Overview

URL track.bcvc.mobi/earn.php?zone\=4&oid\=85180&source\=1&subid\=85180&title\=BCVC%20Shortener
IP104.28.8.52
ASNAS13335 CloudFlare, Inc.
Location United States
Report completed2018-02-02 06:12:49 CET
StatusLoading report..
urlQuery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Referer
Pool
Access Level


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blacklists

MDL  No alerts detected
OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
DNS-BH  No alerts detected
mnemonic secure dns  No alerts detected


Recent reports on same IP/ASN/Domain

Last 10 reports on IP: 104.28.8.52

Date UQ / IDS / BL URL IP
2018-11-08 21:26:55 +0100
0 - 0 - 0 track.bcvc.mobi/earn.php?zone=6&uid=0&code=jx (...) 104.28.8.52
2018-04-01 18:10:10 +0200
0 - 0 - 0 moviezmela.com/read/padmavati-hindi-full-movi (...) 104.28.8.52
2018-01-19 07:51:36 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-19 04:51:35 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-19 02:51:37 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-18 19:51:37 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-18 04:51:29 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-18 01:51:32 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-14 21:47:44 +0100
2 - 0 - 2 tryteens.com/ 104.28.8.52
2018-01-14 05:51:35 +0100
2 - 1 - 2 tryteens.com/ 104.28.8.52

Last 10 reports on ASN: AS13335 CloudFlare, Inc.

Date UQ / IDS / BL URL IP
2018-11-14 17:31:08 +0100
0 - 0 - 1 destinypaints.com/index.php/xseutr/rtcgiq/57- (...) 104.27.172.208
2018-11-14 17:31:07 +0100
0 - 0 - 1 destinypaints.com/index.php/skj274-ham82695/2 (...) 104.27.172.208
2018-11-14 17:27:56 +0100
0 - 1 - 0 chinashjd.cf/bb62knq/4qkyvuf.php?dsibnmucf=ho (...) 104.24.105.28
2018-11-14 17:25:46 +0100
0 - 1 - 0 https://c.adsco.re 104.17.167.186
2018-11-14 17:24:44 +0100
0 - 0 - 1 moraxdwed.ru/files/Vse_chityi_tut__Sborka_ot_ (...) 104.24.110.194
2018-11-14 17:23:36 +0100
0 - 1 - 1 thomasvillexx.ml/ 104.18.51.59
2018-11-14 17:22:10 +0100
0 - 0 - 22 textspeier.de/ 104.27.162.228
2018-11-14 17:19:25 +0100
0 - 0 - 0 https://tgod.ca/ 104.31.78.59
2018-11-14 17:18:22 +0100
0 - 0 - 1 https://www.thephillyegotist.com/member-work/ (...) 104.18.53.22
2018-11-14 17:18:08 +0100
2 - 2 - 2 nesgamezone.com/play/24-in-1-menu-nes-rom-76.html 104.31.71.58

No other reports on domain: bcvc.mobi



JavaScript

Executed Scripts (7)


Executed Evals (1)

#1 JavaScript::Eval (size: 5258, repeated: 1) - SHA256: 847f6a895681edae9f59251c842a9184de97150e61648bfc22fff5bf6b869622

                                        function QCDone(d) {
    try {
        document.getElementById('ci_SW').value = d.SW
    } catch (e) {}
    try {
        document.getElementById('ci_SH').value = d.SH
    } catch (e) {}
    try {
        document.getElementById('ci_SAH').value = d.SAH
    } catch (e) {}
    try {
        document.getElementById('ci_WX').value = d.WX
    } catch (e) {}
    try {
        document.getElementById('ci_WY').value = d.WY
    } catch (e) {}
    try {
        document.getElementById('ci_WW').value = d.WW
    } catch (e) {}
    try {
        document.getElementById('ci_WH').value = d.WH
    } catch (e) {}
    try {
        document.getElementById('ci_CW').value = d.CW
    } catch (e) {}
    try {
        document.getElementById('ci_WIW').value = d.WIW
    } catch (e) {}
    try {
        document.getElementById('ci_WIH').value = d.WIH
    } catch (e) {}
    try {
        document.getElementById('ci_WFC').value = d.WFC
    } catch (e) {}
    try {
        document.getElementById('ci_PL').value = d.PL
    } catch (e) {}
    try {
        document.getElementById('ci_DRF').value = d.DRF
    } catch (e) {}
    try {
        document.getElementById('ci_NP').value = d.NP
    } catch (e) {}
    try {
        document.getElementById('ci_PT').value = d.PT
    } catch (e) {}
    try {
        document.getElementById('ci_NB').value = d.NB
    } catch (e) {}
    try {
        document.getElementById('ci_NG').value = d.NG
    } catch (e) {}
    try {
        document.getElementById('ci_DM').value = d.DM
    } catch (e) {}
    try {
        document.getElementById('ci_CF').value = d.CF
    } catch (e) {}
    try {
        document.getElementById('ci_NW').value = d.NW
    } catch (e) {}
}
var QC = {};
try {
    QC.SW = window.screen.width;
    QC.SH = window.screen.height
} catch (e) {
    QC.SW = -1;
    QC.SH = -1
}
try {
    QC.SAH = window.screen.availHeight
} catch (e) {
    QC.SAH = -1
}
try {
    QC.WX = window.screenX;
    QC.WY = window.screenY
} catch (e) {
    QC.WX = -1;
    QC.WY = -1
}
try {
    QC.WW = window.outerWidth;
    QC.WH = window.outerHeight
} catch (e) {
    QC.WW = -1;
    QC.WH = -1
}
try {
    QC.WIW = window.innerWidth;
    QC.WIH = window.innerHeight
} catch (e) {
    QC.WIW = -1;
    QC.WIH = -1
}
try {
    QC.CW = document.documentElement.clientWidth
} catch (e) {
    QC.CW = -1
}
try {
    QC.WFC = window.top.frames.length
} catch (e) {
    QC.WFC = -1
}
try {
    QC.PL = document.location.href
} catch (e) {
    QC.PL = ''
}
try {
    QC.DRF = document.referrer
} catch (e) {
    QC.DRF = ''
}
try {
    QC.NP = (!(navigator.plugins instanceof PluginArray) || navigator.plugins.length == 0) ? 0 : 1
} catch (e) {
    QC.NP = -1
}
try {
    QC.PT = window.callPhantom !== undefined || window._phantom !== undefined ? 1 : 0
} catch (e) {
    QC.PT = -1
}
try {
    QC.NB = typeof navigator.sendBeacon === "function" ? 1 : 0
} catch (e) {
    QC.NB = -1
}
try {
    QC.NG = navigator.geolocation !== undefined ? 1 : 0
} catch (e) {
    QC.NG = -1
}
try {
    QC.NW = 'webdriver' in navigator ? 1 : 0
} catch (e) {
    QC.NW = -1
}
QC.CF = 0;
try {
    var FlashDetect = new function() {
        var self = this;
        self.installed = false;
        self.raw = "";
        self.major = -1;
        self.minor = -1;
        self.revision = -1;
        self.revisionStr = "";
        var activeXDetectRules = [{
            "name": "ShockwaveFlash.ShockwaveFlash.7",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash.6",
            "version": function(obj) {
                var version = "6,0,21";
                try {
                    obj.AllowScriptAccess = "always";
                    version = getActiveXVersion(obj)
                } catch (err) {}
                return version
            }
        }, {
            "name": "ShockwaveFlash.ShockwaveFlash",
            "version": function(obj) {
                return getActiveXVersion(obj)
            }
        }];
        var getActiveXVersion = function(activeXObj) {
            var version = -1;
            try {
                version = activeXObj.GetVariable("\$version")
            } catch (err) {}
            return version
        };
        var getActiveXObject = function(name) {
            var obj = -1;
            try {
                obj = new ActiveXObject(name)
            } catch (err) {
                obj = {
                    activeXError: true
                }
            }
            return obj
        };
        var parseActiveXVersion = function(str) {
            var versionArray = str.split(",");
            return {
                "raw": str,
                "major": parseInt(versionArray[0].split(" ")[1], 10),
                "minor": parseInt(versionArray[1], 10),
                "revision": parseInt(versionArray[2], 10),
                "revisionStr": versionArray[2]
            }
        };
        var parseStandardVersion = function(str) {
            var descParts = str.split(/ +/);
            var majorMinor = descParts[2].split(/\./);
            var revisionStr = descParts[3];
            return {
                "raw": str,
                "major": parseInt(majorMinor[0], 10),
                "minor": parseInt(majorMinor[1], 10),
                "revisionStr": revisionStr,
                "revision": parseRevisionStrToInt(revisionStr)
            }
        };
        var parseRevisionStrToInt = function(str) {
            return parseInt(str.replace(/[a-zA-Z]/g, ""), 10) || self.revision
        };
        self.majorAtLeast = function(version) {
            return self.major >= version
        };
        self.minorAtLeast = function(version) {
            return self.minor >= version
        };
        self.revisionAtLeast = function(version) {
            return self.revision >= version
        };
        self.versionAtLeast = function(major) {
            var properties = [self.major, self.minor, self.revision];
            var len = Math.min(properties.length, arguments.length);
            for (i = 0; i < len; i++) {
                if (properties[i] >= arguments[i]) {
                    if (i + 1 < len && properties[i] == arguments[i]) {
                        continue
                    } else {
                        return true
                    }
                } else {
                    return false
                }
            }
        };
        self.FlashDetect = function() {
            if (navigator.plugins && navigator.plugins.length > 0) {
                var type = 'application/x-shockwave-flash';
                var mimeTypes = navigator.mimeTypes;
                if (mimeTypes && mimeTypes[type] && mimeTypes[type].enabledPlugin && mimeTypes[type].enabledPlugin.description) {
                    var version = mimeTypes[type].enabledPlugin.description;
                    var versionObj = parseStandardVersion(version);
                    self.raw = versionObj.raw;
                    self.major = versionObj.major;
                    self.minor = versionObj.minor;
                    self.revisionStr = versionObj.revisionStr;
                    self.revision = versionObj.revision;
                    self.installed = true
                }
            } else if (navigator.appVersion.indexOf("Mac") == -1 && window.execScript) {
                var version = -1;
                for (var i = 0; i < activeXDetectRules.length && version == -1; i++) {
                    var obj = getActiveXObject(activeXDetectRules[i].name);
                    if (!obj.activeXError) {
                        self.installed = true;
                        version = activeXDetectRules[i].version(obj);
                        if (version != -1) {
                            var versionObj = parseActiveXVersion(version);
                            self.raw = versionObj.raw;
                            self.major = versionObj.major;
                            self.minor = versionObj.minor;
                            self.revision = versionObj.revision;
                            self.revisionStr = versionObj.revisionStr
                        }
                    }
                }
            }
        }()
    };
    if (FlashDetect.major > 0) {
        QC.CF = 1
    }
} catch (e) {
    QC.CF = 2
}
try {
    QCDone(QC)
} catch (e) {
    console.log(e)
}
                                    

Executed Writes (0)



HTTP Transactions (28)


Request Response
                                        
                                            GET /earn.php?zone\=4&oid\=85180&source\=1&subid\=85180&title\=BCVC%20Shortener HTTP/1.1 
Host: track.bcvc.mobi
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         104.28.8.52
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 02 Feb 2018 05:18:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=d2dac886d6d486013cca247eb18d863101517548727; expires=Sat, 02-Feb-19 05:18:47 GMT; path=/; domain=.bcvc.mobi; HttpOnly PHPSESSID=0dtfelg07cephag7vna5enfjp5; path=/
X-Powered-By: PHP/5.6.30-0+deb8u1
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Frame-Options: allowall
Access-Control-Allow-Origin: *
Server: cloudflare
CF-RAY: 3e6ab11a770942c1-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   164
Md5:    2339be1b739b2c8f4540d594bee28d43
Sha1:   0e183c12537638bc3fba67cbf8dc69a3cf69189b
Sha256: d7325bb1d13b0e9a4eeb019e3447f7462bc58fb4c9cc018379e2d88fbd480fc1
                                        
                                            GET /afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw HTTP/1.1 
Host: go.onclasrv.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         188.42.162.154
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:47 GMT
Content-Length: 154
Connection: keep-alive
Location: http://deloton.com/afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw
Timing-Allow-Origin: *


--- Additional Info ---
Magic:  HTML document text
Size:   154
Md5:    cfbeaf604823f038b8b46f0ac862b98c
Sha1:   7b9eb1dac48e74fa5f418bc456cb410f88b81d98
Sha256: 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: track.bcvc.mobi
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d2dac886d6d486013cca247eb18d863101517548727; PHPSESSID=0dtfelg07cephag7vna5enfjp5

                                         
                                         104.28.8.52
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 02 Feb 2018 05:18:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: EXPIRED
Vary: Accept-Encoding
Expires: Fri, 09 Feb 2018 05:18:47 GMT
Cache-Control: public, max-age=604800
Server: cloudflare
CF-RAY: 3e6ab11bd72242c1-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   132
Md5:    6e580ba0d04ee53fef31432abc9a0bd8
Sha1:   3dbdf594b54abc4d5372adad612da2bd45f99a62
Sha256: 535d70490647f150dec2bf95be6d341bf88680e39ff4cbdcf80dd1443ad9ac77
                                        
                                            GET /afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw HTTP/1.1 
Host: deloton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive

                                         
                                         194.187.98.222
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: SeenToday=1; expires=Sat, 03-Feb-2018 05:18:47 GMT; Max-Age=86400; path=/ OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 03-Feb-2018 05:18:47 GMT; Max-Age=86400; path=/ oaidts=1517548727; expires=Sat, 02-Feb-2019 05:18:47 GMT; Max-Age=31536000; path=/ OAID=dd36ede73a0e0c26f97f81af85d9eb64; expires=Sat, 02-Feb-2019 05:18:47 GMT; Max-Age=31536000; path=/ OAID=dd36ede73a0e0c26f97f81af85d9eb64; expires=Sat, 02-Feb-2019 05:18:47 GMT; Max-Age=31536000; path=/ exsdsf=1517548727 pbk3=201ae378a97f29a17c3cdcb3cdf7f9126517822154456813429; expires=Fri, 02-Feb-2018 05:28:47 GMT; Max-Age=600 ltm_afu=1; expires=Sat, 03-Feb-2018 05:18:47 GMT; Max-Age=86400; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
X-Used-AdExchange: 1
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4172
Md5:    b962de38f559bd1ab049193a54dc4566
Sha1:   f8c1cd47bf6843a83fba22692c4f2797890209e3
Sha256: 1720db2c5e5ea2f6b730f3c398a09dc788ce7ea3b0c870385f476169a1772cf8
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: deloton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1517548727; OAID=dd36ede73a0e0c26f97f81af85d9eb64; exsdsf=1517548727; pbk3=201ae378a97f29a17c3cdcb3cdf7f9126517822154456813429; ltm_afu=1

                                         
                                         194.187.98.222
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---
                                        
                                            GET /?r=%2Fmb%2Fhan&zoneid=13821&pbk3=201ae378a97f29a17c3cdcb3cdf7f9126517822154456813429&empty=0&auction_id=68f7dd27-af0c-4761-a90e-a91bda5d79cc&clickid=7u2RosuxNzCo8na3RzPw&uuid=b5ff8cea-25a7-4cdd-8e65-3e76d519013e&ad_scheme=1&rotation_type=3&ppucounter=0&first_visit=0&on_test=0&offer_views=0&ab_test=0&adparams=bm9qcz0w&ip=f3d5bb63c9dbdcfb475795d659c65a4e&sw=1176&sh=885&sah=855&wx=-4&wy=-4&ww=1184&wh=863&cw=1176&wiw=1176&wih=754&wfc=0&pl=http%3A%2F%2Fdeloton.com%2Fafu.php%3Fzoneid%3D13821%26clickid%3D7u2RosuxNzCo8na3RzPw&drf=&np=1&pt=0&nb=0&ng=1&dm=undefined&cf=1&nw=0&id=e0111c736c1e44b14172bc6a9dd7ed2d&co=1&rf=0&hs=d01d492f13aec958676a3d4656a2a36c&ix=0&fs=1&timeout=0 HTTP/1.1 
Host: deloton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://deloton.com/afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1517548727; OAID=dd36ede73a0e0c26f97f81af85d9eb64; exsdsf=1517548727; pbk3=201ae378a97f29a17c3cdcb3cdf7f9126517822154456813429; ltm_afu=1

                                         
                                         194.187.98.222
HTTP/1.1 302 Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *, *
Pragma: no-cache
Cache-Control: private, max-age=0, no-cache
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Set-Cookie: f3d5bb63c9dbdcfb475795d659c65a4e=RW_5Uic4b1K2ACjTSVyudVa9kU_3eiHjT1r0Re_nrz0; expires=Fri, 09-Feb-2018 05:18:49 GMT; Max-Age=604800 OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; expires=Sat, 03-Feb-2018 05:18:49 GMT; Max-Age=86400; path=/ ppucnt=1; expires=Sat, 03-Feb-2018 05:18:49 GMT; Max-Age=86400; path=/ ppucntstart=1517548729; expires=Sat, 03-Feb-2018 05:18:49 GMT; Max-Age=86400; path=/ allcnt=1; expires=Sat, 02-Feb-2019 05:18:49 GMT; Max-Age=31536000; path=/ OAID=dd36ede73a0e0c26f97f81af85d9eb64; expires=Sat, 02-Feb-2019 05:18:49 GMT; Max-Age=31536000; path=/ _OACCAP[960689]=1; expires=Sat, 02-Feb-2019 05:18:49 GMT; Max-Age=31536000; path=/ _OACBLOCK[960689]=1517548729; expires=Sun, 04-Mar-2018 05:18:49 GMT; Max-Age=2592000; path=/ _OXCCLK[960689]=1; expires=Sat, 02-Feb-2019 05:18:49 GMT; Max-Age=31536000; path=/ _OXPCLK[102397]=1; expires=Sat, 02-Feb-2019 05:18:49 GMT; Max-Age=31536000; path=/
P3P: CP="CUR ADM OUR NOR STA NID"
Location: http://girrrly.com/visit.php?c=4689&k=bdad90f97735b3b8afed12766ef6056b&bannerid=1634587&campaignid=960689&zoneid=13821&zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw&sah=855&cw=1176&nw=0


--- Additional Info ---
                                        
                                            GET /visit.php?c=4689&k=bdad90f97735b3b8afed12766ef6056b&bannerid=1634587&campaignid=960689&zoneid=13821&zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw&sah=855&cw=1176&nw=0 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://deloton.com/afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw

                                         
                                         78.31.67.23
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; expires=Mon, 05-Mar-2018 05:18:49 GMT; Max-Age=2678400; path=/ fc_n_4689=1_1_1_1_1; expires=Mon, 05-Mar-2018 05:18:49 GMT; Max-Age=2678400; path=/ c=3syzywd2zbaz0; expires=Sun, 04-Mar-2018 05:18:49 GMT; Max-Age=2592000; path=/ k=ed4215505d1f93f00c4485dd54fb3cd7; expires=Sun, 04-Mar-2018 05:18:49 GMT; Max-Age=2592000; path=/
Cache-Control: no-cache
Location: http://girrrly.com//sex/multi/maingame/angame/chooseyour?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech Information Systems AS&lang=en&ref_domain=deloton.com&os=Windows 7&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Expires: Fri, 02 Feb 2018 05:18:48 GMT


--- Additional Info ---
                                        
                                            GET //sex/multi/maingame/angame/chooseyour?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5= HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://deloton.com/afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7

                                         
                                         78.31.67.23
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 178
Location: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Connection: keep-alive
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  HTML document text
Size:   178
Md5:    cd2e0e43980a00fb6a2742d3afd803b8
Sha1:   81ffbd1712afe8cdf138b570c0fc9934742c33c1
Sha256: bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5= HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://deloton.com/afu.php?zoneid=13821&clickid=7u2RosuxNzCo8na3RzPw
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: text/html
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; expires=Mon, 05-Mar-2018 05:18:49 GMT; Max-Age=2678400; path=/ lfc_n_395_4689=1_1_1_1_1; expires=Mon, 05-Mar-2018 05:18:49 GMT; Max-Age=2678400; path=/
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   4246
Md5:    4c40ffbe225b6085f943fc971f31d96a
Sha1:   cd4dc90744e76b20870ef7d8456c35a479f6671c
Sha256: c91fc6efd256909f3fa6022bb292a0a1092b0eb5a3d2dd2ec10c0530e7f7bf99
                                        
                                            GET /ctrack.php?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&sr=1176_885&t=0.824311224690683 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache
Expires: Fri, 02 Feb 2018 05:18:48 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ffce86e7c036f733c99e4aac1951d1f0
Sha1:   9d27322a607424247d05b3aa22ed8a9bbf3977ca
Sha256: adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc
                                        
                                            GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=

                                         
                                         216.58.207.202
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
                                        
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Content-Length: 30211
Date: Fri, 26 Jan 2018 02:15:17 GMT
Expires: Sat, 26 Jan 2019 02:15:17 GMT
Last-Modified: Tue, 20 Dec 2016 18:17:03 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 1; mode=block
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Age: 615812


--- Additional Info ---
Magic:  gzip compressed data, max compression
Size:   30211
Md5:    fbe55d62ddbb07d455db91c42719fa95
Sha1:   45b95c6f258886c2c52463472f93a00eeda53ea9
Sha256: f578c28becf81938d728f30836a507879e448d27461a2db119d7fb6d456f2fd1
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/nami_@2X.png HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 210
Last-Modified: Wed, 11 May 2016 04:52:54 GMT
Connection: keep-alive
Etag: "5732baa6-d2"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 32 x 32, 2-bit colormap, non-interlaced
Size:   210
Md5:    05317491a9e26324335c7533cf5483d7
Sha1:   2252438e116b1dc115471496df72b8367827ff30
Sha256: fca6444ee3d5bad3c153dee51f9b50e920891f131d31b255955208dc69f93cb8
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/1.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 7959
Last-Modified: Thu, 18 Jan 2018 11:53:08 GMT
Connection: keep-alive
Etag: "5a608aa4-1f17"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   7959
Md5:    555b1e6c66dc2e68eedde56f2fcb034e
Sha1:   6ff8ef9b68223ee4feddfe5dfadd8649ec1b8a06
Sha256: b2a9199965a9750190f7519cfd7fc622cd106760d656b2789bd440872ad5be95
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/3.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 7678
Last-Modified: Thu, 18 Jan 2018 11:53:02 GMT
Connection: keep-alive
Etag: "5a608a9e-1dfe"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   7678
Md5:    759d38e4eaa12d9ef6cc245a4ac4dd13
Sha1:   0da175db0dbeb101ac4cdc667b755fc583d48d25
Sha256: d4062d9d23041a9cdd7038c6204cc94862f8e3e9132051a70135db9d49b1dcf0
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/2.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 7983
Last-Modified: Thu, 18 Jan 2018 11:53:10 GMT
Connection: keep-alive
Etag: "5a608aa6-1f2f"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   7983
Md5:    43b1d044910caf288662cf13f5541f2e
Sha1:   05862bb820cbcfea9f03e4337ff4ab411093c996
Sha256: 34c53686e529d3e547f65bdd1da0d12c80d1f61ec1aabf8f461dbe1d93131087
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/left.png HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 31170
Last-Modified: Thu, 18 Jan 2018 11:53:06 GMT
Connection: keep-alive
Etag: "5a608aa2-79c2"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 231 x 400, 8-bit colormap, non-interlaced
Size:   31170
Md5:    780df4a1b70e2f4807517a22fd15b89d
Sha1:   2dd1a7ec4ca0ef088f289a86d44cfc9ed3ad68d9
Sha256: dca3ee04ed21f18ff297f6cd45bde4202b0c0a14b7b60e5fad30f2ba21f7cb4a
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/6.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 14083
Last-Modified: Thu, 18 Jan 2018 11:53:04 GMT
Connection: keep-alive
Etag: "5a608aa0-3703"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   14083
Md5:    4f2396faf7770f8b551ff7a968cf80aa
Sha1:   13e36aec840908ce34f2c9d08211caffc41a6df6
Sha256: ec26820deb6eff5b55007607f4ea35e506fe15991cf2273057903275e11d4205
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/4.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 8071
Last-Modified: Thu, 18 Jan 2018 11:53:02 GMT
Connection: keep-alive
Etag: "5a608a9e-1f87"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   8071
Md5:    bee6922218b06051e899835242546323
Sha1:   4a4a709e878eb424cdb9e1e791ceb4fd60709119
Sha256: aa1439d4f328d536da869e1c7ea429e3385f960fb42de28e86b0834df66cd274
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/right.png HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 28900
Last-Modified: Thu, 18 Jan 2018 11:53:08 GMT
Connection: keep-alive
Etag: "5a608aa4-70e4"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  PNG image, 266 x 400, 8-bit colormap, non-interlaced
Size:   28900
Md5:    5acf080de7a0a99e478cc0db643d7552
Sha1:   78a41c0a905051119b9021bc31a3df1145678c6e
Sha256: 00fc155fbc65dbb8cf527e08a427819a4352601c51b0ea99d9d9c3e581cad5dc
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/5.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 14236
Last-Modified: Thu, 18 Jan 2018 11:53:04 GMT
Connection: keep-alive
Etag: "5a608aa0-379c"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   14236
Md5:    dcf7ce381fd0a5745f0e234cce743a5b
Sha1:   5d5617f60db4e6f6654267fd1445e2bd42051c0c
Sha256: ea262d8abdc79dee58c48b27df1b6f99b5d8d06111a0407b6b4e64379e0a861b
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/7.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 8497
Last-Modified: Thu, 18 Jan 2018 11:53:04 GMT
Connection: keep-alive
Etag: "5a608aa0-2131"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   8497
Md5:    54fe13d7bdd9a8fb5378c557e25c8152
Sha1:   b1b11177a9dc69e88d294e5a800ebbc2ec65431d
Sha256: 75a53c9229143e8b7696a957c4ec968200e99583d1922e58d9a20d6835c75aa4
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/8.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 9049
Last-Modified: Thu, 18 Jan 2018 11:53:04 GMT
Connection: keep-alive
Etag: "5a608aa0-2359"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   9049
Md5:    68409363d0f584638c551192b1af8af2
Sha1:   e3b5d2cc8c32259144dbc67359ccea063611dc85
Sha256: 236a3ba34da3db66eb83dfcd71a88087638da8844c9229ded6c8c1bc457847b8
                                        
                                            GET /sex/multi/maingame/angame/chooseyour/9.jpg HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:49 GMT
Content-Length: 10508
Last-Modified: Thu, 18 Jan 2018 11:53:04 GMT
Connection: keep-alive
Etag: "5a608aa0-290c"
Expires: Fri, 02 Feb 2018 05:18:48 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01
Size:   10508
Md5:    e63015ba2b261691058b7751be64352f
Sha1:   b7e095a12d5b2753b2a066f490602b7d9b00cf92
Sha256: bdc828636f1de7b70e6fffe5cd1e84dfa8aadc6e212a01d8b660dc31fcdc61ac
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:50 GMT
Content-Length: 1350
Last-Modified: Sun, 06 Nov 2016 09:08:02 GMT
Connection: keep-alive
Etag: "581ef2f2-546"
Expires: Fri, 02 Feb 2018 05:18:49 GMT
Cache-Control: no-cache
Accept-Ranges: bytes


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 16x16, 2-colors
Size:   1350
Md5:    b42e43be08b0d6ff829351b2e6eab0e1
Sha1:   1f3e281df34d18172b47f7c104b1874f96d3c002
Sha256: e8c241fd2b540e006ded11341dfb6694a041b1a98fd699495fb60737306c2a4d
                                        
                                            GET /lib/ajax/lp_timing.php?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&d=717_0&t=0.22078751587984147 HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: image/png,image/*;q=0.8,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Referer: http://girrrly.com/sex/multi/maingame/angame/chooseyour/?c=3syzywd2zbaz0&k=ed4215505d1f93f00c4485dd54fb3cd7&country_code=NO&country_name=Norway&region=Akershus&city=Skedsmokorset&isp=PowerTech%20Information%20Systems%20AS&lang=en&ref_domain=deloton.com&os=Windows%207&osv=&browser=Firefox&browserv=3&brand=Desktop&model=Desktop&marketing_name=Desktop&tablet=4&rheight=768&rwidth=768&t1=1634587&t2=960689&t3=&t4=13821&t5=&t6=&t7=&t8=&t9=&t10=&t11=&t12=&t13=&t14=&t15=13821&et1=&et2=&et3=&et4=&et5=
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1

                                         
                                         78.31.67.23
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Fri, 02 Feb 2018 05:18:49 GMT
Cache-Control: no-cache


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1
Size:   43
Md5:    ffce86e7c036f733c99e4aac1951d1f0
Sha1:   9d27322a607424247d05b3aa22ed8a9bbf3977ca
Sha256: adc1673711c18a8770805224a7c110405cb60a6e933d56f47a7b36585fe37fcc
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: track.bcvc.mobi
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: __cfduid=d2dac886d6d486013cca247eb18d863101517548727; PHPSESSID=0dtfelg07cephag7vna5enfjp5

                                         
                                         104.28.8.52
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=utf-8
                                        
Date: Fri, 02 Feb 2018 05:18:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: HIT
Vary: Accept-Encoding
Expires: Fri, 09 Feb 2018 05:18:50 GMT
Cache-Control: public, max-age=604800
Server: cloudflare
CF-RAY: 3e6ab12e80be42c1-OSL
Content-Encoding: gzip


--- Additional Info ---
Magic:  gzip compressed data, from Unix
Size:   132
Md5:    6e580ba0d04ee53fef31432abc9a0bd8
Sha1:   3dbdf594b54abc4d5372adad612da2bd45f99a62
Sha256: 535d70490647f150dec2bf95be6d341bf88680e39ff4cbdcf80dd1443ad9ac77
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: girrrly.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: fc_t_4689=1517548729_1517548729_1517548729_1517548729_1517548729; fc_n_4689=1_1_1_1_1; c=3syzywd2zbaz0; k=ed4215505d1f93f00c4485dd54fb3cd7; lfc_t_395_4689=1517548729_1517548729_1517548729_1517548729_1517548729; lfc_n_395_4689=1_1_1_1_1
If-Modified-Since: Sun, 06 Nov 2016 09:08:02 GMT
If-None-Match: "581ef2f2-546"

                                         
                                         78.31.67.23
HTTP/1.1 304 Not Modified
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:50 GMT
Last-Modified: Sun, 06 Nov 2016 09:08:02 GMT
Connection: keep-alive
Etag: "581ef2f2-546"
Expires: Fri, 02 Feb 2018 05:18:49 GMT
Cache-Control: no-cache


--- Additional Info ---
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: deloton.com
                                        
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.13) Gecko/20101203 Firefox/3.6.13
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Cookie: SeenToday=1; OAGEO5580f=13%7CNO%7C03%7COSLO%7CXDSL%7CBROADNET+AS%7C%7C11348%7C11093%7C%3F%7C578270; oaidts=1517548727; OAID=dd36ede73a0e0c26f97f81af85d9eb64; exsdsf=1517548727; pbk3=201ae378a97f29a17c3cdcb3cdf7f9126517822154456813429; ltm_afu=1; f3d5bb63c9dbdcfb475795d659c65a4e=RW_5Uic4b1K2ACjTSVyudVa9kU_3eiHjT1r0Re_nrz0; ppucnt=1; ppucntstart=1517548729; allcnt=1; _OACCAP[960689]=1; _OACBLOCK[960689]=1517548729; _OXCCLK[960689]=1; _OXPCLK[102397]=1

                                         
                                         194.187.98.222
HTTP/1.1 204 No Content
                                        
Server: nginx
Date: Fri, 02 Feb 2018 05:18:50 GMT
Connection: keep-alive
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Pragma: public


--- Additional Info ---