Report - av.hd4k.top/

Report Overview

Visited public
2025-04-11 22:57:29
Tags
Submit Tags
URL
av.hd4k.top/
Finishing URL
av.hd4k.top/
IP / ASN
172.67.212.164
#13335 CLOUDFLARENET
Title
Hot Videos 人気動画-動画@AV4.us

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fixedjs.jtube.top	unknown	2024-03-07	2024-06-18	2025-04-03	433 B	9.7 kB	104.21.64.1
www.daftporn.com	411958	2010-07-22	2012-07-17	2025-03-23	446 B	4.0 kB	37.128.144.49
vq50.com	446469	2019-02-16	2019-02-17	2025-04-09	1.7 kB	322 kB	188.114.96.1
realmomsonfuck.com	unknown	2021-02-20	2021-02-23	2025-02-21	460 B	8.3 kB	172.67.190.228
777.porn	138536	2021-08-26	2016-03-10	2025-04-03	864 B	42 kB	104.21.16.1
cdn.hotscope.tv	542115	unknown	2019-06-17	2025-02-15	443 B	3.7 kB	57.128.229.16
xgx.mobi	452442	2019-09-17	2017-09-13	2025-03-22	458 B	25 kB	172.67.223.49
www.ssnovel.top	unknown	2023-08-22	2023-08-26	2025-02-15	456 B	0 B	0.0.0.0
fmtu.slsltutu.com	unknown	2022-12-31	2023-01-05	2025-02-16	481 B	0 B	0.0.0.0
ansuko.net	unknown	2023-07-04	2023-07-04	2025-03-05	3.2 kB	438 kB	104.21.54.113
meetcdn.com	unknown	2023-09-25	2023-09-26	2025-03-17	432 B	46 kB	104.21.64.1
jsjs.4jpg.top	unknown	2024-03-07	2024-03-08	2025-04-03	844 B	2.0 kB	188.114.96.1
pornolomka2.com	unknown	2022-09-21	2022-09-21	2025-03-25	946 B	200 kB	91.194.110.16
nlt03.videosection.com	unknown	2002-11-25	2022-07-28	2025-03-22	488 B	29 kB	104.26.12.185
av.hd4k.top	unknown	2024-05-27	2025-03-24	2025-03-24	480 B	178 kB	172.67.212.164
pornolomka3.com	unknown	2022-09-28	2022-09-30	2025-02-14	473 B	82 kB	91.194.110.16
pics.dmm.com	424056	1995-06-28	2012-07-19	2025-04-08	434 B	155 kB	54.230.82.31
555.tourismdaily.ru	unknown	2022-01-11	2024-04-26	2025-02-26	626 B	42 kB	188.114.96.1
sorkab.com	unknown	2018-06-30	2021-02-01	2025-04-03	908 B	51 kB	172.67.140.114
img.aosikaimge.com	unknown	2022-11-29	2022-12-08	2025-03-25	894 B	0 B	0.0.0.0
sbzytpimg1.com	unknown	2024-04-24	2024-07-25	2025-04-08	3.9 kB	1.1 MB	173.249.235.71
avatars.mds.yandex.net	6545	2000-11-14	2014-12-15	2025-04-05	458 B	8.0 kB	87.250.247.183
www.9188porn.xyz	unknown	2025-02-21	2025-03-12	2025-03-19	2.9 kB	0 B	0.0.0.0
en.vidmo.pro	unknown	2022-04-10	2022-04-11	2025-04-03	960 B	29 kB	89.248.193.244
img.youtube.com	3087	2005-02-15	2012-05-30	2025-04-10	2.2 kB	102 kB	142.250.74.78
two-elfs.com	unknown	2016-12-27	2017-10-13	2025-04-01	405 B	89 kB	188.114.97.1
pics.x-xx.pro	unknown	2020-08-16	2021-04-13	2025-03-17	455 B	3.7 kB	104.21.70.153
aniru.org	unknown	2020-02-20	2020-02-24	2025-02-17	470 B	34 kB	172.67.135.62
videopreview.chezcathy.com	unknown	2007-03-03	2024-11-08	2025-04-03	3.6 kB	81 kB	104.21.96.1
cdne-pics.youjizz.com	133153	2007-10-22	2017-01-30	2025-03-21	3.3 kB	102 kB	64.210.135.115
i0.wp.com	3021	1997-03-28	2013-09-17	2025-04-09	3.4 kB	618 kB	192.0.77.2
www.jav.directory	unknown	2020-10-12	2023-11-21	2024-03-17	478 B	84 kB	188.114.96.1
timg208.top	unknown	2025-01-16	2025-03-03	2025-04-03	970 B	101 kB	104.22.21.157
jav.directory	unknown	unknown	2020-10-12	2022-11-26	474 B	84 kB	188.114.96.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-11 22:57:10	low	Client IP	101.33.11.223	ET INFO Observed Tencent Cloud Storage Domain (myqcloud .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-11	medium	9188porn.xyz	Sinkholed
2025-04-11	medium	9188porn.xyz	Sinkholed
2025-04-11	medium	9188porn.xyz	Sinkholed
2025-04-11	medium	9188porn.xyz	Sinkholed
2025-04-11	medium	9188porn.xyz	Sinkholed
2025-04-11	medium	ssnovel.top	Sinkholed
2025-04-11	medium	9188porn.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (85)

URL IP Response Size

GET videopreview.chezcathy.com/ext/pre_1367426705.jpg

104.21.96.1

200 OK

7.3 kB

URL GET
videopreview.chezcathy.com/ext/pre_1367426705.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
7.3 kB (7287 bytes)
Hash
92ac28a1e37eee5259202b4265c6d199
bbff079683cf74603b49a325d09b07522bad2570
fc67b0bcc61a5b2fc60bc86cc4354df81ae43a52c815ba9bb9004a2632157064

HTTP Headers

GET /ext/pre_1367426705.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 7287
last-modified: Tue, 11 Jun 2024 17:54:26 GMT
etag: "66688f52-1c77"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 6801
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NtZmtAQWZz1kikroB7FSIhBAgX%2BFmT0uKdVZTRGmdS0gcvjhWiEP9GGcKOO%2FCdG9eJkCzZcRvwuZhl%2FQrE%2BKGkW4woNmcSazgxjre%2Fnw1LjVsq611DXusXQ7Fvn%2FOnl%2BhcHIW4OChL%2Bj9NNq6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145ee84756bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1928&min_rtt=446&rtt_var=2346&sent=32&recv=16&lost=0&retrans=0&sent_bytes=26297&recv_bytes=1567&delivery_rate=9019465&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=289&x=0"
X-Firefox-Spdy: h2

GET fmtu.slsltutu.com/upload/vod/20220903-4/b7525bd34a9cb23c58ca535e7991ecf0.jpg

0.0.0.0

0 B

URL GET
fmtu.slsltutu.com/upload/vod/20220903-4/b7525bd34a9cb23c58ca535e7991ecf0.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /upload/vod/20220903-4/b7525bd34a9cb23c58ca535e7991ecf0.jpg HTTP/1.1
Host: fmtu.slsltutu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET ansuko.net/wp-content/uploads/2024/12/nv3nhsms_header.jpg

104.21.54.113

200 OK

27 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/nv3nhsms_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, progressive, precision 8, 267x200, components 3
Size
27 kB (26987 bytes)
Hash
90ad57c5dcacd84fc6f59372df040666
96c1c358070849112745724cb2add15926db0278
c52943a1ef5f7abc5690beaabc5be2a1eff9b078458542397547e553d3dd4419

HTTP Headers

GET /wp-content/uploads/2024/12/nv3nhsms_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 26987
last-modified: Sat, 07 Dec 2024 23:40:30 GMT
etag: "6754dcee-696b"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2409438
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RtonRLDpO1%2Fp3Da6nXgNbk%2FePsWL24HQnJm69sf5n%2Fx7zvF7urZiU%2FCAB8zyU%2B8Y12zyXS%2BlxRrXUChtHTa1ypIsHhS6sIBvZm3j5Nj91GOxYURZBORXtW%2BrzuVc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145b98811c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1274&min_rtt=418&rtt_var=1551&sent=25&recv=12&lost=0&retrans=1&sent_bytes=24156&recv_bytes=1201&delivery_rate=6196861&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=114&x=0"
X-Firefox-Spdy: h2

GET img.aosikaimge.com/20221002/ssF3cRX3/1.jpg

0.0.0.0

0 B

URL GET
img.aosikaimge.com/20221002/ssF3cRX3/1.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintBC:19:8D:FF:22:32:94:8C:04:80:02:CE:1A:59:1C:91:24:15:5C:66
ValidityTue, 24 Dec 2024 10:28:23 GMT - Fri, 23 Jan 2026 10:28:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /20221002/ssF3cRX3/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET ansuko.net/wp-content/uploads/2024/12/iruysmqm_header.jpg

104.21.54.113

200 OK

20 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/iruysmqm_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x365, components 3
Size
20 kB (20383 bytes)
Hash
63bd0f36502bc2f20342dbf985535474
348c18a121545e61da1e83cc42da41a8c3ddcce9
76fcdffac70a8168d5be718a6f6e202d6745752ba5c6fc81b7ae1f9f70720a30

HTTP Headers

GET /wp-content/uploads/2024/12/iruysmqm_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 20383
last-modified: Sun, 08 Dec 2024 16:46:31 GMT
etag: "6755cd67-4f9f"
accept-ranges: bytes
age: 75596
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CpCnYspuI55OwzexvhLegTY%2FYiMjn25eut8wVuq44pEqayH9VBrhd5maDDZgZLfX%2FGO9Dn1uMZyLrZlU4dsAPeAk4PHnhLyhVMs%2FZY9hyECRwKrdyWHwIyQH%2BN14"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145c48e21c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=884&min_rtt=418&rtt_var=218&sent=48&recv=30&lost=0&retrans=1&sent_bytes=52121&recv_bytes=1400&delivery_rate=21087378&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=224&x=0"
X-Firefox-Spdy: h2

GET ansuko.net/wp-content/uploads/2024/12/94ktnwun_header.jpg

104.21.54.113

200 OK

104 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/94ktnwun_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 720x540, components 3
Size
104 kB (103866 bytes)
Hash
4049685968b6ae82a67aab1ab6fb1475
dc4858142baf9504cfbd92c9f3559d334a171eb9
4b692ded900f8ce0e39f4f258261c1cb8db2d3696e6afee25202a9ce6e487566

HTTP Headers

GET /wp-content/uploads/2024/12/94ktnwun_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 103866
last-modified: Mon, 16 Dec 2024 09:40:30 GMT
etag: "675ff58e-195ba"
accept-ranges: bytes
age: 794932
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=czoexIdspc05QDC0In1Ol2%2Fllabo%2F6a1PAV5264PrEyOfp%2Bd3GF%2F2%2F3zTITjABK3D5p0nQ%2BNLOsGZU1jTUbft2ckPZiAlkyZfgvJumCfmNjlRulgmHKS7W4nUjWE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145e09b81c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1292&min_rtt=418&rtt_var=127&sent=117&recv=84&lost=0&retrans=2&sent_bytes=145442&recv_bytes=1500&delivery_rate=42958031&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=511&x=0"
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240630-1/42885e46bf99aba78319d4b14d32e5fb.jpg

173.249.235.71

200 OK

105 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240630-1/42885e46bf99aba78319d4b14d32e5fb.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
105 kB (105000 bytes)
Hash
a71b352dfb48a04d698db8330b765b33
356875d3df4ddb9c16d29579111dbda426fcbf73
8182d409a8d20e342cae29eff699007c94e9a383db5a04bde489918fab95c3c8

HTTP Headers

GET /upload/vod/20240630-1/42885e46bf99aba78319d4b14d32e5fb.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 105000
last-modified: Sun, 30 Jun 2024 04:49:57 GMT
vary: Accept-Encoding
etag: "6680e3f5-19a28"
expires: Thu, 24 Apr 2025 16:57:57 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/5/1/1/6/5/51165cea1c120157ba99d30f6371ae3a1659340562-14.jpg

64.210.135.115

200 OK

10 kB

URL GET
cdne-pics.youjizz.com/5/1/1/6/5/51165cea1c120157ba99d30f6371ae3a1659340562-14.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 308x232, components 1
Size
10 kB (10193 bytes)
Hash
5c84a9e2346fe9fa29cccd3ac9da6cfd
7b934ce2968fb8409dbb853360746c01f8be4f5d
0067583d28e24be6ef49f3cf0ecd02648d448ef665a09186907d006d66294b18

HTTP Headers

GET /5/1/1/6/5/51165cea1c120157ba99d30f6371ae3a1659340562-14.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 10193
last-modified: Tue, 02 Aug 2022 08:15:04 GMT
etag: "27d1-5e53db6ba47e8"
expires: Tue, 30 Jan 2024 23:43:40 GMT
cache-control: max-age=10750357
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6140-3-1337627-h-0-0---;6141-29-555387----0-0-1
X-Firefox-Spdy: h2

GET ansuko.net/wp-content/uploads/2024/12/hhsgug4b_header.jpg

104.21.54.113

200 OK

74 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/hhsgug4b_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=15, height=537, bps=0, PhotometricInterpretation=RGB, orientation=upper-left, width=717], progressive, precision 8, 700x524, components 3
Size
74 kB (74056 bytes)
Hash
333e994d9139bee5304bbf73474be607
4ef3fd8cf25b7ac8112eab2b9b79b39ecb9f33df
32cd8284f3b39e4a3e87b45448c7c650dc7effcb6a0cd529106b1d20132c1b4d

HTTP Headers

GET /wp-content/uploads/2024/12/hhsgug4b_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 74056
last-modified: Wed, 11 Dec 2024 21:43:33 GMT
etag: "675a0785-12148"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1400315
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BuYpKE1umo8r2goWB3zGb9eoqjmK6DxwR%2FfR%2Fl7TvN%2BpRUS5Rc7qn2MrqBrbJWuVH%2FR4s5MVy4oOmcuTBupoTPvdjLkqPa1OWfTrFkg6eoelBmiL5VZKfF05bcwj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145f2a4a1c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2261&min_rtt=418&rtt_var=54&sent=195&recv=163&lost=0&retrans=2&sent_bytes=250301&recv_bytes=1600&delivery_rate=42958031&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=689&x=0"
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241028-15/cd8fe33b27527ca661c9b3bed5104ba4.jpg

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241028-15/cd8fe33b27527ca661c9b3bed5104ba4.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241028-15/cd8fe33b27527ca661c9b3bed5104ba4.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET meetcdn.com/vs/58099031.jpg

104.21.64.1

200 OK

45 kB

URL GET
meetcdn.com/vs/58099031.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectmeetcdn.com
Fingerprint5E:4F:DB:4B:60:C3:17:24:3B:91:03:EC:11:4D:74:3C:4C:1A:68:C9
ValidityMon, 10 Mar 2025 03:41:51 GMT - Sun, 08 Jun 2025 04:39:39 GMT

File type
JPEG image data, baseline, precision 8, 852x480, components 3
Size
45 kB (44590 bytes)
Hash
0297e3d5fef9258e642d4930a803d71c
4e19c0e9b0c9be6392462c3b5198956b338985b5
88831f1541347e5099e3252312f0c8ba4e76f0299dc471bfe9ce6729e9d0e11e

HTTP Headers

GET /vs/58099031.jpg HTTP/1.1
Host: meetcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 44590
last-modified: Tue, 05 Nov 2019 00:08:04 GMT
etag: "5dc0bd64-ae2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
cf-cache-status: HIT
age: 146924
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XsVSVLHqnPWI3tvjoltfLpdqg7S%2BoMPLVYanAT9Qxhh1JYLWx0lgHXEIvTTX1OCT2QCTjloTZ2rATltiu5I%2BotAHDBdkUUe4r0SMaGfvwnaH60PVscyJt7cSBJFiYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145cabc3b517-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1747&min_rtt=495&rtt_var=2519&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3273&recv_bytes=1173&delivery_rate=7063414&cwnd=254&unsent_bytes=0&cid=6c9fc37abed73658&ts=160&x=0"
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/80/80/8080fe6673bc49c886378c06cb320b4b/12396088.jpg

89.248.193.244

200 OK

18 kB

URL GET
en.vidmo.pro/thumbs_320/80/80/8080fe6673bc49c886378c06cb320b4b/12396088.jpg
IP
89.248.193.244:443
ASN
#49505 JSC Selectel

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 93", baseline, precision 8, 320x240, components 3
Size
18 kB (18372 bytes)
Hash
d2fb745c8debd96655886df0f5299de7
dd1b57f1c52d4ef226eb500f1161e3ca6686a2da
9ff7e4f969c6d2d352f61a1e126fa1b2c4383082c2070c1cb0eb9b6293333860

HTTP Headers

GET /thumbs_320/80/80/8080fe6673bc49c886378c06cb320b4b/12396088.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 18372
last-modified: Sat, 17 Oct 2020 06:00:56 GMT
expires: Mon, 21 Oct 2024 22:14:42 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET i0.wp.com/666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg

192.0.77.2

200 OK

4.7 kB

URL GET
i0.wp.com/666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 543x420, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.7 kB (4652 bytes)
Hash
cd903bc38c7636fddf017878e2b14699
c7fb2bd6f331774ff3439f0e283da618ccb770fc
82844564199f05596cae6cd3ab076d23f74448fe28639228a8f46bc829ae24a4

HTTP Headers

GET /666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 4652
last-modified: Wed, 22 Jan 2025 00:26:58 GMT
expires: Fri, 22 Jan 2027 12:26:58 GMT
cache-control: public, max-age=63115200
link: <http://666529.xyz/images/2024/11/16/60c2c39840d96eeffaaa88ae28766ad0.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "96e8627d7186426e"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET www.jav.directory/douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg

188.114.96.1

301 Moved Permanently

84 kB

URL GET
www.jav.directory/douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectjav.directory
FingerprintAB:2E:6C:CE:D9:63:B2:59:BF:1B:59:91:FA:64:DA:DA:B2:06:86:9F
ValiditySat, 22 Mar 2025 07:24:57 GMT - Fri, 20 Jun 2025 08:22:46 GMT

File type

Size
84 kB (83544 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg HTTP/1.1
Host: www.jav.directory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: text/html
content-length: 167
location: https://jav.directory/douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg
cache-control: max-age=3600
expires: Fri, 11 Apr 2025 23:56:50 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vycnPQ%2FxrclOSxsHaPAoefjMTQBu%2F4yK9RtisfufHGe%2FvDlVi7VaKIY3AtUAMC6%2BkaRhCy3UPTa6dPZvq4QZ5xLKa2Ifi6CAGL4kNBEeBSVy%2FpMibChlvaXX4l%2FG1dJkCroBwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145dd824712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3665&min_rtt=415&rtt_var=6480&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3281&recv_bytes=1244&delivery_rate=6483582&cwnd=254&unsent_bytes=0&cid=cf123f9dd1e330a5&ts=186&x=0"
X-Firefox-Spdy: h2

GET 777.porn/images/39/119_-.jpg

104.21.16.1

200 OK

19 kB

URL GET
777.porn/images/39/119_-.jpg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject777.porn
Fingerprint7A:E3:6A:41:F9:31:13:B4:C6:C5:F8:AA:D8:59:86:E6:BA:C9:D6:50
ValidityWed, 09 Apr 2025 00:48:21 GMT - Tue, 08 Jul 2025 01:46:47 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 320x240, components 3
Size
19 kB (18563 bytes)
Hash
748161dec2475fb3f7b0590c8a938cd9
0d4be609e582981e6a86192db8e8f718b62b0427
a4f9a58c5b38f194160c805d85cebe6ba2ddc3c5bf097aaf6df3e9f48f6a64f8

HTTP Headers

GET /images/39/119_-.jpg HTTP/1.1
Host: 777.porn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 18563
last-modified: Tue, 02 May 2023 21:59:41 GMT
etag: "645187cd-4883"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 0ae1fed778ee48f6127b98afc0c6f2bf
cf-cache-status: HIT
age: 9011275
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2BLqYaEwOP840Ycwjfgj4rPxI8AA5DPXWfdPjMjbE%2BkiWloQF5wG6XFTiBDOm4VA15uNNUipcOx9HBHJQvYO%2FhIqCLoyCFx007epNZ5eqsoNzdG991mXxhR9SA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145ef9f7b524-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1068&min_rtt=511&rtt_var=1073&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1050&delivery_rate=5991724&cwnd=254&unsent_bytes=0&cid=426e930c2f2e9a53&ts=239&x=0"
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241010-10/abbdaf2c9b86f97da42484512832971f.png

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241010-10/abbdaf2c9b86f97da42484512832971f.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241010-10/abbdaf2c9b86f97da42484512832971f.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET ansuko.net/wp-content/uploads/2024/12/poster-422.jpg

104.21.54.113

200 OK

116 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/poster-422.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 720x540, components 3
Size
116 kB (116060 bytes)
Hash
3440e66d77653fc6f6a01907b69717f8
f273574fc729fcc31777c6a05017af7fa482ec8a
8bbc234e59e46fa140e701fc2ce1c8aef1da3244e0b4abee16693387faec6b53

HTTP Headers

GET /wp-content/uploads/2024/12/poster-422.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 116060
last-modified: Thu, 12 Dec 2024 19:25:32 GMT
etag: "675b38ac-1c55c"
accept-ranges: bytes
age: 687200
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6g6sjReuFtJTGkObtG2mWNMQlolbVSR%2FHmeXKdZ6NMaXSC3K%2F9UBK%2Bv%2BdaUg9HMcqCLP91c%2F4rEX1xuO6HWm62yhbdyNuNBBT99MgeZqKIGV2Fv5HJpioXP7MW1t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145f8a801c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3932&min_rtt=418&rtt_var=42&sent=252&recv=221&lost=0&retrans=2&sent_bytes=325239&recv_bytes=1696&delivery_rate=42958031&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=747&x=0"
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg

173.249.235.71

200 OK

97 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
97 kB (97373 bytes)
Hash
a48ae883f1bf13d4901ff5e752290ea6
00deb9312def2dd9c7f5f5e4dc44dc6f6bcc75f2
73c072160daaf4cd98e8916639c6f98751b3471fcdf0ccc43e3cbd5c5a77a6d5

HTTP Headers

GET /upload/vod/20240614-1/40112a46eda6ec8fbdc86c1c337a7740.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 97373
last-modified: Thu, 13 Jun 2024 17:57:37 GMT
vary: Accept-Encoding
etag: "666b3311-17c5d"
expires: Tue, 29 Apr 2025 17:59:15 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET av.hd4k.top/

172.67.212.164

200 OK

176 kB

URL User Request GET
av.hd4k.top/
IP
172.67.212.164:443
ASN
#13335 CLOUDFLARENET

File type
HTML document, Unicode text, UTF-8 text, with very long lines (310), with CRLF line terminators
Size
176 kB (176052 bytes)
Hash
b92f541a87e4f8fbf2481c2a6f6020e9
360ccf24619854cde1cbaf14731bbad9f995ed7a
8f583f43eaa86219ea0695beafd64841b76eca0d1b8a51a89540a1d575db3770

HTTP Headers

GET / HTTP/1.1
Host: av.hd4k.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:49 GMT
content-type: text/html; charset=UTF-8
pdojs-line8: host-av.hd4k.top4.194.8.20-myhost-av.hd4k.top38.220.248/
phost: av.hd4k.top
pdojs-line355: notjp--myhost-av.hd4k.top-filteron-
pdojs-line963: notjp--myhost-av.hd4k.top-filteron-/
line1283: URI-/-myhost-av.hd4k.top-filteron-
line1413: 
line1448: -
xline: 1502host-114689
pdojs-line1513: ibig--chname--filteron--txtlang--shows-489
cache-control: public, max-age=14400
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Cake
x-proxy-cache-192g-la: EXPIRED
xkey-192la: av.hd4k.top/--av.hd4k.top-av.hd4k.top-myzone---yes
x-proxy-cache-g-la: MISS
xkey-g-la: av.hd4k.top/--av.hd4k.top--my_zone
cf-cache-status: EXPIRED
last-modified: Fri, 11 Apr 2025 22:56:49 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4W5WmoIRbsJKkeqehH46POfVqDnDzR1ZGM27C2eylUlOqHypMFG2z3HW8Pg8HksUfx1S17FQ%2F8aUYGKxdcNs2C8DIFw7%2FjWDN8YjM2fZq6tbwWUwRibIcQjbccXZWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92ee14531b100b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5691&min_rtt=437&rtt_var=10470&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3190&recv_bytes=1123&delivery_rate=6277456&cwnd=254&unsent_bytes=0&cid=2a1baa90343440be&ts=591&x=0"
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/1/1/2/7/5/112758631d1e88e745c427730c1463621518204733-186.jpg

64.210.135.115

200 OK

16 kB

URL GET
cdne-pics.youjizz.com/1/1/2/7/5/112758631d1e88e745c427730c1463621518204733-186.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 5529x5516, segment length 16, comment: "Lavc57.89.100", baseline, precision 8, 308x232, components 3
Size
16 kB (16108 bytes)
Hash
427b4b1cdfccd6037da8cc0a08973480
521d8385c30af3e42bf3c1d23063e3985017fc2b
24be4731674bfdc8367b06f23381a2e552ccc5f74af9eaf5d3031f1b51a5405b

HTTP Headers

GET /1/1/2/7/5/112758631d1e88e745c427730c1463621518204733-186.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 16108
last-modified: Fri, 23 Apr 2021 08:35:07 GMT
etag: "3eec-5c09fac620c5d"
expires: Sat, 17 Aug 2024 00:32:33 GMT
cache-control: max-age=10727002
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6249-3-1242661-h-0-0---;6141-29-555387----0-0-2
X-Firefox-Spdy: h2

GET img.youtube.com/vi/-HwynnAXtkc/0.jpg

142.250.74.78

200 OK

10 kB

URL GET
img.youtube.com/vi/-HwynnAXtkc/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint12:A5:4A:1B:8A:02:5B:3E:ED:E8:C5:88:16:6F:BF:DE:14:12:DD:CA
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
10 kB (10222 bytes)
Hash
29a5c570cd46b5deb6cb3b010da60704
70ad889296c433c659b6a13af12afef5ab573ddf
1f237a1dae8e1dcb25e4f9f31ea69f3ad55daec2f2a721d51308c5305ddb07ba

HTTP Headers

GET /vi/-HwynnAXtkc/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 10222
date: Fri, 11 Apr 2025 22:57:01 GMT
expires: Sat, 12 Apr 2025 00:57:01 GMT
cache-control: public, max-age=7200
etag: "1579910794"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.hotscope.tv/videos/oWqt5/small.jpg

57.128.229.16

200 OK

3.3 kB

URL GET
cdn.hotscope.tv/videos/oWqt5/small.jpg
IP
57.128.229.16:443
ASN
#16276 OVH SAS

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subject*.hotscope.tv
FingerprintBF:FC:D1:00:F1:A6:05:DE:54:FD:70:E4:2F:D3:FC:63:06:03:C5:58
ValidityMon, 31 Mar 2025 07:58:04 GMT - Sun, 29 Jun 2025 07:58:03 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 202x201, segment length 16, comment: "Lavc61.3.100", baseline, precision 8, 134x240, components 3
Size
3.3 kB (3329 bytes)
Hash
8c6e1e932bb633134e4ab1b5f40f70d5
820ed6bda348afea5993a91cb3d83c7fbefcc89b
2fa702fed702b95cb230164d438e9e4d214bee818dba6cbb26ae24c4ece06b49

HTTP Headers

GET /videos/oWqt5/small.jpg HTTP/1.1
Host: cdn.hotscope.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:53 GMT
content-type: image/jpeg
content-length: 3329
last-modified: Mon, 30 Dec 2024 21:51:34 GMT
etag: "677315e6-d01"
expires: Sun, 11 May 2025 22:56:53 GMT
access-control-allow-origin: *
cache-control: max-age=2592000, public
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/f/a/0/fa001cd8541a810226984c56cfd531241621726922-1280-720-1283-h264.mp4-9.jpg

64.210.135.115

200 OK

11 kB

URL GET
cdne-pics.youjizz.com/f/a/0/fa001cd8541a810226984c56cfd531241621726922-1280-720-1283-h264.mp4-9.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 308x232, components 3
Size
11 kB (11290 bytes)
Hash
b941e7a31f8ed6c9657d2b15aab0df20
7b836d7de0182aecb7c5219f3c78edcf50a41941
5fb03c01e9cee8bde2ffc8323ebc70e447aeef9fde1330d40b31aee016b6f93b

HTTP Headers

GET /f/a/0/fa001cd8541a810226984c56cfd531241621726922-1280-720-1283-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 11290
last-modified: Sun, 23 May 2021 00:00:47 GMT
etag: "2c1a-5c2f3fc32d937"
expires: Mon, 29 Jan 2024 06:06:16 GMT
cache-control: max-age=10663905
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-7619-1-3769640-h-0-0---;6141-21-555387----0-0-1
X-Firefox-Spdy: h2

GET pics.dmm.com/digital/video/5330imbd00013/5330imbd00013pl.jpg

54.230.82.31

200 OK

154 kB

URL GET
pics.dmm.com/digital/video/5330imbd00013/5330imbd00013pl.jpg
IP
54.230.82.31:443
ASN
#16509 AMAZON-02

Requested by
https://av.hd4k.top/
Certificate
IssuerAmazon
Subjectp.dmm.co.jp
Fingerprint83:87:AF:B8:83:EC:94:6A:04:D1:AC:D8:86:9F:66:0C:58:99:ED:B9
ValidityTue, 14 Jan 2025 00:00:00 GMT - Wed, 04 Feb 2026 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 800x437, components 3
Size
154 kB (154325 bytes)
Hash
38536472925c9df94242023544220d0e
f7a05afecf38a543379e386e21b9dab348c0b657
82abe0d2aae10395c3d23b08b1fe4f2bc29bee2a50e5d6cf4eac53d4d0d69f3a

HTTP Headers

GET /digital/video/5330imbd00013/5330imbd00013pl.jpg HTTP/1.1
Host: pics.dmm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
content-length: 154325
server: openresty
date: Fri, 11 Apr 2025 22:56:54 GMT
last-modified: Mon, 23 Mar 2015 02:19:18 GMT
x-cache-status: HIT
via: 1.1 ee37e0f094ae25c978019ce1a6357240.cloudfront.net (CloudFront), 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
x-pics-origin: imgsrc
x-cache: Miss from cloudfront
x-amz-cf-pop: NRT20-P6, OSL50-P1
x-amz-cf-id: xja8xHLOThuvFc66-LpVjj7s6o2zbuPljGLfd95b04I207XeGvhrUA==
age: 27707
X-Firefox-Spdy: h2

GET timg208.top/videos/3b7e9517bbb67ca49fb850b78fa6892072c2567f/cover/5_505_259?ih=1

104.22.21.157

200 OK

34 kB

URL GET
timg208.top/videos/3b7e9517bbb67ca49fb850b78fa6892072c2567f/cover/5_505_259?ih=1
IP
104.22.21.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjecttimg208.top
FingerprintAD:45:A1:8F:E9:B5:8F:B2:F0:68:FC:83:F3:8E:18:EA:B7:AC:02:B2
ValidityFri, 21 Mar 2025 14:39:51 GMT - Thu, 19 Jun 2025 15:37:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 505x259, components 3
Size
34 kB (33874 bytes)
Hash
ae5c76d82e84c1ecb2185b1e1f616ac5
76466b9a9255299abd37ddd61b92d2815cd8705b
255a1712d65ad2805c68131f72d4f1f891ee42604a82bbdc2b94ab07b2286d73

HTTP Headers

GET /videos/3b7e9517bbb67ca49fb850b78fa6892072c2567f/cover/5_505_259?ih=1 HTTP/1.1
Host: timg208.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: application/octet-stream
content-length: 33874
last-modified: Mon, 03 Mar 2025 20:56:13 GMT
vary: Accept-Encoding
etag: "67c6176d-8452"
expires: Thu, 03 Apr 2025 02:54:01 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 3136082
accept-ranges: bytes
x-referer: no
server: cloudflare
cf-ray: 92ee145ecfed568e-OSL
X-Firefox-Spdy: h2

GET jsjs.4jpg.top/index.php?js=av4&advertisement&

188.114.96.1

503 Service Unavailable

0 B

URL GET
jsjs.4jpg.top/index.php?js=av4&advertisement&
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject4jpg.top
FingerprintCE:68:EE:E1:A9:B4:04:8A:19:E9:A5:4B:99:6C:FF:D1:6C:A9:8B:EC
ValidityMon, 24 Feb 2025 19:01:46 GMT - Sun, 25 May 2025 20:00:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php?js=av4&advertisement& HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 503 Service Unavailable
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: text/html; charset=UTF-8
content-length: 5607
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OuwExSN2gcCjwNuaLJP5mA0H3te2cjPW0IN71A9lETXT8ix8GYWdUYdRv1AAmGFhSnSb%2BqXTEjQ%2FdG0gEbwCMsUJ17uIXHsaSkcaKA6AFpVUvK%2ByZUND%2FD96zaevpboW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 92ee145afa9b56c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1224&min_rtt=441&rtt_var=1158&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3265&recv_bytes=1284&delivery_rate=4383451&cwnd=254&unsent_bytes=0&cid=3a872d8efd3712c8&ts=54&x=0"
X-Firefox-Spdy: h2

GET jsjs.4jpg.top/index.php?js=very

188.114.96.1

522 No Reason Phrase

0 B

URL GET
jsjs.4jpg.top/index.php?js=very
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject4jpg.top
FingerprintCE:68:EE:E1:A9:B4:04:8A:19:E9:A5:4B:99:6C:FF:D1:6C:A9:8B:EC
ValidityMon, 24 Feb 2025 19:01:46 GMT - Sun, 25 May 2025 20:00:17 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /index.php?js=very HTTP/1.1
Host: jsjs.4jpg.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 522 No Reason Phrase
date: Fri, 11 Apr 2025 22:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 7066
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JxQWdoP2xtHC2L%2Fz9q1EZqIOB8z%2BFo7yrr83SG6bpROyEMHI53ekaElWdsQgzWx%2F1OLV%2F3MmoxI3KO5F9g0jT2ajgaaLk0EoI62y5dY7jWf9RZQhneS64jyhNARUWdkT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 92ee145afa9656c1-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1344&min_rtt=441&rtt_var=1107&sent=14&recv=12&lost=0&retrans=0&sent_bytes=9739&recv_bytes=1284&delivery_rate=4383451&cwnd=254&unsent_bytes=0&cid=3a872d8efd3712c8&ts=19324&x=0"
X-Firefox-Spdy: h2

GET 555.tourismdaily.ru/roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png

188.114.96.1

200 OK

41 kB

URL GET
555.tourismdaily.ru/roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjecttourismdaily.ru
FingerprintFB:E7:8D:A2:35:B6:26:D7:77:B0:F9:D0:98:4A:DF:73:98:F0:8E:9E
ValidityTue, 11 Mar 2025 07:09:53 GMT - Mon, 09 Jun 2025 08:08:36 GMT

File type
PNG image data, 320 x 240, 8-bit colormap, non-interlaced
Size
41 kB (40820 bytes)
Hash
c62b423d53ff5b8ddea33abd32469369
d8d2103251a532b715cbdfbc936462055a42ffbc
47765723cbbf83499daffab782946262827890f34088ec1501125ee52df3b75e

HTTP Headers

GET /roxtube/wp-content/uploads/2018/01/Hello-Kitty-%E0%B8%AA%E0%B8%B2%E0%B8%A7%E0%B8%99%E0%B9%89%E0%B8%AD%E0%B8%A2-%E0%B9%82%E0%B8%8A%E0%B8%A7%E0%B9%8C%E0%B8%81%E0%B8%B2%E0%B8%A3%E0%B8%95%E0%B8%81%E0%B9%80%E0%B8%9A%E0%B9%87%E0%B8%94.png HTTP/1.1
Host: 555.tourismdaily.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/png
content-length: 40820
age: 161273
cache-control: max-age=14400
cf-cache-status: HIT
last-modified: Thu, 10 Apr 2025 02:09:00 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j2b0Ar9SNmq15UP%2BUTSX22gAWXnmqKXygSg4%2FtU%2BnQejpRn6MPHSH7%2FlZgqb7HQW4vUOfi88mdyJUm0VAXQCAs9cNO6GsBFgaTcBsopk%2BvYbpja%2BCSuy60xO6wRrhLbBz5VnhpkU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee14717d6956ae-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1091&min_rtt=509&rtt_var=922&sent=9&recv=12&lost=0&retrans=1&sent_bytes=3298&recv_bytes=1415&delivery_rate=7554782&cwnd=256&unsent_bytes=0&cid=39a8a18a17f35945&ts=932&x=0"
X-Firefox-Spdy: h2

GET fixedjs.jtube.top/AV4.us.jpg

104.21.64.1

200 OK

8.7 kB

URL GET
fixedjs.jtube.top/AV4.us.jpg
IP
104.21.64.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectjtube.top
Fingerprint9C:B0:33:C1:83:77:9C:B7:49:95:CF:8A:E4:A9:8D:86:8F:87:31:3F
ValidityMon, 03 Mar 2025 13:50:49 GMT - Sun, 01 Jun 2025 14:49:30 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 307x82, components 3
Size
8.7 kB (8741 bytes)
Hash
edfe007a6e5b3d268b2528f564b60b43
1644c8ef97c871079e07e5079d613af5cb94052f
bf5bb657f5e788af0c02b9b437d3f15bec91e27175e5a654e3d431fb6d063390

HTTP Headers

GET /AV4.us.jpg HTTP/1.1
Host: fixedjs.jtube.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 8741
etag: "2225-614075c7eff6b"
access-control-allow-origin: *
access-control-allow-headers: Cake
cache-control: public, max-age=360000
cf-cache-status: HIT
age: 62018
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bm4LAZggBs5NyOLvIdXgYDZ3a5HNQk8NtyAzaYqQJNPoX68bqKM29SV6ihWRR1W3YIPXV8a6n%2BcxUPGB1ylyZ9GJhsYU6f9euPH189yXToLPxKVEWuVepvIjDvejt%2BL%2BUShdAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145b1ae0b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=968&min_rtt=467&rtt_var=886&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3268&recv_bytes=1212&delivery_rate=6819466&cwnd=254&unsent_bytes=0&cid=b8a89b55fe38e66e&ts=53&x=0"
X-Firefox-Spdy: h2

GET pornolomka2.com/uploads/posts/2018-07/medium/1531660918_00-02-49.jpg

91.194.110.16

200 OK

98 kB

URL GET
pornolomka2.com/uploads/posts/2018-07/medium/1531660918_00-02-49.jpg
IP
91.194.110.16:443
ASN
#213166 UA-Hosting SIA

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectpornolomka2.com
FingerprintB6:73:1D:04:1A:6F:08:6C:D9:4E:54:08:55:E7:CF:8A:ED:44:37:33
ValiditySat, 22 Mar 2025 22:39:27 GMT - Fri, 20 Jun 2025 22:39:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x337, components 3
Size
98 kB (98141 bytes)
Hash
9326b5afcb9f913ba790d0f16ee24b5e
7785860be5edcbc969b49e6291dd5c236db6353e
9e545043402988a8123f50aa8eccf561b76f86caa19994f42e54f027b177e9dd

HTTP Headers

GET /uploads/posts/2018-07/medium/1531660918_00-02-49.jpg HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 11 Apr 2025 22:54:52 GMT
content-type: image/jpeg
content-length: 98141
last-modified: Sun, 30 Aug 2020 17:03:25 GMT
etag: "5f4bdbdd-17f5d"
expires: Fri, 18 Apr 2025 22:54:52 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET xgx.mobi/preview/girls-at-age-under-15-doing-porn.jpg

172.67.223.49

200 OK

24 kB

URL GET
xgx.mobi/preview/girls-at-age-under-15-doing-porn.jpg
IP
172.67.223.49:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectxgx.mobi
FingerprintCB:AD:60:6F:5E:FC:44:C1:58:B7:99:5C:05:8C:19:02:9B:F9:7D:A2
ValidityThu, 03 Apr 2025 17:25:30 GMT - Wed, 02 Jul 2025 18:23:09 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: ""Girls At Age Under 15 Doing Porn" saved from https://xgx.mobi", baseline, precision 8, 564x317, components 3
Size
24 kB (23849 bytes)
Hash
6f854c4b8a1eb995617101411b003a46
5463aa7d95f4f711e1fc610e90298fd1409d80da
259f8e290cf7516c66242039eafb5a9b010cf155957afbb775367f1141ca095d

HTTP Headers

GET /preview/girls-at-age-under-15-doing-porn.jpg HTTP/1.1
Host: xgx.mobi
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 23849
expires: Wed, 30 Apr 2025 21:05:37 GMT
last-modified: Wed, 05 Oct 2022 00:09:18 GMT
x-response-time: 0.065536
x-status: 0.000 HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 233776
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MThbZskYepzjnYLvMMGFw3baxguriG26iXRclxoLrDMetyrtgRrwvKKtlq%2B9AdGRsZVZdVZP%2FITxninnMR3Q%2BrH6gF6b2P75wSx7QSfzJOy0Xfg%2Fw%2FtvBf3r%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee146acf5d56ab-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2519&min_rtt=437&rtt_var=2288&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3265&recv_bytes=1220&delivery_rate=3313501&cwnd=254&unsent_bytes=0&cid=ac7c3db321cbb3ca&ts=1716&x=0"
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241028-15/434289d04818ceda4aab31a4830f8800.jpg

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241028-15/434289d04818ceda4aab31a4830f8800.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241028-15/434289d04818ceda4aab31a4830f8800.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET jav.directory/douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg

188.114.96.1

200 OK

84 kB

URL GET
jav.directory/douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectjav.directory
FingerprintAB:2E:6C:CE:D9:63:B2:59:BF:1B:59:91:FA:64:DA:DA:B2:06:86:9F
ValiditySat, 22 Mar 2025 07:24:57 GMT - Fri, 20 Jun 2025 08:22:46 GMT

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 7.0, datetime=2010:10:29 19:25:16], baseline, precision 8, 500x375, components 3
Size
84 kB (83544 bytes)
Hash
92aa1c99ca0681945a1787d6578f3d5f
9d6a48dab8b8efdabd96201109b1caf755db90b0
f76d5e47a082764a7396bb0949be70a5027a061dd7ddc12925f5fae3f7c53266

HTTP Headers

GET /douga/heydouga-yuri-nakashashi-akari-thuzi-4029-185.jpg HTTP/1.1
Host: jav.directory
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://av.hd4k.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:53 GMT
content-type: image/jpeg
content-length: 83544
last-modified: Fri, 29 Oct 2010 12:11:10 GMT
etag: "4ccab9de-14658"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
cf-cache-status: HIT
age: 131296
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VgQ2q9Z%2FozIBVKXZn8MP9mgzqzGnIgohxjyZbSpHLx9oBuEDYVc3%2BXSbkG83t%2BfZ6qyMrrH8rhJ3l%2Fz%2FBXTh1wX2bx5lApR%2BnAgdihw9TSk1aMXOfkMTfwJQeyxRO6Qp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee146bfff1712b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4432&min_rtt=415&rtt_var=6394&sent=9&recv=13&lost=0&retrans=0&sent_bytes=4191&recv_bytes=1363&delivery_rate=6483582&cwnd=256&unsent_bytes=0&cid=cf123f9dd1e330a5&ts=2457&x=0"
X-Firefox-Spdy: h2

GET pics.x-xx.pro/thumbs/243/359_sini-bokeppbaruuu.jpg

104.21.70.153

200 OK

2.7 kB

URL GET
pics.x-xx.pro/thumbs/243/359_sini-bokeppbaruuu.jpg
IP
104.21.70.153:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectx-xx.pro
Fingerprint40:4A:56:4B:82:05:88:AC:6C:30:D9:F1:EE:F5:E2:C5:5D:09:61:81
ValidityMon, 17 Mar 2025 19:54:54 GMT - Sun, 15 Jun 2025 20:51:35 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 270x158, components 3
Size
2.7 kB (2737 bytes)
Hash
2e6ff90fef49e142a25fe4122df9b082
751998a816c8461a1c6dedcd8fbb8f76fa009e53
76acc4035d30fa3138e48fb96324469d19abcddbd97cfdbf98aab3263e155e34

HTTP Headers

GET /thumbs/243/359_sini-bokeppbaruuu.jpg HTTP/1.1
Host: pics.x-xx.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 2737
last-modified: Sun, 22 Aug 2021 13:47:03 GMT
etag: "61225557-ab1"
expires: Wed, 16 Apr 2025 05:15:26 GMT
cache-control: max-age=604800
cf-cache-status: HIT
age: 236486
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ctVWISpz4iaJuXsuVaNSfsU5HARB%2FVGDo40hhcb94cff6cuGeXJeVccG9iVzFu%2BsgA9BkRTa%2BMn8MFEd94RILDN3abapuD0uAmeGRZoBsN3IAoUcwJQIOUeutTgwXy8b"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee146ab9fc0b4d-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=831&min_rtt=417&rtt_var=506&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3264&recv_bytes=1223&delivery_rate=3472422&cwnd=254&unsent_bytes=0&cid=d7d928a66db9a743&ts=1892&x=0"
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241028-15/9b8c17877ecfe6b1ded6c644e53569b9.jpg

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241028-15/9b8c17877ecfe6b1ded6c644e53569b9.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241028-15/9b8c17877ecfe6b1ded6c644e53569b9.jpg HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET videopreview.chezcathy.com/ext/pre_3297724090.jpg

104.21.96.1

200 OK

14 kB

URL GET
videopreview.chezcathy.com/ext/pre_3297724090.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 0x0, segment length 16, progressive, precision 8, 300x226, components 3
Size
14 kB (14403 bytes)
Hash
b71e2883947a0abb80887382da10a704
fe96e5c4dcfa68cffdcf2b083e0af224e4958c32
9e1e9e682a171a762b393c080d9696edfcdd40fb68db3d9d6d6c1af28e8672b1

HTTP Headers

GET /ext/pre_3297724090.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 14403
last-modified: Sun, 28 Jul 2024 10:54:08 GMT
etag: "66a62350-3843"
accept-ranges: bytes, bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
age: 2459
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XY0V463gQy655coETZfA22Zc65Whm%2FfWsdrcB9Wrw67kTSN5dpG84YT5ybcpkf5A7nOfdundUaPIdB12On7esDPJ4EcveThVVyz%2ByLB8YL6Po5aqyKbjVZLX3Aa6Q6HXrlbdihfFJfDmh2TA7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145f489556bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3137&min_rtt=446&rtt_var=3552&sent=51&recv=19&lost=0&retrans=1&sent_bytes=46106&recv_bytes=1650&delivery_rate=9019465&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=346&x=0"
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_3666281689.jpg

104.21.96.1

200 OK

6.9 kB

URL GET
videopreview.chezcathy.com/ext/pre_3666281689.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
6.9 kB (6880 bytes)
Hash
277692980d871f76ae52d0537e3d5df2
fc4e5bb8dfee7cd828c20aead39bf51c3e671720
72809c4093c9dd221e9e1de46148aaa9327ec09731618cf46622f868add97f6d

HTTP Headers

GET /ext/pre_3666281689.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 6880
last-modified: Thu, 13 Jun 2024 18:13:36 GMT
etag: "666b36d0-1ae0"
accept-ranges: bytes, bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
age: 2708
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cvgawpbpjj2eJybd1CLRvQgZOTBQeSMg5SzFElK%2BI989meH8yyyC15G2whQiY05H183lLK1KtrZ7eC5CtMC%2Brzo3IlRJqRUbvavArC1BcA9ioz4MhcS3NdcFXpnBtmLt%2BYcR1BAW6h%2BfaBctgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145e7fef56bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1653&min_rtt=446&rtt_var=2394&sent=24&recv=14&lost=0&retrans=0&sent_bytes=18754&recv_bytes=1484&delivery_rate=7541666&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=217&x=0"
X-Firefox-Spdy: h2

GET i0.wp.com/jpgjingpinx.com/upload/vod/20240110-1/b1af3b7564df57e9c41c3b9275980c45.jpg

192.0.77.2

200 OK

302 kB

URL GET
i0.wp.com/jpgjingpinx.com/upload/vod/20240110-1/b1af3b7564df57e9c41c3b9275980c45.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
302 kB (301686 bytes)
Hash
00839dea64afbce390f8db459058b7b9
abf66464ab0d011fc4ae7421b9a403210f350761
93ee9a7e3487c92d721a23eb15093a091d3a28785ab232834e139a97b6ec06c5

HTTP Headers

GET /jpgjingpinx.com/upload/vod/20240110-1/b1af3b7564df57e9c41c3b9275980c45.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 301686
last-modified: Thu, 16 Jan 2025 22:17:16 GMT
expires: Sun, 17 Jan 2027 10:17:16 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240110-1/b1af3b7564df57e9c41c3b9275980c45.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "2d080b3374507427"
vary: Accept
x-nc: HIT arn 4
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_9133905697.jpg

104.21.96.1

200 OK

6.9 kB

URL GET
videopreview.chezcathy.com/ext/pre_9133905697.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
6.9 kB (6881 bytes)
Hash
72abeeb534fb0289064b38e54f3344f3
221297f0370ba92832d6f112a399c9c86b191f07
4c1778dc0adddcc372dc966a1eb025943eb797aae0e5c97d084e85432338fafe

HTTP Headers

GET /ext/pre_9133905697.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 6881
last-modified: Tue, 11 Jun 2024 06:03:12 GMT
etag: "6667e8a0-1ae1"
accept-ranges: bytes, bytes
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
age: 5916
cache-control: max-age=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W4hkS0WLSBQgD%2B%2F33iqXsvF2tr0mT6QSors12Hdla1Z50f8i9kq5hIguj4PKPet4KKmLbFUfIYfI7aisLnM95OlvkE2OBCWbciKTdF3zu1ibqBCpQjpFZTy5AVvk1xkkoIO8OMx6Z7RBtPgl1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145e7fed56bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1653&min_rtt=446&rtt_var=2394&sent=16&recv=14&lost=0&retrans=0&sent_bytes=11213&recv_bytes=1484&delivery_rate=7541666&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=216&x=0"
X-Firefox-Spdy: h2

GET pornolomka3.com/uploads/posts/2018-05/medium/1527763073_00-24-27.jpg

91.194.110.16

200 OK

81 kB

URL GET
pornolomka3.com/uploads/posts/2018-05/medium/1527763073_00-24-27.jpg
IP
91.194.110.16:443
ASN
#213166 UA-Hosting SIA

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectpornolomka3.com
FingerprintEE:B3:E2:24:72:6A:68:52:4D:CB:90:D5:C8:59:7D:84:52:33:F5:34
ValiditySat, 22 Mar 2025 22:39:36 GMT - Fri, 20 Jun 2025 22:39:35 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x253, components 3
Size
81 kB (81163 bytes)
Hash
389b5d16a31286ae09127c8c78146a24
7dac25ede618e814286d0509beedcbe4a14e5106
2dbba8517b0b49cf9b99b1591dd5a2e3b9fff41dfe737b50ce25cd48703e80de

HTTP Headers

GET /uploads/posts/2018-05/medium/1527763073_00-24-27.jpg HTTP/1.1
Host: pornolomka3.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 11 Apr 2025 22:54:54 GMT
content-type: image/jpeg
content-length: 81163
last-modified: Sun, 30 Aug 2020 17:03:05 GMT
etag: "5f4bdbc9-13d0b"
expires: Fri, 18 Apr 2025 22:54:54 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241010-10/d37481796908d2ed1a1e2043046bce9a.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET www.daftporn.com/poster/poster_751782.jpg

37.128.144.49

200 OK

3.8 kB

URL GET
www.daftporn.com/poster/poster_751782.jpg
IP
37.128.144.49:443
ASN
#197902 Hostnet B.V.

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectdaftporn.com
Fingerprint4D:CB:C1:77:96:34:83:1D:13:04:7A:45:3F:33:10:B4:F7:D7:96:B1
ValidityThu, 06 Mar 2025 13:27:04 GMT - Wed, 04 Jun 2025 13:27:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 125x75, components 3
Size
3.8 kB (3789 bytes)
Hash
06ea485107ddf15cb5617b3bb5d16b79
cf492ed68e59196b71054725a235875541303312
366b88f700db2e4a98af223d29ed0ff1f438c03b63004604ef523d49518934d1

HTTP Headers

GET /poster/poster_751782.jpg HTTP/1.1
Host: www.daftporn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:53 GMT
content-type: image/jpeg
content-length: 3789
last-modified: Tue, 05 Sep 2017 17:45:44 GMT
etag: "59aee2c8-ecd"
accept-ranges: bytes
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_6022868430.jpg

104.21.96.1

200 OK

11 kB

URL GET
videopreview.chezcathy.com/ext/pre_6022868430.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
11 kB (10738 bytes)
Hash
97b2c737f07e1a65a8825ac4d58a79ac
839e5616e485d1d2dbf89d7be7d2ed48608205b1
e0787013aa4aff43d0de4f39a9b813b0689109703e8ce6aa832f0f5536dcf0e5

HTTP Headers

GET /ext/pre_6022868430.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 10738
last-modified: Wed, 12 Jun 2024 09:49:00 GMT
etag: "66696f0c-29f2"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=86400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bhy7Kh8DOtb%2FmO7YCcG39fr4vNZp5QaDy02xYDYzE7P6%2Bs4KkaRixllDunuCbRDtreXc49wEIVg3UCQJy47068tJJ1qqludsJok%2FQfZMZAojSi29vkhnavlU7eIONbRQAZpBGASF%2BFlC1k%2FDgA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145e7fee56bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2300&min_rtt=446&rtt_var=2503&sent=40&recv=17&lost=0&retrans=0&sent_bytes=34277&recv_bytes=1567&delivery_rate=9019465&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=297&x=0"
X-Firefox-Spdy: h2

GET pornolomka2.com/uploads/posts/2018-07/medium/1531565966_00-13-47.jpg

91.194.110.16

200 OK

101 kB

URL GET
pornolomka2.com/uploads/posts/2018-07/medium/1531565966_00-13-47.jpg
IP
91.194.110.16:443
ASN
#213166 UA-Hosting SIA

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectpornolomka2.com
FingerprintB6:73:1D:04:1A:6F:08:6C:D9:4E:54:08:55:E7:CF:8A:ED:44:37:33
ValiditySat, 22 Mar 2025 22:39:27 GMT - Fri, 20 Jun 2025 22:39:26 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 450x253, components 3
Size
101 kB (100926 bytes)
Hash
293d910433432f5a836cf2d2bdfa3236
6ad11f3c2af43e688c90ad1f72fd9b5ba5aebef3
aba486c9d4fc262c81e9eb5557a16079ad7c7e15bc33630d337b2d703e842fc0

HTTP Headers

GET /uploads/posts/2018-07/medium/1531565966_00-13-47.jpg HTTP/1.1
Host: pornolomka2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.10.3
date: Fri, 11 Apr 2025 22:54:52 GMT
content-type: image/jpeg
content-length: 100926
last-modified: Sun, 30 Aug 2020 17:03:25 GMT
etag: "5f4bdbdd-18a3e"
expires: Fri, 18 Apr 2025 22:54:52 GMT
cache-control: max-age=604800
strict-transport-security: max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240609-1/cb14203b5d592acc155959f853153668.jpg

173.249.235.71

200 OK

96 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240609-1/cb14203b5d592acc155959f853153668.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
96 kB (95876 bytes)
Hash
9aa7e0950ae1f43df17b9f4230657d18
7d1ad5c82270dca20c4ba4aa1affc3e19d86c117
80008745267dc2dd7a680e80b9baefa268e86e8c5c44f3b33ae645c9a52b8707

HTTP Headers

GET /upload/vod/20240609-1/cb14203b5d592acc155959f853153668.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 95876
last-modified: Sun, 09 Jun 2024 05:12:13 GMT
vary: Accept-Encoding
etag: "666539ad-17684"
expires: Tue, 29 Apr 2025 17:59:21 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/a/4/e/a4e6ca967d99ea182b909007191b7c9a1703001492-1280-720-1277-h264.mp4-9.jpg

64.210.135.115

200 OK

18 kB

URL GET
cdne-pics.youjizz.com/a/4/e/a4e6ca967d99ea182b909007191b7c9a1703001492-1280-720-1277-h264.mp4-9.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 308x232, components 3
Size
18 kB (17487 bytes)
Hash
c132c17b439b909ab7fefb4556ab4f67
0098c53c80934b32e3a8a03970fc5a42748accb7
ebd7ba9439c6bf548984afa50ba6942283687185b59028ac7521af18921e28a5

HTTP Headers

GET /a/4/e/a4e6ca967d99ea182b909007191b7c9a1703001492-1280-720-1277-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 17487
last-modified: Tue, 19 Dec 2023 16:04:39 GMT
etag: "444f-60cdf06186c8a"
expires: Sun, 23 Feb 2025 13:44:11 GMT
cache-control: max-age=10395002
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6141-2-4000966-h-0-0---;6141-29-555387----0-0-0
X-Firefox-Spdy: h2

GET img.youtube.com/vi/EQYZPQMOHT8/0.jpg

142.250.74.78

200 OK

46 kB

URL GET
img.youtube.com/vi/EQYZPQMOHT8/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint12:A5:4A:1B:8A:02:5B:3E:ED:E8:C5:88:16:6F:BF:DE:14:12:DD:CA
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
46 kB (46202 bytes)
Hash
db0c69bc314549de3ba57e301271c979
8b086948e730b4723bcf5cafc90b33ccb863f920
31ccfe320bdb7fda821028de8f9384a3e7284689fed03bd156c6fa43eb101ad9

HTTP Headers

GET /vi/EQYZPQMOHT8/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 46202
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Apr 2025 22:27:57 GMT
expires: Sat, 12 Apr 2025 00:27:57 GMT
cache-control: public, max-age=7200
age: 1744
etag: "1725563838"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.ssnovel.top/template/YS007/images/avhubCode.png

0.0.0.0

0 B

URL GET
www.ssnovel.top/template/YS007/images/avhubCode.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /template/YS007/images/avhubCode.png HTTP/1.1
Host: www.ssnovel.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET vq50.com/vs/62039898.jpg

188.114.96.1

200 OK

56 kB

URL GET
vq50.com/vs/62039898.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectvq50.com
Fingerprint39:06:02:1F:E2:D7:1A:05:AA:D5:08:DD:BE:F0:EA:8B:A9:4C:E4:23
ValidityWed, 19 Mar 2025 18:44:35 GMT - Tue, 17 Jun 2025 19:41:56 GMT

File type
JPEG image data, baseline, precision 8, 1080x720, components 3
Size
56 kB (55875 bytes)
Hash
e30b70fdacb78c5e81d5a38cfc905494
75319a9a5aaeea0130651d882ed9b60e629b4ffa
267b4bf8c52c2e962a3255d284d6c0855e35435b8f31080a13020107341c54eb

HTTP Headers

GET /vs/62039898.jpg HTTP/1.1
Host: vq50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 55875
last-modified: Tue, 23 Jun 2020 06:48:24 GMT
etag: "5ef1a5b8-da43"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-cache-status: HIT, HIT
accept-ranges: bytes
age: 780867
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8pjA1ZOApY%2BCMi1kPbDGU%2BbPp5DHQLAImCkulZSwWD%2BPqmZulz%2BSPwiBXU7h9UCpUvFDnATqxKC3nJlf7GH5SWR%2BVQKr2A2HnIGa9bxSQTWBTEawINBOKS5Dbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145f39545690-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4208&min_rtt=438&rtt_var=242&sent=202&recv=71&lost=0&retrans=1&sent_bytes=270513&recv_bytes=1312&delivery_rate=23402020&cwnd=254&unsent_bytes=0&cid=179b9f1ec9ca54f1&ts=353&x=0"
X-Firefox-Spdy: h2

GET ansuko.net/wp-content/uploads/2024/12/w4ybwrim_header.jpg

104.21.54.113

200 OK

20 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/w4ybwrim_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x281, components 3
Size
20 kB (19895 bytes)
Hash
e65cdae7b0a8672946d091be2a6a8efa
719dbe5fa547ca2314b42b4498b0145459defcf6
279eb2bb7a9fdf784a1224320dd09cc5d10b01364858705cfcea4792f9639f1b

HTTP Headers

GET /wp-content/uploads/2024/12/w4ybwrim_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 19895
last-modified: Wed, 18 Dec 2024 14:07:33 GMT
etag: "6762d725-4db7"
accept-ranges: bytes
age: 84701
cache-control: max-age=31536000
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Tw5VE7QZutJpYfZ%2BKKFeUWfeKvBZd1pX4FnjTQ5b%2FDiYmTkg5i2O4NEj7DrGI64A6eiechSphAUMEWzz6ETge9%2BPPG9JsqDhDuSAO0UqB0kysuz0GkyBa3V7ACjL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145b282d1c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=599&min_rtt=418&rtt_var=268&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3194&recv_bytes=1101&delivery_rate=6196861&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=45&x=0"
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240614-1/2ce1a4c387ee7b86a1db9020d8529541.jpg

173.249.235.71

200 OK

125 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240614-1/2ce1a4c387ee7b86a1db9020d8529541.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
125 kB (125100 bytes)
Hash
bbc8beed6f327bad37d1e43384ff39e7
eed949774de3760770bc0cb14a229d527e1dfda3
af8013f707b9d01bb59906f35f4731a8a164e3d46534d7ef3dac2e861decb008

HTTP Headers

GET /upload/vod/20240614-1/2ce1a4c387ee7b86a1db9020d8529541.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 125100
last-modified: Thu, 13 Jun 2024 17:57:30 GMT
vary: Accept-Encoding
etag: "666b330a-1e8ac"
expires: Tue, 06 May 2025 16:38:04 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET 777.porn/images/50/824.jpg

104.21.16.1

200 OK

21 kB

URL GET
777.porn/images/50/824.jpg
IP
104.21.16.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject777.porn
Fingerprint7A:E3:6A:41:F9:31:13:B4:C6:C5:F8:AA:D8:59:86:E6:BA:C9:D6:50
ValidityWed, 09 Apr 2025 00:48:21 GMT - Tue, 08 Jul 2025 01:46:47 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Size
21 kB (21198 bytes)
Hash
90baa3008b6405fbd2f4f6da7f7db313
1ab544e146c7ada758c50837ee63b4f143ef34b0
608ae2660176ef0901aaac95b79534b5f950a2b9e5936acdd370123d65dcd3b3

HTTP Headers

GET /images/50/824.jpg HTTP/1.1
Host: 777.porn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 21198
last-modified: Fri, 13 Sep 2024 15:43:03 GMT
etag: "66e45d87-52ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
x-request-id: 20cee91fd8123f30de0f574bc867d30b
accept-ranges: bytes
age: 167327
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bB0k7j0PLa5HJ67go4b%2BnPQXtYW%2BOG5aStArb29YYqKI5u4%2FHo3XMB8GkHx%2FMZWcO8grTfSI3PIQxR4OgKj7Wu4epZksI6tV3X7J%2FpfTkcN7ZewBrM4panZsQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145f3a24b524-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2059&min_rtt=511&rtt_var=2787&sent=24&recv=13&lost=0&retrans=1&sent_bytes=22864&recv_bytes=1160&delivery_rate=5991724&cwnd=254&unsent_bytes=0&cid=426e930c2f2e9a53&ts=273&x=0"
X-Firefox-Spdy: h2

GET vq50.com/vs/96410232.jpg

188.114.96.1

200 OK

116 kB

URL GET
vq50.com/vs/96410232.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectvq50.com
Fingerprint39:06:02:1F:E2:D7:1A:05:AA:D5:08:DD:BE:F0:EA:8B:A9:4C:E4:23
ValidityWed, 19 Mar 2025 18:44:35 GMT - Tue, 17 Jun 2025 19:41:56 GMT

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
116 kB (115498 bytes)
Hash
f3493be3bf5e6491b582c1eb2fee61b2
ccbae732f431ca04fe1b0c40e06b5950c077e6ea
34812a4728eb0986a817eedd4fce6d10e70cfec1487da4c5ea3922636c625769

HTTP Headers

GET /vs/96410232.jpg HTTP/1.1
Host: vq50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 115498
last-modified: Sat, 20 Jan 2024 09:28:59 GMT
etag: "65ab925b-1c32a"
x-cache-status: HIT
accept-ranges: bytes
age: 4020
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QwZAQUfjVJJupRRFu5wQkAhwi3757suhEtuKsW3ZRzba1tDYldqb1ippROmXRGdHUXRl5nis3JHIzYVK5zarl7lMUipQ7dfZomx6G1WTaVHQsxfLGcsJzM5Hng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145f294a5690-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1831&min_rtt=438&rtt_var=2269&sent=117&recv=24&lost=0&retrans=1&sent_bytes=153964&recv_bytes=1312&delivery_rate=23402020&cwnd=254&unsent_bytes=0&cid=179b9f1ec9ca54f1&ts=348&x=0"
X-Firefox-Spdy: h2

GET nlt03.videosection.com/e/c/e/ece1a49db7341d6b7e2f60dc4c96d356/thumbs/480x270/1.jpeg

104.26.12.185

200 OK

28 kB

URL GET
nlt03.videosection.com/e/c/e/ece1a49db7341d6b7e2f60dc4c96d356/thumbs/480x270/1.jpeg
IP
104.26.12.185:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectvideosection.com
Fingerprint2B:FC:7E:F4:71:8B:DB:66:02:B0:10:42:31:06:D1:83:5D:FB:81:D0
ValidityWed, 26 Feb 2025 01:02:54 GMT - Tue, 27 May 2025 02:02:44 GMT

File type
JPEG image data, baseline, precision 8, 480x270, components 3
Size
28 kB (27672 bytes)
Hash
a0cbb3202481bd7e56c7556f51e86aae
8b5f09e160c3a08ad349a90161bf471f4a6b4113
569518ac986c9fdbc28067ac2016c4608efe06e3117dc8114dd20e834395d116

HTTP Headers

GET /e/c/e/ece1a49db7341d6b7e2f60dc4c96d356/thumbs/480x270/1.jpeg HTTP/1.1
Host: nlt03.videosection.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 27672
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Metrics-Control,Content-Type,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
cf-bgj: h2pri
last-modified: Fri, 30 Aug 2024 08:58:23 UTC
cache-control: max-age=120
cf-cache-status: HIT
age: 5566
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cEC8xZNjROy9QRzqjsDQ7d16owaH8H35v6YZ%2F4amhieThYhZWorUuYZapNS48chCF%2BCxhXoidI6kPO8V1FVt9mVUPOyPIJOVlv5yft%2BmKioXgu%2B0CF%2BpyX%2BIkby17a8DzEOQqcjWAxE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145cf961b4ee-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2053&min_rtt=437&rtt_var=3228&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3287&recv_bytes=1254&delivery_rate=7040518&cwnd=254&unsent_bytes=0&cid=96a152cc65a92fa8&ts=156&x=0"
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_6854634570.jpg

104.21.96.1

200 OK

6.9 kB

URL GET
videopreview.chezcathy.com/ext/pre_6854634570.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
6.9 kB (6865 bytes)
Hash
8aa8f62273429f70e6ab3a9e78a80808
d615266374e927a80e7f1a8b255b8292aac63580
35a27c31482280676bfcd0fc7b78a3667591586653768c3db793df0d6f48f426

HTTP Headers

GET /ext/pre_6854634570.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 6865
last-modified: Tue, 11 Jun 2024 17:50:16 GMT
etag: "66688e58-1ad1"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 4853
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8zMIo4fe%2Bn15VKutpKVDHGYJC4GfWnHrDAvCCl7X%2Fbuxqu6Ph7ZdWsOBUHLQ8zlXQT6i5AYfaKpk%2BYjaxOt4X2YDjqfr2xrtIbHusO2hscbYk7ZziC%2FffEV6STMVTsHe7VxHyvF6CyVZEotGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145e6fe956bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1653&min_rtt=446&rtt_var=2394&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1484&delivery_rate=7541666&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=215&x=0"
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg

173.249.235.71

200 OK

108 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
108 kB (107687 bytes)
Hash
381ee2568b17f65163400314822146c6
2e60da2d75b8917c254732aacb8c9460c5e3fead
b6630449053082fb2eb3396ff3038460e1bea7e02c9c5771c57f0aa36a1d21c1

HTTP Headers

GET /upload/vod/20240630-1/cac5d11c025b8f562827d60ec560a0cf.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 107687
last-modified: Sun, 30 Jun 2024 04:49:49 GMT
vary: Accept-Encoding
etag: "6680e3ed-1a4a7"
expires: Fri, 18 Apr 2025 14:45:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/c/1/9/c19b14406af896454deb6f186028e77b1606645687-1280-720-1075-h264.mp4-9.jpg

64.210.135.115

200 OK

14 kB

URL GET
cdne-pics.youjizz.com/c/1/9/c19b14406af896454deb6f186028e77b1606645687-1280-720-1075-h264.mp4-9.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 308x232, components 3
Size
14 kB (14309 bytes)
Hash
24120d6f28a3fc07990bcc5e00f9bee9
6f5eb30652f2a30d3f22abb28f7111b70e4d4435
0c4af3ffb32a838017f4811020b8ca4232735af4b975320e1383a857420b1ddc

HTTP Headers

GET /c/1/9/c19b14406af896454deb6f186028e77b1606645687-1280-720-1075-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 14309
last-modified: Sun, 29 Nov 2020 10:31:03 GMT
etag: "37e5-5b53c63ffa4fb"
expires: Sun, 28 Jan 2024 11:47:08 GMT
cache-control: max-age=10531509
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-6140-1-1337508-h-0-0---;6141-29-555387----0-0-1
X-Firefox-Spdy: h2

GET two-elfs.com/video/video211.jpg

188.114.97.1

200 OK

88 kB

URL GET
two-elfs.com/video/video211.jpg
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjecttwo-elfs.com
Fingerprint3A:93:DD:55:41:CF:F5:10:4F:54:C4:DB:76:06:F1:73:C9:DE:20:EF
ValidityMon, 03 Mar 2025 13:36:07 GMT - Sun, 01 Jun 2025 14:32:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 768x432, components 3
Size
88 kB (88154 bytes)
Hash
d60c31a317fd7f8d8629386d115f0147
1d1e20011cd049f68f808b47dd0c30d2786b8dae
fd113be48533d8a5dfec9492a18117c372f0684bece49394e8929969f371e72a

HTTP Headers

GET /video/video211.jpg HTTP/1.1
Host: two-elfs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 88154
last-modified: Fri, 06 Nov 2020 13:21:46 GMT
etag: "1585a-5b3701822b065"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wmkdln862IFnXFDr%2BNF65igifNDtQVyN7%2Fk8YHgWTlOU9359MlJexZgT7vbySbZdYaEXYZnm%2F%2B4K8kVXfEd0wav8qyeS0oOLcLeQFrynPWptaRC4DXvpT20mi2rzJIQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee1472dbf80b41-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=941&min_rtt=515&rtt_var=875&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1066&delivery_rate=7757142&cwnd=254&unsent_bytes=0&cid=f3dfdd38d921587d&ts=1449&x=0"
X-Firefox-Spdy: h2

GET img.youtube.com/vi/sBjn-2STY24/0.jpg

142.250.74.78

200 OK

8.9 kB

URL GET
img.youtube.com/vi/sBjn-2STY24/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint12:A5:4A:1B:8A:02:5B:3E:ED:E8:C5:88:16:6F:BF:DE:14:12:DD:CA
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
8.9 kB (8866 bytes)
Hash
e03f8b56bd24d8dec9ebb9b26e15cdf4
42a24032f5b60d919d223f51d3442299c170f8b5
5d48703d783e7036ee129baf8f422ac41b7dc2337cb0e11d0a494f0e0d23a800

HTTP Headers

GET /vi/sBjn-2STY24/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 8866
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Apr 2025 22:08:03 GMT
expires: Sat, 12 Apr 2025 00:08:03 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 2938
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png

0.0.0.0

0 B

URL GET
www.9188porn.xyz/upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /upload/vod/20241010-11/9880102650649405d028b8a542fd0f61.png HTTP/1.1
Host: www.9188porn.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sbzytpimg1.com:3519/upload/vod/20240922-1/dc69bf5ee355df1329f1f276f07f8a3e.jpg

173.249.235.71

200 OK

40 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240922-1/dc69bf5ee355df1329f1f276f07f8a3e.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, software=www.meitu.com], baseline, precision 8, 426x240, components 3
Size
40 kB (39745 bytes)
Hash
d9fc6efaf6ac0f7beb0cecd4624c03a1
311b814bfbca1dac0fc1f80215c2938a1770e71a
0fc2728a5e73535d2f82d7514c441f62c8e2e4d9a04037c6cfd731dd77dee436

HTTP Headers

GET /upload/vod/20240922-1/dc69bf5ee355df1329f1f276f07f8a3e.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 39745
last-modified: Sun, 22 Sep 2024 01:39:59 GMT
vary: Accept-Encoding
etag: "66ef756f-9b41"
expires: Tue, 06 May 2025 16:37:53 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240702-1/e22874018fcbafe1d628c4f11424cfca.jpg

173.249.235.71

200 OK

380 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240702-1/e22874018fcbafe1d628c4f11424cfca.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit/color RGBA, non-interlaced
Size
380 kB (380196 bytes)
Hash
c1f51eea49530e1aa4ca9fc8b5f0a4de
3b616b3706cbeb4485068472905c13df2e7c429c
7da1ae9d0931653e6d6bd3a70693087dae567eda56b36bd740404e1a81b8c6ba

HTTP Headers

GET /upload/vod/20240702-1/e22874018fcbafe1d628c4f11424cfca.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 380196
last-modified: Tue, 02 Jul 2024 04:14:23 GMT
vary: Accept-Encoding
etag: "66837e9f-5cd24"
expires: Sun, 04 May 2025 09:59:10 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_4022523649.jpg

104.21.96.1

200 OK

8.3 kB

URL GET
videopreview.chezcathy.com/ext/pre_4022523649.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
8.3 kB (8322 bytes)
Hash
ca4e5701592b799df7c788e42a60ede5
d63f7171549794caa4f0fc76e2c398f5f04ed3da
57525dc4af8afd6bc50fc095affe57f28f3981c7a59ed90ecb5b8412bc31e6c8

HTTP Headers

GET /ext/pre_4022523649.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 8322
last-modified: Thu, 13 Jun 2024 16:27:12 GMT
etag: "666b1de0-2082"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 70
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nwuPIgO%2BOv6VJLJqrNvWPuY7QkXg9LOrXE8h6mMv58xzvR8%2BWlPG4x3eGChL6y%2BV5Yw%2B%2FIEU%2B9gx3wCZ27%2Bplgsv5zVJqLR%2BqDEMcRoR2So99cDLtTG%2BWtYZL%2BCjQuYhWtgq8Y8shwuhTaoBnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145f68a656bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=3873&min_rtt=446&rtt_var=4135&sent=63&recv=21&lost=0&retrans=1&sent_bytes=61140&recv_bytes=1733&delivery_rate=9019465&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=367&x=0"
X-Firefox-Spdy: h2

GET realmomsonfuck.com/thumbs/708/2705852731055204708_0.jpg

172.67.190.228

200 OK

7.4 kB

URL GET
realmomsonfuck.com/thumbs/708/2705852731055204708_0.jpg
IP
172.67.190.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectrealmomsonfuck.com
Fingerprint76:4B:FF:47:EF:DC:AB:61:08:3B:24:31:B0:3A:F6:12:95:0E:2A:40
ValidityMon, 10 Mar 2025 17:32:29 GMT - Sun, 08 Jun 2025 18:30:54 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 240x180, components 3
Size
7.4 kB (7356 bytes)
Hash
230d4d413d7951d26dedfa19031b6192
7c685b22fd79302df08fc5c961b92a4f35ea37c7
67dd71096fd5be1af09cdd86b1444e9d753beac5079d8a0a0783ab15f41f7435

HTTP Headers

GET /thumbs/708/2705852731055204708_0.jpg HTTP/1.1
Host: realmomsonfuck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 7356
last-modified: Sun, 08 Mar 2020 16:22:19 GMT
etag: "5e651bbb-1cbc"
expires: Thu, 08 May 2025 00:51:59 GMT
cache-control: max-age=2592000
cf-cache-status: HIT
age: 338691
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PExAms0jce0loFsD8oiQzQzvBPTIxvZbTUIqsQw8ui7U43kJZrUnYGnIk3W2DOgvDyBkZiC2Vqze3ujRsTXTb69AFhd0OPT7sBKe3yGI6Iz7wjJPzwkU5MmCTd7JfdVqk47t9J0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145bb9721bfe-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1160&min_rtt=441&rtt_var=1303&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3292&recv_bytes=1200&delivery_rate=8402321&cwnd=254&unsent_bytes=0&cid=d34ebfa192e210d2&ts=87&x=0"
X-Firefox-Spdy: h2

GET en.vidmo.pro/thumbs_320/67/55/67557eebe831d7875045347e98805afd/14391145.jpg

89.248.193.244

200 OK

10 kB

URL GET
en.vidmo.pro/thumbs_320/67/55/67557eebe831d7875045347e98805afd/14391145.jpg
IP
89.248.193.244:443
ASN
#49505 JSC Selectel

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjecten.vidmo.pro
FingerprintED:CE:81:C1:7A:BD:0C:8B:E7:78:53:6E:CC:9F:3F:19:02:FD:7F:D3
ValidityWed, 26 Mar 2025 20:47:37 GMT - Tue, 24 Jun 2025 20:47:36 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x240, components 3
Size
10 kB (10134 bytes)
Hash
564aa48dad7499b99e546287fb430cd0
2c3363ccbe2db0feb5cfc268b52f87a29bb61a3c
b03d44bad55ed36f14fa6491abde0289f2f2057413a8d51cc3beb5b1e71d5b64

HTTP Headers

GET /thumbs_320/67/55/67557eebe831d7875045347e98805afd/14391145.jpg HTTP/1.1
Host: en.vidmo.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 10134
last-modified: Thu, 07 Apr 2022 20:34:16 GMT
expires: Mon, 29 Jul 2024 07:31:48 GMT
cache-control: max-age=604800, public, no-transform
x-cache-status: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET i0.wp.com/jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg

192.0.77.2

200 OK

127 kB

URL GET
i0.wp.com/jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
127 kB (127108 bytes)
Hash
e37ecf051072ffda16f0df482b194919
1f7350a979a5d73f1b61e114078eb9f42e1772b1
091727ae32e86511988af7d45ca803347754d2614b65a723707ce7e03f5ff845

HTTP Headers

GET /jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 127108
last-modified: Wed, 29 Jan 2025 04:51:54 GMT
expires: Fri, 29 Jan 2027 16:51:54 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240531-1/b1b6ed91ea6bcaa5d892bd5a4c90900d.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "dc8053ae9b3f62aa"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET i0.wp.com/jpgjingpinx.com/upload/vod/20231225-1/bda519fcd3ad4fe82f4118051420da3a.jpg

192.0.77.2

200 OK

39 kB

URL GET
i0.wp.com/jpgjingpinx.com/upload/vod/20231225-1/bda519fcd3ad4fe82f4118051420da3a.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Size
39 kB (38946 bytes)
Hash
2388ad6ca70f670d2984aa2028c503f3
54fc31647424ef81465feeb30eab0bffcef2611d
607e0bb3b9df80c3c094f006fb7b30c985c91c8d65e2077fef3fc85655fcd3bc

HTTP Headers

GET /jpgjingpinx.com/upload/vod/20231225-1/bda519fcd3ad4fe82f4118051420da3a.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 38946
last-modified: Sat, 14 Dec 2024 00:35:09 GMT
expires: Mon, 14 Dec 2026 12:35:09 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20231225-1/bda519fcd3ad4fe82f4118051420da3a.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "7ec0f2d05f248869"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET videopreview.chezcathy.com/ext/pre_3426533869.jpg

104.21.96.1

200 OK

9.8 kB

URL GET
videopreview.chezcathy.com/ext/pre_3426533869.jpg
IP
104.21.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectchezcathy.com
FingerprintEB:80:6D:92:E5:33:97:61:15:F0:99:70:C9:69:33:F1:4A:7C:BB:96
ValidityTue, 25 Feb 2025 12:12:18 GMT - Mon, 26 May 2025 13:10:42 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x226, components 3
Size
9.8 kB (9804 bytes)
Hash
4dd272dd1259667a8dbea32bfada542b
c7e8714324f5cdebc324fce9d2b59ae04241b1f3
418b5d01337511fb6038d1bc34a16e7bd939c77a976760634521d2544b11b01d

HTTP Headers

GET /ext/pre_3426533869.jpg HTTP/1.1
Host: videopreview.chezcathy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/jpeg
content-length: 9804
last-modified: Fri, 14 Jun 2024 00:21:38 GMT
etag: "666b8d12-264c"
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-allow-headers: Range, DNT, X-CustomHeader, Keep-Alive, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type
access-control-expose-headers: Content-Length, Content-Range
cache-control: max-age=86400
cf-cache-status: HIT
age: 6079
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUO2a9Ee5LOGaIhzeBGs6RtcL2U1wN%2FMUA045e50%2BMKGXLeKPFGoan8NFbTO63Lmy3iRBAjPrweGrSlFpwsbvOctdyX55jMHxi0IqaIFcMoAzCDwXpClGhMhrHOS%2BkAf%2Fv8f4fJO8vaCDkT%2Bvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
speculation-rules: "/cdn-cgi/speculation"
server: cloudflare
cf-ray: 92ee145f98e456bb-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=4054&min_rtt=446&rtt_var=3465&sent=71&recv=23&lost=0&retrans=1&sent_bytes=70056&recv_bytes=1816&delivery_rate=9019465&cwnd=254&unsent_bytes=0&cid=3fff27e8db07460c&ts=401&x=0"
X-Firefox-Spdy: h2

GET sbzytpimg1.com:3519/upload/vod/20240629-1/1d67f07df1dac59a27b884fec17c9d22.jpg

173.249.235.71

200 OK

110 kB

URL GET
sbzytpimg1.com:3519/upload/vod/20240629-1/1d67f07df1dac59a27b884fec17c9d22.jpg
IP
173.249.235.71:3519
ASN
#11878 TZULO

Requested by
https://av.hd4k.top/
Certificate
IssuerSSL Corporation
Subjectsbzytpimg2.com
FingerprintE0:5A:30:EE:A9:EE:48:CA:04:0C:D5:AC:96:9B:6C:3D:39:FA:07:5F
ValidityThu, 19 Dec 2024 14:08:44 GMT - Mon, 19 Jan 2026 14:08:44 GMT

File type
PNG image data, 718 x 404, 8-bit colormap, non-interlaced
Size
110 kB (110235 bytes)
Hash
a179f452fc2b7342dfa5e8d083968bf6
21ccf64c49f0293d4236b72fbbe054377c9d9f62
a1193d9d46ee6238bb37891eca3b1a9bbab983ef3dec08048bc0fa7b933c8054

HTTP Headers

GET /upload/vod/20240629-1/1d67f07df1dac59a27b884fec17c9d22.jpg HTTP/1.1
Host: sbzytpimg1.com:3519
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/jpeg
content-length: 110235
last-modified: Sat, 29 Jun 2024 06:28:58 GMT
vary: Accept-Encoding
etag: "667fa9aa-1ae9b"
expires: Thu, 01 May 2025 12:28:11 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=2592000, public, max-age=15768000
accept-ranges: bytes
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/3/4/0/3402b4e6715653704f79571cf716186f1678283163-1280-720-2707-h264.mp4-9.jpg

64.210.135.115

200 OK

19 kB

URL GET
cdne-pics.youjizz.com/3/4/0/3402b4e6715653704f79571cf716186f1678283163-1280-720-2707-h264.mp4-9.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.134.100", baseline, precision 8, 308x232, components 3
Size
19 kB (19295 bytes)
Hash
5e973bb364618fe4b990bdc2d8840070
d108241359da1f17648ce1996941fad5d3842ceb
a962278aa8a470cf775e72bbea79736919f9297c97766ec3bc522de9ba11dd29

HTTP Headers

GET /3/4/0/3402b4e6715653704f79571cf716186f1678283163-1280-720-2707-h264.mp4-9.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 19295
last-modified: Wed, 08 Mar 2023 13:49:56 GMT
etag: "4b5f-5f663cdb0ca6e"
expires: Mon, 11 Mar 2024 16:34:34 GMT
cache-control: max-age=10720755
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-1865067-h-0-0---;6141-21-555387----0-0-0
X-Firefox-Spdy: h2

GET vq50.com/vs/96617429.jpg

188.114.96.1

200 OK

59 kB

URL GET
vq50.com/vs/96617429.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectvq50.com
Fingerprint39:06:02:1F:E2:D7:1A:05:AA:D5:08:DD:BE:F0:EA:8B:A9:4C:E4:23
ValidityWed, 19 Mar 2025 18:44:35 GMT - Tue, 17 Jun 2025 19:41:56 GMT

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
59 kB (58825 bytes)
Hash
31688b3c4c9faa2b8e4cf0c0a51ce99f
c5c0eafd3cc1bc1a59b5d68b800743392531dd12
e1138f28dade89ca840558e2a673e18a50bf95cdf85c9466671e8273ef7fca33

HTTP Headers

GET /vs/96617429.jpg HTTP/1.1
Host: vq50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 58825
last-modified: Tue, 27 Feb 2024 21:48:19 GMT
etag: "65de58a3-e5c9"
x-cache-status: HIT
accept-ranges: bytes
age: 1674
cache-control: max-age=14400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qmwmgi3lIFIq8uD%2FqetlESC8jEbIAv2Xvqi6eSQlIPwOHWjkmPAU1VpyOIMvDf%2BlqFsolfFbuKh2g0316usjSojazaSCD6%2FVb9PsFu16NTxU2DQCIyyyU3ZlA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145e48845690-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1093&min_rtt=438&rtt_var=1056&sent=72&recv=21&lost=0&retrans=0&sent_bytes=92837&recv_bytes=1156&delivery_rate=23402020&cwnd=254&unsent_bytes=0&cid=179b9f1ec9ca54f1&ts=207&x=0"
X-Firefox-Spdy: h2

GET img.aosikaimge.com/20221002/xex7dHpR/1.jpg

0.0.0.0

0 B

URL GET
img.aosikaimge.com/20221002/xex7dHpR/1.jpg
IP
0.0.0.0:0
ASN
#0

Requested by
https://av.hd4k.top/
Certificate
IssuerUnizeto Technologies S.A.
Subject*.aosikaimge.com
FingerprintBC:19:8D:FF:22:32:94:8C:04:80:02:CE:1A:59:1C:91:24:15:5C:66
ValidityTue, 24 Dec 2024 10:28:23 GMT - Fri, 23 Jan 2026 10:28:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /20221002/xex7dHpR/1.jpg HTTP/1.1
Host: img.aosikaimge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

GET sorkab.com/wp-content/uploads/2022/04/0000385.jpg

172.67.140.114

200 OK

29 kB

URL GET
sorkab.com/wp-content/uploads/2022/04/0000385.jpg
IP
172.67.140.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint04:59:F5:EA:15:4A:66:CD:FB:EE:5C:A3:E1:8C:D3:C6:74:4C:E1:31
ValidityThu, 06 Mar 2025 03:33:52 GMT - Wed, 04 Jun 2025 04:32:10 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 640x360, components 3
Size
29 kB (29028 bytes)
Hash
262d30b2e17f2a7694966f808974f661
e061b0fc8dc0085744cfe478dc610827f818a2ca
39dad711dfc06d6a554f3f672f31cc96aa914bb4fd42a2f398e60569734403dc

HTTP Headers

GET /wp-content/uploads/2022/04/0000385.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 29028
cache-control: public, max-age=31536000
expires: Thu, 02 Apr 2026 17:41:13 GMT
last-modified: Wed, 22 Feb 2023 09:24:32 GMT
accept-ranges: bytes
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
age: 166439
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V%2FWSq9A0V7LJf1qNyjvze2%2Bxy1oBJm9tK%2BoWQcxijjNl2j7GKz08lqdS8oTWnSn4lmngH9jxWB1%2FGOa%2FIOmGrrgU8bJC28ilDDmgJr1z2MZiw5Zp%2Bse75pbKlvLb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92ee145c4ba356c1-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2734&min_rtt=439&rtt_var=4576&sent=22&recv=12&lost=0&retrans=0&sent_bytes=23645&recv_bytes=1312&delivery_rate=7898181&cwnd=254&unsent_bytes=0&cid=c3bbd3d72f4508a9&ts=165&x=0"
X-Firefox-Spdy: h2

GET i0.wp.com/jpgjingpinx.com/upload/vod/20240108-1/a748afc7c9a8ac6e0d6fbbccfa430aeb.jpg

192.0.77.2

200 OK

50 kB

URL GET
i0.wp.com/jpgjingpinx.com/upload/vod/20240108-1/a748afc7c9a8ac6e0d6fbbccfa430aeb.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 718x404, Scaling: [none]x[none], YUV color, decoders should clamp
Size
50 kB (50134 bytes)
Hash
dc34df7e040431ab4d8425872f63432d
46be043c8a8d408ab884284eac784b62a5948747
bb26ed655903419414f41156727e72686f37f1d9121189130c41aa8134f2f678

HTTP Headers

GET /jpgjingpinx.com/upload/vod/20240108-1/a748afc7c9a8ac6e0d6fbbccfa430aeb.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 50134
last-modified: Sun, 15 Dec 2024 13:19:46 GMT
expires: Wed, 16 Dec 2026 01:19:46 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20240108-1/a748afc7c9a8ac6e0d6fbbccfa430aeb.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f61e64956e6668ff"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET sorkab.com/wp-content/uploads/2021/12/0000353.jpg

172.67.140.114

200 OK

19 kB

URL GET
sorkab.com/wp-content/uploads/2021/12/0000353.jpg
IP
172.67.140.114:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectsorkab.com
Fingerprint04:59:F5:EA:15:4A:66:CD:FB:EE:5C:A3:E1:8C:D3:C6:74:4C:E1:31
ValidityThu, 06 Mar 2025 03:33:52 GMT - Wed, 04 Jun 2025 04:32:10 GMT

File type
JPEG image data, baseline, precision 8, 640x360, components 3
Size
19 kB (19029 bytes)
Hash
c9bcef655c9d1e3f00e4816eb8539624
c9ce20eae5c1b7ebbb28dd9dc09b4d77be766dc8
de1bc74d32c1c62d80f2818735cdcb863f01c80d7e4ce4974690da4736fed34e

HTTP Headers

GET /wp-content/uploads/2021/12/0000353.jpg HTTP/1.1
Host: sorkab.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 19029
cache-control: public, max-age=31536000
expires: Tue, 04 Nov 2025 22:53:43 GMT
last-modified: Wed, 22 Feb 2023 06:42:44 GMT
vary: User-Agent,Accept-Encoding,Accept-Encoding
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
content-security-policy: upgrade-insecure-requests
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=(), midi=(), sync-xhr=(), microphone=(), camera=(), magnetometer=(), gyroscope=(), payment=(), fullscreen=(self)
alt-svc: h3=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 11953004
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W3bHInuXzlTlxhsN4p6HrYrvv84YHmXuZedskT4easmIXqUlte62XBXkUV3ENwj2AdaDN4yrQHQ%2F3ptvWADLjzo7Sn8EZ7aR33FaGh8ZoMqx1z35nhtBhwLLHQH0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92ee145c5ba556c1-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2734&min_rtt=439&rtt_var=4576&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3268&recv_bytes=1312&delivery_rate=7898181&cwnd=254&unsent_bytes=0&cid=c3bbd3d72f4508a9&ts=164&x=0"
X-Firefox-Spdy: h2

GET i0.wp.com/jpgjingpinx.com/upload/vod/20231225-1/056694b892292733ad0dc2c48211c077.jpg

192.0.77.2

200 OK

44 kB

URL GET
i0.wp.com/jpgjingpinx.com/upload/vod/20231225-1/056694b892292733ad0dc2c48211c077.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1080x607, Scaling: [none]x[none], YUV color, decoders should clamp
Size
44 kB (44088 bytes)
Hash
7464422144674cdf1ef679121e12746b
df01167badcfc34afea67a6603a6b7bea388c7c5
ba5669a8bbf0c1d4e13e7f77cf37deb2e5463035d9c6abb4c3ff10b41341adf3

HTTP Headers

GET /jpgjingpinx.com/upload/vod/20231225-1/056694b892292733ad0dc2c48211c077.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 44088
last-modified: Sat, 14 Dec 2024 07:36:02 GMT
expires: Mon, 14 Dec 2026 19:36:02 GMT
cache-control: public, max-age=63115200
link: <http://jpgjingpinx.com/upload/vod/20231225-1/056694b892292733ad0dc2c48211c077.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "cb6946087573fa71"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET vq50.com/vs/96542355.jpg

188.114.96.1

200 OK

88 kB

URL GET
vq50.com/vs/96542355.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectvq50.com
Fingerprint39:06:02:1F:E2:D7:1A:05:AA:D5:08:DD:BE:F0:EA:8B:A9:4C:E4:23
ValidityWed, 19 Mar 2025 18:44:35 GMT - Tue, 17 Jun 2025 19:41:56 GMT

File type
JPEG image data, baseline, precision 8, 1280x720, components 3
Size
88 kB (87799 bytes)
Hash
7ec63fe358841f8dd94bcf572f733d85
d138a2bbc6d4ca1300dc99559cad08f740f8e822
be3bcbaa937902cbf340a30fa64d8736cc5a6a8baa690ac3dcf0936d5ad7d81c

HTTP Headers

GET /vs/96542355.jpg HTTP/1.1
Host: vq50.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 87799
last-modified: Sun, 18 Feb 2024 11:40:30 GMT
etag: "65d1ecae-156f7"
x-cache-status: HIT
cache-control: max-age=14400
cf-cache-status: HIT
age: 5480
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1Oo%2F6yvOXkgy8H0vzcscoTksJcRuLuX8iQPPhxuVR%2F9ltMAsExFB7ACtNkFbCvJGPyU5Au1T9JXoTt3jeWP95WgEyO1SQSQw1y6jM0qMqPnxQeW8Lkjg%2FoHcvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145df84f5690-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1454&min_rtt=450&rtt_var=2001&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3185&recv_bytes=1047&delivery_rate=7240000&cwnd=254&unsent_bytes=0&cid=179b9f1ec9ca54f1&ts=161&x=0"
X-Firefox-Spdy: h2

GET aniru.org/wp-content/uploads/2024/02/RJ01155231_ana_img_main.webp

172.67.135.62

200 OK

34 kB

URL GET
aniru.org/wp-content/uploads/2024/02/RJ01155231_ana_img_main.webp
IP
172.67.135.62:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectaniru.org
Fingerprint16:D7:0E:47:0E:14:91:F3:91:DC:48:C6:64:6F:27:62:4D:12:90:67
ValiditySun, 02 Mar 2025 07:05:47 GMT - Sat, 31 May 2025 08:04:13 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 560x420, Scaling: [none]x[none], YUV color, decoders should clamp
Size
34 kB (33618 bytes)
Hash
f53c54809afd8e7865c2a318b4b5f2ca
e9b840044a7290cf7cfef280a6241f3d7c716bcc
698a111dadf1953095a54e495e65e82942471d0e2d0c9bdff92cf382b05dbce6

HTTP Headers

GET /wp-content/uploads/2024/02/RJ01155231_ana_img_main.webp HTTP/1.1
Host: aniru.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: image/webp
content-length: 33618
cache-control: private
last-modified: Sat, 17 Feb 2024 00:50:21 GMT
etag: "8352-611893ebc8d40"
vary: Accept, Accept-Encoding
cf-cache-status: BYPASS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=12q4HLFkcU76K05%2BgRO7rjpGFgIhGB83GOwkQkBPlX0kvLM4%2F9oakGcLeos03oFZcOo01chOT251MHBdOo4%2FzOLy%2BMmgR4nAzvb3SjyCsrDX9m8Zel6x23Hukt4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 92ee145c5d95568b-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=997&min_rtt=416&rtt_var=1136&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3267&recv_bytes=1229&delivery_rate=7362711&cwnd=254&unsent_bytes=0&cid=51e8c9b6a55e8f3e&ts=1138&x=0"
X-Firefox-Spdy: h2

GET i0.wp.com/666529.xyz/images/2024/11/28/c9f1283e3e1e4e18f7bfe405bf75ea30.png

192.0.77.2

200 OK

47 kB

URL GET
i0.wp.com/666529.xyz/images/2024/11/28/c9f1283e3e1e4e18f7bfe405bf75ea30.png
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://av.hd4k.top/
Certificate
IssuerLet's Encrypt
Subjectwp.com
FingerprintBF:03:E2:48:4D:35:6A:A1:4B:FB:78:A6:1B:1D:08:C5:21:26:66:B6
ValidityTue, 08 Apr 2025 19:44:49 GMT - Mon, 07 Jul 2025 19:44:48 GMT

File type
RIFF (little-endian) data, Web/P image
Size
47 kB (46846 bytes)
Hash
c05636f2da5c83820f0c21520f1d8949
c6770ce8e3068bd144096e9da4ba9082c781f11f
da61886c68aa068ab05a1c6822713ea873cab82469d03b2fcfc0cb312b7fc660

HTTP Headers

GET /666529.xyz/images/2024/11/28/c9f1283e3e1e4e18f7bfe405bf75ea30.png HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:52 GMT
content-type: image/webp
content-length: 46846
last-modified: Wed, 22 Jan 2025 00:26:59 GMT
expires: Fri, 22 Jan 2027 12:26:59 GMT
cache-control: public, max-age=63115200
link: <http://666529.xyz/images/2024/11/28/c9f1283e3e1e4e18f7bfe405bf75ea30.png>; rel="canonical"
x-content-type-options: nosniff
etag: "c077a9547fc59e6b"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

GET avatars.mds.yandex.net/get-vthumb/4146541/189224bb9d22ed215f88f772994adacc/564x318_1

87.250.247.183

200 OK

7.5 kB

URL GET
avatars.mds.yandex.net/get-vthumb/4146541/189224bb9d22ed215f88f772994adacc/564x318_1
IP
87.250.247.183:443
ASN
#13238 YANDEX LLC

Requested by
https://av.hd4k.top/
Certificate
IssuerGlobalSign nv-sa
Subject*.avatars.mds.yandex.net
FingerprintE6:CA:01:EF:27:C5:A7:B7:36:66:BC:E5:64:C2:63:12:FB:3C:8F:91
ValidityThu, 03 Apr 2025 14:25:03 GMT - Wed, 01 Oct 2025 20:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 480x318, Scaling: [none]x[none], YUV color, decoders should clamp
Size
7.5 kB (7496 bytes)
Hash
38b560105d19e9b347607a4e1edfa357
f9fb0eb8a88d46d46953b15d7e3db3b481e92321
48c76103418383d4027c0cf10804e7bb4135052cc8dff85b32ae2dbf0845d295

HTTP Headers

GET /get-vthumb/4146541/189224bb9d22ed215f88f772994adacc/564x318_1 HTTP/1.1
Host: avatars.mds.yandex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/webp
content-length: 7496
last-modified: Wed, 12 Feb 2025 05:19:01 GMT
cache-control: max-age=604800,immutable
x-request-id: 406a46a156d08c9
nel: {"report_to": "network-errors", "max_age": 600, "success_fraction": 0.001, "failure_fraction": 0.01}
report-to: {"group": "network-errors", "max_age": 600, "endpoints": [ { "url": "https://dr.yandex.net/s3_nel?datacenter=KLG"}]}
timing-allow-origin: *
X-Firefox-Spdy: h2

GET img.youtube.com/vi/CPlMN8leJHw/0.jpg

142.250.74.78

200 OK

15 kB

URL GET
img.youtube.com/vi/CPlMN8leJHw/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint12:A5:4A:1B:8A:02:5B:3E:ED:E8:C5:88:16:6F:BF:DE:14:12:DD:CA
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
15 kB (15041 bytes)
Hash
2db197eb654984cd514c61a0ef644444
3667a727dbc56101b7f212d46bc297ed2fc2ea14
233d04e900600a51363cce679888f4c74a802368450b18b9908f2426b1c2b35e

HTTP Headers

GET /vi/CPlMN8leJHw/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 15041
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Apr 2025 21:59:20 GMT
expires: Fri, 11 Apr 2025 23:59:20 GMT
cache-control: public, max-age=7200
etag: "0"
content-type: image/jpeg
age: 3461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET timg208.top/videos/aedc548dbf8234878b09a638d8486d90e8958d0f/cover/5_505_259?ih=1

104.22.21.157

200 OK

66 kB

URL GET
timg208.top/videos/aedc548dbf8234878b09a638d8486d90e8958d0f/cover/5_505_259?ih=1
IP
104.22.21.157:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjecttimg208.top
FingerprintAD:45:A1:8F:E9:B5:8F:B2:F0:68:FC:83:F3:8E:18:EA:B7:AC:02:B2
ValidityFri, 21 Mar 2025 14:39:51 GMT - Thu, 19 Jun 2025 15:37:25 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Lavc57.107.100", baseline, precision 8, 505x259, components 3
Size
66 kB (66303 bytes)
Hash
5f7c8d8e1310f4021b831f593d561c7c
e3fb0ecf8572d1fdb0ae1193ea5771752358bc50
8f5887f4a66dcc4ddb520e039e8f5a6b4ed707ef8426f3508ece9e97c989f5d8

HTTP Headers

GET /videos/aedc548dbf8234878b09a638d8486d90e8958d0f/cover/5_505_259?ih=1 HTTP/1.1
Host: timg208.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:51 GMT
content-type: application/octet-stream
content-length: 66303
last-modified: Tue, 04 Mar 2025 10:11:21 GMT
vary: Accept-Encoding
etag: "67c6d1c9-102ff"
expires: Thu, 03 Apr 2025 19:50:28 GMT
cache-control: public, max-age=31536000, stale-if-error=7200
t-cache: LHIT
cf-cache-status: HIT
age: 62036
accept-ranges: bytes
x-referer: no
server: cloudflare
cf-ray: 92ee145f3844568e-OSL
X-Firefox-Spdy: h2

GET cdne-pics.youjizz.com/6/e/d/6ed1655d866a027c738b1672b5adcd641497967548-768-432-269-h264.mp4-1.jpg

64.210.135.115

200 OK

9.8 kB

URL GET
cdne-pics.youjizz.com/6/e/d/6ed1655d866a027c738b1672b5adcd641497967548-768-432-269-h264.mp4-1.jpg
IP
64.210.135.115:443
ASN
#30361 SWIFTWILL2

Requested by
https://av.hd4k.top/
Certificate
IssuerSectigo Limited
Subject*.youjizz.com
Fingerprint18:A8:A8:35:DB:C2:7E:35:C3:7E:2A:75:C8:C8:D8:C6:09:86:45:D7
ValidityFri, 20 Dec 2024 00:00:00 GMT - Tue, 06 Jan 2026 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, comment: "Lavc52.123.0", baseline, precision 8, 308x232, components 3
Size
9.8 kB (9843 bytes)
Hash
f49baf955baf1ad4860b9fa7169a38fe
10581c3935bc377d032e7285d97dd25afed11987
8d55fb82dad4a5d9db3194b0655ad03a83f6ba2229a0a0c33e5ede2a1320aef8

HTTP Headers

GET /6/e/d/6ed1655d866a027c738b1672b5adcd641497967548-768-432-269-h264.mp4-1.jpg HTTP/1.1
Host: cdne-pics.youjizz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:54 GMT
content-type: image/jpeg
content-length: 9843
last-modified: Tue, 20 Jun 2017 14:47:11 GMT
etag: "2673-5526553999c43"
expires: Mon, 08 Jul 2024 07:55:37 GMT
cache-control: max-age=10391000
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
timing-allow-origin: *
access-control-expose-headers: Content-Length
accept-ranges: bytes
x-cdn-diag: ams5-7846-1-1865067-h-0-0---;6141-21-555387----0-0-1
X-Firefox-Spdy: h2

GET ansuko.net/wp-content/uploads/2024/12/uoii7don_header.jpg

104.21.54.113

200 OK

71 kB

URL GET
ansuko.net/wp-content/uploads/2024/12/uoii7don_header.jpg
IP
104.21.54.113:443
ASN
#13335 CLOUDFLARENET

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subjectansuko.net
FingerprintD1:3F:FB:02:8D:9F:BB:3D:59:FD:DE:0A:56:B0:3E:AF:A1:93:E8:D5
ValidityFri, 14 Feb 2025 00:34:27 GMT - Thu, 15 May 2025 01:33:03 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 700x790, components 3
Size
71 kB (70768 bytes)
Hash
4d12b31e119dd7c4c9facc46bbeb8031
4b81dcbd0ac752c8761eb63b7484f5bd8d389fdb
7070c7acaaf5b23fd180360bba24051eb59328222a15f0c19d4cacebea9ff38e

HTTP Headers

GET /wp-content/uploads/2024/12/uoii7don_header.jpg HTTP/1.1
Host: ansuko.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 11 Apr 2025 22:56:50 GMT
content-type: image/jpeg
content-length: 70768
last-modified: Fri, 13 Dec 2024 00:00:31 GMT
etag: "675b791f-11470"
cache-control: max-age=31536000
cf-cache-status: HIT
age: 2488873
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QOzqyqTFGvbqOTdqHuCH9%2FKT6mj43vFttiWuSgZ%2Bm8S4fIMW5TikWZYf%2BOHs5klKPE40EkcePqUlmnkpWUz1n1u%2BiG%2FeoIhJ8pOqOWgx6eOCk7yNs1LMMBykk2iY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 92ee145c48e61c0e-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=884&min_rtt=418&rtt_var=218&sent=64&recv=30&lost=0&retrans=1&sent_bytes=73138&recv_bytes=1400&delivery_rate=21087378&cwnd=254&unsent_bytes=0&cid=309af2e581f30c88&ts=228&x=0"
X-Firefox-Spdy: h2

GET img.youtube.com/vi/yCA3yS9F7pE/0.jpg

142.250.74.78

200 OK

18 kB

URL GET
img.youtube.com/vi/yCA3yS9F7pE/0.jpg
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://av.hd4k.top/
Certificate
IssuerGoogle Trust Services
Subject*.google.com
Fingerprint12:A5:4A:1B:8A:02:5B:3E:ED:E8:C5:88:16:6F:BF:DE:14:12:DD:CA
ValidityThu, 20 Mar 2025 11:18:39 GMT - Thu, 12 Jun 2025 11:18:38 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3
Size
18 kB (18069 bytes)
Hash
ce41e68a5fb53dad4d0fd55207034945
050e2ea3cf844cea12cb0f1633e6d766daa3a08c
4be687912692a5b5156401ba4582879d76177faa5b17d0ad91f7dbf9e82f88bf

HTTP Headers

GET /vi/yCA3yS9F7pE/0.jpg HTTP/1.1
Host: img.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://av.hd4k.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 18069
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Apr 2025 21:53:41 GMT
expires: Fri, 11 Apr 2025 23:53:41 GMT
cache-control: public, max-age=7200
age: 3800
etag: "1635645961"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (0)

HTTP Transactions (85)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate