cache: MISS
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
e2-id: 22182c
etag: "43b5edeb5c50490a25e7f1ebce59317a"
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 27 Mar 2025 21:08:10 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 14618
accept-ranges: bytes
x-referer: no
server: cloudflare
cf-ray: 92bc40c4b89b56b9-OSL
X-Firefox-Spdy: h2
|
|
| gif.zhidi66.com/am1991-960x80.gif | 154.82.90.61 | 302 Found | 325 kB |
URL GET gif.zhidi66.com/am1991-960x80.gif IP154.82.90.61:443
CertificateIssuerUnizeto Technologies S.A. Subjectgif.zhidi66.com Fingerprint9C:B5:97:BC:19:88:96:53:FF:B1:C4:D2:98:3D:26:57:B8:71:53:D3 ValiditySun, 23 Mar 2025 06:58:52 GMT - Wed, 22 Apr 2026 06:58:51 GMT
Size325 kB (324884 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /am1991-960x80.gif HTTP/1.1
Host: gif.zhidi66.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: NgxFence
date: Sat, 05 Apr 2025 21:49:03 GMT
content-type: text/html; charset=utf-8
content-length: 0
location: http://gif1.hstq99.com/am1991-960x80.gif
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
X-Firefox-Spdy: h2
|
|
| sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://91porn.work/ |  103.235.46.115 | 200 OK | 0 B |
URL GET sp0.baidu.com/9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://91porn.work/ IP103.235.46.115:443 ASN#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
CertificateIssuerGlobalSign nv-sa Subjectbaidu.com FingerprintEF:0F:BE:13:02:E2:C4:D4:89:BA:8F:BA:88:EF:6F:95:DC:CF:7B:E0 ValidityMon, 08 Jul 2024 01:41:02 GMT - Sat, 09 Aug 2025 01:41:01 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /9_Q4simg2RQJ8t7jm9iCKT-xh_/s.gif?l=https://91porn.work/ HTTP/1.1
Host: sp0.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Sat, 05 Apr 2025 21:49:06 GMT
|
|
| timg210.top/videos/f6b221305003b40ac2ae4166daadb77532e61999/cover/5_505_259.webp?ih=1 | 104.22.20.157 | 200 OK | 35 kB |
URL GET timg210.top/videos/f6b221305003b40ac2ae4166daadb77532e61999/cover/5_505_259.webp?ih=1 IP104.22.20.157:443
CertificateIssuerGoogle Trust Services Subjecttimg210.top FingerprintD2:21:FD:F9:CC:60:3A:A4:1F:AC:2F:AE:C3:D2:A6:11:FA:27:6F:C2 ValidityThu, 27 Mar 2025 04:23:10 GMT - Wed, 25 Jun 2025 05:20:16 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 505x259, Scaling: [none]x[none], YUV color, decoders should clamp Hash525d609cd394f5fc00b3f9d4776620db e357c887373242bb6d7f3aa60b9dec62edbd1ffa 1a06c1b3558854258872660c9460e2d2abe0fda5630e53e4c50e04e73059f7a1
GET /videos/f6b221305003b40ac2ae4166daadb77532e61999/cover/5_505_259.webp?ih=1 HTTP/1.1
Host: timg210.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 05 Apr 2025 21:49:01 GMT
content-type: image/webp
content-length: 34662
last-modified: Tue, 04 Mar 2025 10:07:02 GMT
etag: "67c6d0c6-8766"
expires: Thu, 24 Apr 2025 15:44:33 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 14618
accept-ranges: bytes
vary: Accept-Encoding
x-referer: no
server: cloudflare
cf-ray: 92bc40c41f9456b9-OSL
X-Firefox-Spdy: h2
|
|
| static.wixstatic.com/media/432808_e865b865eca042a49f3c776093c63bb8~mv2.gif | 143.204.55.40 | 200 OK | 170 kB |
URL GET static.wixstatic.com/media/432808_e865b865eca042a49f3c776093c63bb8~mv2.gif IP143.204.55.40:443
CertificateIssuerLet's Encrypt Subject*.wixstatic.com Fingerprint00:D2:25:13:B3:EB:D4:B1:02:1F:CA:15:18:D8:2A:26:B4:C7:83:3E ValidityTue, 01 Apr 2025 13:20:48 GMT - Mon, 30 Jun 2025 13:20:47 GMT
File typeGIF image data, version 89a, 960 x 80 Size170 kB (170335 bytes) Hash6adf222203057ef1c14b070092ba94f8 acfc94dd46d062cf374ae87aa0f665ff28e02e26 59c4697d28985934f9337f5c28d1951fdf2bb3662624de8b030a70156d967b60
GET /media/432808_e865b865eca042a49f3c776093c63bb8~mv2.gif HTTP/1.1
Host: static.wixstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://91porn.work/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/gif
content-length: 170335
server: openresty/1.27.1.1
date: Thu, 20 Feb 2025 01:44:44 GMT
expires: Thu, 20 Feb 2025 02:44:44 GMT
cache-control: public, max-age=15552000, immutable
last-modified: Wed, 08 Jan 2025 14:58:47 GMT
etag: "6adf222203057ef1c14b070092ba94f8"
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Length
timing-allow-origin: *
x-seen-by: gcp.us-central-1.media-router-66f677bb5d-xhqxq
via: 1.1 google, 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: P1XiZuO7v20RhUcF8dbH3igiJ-NpCE2-1n1SpVGPRCU8vj8RGaH-3g==
age: 3873857
X-Firefox-Spdy: h2
|
|