Report - teenplay.top/

Report Overview

Submitted URL
teenplay.top/
IP
172.67.145.84
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-11 02:44:18
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.0 kB	8.4 kB	142.250.74.3
chanekee.ga	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	56 kB	172.67.203.200
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	553 B	163 B	141.226.228.48
js.juicyads.com	57029	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	405 B	429 B	108.138.233.18
sb.scorecardresearch.com	134	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	2.4 kB	108.156.28.7
ust.chatango.com	43894	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	410 B	349 B	208.93.230.28
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	746 B	142.250.74.10
t0.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.7 kB	216.58.211.4
t3.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.8 kB	142.250.74.36
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	374 B	852 B	185.235.84.178
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	18.164.68.21
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.88.220.109
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	357 B	21 kB	142.250.74.174
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	1.7 kB	178.250.0.157
gem.gbc.criteo.com	6039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	492 B	185.235.84.86
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	3.6 kB	93.184.220.29
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	759 B	168 kB	151.101.85.44
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390 B	112 kB	45.133.44.9
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	328 B	963 B	172.64.155.188
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	338 B	944 B	216.137.34.29
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.2 kB	23 kB	142.250.74.164
t2.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	6.4 kB	142.250.74.132
teenplay.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	762 B	1.3 kB	172.67.145.84
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.77.32
i.imgur.com	5110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	756 B	62 kB	151.101.84.193
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	488 B	46 kB	216.58.207.195
t1.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.5 kB	142.250.74.36
st.chatango.com	37357	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	249 kB	208.93.230.28
wxhiojortldjyegtkx.bid	398194	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	719 B	172.67.133.150
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	43 kB	142.250.74.168
lgarden.icu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	670 B	37.48.65.143
www.effectivedisplayformats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	11 kB	192.243.59.12
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	8.9 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.9 kB	34.160.144.191
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373 B	405 B	3.66.118.16
motivessuggest.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	6.1 kB	192.243.61.227

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-11	medium	effectivedisplayformats.com	Sinkholed
2022-10-11	medium	motivessuggest.com	Sinkholed
2022-10-11	medium	motivessuggest.com	Sinkholed

JavaScript (33)

	URL	Size	First Seen	Last Seen
	js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks	93 kB	2023-03-08	2023-03-08
Pretty URL js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks IP 108.138.233.18 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 83560519f0370499420868c9530245c0 0fc26e970a413b1ec139c6d1950166e46b59d7da 3b014da3036462ee22b22af3b1ca90573646fe83b28d696c97f669d1f7574e6d Loading...

	st.chatango.com/js/gz/emb.js	70 kB	2023-03-07	2023-03-17
Pretty URL st.chatango.com/js/gz/emb.js IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:53 Last Seen2023-03-17 12:44:47 Times Seen1 Hash ba0ff11126e74da5028f0c02a681390d aa08f65f3d6d3ce39d222abf1c7d40e2dd2834b4 95db5e0f52d1d89a1c17733e005452f61c10c4b351a8737b7730fbf68dc3cd8e Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	68 B	2023-03-07	2024-04-25
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-25 10:45:38 Times Seen448 Hash 441a378db25abb5c4db8560de9b87189 4801220a00826fb7fb65f2753204881f393e69dd 25ebf35db1f4166c31ae3ed946d1c1d436c4d5bbc9e1cdb791d4c892773e7dfe Loading...

	cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js	704 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:09:06 Last Seen2023-03-08 13:24:23 Times Seen1 Hash a9f7fef8b2e6657b83dcc25b61ff484f f99bdc2c651ba5e360b8714df29ffbd587182494 b9111d70cbfd8faa390ac928fc5e55204aeb53fbb834bfe486ee2d6399405518 Loading...

	sb.scorecardresearch.com/beacon.js	3.9 kB	2023-03-07	2024-01-14
Pretty URL sb.scorecardresearch.com/beacon.js IP 108.156.28.7 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-01-14 12:48:16 Times Seen58 Hash eaf85c1c6758e84acfe134efd70e9373 5caec39b3ce7c2ec9912aff8ae6fa05aa9fb757e ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Loading...

	teenplay.top/js/templatemo-script.js	975 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/js/templatemo-script.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 0662033db762067a3b72d3109e719685 fd794cea002f24b7117492673c1076feb529cf69 d9ab63ed1c18f942a134776de491d7b3415b93a494cff8508f56a9357fdb46a9 Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	82 B	2023-03-07	2024-04-25
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-25 10:45:39 Times Seen461 Hash 7b57040338cb73dfe12425b3a9cf20a3 cc85b6aa4c370f1e8b0cd12f38ff33aecb684a5c 21a433ef209a764be84f3677d6cee1ec9862db67bd02cb1dbe38e3d942474efc Loading...

	http:blank	145 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash f416d9beccd662c07dad7bcf512bc66a 8ce6caad84b98f8780de8b27de12b2f7ba2ef04f dd5ac015514706e62189f5064bbc4489bbb02e5ed7534090c4ff50f5e13c7357 Loading...

	http:blank	3.7 kB	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 4a43ce48fed1d764573b91e8dc6a5532 612c3d67f415dbde0c4e4741d936ef5658adfc42 6ead22c8d21c00ee391c2bd1ca88073b5835016257adf953e9ff4e75d46d0cb8 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.6538048677894743%22%7D	418 B	2023-03-07	2023-04-01
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.6538048677894743%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:37 Last Seen2023-04-01 10:34:33 Times Seen447 Hash 755b312976dc0edb23fa08bed999c482 6685710ba04dc63e4122ec3ce89f3adfe479adf4 663197a6a8353d989cdc65d4f3112e425a00839c85a3fde99bbe451a9c604a6f Loading...

	teenplay.top/	302 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 9e9a84fd05a64ecbc44af92e33ea81c6 f47a4dd07bc141fd18ca27f9906f972317dda834 e0caff71a934e1657d893fa2c14042a237e6787a941abf95473cc85523482794 Loading...

	teenplay.top/js/jquery.min.js	84 kB	2023-03-08	2023-06-16
Pretty URL teenplay.top/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-06-16 03:19:50 Times Seen6 Hash 1502356b3e93ccbe66894ce972e38fe6 98e13b02dc55595ff002aa07cc26705f6018c0cf b0beefadef42ab2a724d8683fd19f41a325f858912a8cbfd85cf22d9c9c0879c Loading...

	teenplay.top/	199 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 0bdcf3e4360eebd94cd3ae1f4f161443 1490f705aaab15b66a9d341e139846f41a13f914 6e76e071c0345522e6661c6c89c7efed2b97b16c5b8fe7eb30cbfd681fb6358a Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	514 B	2023-03-07	2024-04-25
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-25 10:45:38 Times Seen448 Hash 37c4b6da5dd2e1cab223e5875969a6d2 63bbb2f5888134503833b026eee6e43b25c32af9 c5532bc5d1630dc0b30da99828d86031356037d356bef00679956972051e136c Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	471 kB	2023-03-07	2023-03-17
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:53 Last Seen2023-03-17 12:44:47 Times Seen1 Hash 6d7fcd2d5d1c4ea503ee673a26b6ee4a db42cd96ff7a624e38361711fea467a295254035 1cb5e3c3a11ebb036972e9126a207c0bdee14864be14d5375d6966972d918c73 Loading...

	teenplay.top/	192 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 787c20374a71de8d7cb5e5f2ed8a4c76 7d0adce42518d3665d6480d41dfe66e8f89cb049 4c1bb58787b2a0d71386b90d9d0fc8a07eaccfe9b2d6a23e691f51b670b8dd91 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.6538048677894743%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.6538048677894743%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js	27 kB	2023-03-08	2023-03-10
Pretty URL www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js IP 192.243.59.12 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 07:18:05 Last Seen2023-03-10 12:09:18 Times Seen1 Hash 79da7bd983107e56643c9a10b586be18 79a2c34a9acee4aeb7ccc37d1e605165939e2879 d307e3b5d458381ff41c76c0bcaf5e674fb829967ecd98039e011f450c11c593 Loading...

	cdn.taboola.com/libtrc/chatango-network/loader.js	81 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/chatango-network/loader.js IP 151.101.85.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 5c5d2aa8af2344a3b297ace11e1dc91c b53e40ecba9e58a19203f347e1119878d8b83c75 94bdfd5ec829175b0903599ca5767cd5299cf1d2c936d71278a51e26d7b65c1d Loading...

	gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS	30 kB	2023-03-07	2023-03-26
Pretty URL gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS IP 178.250.0.157 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:23:23 Last Seen2023-03-26 04:43:03 Times Seen53 Hash d0427fd88e9741c2b20de62ba313a2e7 c3f76e44bdcb6b9e2958ebcae873382965b6941b bb789c36615ba0b66b8cc310e5965cdfe471714b935f1bff5516ff6999e711c5 Loading...

	teenplay.top/	349 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 22ba3944253ab64533f46acf308db4be 43f4f03e813cfbfc05c4a87a07cff75270028528 025161ba52551c8841b82f6c0fa49c81a644e7934faeaa8189b6286d519ba5e3 Loading...

	teenplay.top/	156 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash c937139263c9095926df06749c8b4b83 5f7ec65d56aec7961359a2b0de7da7a3ee3c79aa f282e9820d130c9923d8ce3a44125330c7d45836ea268bb11808375f1d8ea7aa Loading...

	www.googletagmanager.com/gtag/js?id=UA-141729945-17	109 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-141729945-17 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash bb14d2b3af6ed46cfa8a175a2cf82899 ba544930acaf7b0cbde097703b9bba1ace789dcc a8f3a15cb75934da95c17578e03cb112511b228ae47e74b5a7c03083478065c4 Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	86 kB	2023-03-07	2023-03-17
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2023-03-17 12:44:47 Times Seen1 Hash afdc9fd7e420350b3c6b5ebc574fb29f cc10a219a40ad076e027176ba10aaf057755573e 132daceb640180fcefc816d15776d3d115741b15e13106b8bfb98052a59671f9 Loading...

	teenplay.top/	12 kB	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 97636e41dd6a0a6371c6c8e92f505b11 8d0094a94172095406baa5f5c4085c9dcaa109f7 4b1d1287de5130c9d64075945deca84340a1713ad7da106c9d2420356884d04a Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	2.8 kB	2023-03-07	2024-04-25
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:53 Last Seen2024-04-25 10:45:38 Times Seen447 Hash 3243c0841916ec8412445cf28dc213e1 e03e2b55026c2d5a48478b494038ac237a570356 43809cbb40cf2c409373635a089746ebaf238092ec2dd2c0880e5ff57b729f99 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-25 17:52:53 Times Seen1528 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	81 kB	2023-03-07	2023-08-15
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2023-08-15 01:59:11 Times Seen202 Hash 297f25982e1a4e3b913bf6bbf2f20a48 fc5c48872fb6b77925abd723548ee55405f86f1e e0c8d5e08615299748f3e05fa641051c19ac85cfdc0b2033e761df4576905bf2 Loading...

	st.chatango.com/h5/gz/r0817221641/id.html	500 B	2023-03-07	2024-04-25
Pretty URL st.chatango.com/h5/gz/r0817221641/id.html IP 208.93.230.28 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-25 10:45:39 Times Seen445 Hash ff7740eb4626a42bc3c5931080184792 8eae299530fe6b2aa2f48d3af8e7c2566e10cd81 6b8a3c1db7301e1456b3e8324242f1d31b27dda2e945211bec25519eef3181ca Loading...

		Size	First Seen	Last Seen
	#1 Eval - 19720c164d56f7e7dfe6748e376f868e	19 B	2023-03-07	2024-04-25
Pretty Observations First Seen2023-03-07 01:18:54 Last Seen2024-04-25 10:45:39 Times Seen615 Hash 19720c164d56f7e7dfe6748e376f868e 0387db7b6a453b71114985d199838b7a3928c76b 56e50d855741d508ab6465d3860ef0ad117ab967993b9111caeaec90f64e912b Loading...

	#2 Eval - 37cd3bd2adbd29e7fafaf20f77f4bf43	18 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-15 12:57:44 Times Seen656 Hash 37cd3bd2adbd29e7fafaf20f77f4bf43 d4a665f4bf3dc9a6f3ea3a55c50c5a37c6bd05f5 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91 Loading...

	#3 Eval - 26f68f8a33c794ad489c3cb1dfb86e31	2.0 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 12:39:43 Times Seen1 Hash 26f68f8a33c794ad489c3cb1dfb86e31 c421b16029db4401d09e3e172d8cb387f933bb0e 5df5f148f30bd875279011c137127670f7e9934aa5c81fb464a6b3a6f7c96e9b Loading...

		Size	First Seen	Last Seen
	#1 Write - c32a43df08590d5570fdfd0a25535a9a	129 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash c32a43df08590d5570fdfd0a25535a9a aa50a815668792965b65b248ca649008c0134e59 40f08c2fed916637f973febd8aa1d18359cdd854e578627877a521375d325dd2 Loading...

HTTP Transactions (120)

URL IP Response Size

teenplay.top/

172.67.145.84

301 Moved Permanently

0 B

URL HTTP/1.1
teenplay.top/
IP
172.67.145.84:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 11 Oct 2022 02:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 03:44:07 GMT
Location: https://teenplay.top/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln7%2FnDWIbkWroasHvuFePTPpc%2FnjnNVVUDeRDY2P9zqu4Od7phL9T6L5AYCw6lgZfDZbF3lmUCo9KsPdtOpeDmdwRn1ENfFQv4VKU3WabgGY2gsVFDJcyyVopRusetY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758440894c20b512-OSL
alt-svc: h2=":443"; ma=60

firefox.settings.services.mozilla.com/v1/

18.164.68.21

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
18.164.68.21:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 02:08:12 GMT
Expires: Tue, 11 Oct 2022 02:29:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3fc96eac90753d96374d6038f01cfe76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: X8OwpqVnh5U1Q7Pi6lsqO8-m7tMsUlzEwfXiNLhGXa8CbSefK60Idg==
Age: 2155

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ef6d323da0ad155f526b4a57c2e46ccc
71686b19b3ca049b9b66f8740284c552a3f61a20
99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20532
Expires: Tue, 11 Oct 2022 08:26:19 GMT
Date: Tue, 11 Oct 2022 02:44:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15175
Expires: Tue, 11 Oct 2022 06:57:02 GMT
Date: Tue, 11 Oct 2022 02:44:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: e9kjBeQZlafwTZj7lHlapXz5rZRtKXgYhNLhxJ/FooSTaovdEubmdL/SrkoZ9yNsiSsBKcwUvSrZEy4ei1i8lw==
x-amz-request-id: EP3DC12YEHD9C27K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 02:00:40 GMT
age: 2607
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 02:44:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

18.164.68.21

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
18.164.68.21:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 11 Oct 2022 02:41:37 GMT
Expires: Tue, 11 Oct 2022 03:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a4b8b5ea0a3ab45ef51e6681d8320bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: fhGOPD4VfwzOGLVz_nn106lLV-DVRCqsfnGWjycby5UOFHrcrt4XpQ==
Age: 150

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d545bc725dcd5d6f1dfc10a8b35aeb3a
82d92587953dac8a05d691730b8318719328de6b
9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4537
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Last-Modified: Tue, 11 Oct 2022 01:28:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
0679abb83f67babee057b4e7b618faa5
0b385a7548d694be54027dc7803b6030c0d32aa9
82ea72d9a5a3ca844e3b83f884e56bdbc4cfa6673f470f444382bf5f8357575f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "82EA72D9A5A3CA844E3B83F884E56BDBC4CFA6673F470F444382BF5F8357575F"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5547
Expires: Tue, 11 Oct 2022 04:16:35 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive

chanekee.ga/Banners/chanekee.jpg

172.67.203.200

200 OK

55 kB

URL HTTP/2
chanekee.ga/Banners/chanekee.jpg
IP
172.67.203.200:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1413x221, components 3\012- data
Size
55 kB (55155 bytes)
Hash
8dec9f6f86b1f5218252a970fd72e845
d3411815cdedee39ebaeb21a564abaa7b48f86a2
8930f6412d08744d5420e42466caa0f8dc44f88dc2dba8d4a4b1c6318b12d0b0

HTTP Headers

GET /Banners/chanekee.jpg HTTP/1.1
Host: chanekee.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: image/jpeg
content-length: 55155
cache-control: public, max-age=604800
expires: Mon, 17 Oct 2022 18:10:59 GMT
last-modified: Wed, 08 Jul 2020 19:53:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 30789
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSkgLr5A4uBET6ZK1DS0VTTX22Gqu1h7RzmLDNZeFyCeE72XPNo66VuQK%2F5mpQkZAbK%2F92eKy2T0dWFUoCn94OsnSDzWGaEMgc8kUKHocFTcKFxcvzzWiMuoenAGrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75844090cb280b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/kOEOLmX.jpg

151.101.84.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/kOEOLmX.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
30 kB (30484 bytes)
Hash
c21b0de24e5c1d574eb150eecbd032b7
d6761ca75b681a86930bca004161f3bc83ada12c
e47b261f1e325300bf39fc141fe11e4af224c0596478fbcbae7cb5b8f52329d2

HTTP Headers

GET /kOEOLmX.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 18:57:35 GMT
etag: "c21b0de24e5c1d574eb150eecbd032b7"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:08 GMT
age: 3619983
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 9371, 3
x-timer: S1665456248.449087,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30484
X-Firefox-Spdy: h2

wxhiojortldjyegtkx.bid/rci?tr=false

172.67.133.150

200 OK

1 B

URL HTTP/2
wxhiojortldjyegtkx.bid/rci?tr=false
IP
172.67.133.150:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

GET /rci?tr=false HTTP/1.1
Host: wxhiojortldjyegtkx.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: text/html;charset=UTF-8
content-length: 1
cache-control: no-transform,no-cache
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEnw%2FRc6uIfdIYIs5rsRWU8s6qOave0I5kTs4tVIsQU%2B4v17a1x8TOR9cF8ec%2BHdVtcagKPg0K0wr1IjGTtcPP2%2BQoDgs7z19eDmfvQndNx3zERQ2MyCvzm8axQBh6smLe5g4RVpJ%2BZX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758440900f02b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

i.imgur.com/VXrxMGg.jpg

151.101.84.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/VXrxMGg.jpg
IP
151.101.84.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
30 kB (30540 bytes)
Hash
d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1

HTTP Headers

GET /VXrxMGg.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 08:58:33 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:08 GMT
age: 2914881
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 5847, 2
x-timer: S1665456248.449497,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2c08f85bd74f5c0456761cd4180e3d1b
1fb1ed9973e481092ae4e51e7277e7e58144f994
e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
0679abb83f67babee057b4e7b618faa5
0b385a7548d694be54027dc7803b6030c0d32aa9
82ea72d9a5a3ca844e3b83f884e56bdbc4cfa6673f470f444382bf5f8357575f

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "82EA72D9A5A3CA844E3B83F884E56BDBC4CFA6673F470F444382BF5F8357575F"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5547
Expires: Tue, 11 Oct 2022 04:16:35 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive

www.googletagmanager.com/gtag/js?id=UA-141729945-17

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-141729945-17
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1969)
Size
42 kB (42420 bytes)
Hash
8c593d1409940e0d2343239bcff7f2d7
b3cf57bbd31694ff529e5071526a3390e2f93a81
7dd9a0ae36865d87c056a88f62fe089549d38b4772c98e420a930a6d8b40fbcb

HTTP Headers

GET /gtag/js?id=UA-141729945-17 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 11 Oct 2022 02:44:08 GMT
expires: Tue, 11 Oct 2022 02:44:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 11 Oct 2022 01:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.88.220.109

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.88.220.109:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0p98z+fYiCSiVFjOTtQgEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FMboadtXE/kMzf1cpQ8QQFhM1EM=

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2c08f85bd74f5c0456761cd4180e3d1b
1fb1ed9973e481092ae4e51e7277e7e58144f994
e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
50bff5a6ff613436a227551a90ddb328
97aca6598470104c536abae69c4d770d073d9f19
c7f82bfca87c7f8d7fcf9acb3ef145d76c8d54a370ffe5ca73a11ace5f2e8979

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7F82BFCA87C7F8D7FCF9ACB3EF145D76C8D54A370FFE5CA73A11ACE5F2E8979"
Last-Modified: Mon, 10 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4599
Expires: Tue, 11 Oct 2022 04:00:47 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive

lgarden.icu/external/loligarden.png

37.48.65.143

404 Not Found

9 B

URL HTTP/2
lgarden.icu/external/loligarden.png
IP
37.48.65.143:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 11 Oct 2022 02:44:08 GMT
server: Cowboy
set-cookie: sid=9464d25c-490e-11ed-a37b-a902f8b23031; path=/; domain=.lgarden.icu; expires=Sun, 29 Oct 2090 05:58:15 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ad82659acd591c7cef05e62c1054c8c7
bbda17fc931c397238749eaffaeba7b39e0a0844
670f972a1625f00fa54a21b173c605c552c9693b41518ad6b1802016721aae4d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "670F972A1625F00FA54A21B173C605C552C9693B41518AD6B1802016721AAE4D"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19868
Expires: Tue, 11 Oct 2022 08:15:16 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 421277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4535e5073c381fc075b0562e3f482ad4
5d14e069cb907ac83d30ab9fb321bd04a6a79b25
534d5b680dcaa311d710efeab1efcbe9b72575cc7866ac871b6cc959a4e8f07e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:12:21 GMT
Expires: Sat, 15 Oct 2022 06:12:20 GMT
Etag: "5d14e069cb907ac83d30ab9fb321bd04a6a79b25"
Cache-Control: max-age=357490,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758440956811b4f9-OSL

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e56ff5e888548d421925170a59c3227c
b5765c1bd31a2c977cf589bcdf82db4dd064e801
b4ee85fb6c0ee95aa7020a04c6dbeedc7c2f9656273ed7a240bb0db5994ba549

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4EE85FB6C0EE95AA7020A04C6DBEEDC7C2F9656273ED7A240BB0DB5994BA549"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16670
Expires: Tue, 11 Oct 2022 07:21:59 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive

www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js

192.243.59.12

200 OK

9.8 kB

URL HTTP/1.1
www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Size
9.8 kB (9779 bytes)
Hash
67e9eaf79d0c163d4c5ddcf265fa1499
31bc20e457a83bc96951d8370ce79bef55cbd47b
6b616b22ff3a0cb4b8e4e22f6070a0ff3f2b32a90e76add49e31d34358aec8dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /b4d48c91b57f98c648b006ef67833af7/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28eb119afa7e7fde17a52acbd56cc089
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5184 bytes)
Hash
a038cab69baa881794ca6712d38fb838
dfad15b64839ef9b304f7c919a36c4e66cfd46b6
26fc7247d679fe9f5b583abd33e3b56857b003facbb3b22b7d38b5d859a8c423

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5184
x-amzn-requestid: 4051eb09-2dd2-4e38-8077-8bb8ac919aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQG9VIAMFYTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-549cfdff0ead4dce44a3e546;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O2kLG7kHxWyHMX1RACUtL5WNgv37BrGEHBu_9C2UxucDR8Resapi_Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 06:52:30 GMT
age: 71499
etag: "dfad15b64839ef9b304f7c919a36c4e66cfd46b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7e4295f-4a0f-41b3-9af0-e389d3d2e3a2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4413 bytes)
Hash
5cf3f16ee684e97de9eb2eb3f114dd6c
3ac02a6f6087870a21f9003c9f2518a81a22b278
c427d1f26292d3faee2f75c429e64b7ce21d08215dbb103f6e509c04e56d3e16

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7e4295f-4a0f-41b3-9af0-e389d3d2e3a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4413
x-amzn-requestid: dfa638b6-d27f-4597-804a-66161892a5df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcOH0_IAMFTJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-4da796971b03eb9b585b36d0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XiFKCANOZryDyDPAy--tQHsQKHPq1XwGEs75-49pJWmDFjCZWGXN3w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 14:22:31 GMT
age: 44498
etag: "3ac02a6f6087870a21f9003c9f2518a81a22b278"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11800 bytes)
Hash
6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 94e8e091-1136-41a7-843c-44c4ffe9e688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZqylGGYwoAMFQIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340fe20-60b47aeb3b55af4f755577f4;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 04:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fzfUAL2jahiFgsqMExf1dB_7PFJt9wwO2BDKo3XJHSvk5AeeNP8FQg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:22:13 GMT
age: 15716
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc6dbf06-fc04-4aa0-be3e-1b1f5a988e0f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10795 bytes)
Hash
3a7910c19b8c04b1c7a9a03949dc54b8
40b0931f4705cc826564bd29418d17edbed84d7d
1f14b664a3587ad9b73b3d5bc37a670900622c467287f9a0dfad1f8bdf69606f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc6dbf06-fc04-4aa0-be3e-1b1f5a988e0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10795
x-amzn-requestid: 8efcb814-aa05-476a-b66a-161185920ed8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQHvHoAMFy_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-7eb4a30a5d0b102845ba50d6;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3gYj2RrQnvATq2N75NXCUmL8QB3cZKEtrRq2g-LphjXO6Es15eGW_A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 15:53:06 GMT
age: 39063
etag: "40b0931f4705cc826564bd29418d17edbed84d7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10736 bytes)
Hash
7c510a5010677fcfa9ee8065c0abc894
5f2cf2a511760f5fd16d5c14a48a1aff185830e0
a07018792c7eb661bfddde47d26d728298c90314e52c96228a91c7d1978fedc6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: fb2bd595-cff6-4278-95cb-f42939d91f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt85Fd9IAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449052-326c047f01d742353e1891c8;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: u5XxBwVbvOux8Bv_DgbsHjE5KcQE5gy_F2mXDNFfgPxmTfsfwCQS7Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "5f2cf2a511760f5fd16d5c14a48a1aff185830e0"
content-type: image/jpeg
age: 17298
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.6 kB (6645 bytes)
Hash
1a8720e1bfd92ce7ccfeb8ab6ca2477a
1277a8a73b2fbf48562a7f767c3219d836b1faa9
61cfaa0a0338ae710735fab66822d8227adeb6a8bc4035686fae4a4de6247f1e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 6e75c182-93bc-4339-a679-b069f78a397c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuQ0H3qoAMFi5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634490d1-4e134a93174cbf3559bea75c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2T5ArGyU86KvuyKtp_G0XC9MaZQWS2luBYlIKcQRWNeeUjqcmQgMSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:10:38 GMT
age: 16411
etag: "1277a8a73b2fbf48562a7f767c3219d836b1faa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lgarden.icu/external/loligarden.png

37.48.65.143

404 Not Found

9 B

URL HTTP/2
lgarden.icu/external/loligarden.png
IP
37.48.65.143:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 11 Oct 2022 02:44:09 GMT
server: Cowboy
set-cookie: sid=95068a84-490e-11ed-9f33-a90250ea52f1; path=/; domain=.lgarden.icu; expires=Sun, 29 Oct 2090 05:58:16 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

st.chatango.com/js/gz/emb.js

208.93.230.28

200 OK

24 kB

URL HTTP/1.1
st.chatango.com/js/gz/emb.js
IP
208.93.230.28:0
ASN
#29893 CHATANGO

File type
ASCII text, with very long lines (1651)
Size
24 kB (23804 bytes)
Hash
43a6e3a24c5f6d710f01cd9ea166bedf
2b172372c84de07111687133d38ecaee8a15c99e
65878e1003da0b2d589980ebda0a59206831ff7e8be7747532c4080e35c600d7

HTTP Headers

GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:09 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes

ocsp.sca1b.amazontrust.com/

216.137.34.29

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
216.137.34.29:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
73e1625bc284b4dc6102ab07efc8228b
3da0cfc5075c568da9b0f36e0a1be17aa9be1c51
8520483f05631d3d6b351a25f039d90d7ce4181c168d498ab6fe4e4459a89c38

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 11 Oct 2022 02:44:09 GMT
Last-Modified: Tue, 11 Oct 2022 01:08:24 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 5afa85054bbc88552c8f1b1dd45fef78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P2
X-Amz-Cf-Id: 18dS04A1O9vNTYjEAKogUyZZAMRO5PFvn3fqZvhHb3SrglZmhjNhvw==
Age: 5745

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
86d53681c73c4253b46b4f18aae4f284
12c4ffd2c97334a47371879a7d6e44d00eb15d20
7ff585a4d872137bc44844f072cf231e408425b54974bd26012c573d95a71b3e

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://teenplay.top
access-control-allow-credentials: true
set-cookie: uid_id2=9b31f352-9151-4552-8151-08cb3c2242eb:1:1; expires=Fri, 08 Oct 2032 02:44:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=galeryfantasi.top

142.250.74.164

301 Moved Permanently

337 B

URL HTTP/2
www.google.com/s2/favicons?domain=galeryfantasi.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
7a529c3542035672d72b3ea9eaa74170
9f26c803d344f85a49bd0325ba75aaeaa01c60fb
034b2806d9582fc5d7153e8ec5ae1343da09a33a0dd190372b7db0fca639d181

HTTP Headers

GET /s2/favicons?domain=galeryfantasi.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 337
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:35:34 GMT
expires: Tue, 11 Oct 2022 03:05:34 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=oslo.ml

142.250.74.164

301 Moved Permanently

327 B

URL HTTP/2
www.google.com/s2/favicons?domain=oslo.ml
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
327 B (327 bytes)
Hash
b6e83b7b75fd984be6f48a4f40a7b144
d8fcfb76b10d0a0f11b291ea7bce4d78454b6d5a
3892ce27b7cc712656e80c487b08f3721162c47f0811773a3a4fa91e14cd3eee

HTTP Headers

GET /s2/favicons?domain=oslo.ml HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
x-content-type-options: nosniff
server: sffe
content-length: 327
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:25:09 GMT
expires: Tue, 11 Oct 2022 02:55:09 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 11 Oct 2022 02:41:09 GMT
expires: Tue, 11 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 181
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=fotoscaseras.top

142.250.74.164

301 Moved Permanently

336 B

URL HTTP/2
www.google.com/s2/favicons?domain=fotoscaseras.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
336 B (336 bytes)
Hash
7429e7d8d7a6310d944869fc3a0eb7be
b606aff698976c5a3eebef3d9546de66f32dd9da
65e359aa72d3b9e8b77726234e46850b19a11d5ea4e1a96a2fdef5690cd15f17

HTTP Headers

GET /s2/favicons?domain=fotoscaseras.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:18:17 GMT
expires: Tue, 11 Oct 2022 02:48:17 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=dreamlist.top

142.250.74.164

301 Moved Permanently

333 B

URL HTTP/2
www.google.com/s2/favicons?domain=dreamlist.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
236db19888bae9696643ada8ba5730ea
a08bae3d21e58cf71da2f1f4e2a441715a8b1070
9f1a641e734f1a871587963f54a1ebb5b4f9869a9ad2b2b6741a46fef00c0ed2

HTTP Headers

GET /s2/favicons?domain=dreamlist.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:21:11 GMT
expires: Tue, 11 Oct 2022 02:51:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=thecams.top

142.250.74.164

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=thecams.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
d8db04a1504b9404e9d7861a9985dad0
f6a0c2dd3638b104a28ee0ea6613f97dfd28c5de
7c8fa0806933d439cc7896af6fa206cb2f9f362fa89cbe9885da782aed5def12

HTTP Headers

GET /s2/favicons?domain=thecams.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:35:34 GMT
expires: Tue, 11 Oct 2022 03:05:34 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=lilibox.top

142.250.74.164

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=lilibox.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
bfd792d204c498b42d3b2399ea1f4e39
5cddd477561edae96604f447cf561070af46e75c
2599cb3c8852370c6bb5c811d51051ad3ececa3c9b40894867a8ee8b06963c6f

HTTP Headers

GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:25:09 GMT
expires: Tue, 11 Oct 2022 02:55:09 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=teenstream.top

142.250.74.164

301 Moved Permanently

334 B

URL HTTP/2
www.google.com/s2/favicons?domain=teenstream.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
334 B (334 bytes)
Hash
6cc48ba915a378729f7e248407afa82d
41e013ad808980e46d9a647287fab6c013ce6c48
9fd4032f6e919a153ff255cf9eb11929da4d22b89cb65d6fc599ad83c213e2df

HTTP Headers

GET /s2/favicons?domain=teenstream.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 334
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:23:07 GMT
expires: Tue, 11 Oct 2022 02:53:07 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=lolibase.xyz

142.250.74.164

301 Moved Permanently

332 B

URL HTTP/2
www.google.com/s2/favicons?domain=lolibase.xyz
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
332 B (332 bytes)
Hash
7d5aecbfdf62eca2171105ab2eef535e
a527ae6103ed72107b53043ee579dcfaeb88caea
1952935b6c9c25e38b00aecd40b02fbab0b89f57edf867a500cdd5ab69bd9854

HTTP Headers

GET /s2/favicons?domain=lolibase.xyz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=bodyxxx.top

142.250.74.164

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=bodyxxx.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
c010b8f93b900106d9124599bf8e376c
b9ab70fdb6eb3b65b0eda52feb9b21342e3e3b95
fa6b6f47f8b7bec2f174cbedd614574e5857dc69f18dfef5d82fb60af30dc358

HTTP Headers

GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=4ox.lol

142.250.74.164

301 Moved Permanently

327 B

URL HTTP/2
www.google.com/s2/favicons?domain=4ox.lol
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
327 B (327 bytes)
Hash
a544327df1220c646bb5c5d0e5b52bb5
2190daa3ec2206ad9147b84c7bf3f85f59ee989d
8d5fb50c0e8e8f12af655689700c2c407286a26137adba77ba3a25a827770e96

HTTP Headers

GET /s2/favicons?domain=4ox.lol HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com

142.250.74.164

301 Moved Permanently

347 B

URL HTTP/2
www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
347 B (347 bytes)
Hash
5943a98485eeaf40f74fac26683054af
f360b80e695b74f4105614a15aabe4e986e75242
8279429451d6446c07d80bdbbc9b208ee7da82acfb33a4decb86138a15bf3b4f

HTTP Headers

GET /s2/favicons?domain=barelylegalteens.xxxbit.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=secret-stars.link

142.250.74.164

301 Moved Permanently

337 B

URL HTTP/2
www.google.com/s2/favicons?domain=secret-stars.link
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
d48a573c40052b88b9dc340eb6e1de5e
1ab50cd9d68cfb7c3c1f011d87030994b6f7992c
5dbe53ca82dd8002904d4cb5f2a0cbaf622b37710de1524261e1c11bff71d651

HTTP Headers

GET /s2/favicons?domain=secret-stars.link HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=sweetbody.top

142.250.74.164

301 Moved Permanently

333 B

URL HTTP/2
www.google.com/s2/favicons?domain=sweetbody.top
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
c75a869ba00edb4f4a07e24930555dc6
a5ae4236cdd09c960bae5df2f1960446c519c083
e7e66ea681bf6277bd2dd3b6055eaa1c2375e984682263c6a230cf62918afd08

HTTP Headers

GET /s2/favicons?domain=sweetbody.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=littleteenclubpw.com

142.250.74.164

301 Moved Permanently

340 B

URL HTTP/2
www.google.com/s2/favicons?domain=littleteenclubpw.com
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
340 B (340 bytes)
Hash
15653d2b4340481edf6e7616abf5d269
c888fc6743ce534c2a69eb83eb34c0c07f4680f5
b960a1c73729f5aa950f145d3e2474f2d20e8ca1f7ab2a3aefbe5769b010d87e

HTTP Headers

GET /s2/favicons?domain=littleteenclubpw.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=migirls.tk

142.250.74.164

301 Moved Permanently

330 B

URL HTTP/2
www.google.com/s2/favicons?domain=migirls.tk
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
be370c20378ef408f31d1bc40050fdb8
17eed4a2d3f07465e0192933f129935080edda45
63f6a9dc77cc13a1d41b0ca0b71ed4a4b5180ed5e9ab52fe86c15d43dbd9df10

HTTP Headers

GET /s2/favicons?domain=migirls.tk HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=camteens.cf

142.250.74.164

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=camteens.cf
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
8cc0a81ec013023bfe47213233ef8ad0
647a567c6218d6894c7e725e93dba6f1b14ee1cc
61ff719428c8a5619ace040eba4ba3a0727af128eefb58d61f2427460352d424

HTTP Headers

GET /s2/favicons?domain=camteens.cf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=

142.250.74.164

404 Not Found

1.6 kB

URL HTTP/2
www.google.com/s2/favicons?domain=
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1580 bytes)
Hash
4c897ae556077ac19ca558718789ba76
a673a81ea0a3e7a2fdf759a014a608df15efecbd
2d841defe31ddac7bb79861466085b6a632a04ea330532a98d8180f7dbaff68f

HTTP Headers

GET /s2/favicons?domain= HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=teens.llshort.com

142.250.74.164

301 Moved Permanently

337 B

URL HTTP/2
www.google.com/s2/favicons?domain=teens.llshort.com
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
78d9a4df6fb6ec190f1808c5ea4acdc9
9c0e1353fbcb3ea2a57cdf1ca8adca4c2fe66001
e0722f13a02d07010312c5da55ad52314216eeb46cf93a65b35c5e45b6374e2c

HTTP Headers

GET /s2/favicons?domain=teens.llshort.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=celebmodel.buzz

142.250.74.164

301 Moved Permanently

335 B

URL HTTP/2
www.google.com/s2/favicons?domain=celebmodel.buzz
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
335 B (335 bytes)
Hash
1805583107b0523ed308dc2d26c79498
5dfb7d545ea8868abd2a8b9fd3518ab33e20c5c4
3b1f4b35cfa71cb2168d37e8a02e30903c9b089fcc49f05f1d54e6f2dcca8e96

HTTP Headers

GET /s2/favicons?domain=celebmodel.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=sextoplist.pw

142.250.74.164

301 Moved Permanently

333 B

URL HTTP/2
www.google.com/s2/favicons?domain=sextoplist.pw
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
ac0c1e73662e7001ee7f99fe230f3da4
1c7b0d5e3f238cbbbc511fba7fa5ffe80ab80172
f46653018c437019b1b4f7dc2dd917915f8aa3622e2f653ef1d60a6ba1dc9834

HTTP Headers

GET /s2/favicons?domain=sextoplist.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:14:11 GMT
expires: Tue, 11 Oct 2022 02:44:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=sexvibe.me

142.250.74.164

301 Moved Permanently

330 B

URL HTTP/2
www.google.com/s2/favicons?domain=sexvibe.me
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
41efaec76311f42302879f85cb13bf7a
fad389bca98097a07a583b5b3149f9438043b059
25d22541e8bb99fd4eb86cf67d3fd7fea49a3651bcdca53ad59bfbd32b1b7a8e

HTTP Headers

GET /s2/favicons?domain=sexvibe.me HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:37:13 GMT
expires: Tue, 11 Oct 2022 03:07:13 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=youngstar.cc

142.250.74.164

301 Moved Permanently

332 B

URL HTTP/2
www.google.com/s2/favicons?domain=youngstar.cc
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
332 B (332 bytes)
Hash
9f68089713a45a53e662421065fad6f5
54a0b68fd44108088519b497909bad303e822fac
34005e686b287d4359eb24edf29ec0241c2857893a9209c7d54fc547e43b7c3b

HTTP Headers

GET /s2/favicons?domain=youngstar.cc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b582667677702e4b89c8025325e294a7
aa7de6386a5d80acae3444099291afe9251fd004
cd4313f2d7edb0c9aaea26330fa55d82b338fe96ea4a20c7b539771f153d2a91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD4313F2D7EDB0C9AAEA26330FA55D82B338FE96EA4A20C7B539771F153D2A91"
Last-Modified: Sun, 09 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 11 Oct 2022 03:53:25 GMT
Date: Tue, 11 Oct 2022 02:44:10 GMT
Connection: keep-alive

www.google.com/s2/favicons?domain=artbbs.st

142.250.74.164

301 Moved Permanently

329 B

URL HTTP/2
www.google.com/s2/favicons?domain=artbbs.st
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
329 B (329 bytes)
Hash
5b57bfcf5256484a7ae4746e7ed9a18c
2df0727662ca3d5567962654e9c6c32f1fda70fe
54d304934889cf4a6570ed37a81e65f25880e84c631db2089d91fe3804cb831c

HTTP Headers

GET /s2/favicons?domain=artbbs.st HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:19:35 GMT
expires: Tue, 11 Oct 2022 02:49:35 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0fa37076cf716e45f8c7d4c9d3763ec4
b5e15dbbf63afd38dafc5681994078585c2974a6
819e659d6a167e928acd75ce791dbe29c4ad44784b47a5beb0376cbfab59937f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

st.chatango.com/h5/gz/r0817221641/id.html

208.93.230.28

200 OK

224 kB

URL HTTP/1.1
st.chatango.com/h5/gz/r0817221641/id.html
IP
208.93.230.28:0
ASN
#29893 CHATANGO

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size
224 kB (224127 bytes)
Hash
fc3ae4d65fdfcf6587ee0fd2e6341ca1
29b97c7cfc4081d173d28c84c774bc3ce891724d
b0a40dcfdea8674321e505dac154350a1bb1ef6067670208b02b6e4bd874f3a9

HTTP Headers

GET /h5/gz/r0817221641/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: text/html
Content-Length: 224127
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Wed, 11 Oct 2023 02:44:09 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes

st.chatango.com/cfg/nc/r.json?9c97380020000266839025590

208.93.230.24

200 OK

20 B

URL HTTP/1.1
st.chatango.com/cfg/nc/r.json?9c97380020000266839025590
IP
208.93.230.24:0
ASN
#29893 CHATANGO

File type
JSON data\012- , ASCII text
Size
20 B (20 bytes)
Hash
67a235cdf67d15044e66db2b3b799581
c6ddd33c979392cd5ba3a70d7c90360641e60c29
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7

HTTP Headers

GET /cfg/nc/r.json?9c97380020000266839025590 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
ETag: "62fd7d87-14"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

192.243.61.227

307 Temporary Redirect

0 B

URL HTTP/1.1
motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1 HTTP/1.1
Host: motivessuggest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Location: https://motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t
Set-Cookie: u_pl=16262340; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RlZW5wbGF5LnRvcC8ifX0.yYivSS_4TN8QXP4sQrKWOR9bxCstvdt4tJciCOifdyg; expires=Tue, 11 Oct 2022 02:45:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd5a56abd5f7199edbe5ade9b2ca2253
Strict-Transport-Security: max-age=0; includeSubdomains

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16

216.58.211.4

200 OK

555 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
555 B (555 bytes)
Hash
1670761b3f8ecc714c91168a1fd22a10
c98d47b667c12f120c8e017785e82503c4b218d4
65624d59c209631d78111f4d4abde29da680e453462e8822c49af3da2ac369cc

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://i.imgur.com/ABb8xPB.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 555
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 09:52:36 GMT
expires: Thu, 13 Oct 2022 09:52:36 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 406294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16

216.58.211.4

200 OK

565 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
565 B (565 bytes)
Hash
63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 07:37:30 GMT
expires: Tue, 11 Oct 2022 07:37:30 GMT
cache-control: public, max-age=604800
age: 587200
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16

216.58.211.4

200 OK

417 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
417 B (417 bytes)
Hash
a963f74a2fd713e4823364a68d679715
49815d1cea08ef7c4b487aa04ca03179af72ad56
187dbc3ab7762ae08121b10088abe00eed5f34ef06ab0492d2188a8f5d6035e9

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://sexvibe.me/wp-content/uploads/2020/12/cropped-cropped-afe37ca5-3517-4bab-be8f-1f7382c0a6b9_200x200-1-32x32.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 01:28:37 GMT
expires: Wed, 12 Oct 2022 01:28:37 GMT
cache-control: public, max-age=604800
age: 522933
last-modified: Tue, 02 Feb 2021 14:31:53 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16

142.250.74.132

200 OK

443 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
443 B (443 bytes)
Hash
6336cde5a7b910fd4cbfe0e37f99232e
af7148ad0790e7c2b93f985cedd4374ff82709f1
53cef3db37ebbaae376fb8e3bbd584eec2fe720158e28530f03c6e82362c1c82

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://thecams.top/data/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 03:27:06 GMT
expires: Mon, 17 Oct 2022 03:27:06 GMT
cache-control: public, max-age=604800
age: 83824
last-modified: Sat, 20 Feb 2021 07:16:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16

216.58.211.4

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16

142.250.74.132

200 OK

591 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
591 B (591 bytes)
Hash
27eaaa217e97f09b1e0e4ef5fe03ddea
8dba908621461e0ddccc275b2d3499597e982478
abbd0c903c75920669002d8d812580fe030bcf37788405bbf85c52631f4cfedb

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fotoscaseras.top/wp-content/uploads/2019/06/favicons-1.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 591
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 18:15:39 GMT
expires: Mon, 17 Oct 2022 18:15:39 GMT
cache-control: public, max-age=604800
age: 30511
last-modified: Fri, 07 Jun 2019 19:58:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16

142.250.74.36

200 OK

405 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Size
405 B (405 bytes)
Hash
bd76bd93e551a820ffe9667fd4d177b1
a24201c78a608859871d27a70a3d89c286d59d4a
a06a9ef6a72f8f72665c5917be4bd187269299f848ebdefa46d3711fdafee356

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://4ox.lol/wp-content/uploads/2022/06/cropped-Aleksandra-010-071-Copy-scaled-e1655895475940-180x180.jpg
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 405
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:05:33 GMT
expires: Wed, 12 Oct 2022 21:05:33 GMT
cache-control: public, max-age=604800
last-modified: Wed, 22 Jun 2022 20:01:56 GMT
content-type: image/jpeg
age: 452317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16

142.250.74.36

200 OK

681 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
681 B (681 bytes)
Hash
76fa40794231b36bdba82da49c404650
c19cda36d0ada641da2ab23469570ecd01eac705
b7ac2b816ac48172443caf645a63c3bf9374df279a020f29a3aa2123b2127ea4

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://secret-stars.link/wp-content/uploads/2022/06/Sun-in-Love-128x128-1.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 681
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:11:26 GMT
expires: Wed, 12 Oct 2022 18:11:26 GMT
cache-control: public, max-age=604800
last-modified: Sun, 05 Jun 2022 02:48:21 GMT
content-type: image/png
age: 462764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16

216.58.211.4

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16

142.250.74.36

200 OK

334 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Size
334 B (334 bytes)
Hash
f13090ea037147ca6f016256aa98c1c3
8decf7c02729910c934be0aceaf13bcc022922f1
bc3b21962ffa6f1b3e8203c9c1855e859e73c660cfd365e47a1a6b67a721bbfd

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-location: http://dreamlist.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 334
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 08:55:23 GMT
expires: Wed, 12 Oct 2022 08:55:23 GMT
cache-control: public, max-age=604800
age: 496127
last-modified: Fri, 05 Apr 2019 01:41:05 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16

142.250.74.36

200 OK

525 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
525 B (525 bytes)
Hash
0e7490fb45f75e701e6f881c482f41d0
eb49f737486f87c9155563697b47d5ed3b788fae
d3528057ed6f6e5ef6d921c1eda6c1f2ca0524c33c83619143967a8bb6c7e4ff

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://img.sedoparking.com/templates/logos/sedo_logo.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 525
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 17:26:24 GMT
expires: Wed, 12 Oct 2022 17:26:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 26 Nov 2018 03:13:52 GMT
content-type: image/png
age: 465466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16

142.250.74.36

200 OK

524 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
524 B (524 bytes)
Hash
fb8c9b7989d8ba21438d600b0756c2b9
55975f660a6e9e09091042120054eaa4853550a3
95f562037804f50a2745ffbdc791580096de62e37d437ee5b428572dd2aee8a3

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://artbbs.st/images/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 18:24:06 GMT
expires: Sun, 16 Oct 2022 18:24:06 GMT
cache-control: public, max-age=604800
age: 116404
last-modified: Thu, 20 Aug 2020 00:02:02 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16

142.250.74.36

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP
142.250.74.36:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdn.taboola.com/libtrc/chatango-network/loader.js

151.101.85.44

200 OK

21 kB

URL HTTP/2
cdn.taboola.com/libtrc/chatango-network/loader.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65508)
Size
21 kB (21222 bytes)
Hash
4460cc304727ce319584cef82bcee856
8419e6c1a81f05f32b7ac932bd3420c5a46ec3f9
ac2a6d709ff841ccf30488968bd235e48b6ede230235e3375d4ce901e0313fc2

HTTP Headers

GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: ZcLWw3nAzNn0H273Qnsg616mZcuXBIg2s3Hr0vqfVPKSCwAGdus1VSu7Xb1L6P/w5Ubohh0EXNY=
x-amz-request-id: 2FGABG1DHPJHFJNX
last-modified: Thu, 06 Oct 2022 17:55:04 GMT
etag: "5c5d2aa8af2344a3b297ace11e1dc91c"
x-amz-version-id: x9ebDivxCXWCZOZak9uVu9BGM112yZFp
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:10 GMT
via: 1.1 varnish
age: 7
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665456251.651085,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 49
content-length: 21222
X-Firefox-Spdy: h2

motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t

192.243.61.227

200 OK

2.4 kB

URL HTTP/1.1
motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3035)
Size
2.4 kB (2375 bytes)
Hash
97e58a54cb4aee4cfdf56895adbe7984
6c8ddd85e34a797b0d5d16951f63c0b307cd35b3
98373a7d192242d82a9110824a6a11d62495a96a3dee89cd8f8076e032eff1be

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t HTTP/1.1
Host: motivessuggest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Referer: https://teenplay.top/
Connection: keep-alive
Cookie: u_pl=16262340; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RlZW5wbGF5LnRvcC8ifX0.yYivSS_4TN8QXP4sQrKWOR9bxCstvdt4tJciCOifdyg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9b31f352-9151-4552-8151-08cb3c2242eb:1:1; expires=Tue, 18 Oct 2022 02:44:10 GMT; secure; SameSite=None
iprcd3a3c7058592ed52998e2a3563cf17f9=3569684; expires=Tue, 11 Oct 2022 06:44:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
uncs=1; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9313614f8cc88c6099702c7f0a2ed8ac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js

151.101.85.44

200 OK

146 kB

URL HTTP/2
cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js
IP
151.101.85.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65508)
Size
146 kB (145663 bytes)
Hash
fc285a975f67a54f7945c067c247cd30
37bd19d10e7f27d9f30cb00c4d46b0ebf37c0453
e8f163dbb4c93e8bb9943c323b1d367bc03c3842c605f0929c3e7d409fa61c00

HTTP Headers

GET /libtrc/impl.20221006-24-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: n6/SK19NLnheTLTO/dZ+gXN/mZ0mKtCyQZ9vIy45OV+8ykPPwaq4Ja0fCKOoy4MbaMRa7M1iVUE=
x-amz-request-id: F82GZ34E09M4KHVD
last-modified: Thu, 06 Oct 2022 17:20:43 GMT
etag: "fc285a975f67a54f7945c067c247cd30"
content-encoding: br
x-amz-version-id: 1yVrmQoBO9AjyLAf7I.EyG5yQOfZRwzF
content-type: application/javascript
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:10 GMT
via: 1.1 varnish
age: 5004
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 959
x-timer: S1665456251.833254,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 145663
X-Firefox-Spdy: h2

sb.scorecardresearch.com/beacon.js

108.156.28.7

200 OK

1.9 kB

URL HTTP/2
sb.scorecardresearch.com/beacon.js
IP
108.156.28.7:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (3936)
Size
1.9 kB (1852 bytes)
Hash
b67d2bfd2ffc510f6344e0dee7f05de3
db5a2e6076fbed3d01ddd5a5150a761cb6bc1886
1e6b30c3e6f7ac17aab743639939cc408ba4f6bde7176eb4438c6ead54c80e07

HTTP Headers

GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 10 Oct 2022 09:35:41 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: sMJlVrKucJ8A4FMnwHaK_Zov1QdkFspn8IUjaaDZokyVPcD-oogniQ==
age: 61725
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
a1d2c6546fad781dd45fefc33944c3e6
ce2b02dec75ae5ad9cfa11bb4808c2bbf8f095f9
5b7c666aeca9d7d5aac6a2731e16b92e1c03424750d9ab6ebb36776265a1e06f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:22:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312

trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Tue, 11 Oct 2022 02:44:11 GMT
x-fastly-to-nlb-rtt: 22244
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b48f3a5fc0b451695780d7ae9af0a033
b1d460e31c68aab45337914ccf12a2dfd459f83c
ddb6305262d8f75627aac40034115ce82fb63d0d5ad0f1c68b6e5fada3dee7a6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDB6305262D8F75627AAC40034115CE82FB63D0D5AD0F1C68B6E5FADA3DEE7A6"
Last-Modified: Mon, 10 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14548
Expires: Tue, 11 Oct 2022 06:46:39 GMT
Date: Tue, 11 Oct 2022 02:44:11 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
24e068ecf81e631246398296ae3aaea4
4fe014468c713b86961ccc6258a98af3a62e8ea5
45c62b250975a574fc20e59094b766abcff94da0b1f316010ba148812537371c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 00:58:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
bbd944499f09526843f6de28d394ce0b
4a5ee699e859e4c09f339d985609b9baa7a591ab
354f17b491e3ef314b57dc79afe8b21e8e8a9dea72b7813318a96adc70176da4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:40:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314

cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png

45.133.44.9

200 OK

112 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
112 kB (112168 bytes)
Hash
c45241b13549342de998e8518b0430f8
4520fd975fc212eb0e8d67981697b04787280f6a
12d50ef4939929d2f45254e0a404bda1f11fb2509599a9a7cb5e601e9c8f66b6

HTTP Headers

GET /cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:11 GMT
content-type: image/png
content-length: 112168
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:30 GMT
etag: "62e10b1a-1b628"
expires: Thu, 13 Oct 2022 02:44:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
bbd944499f09526843f6de28d394ce0b
4a5ee699e859e4c09f339d985609b9baa7a591ab
354f17b491e3ef314b57dc79afe8b21e8e8a9dea72b7813318a96adc70176da4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:40:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 408198
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml

208.93.230.28

200 OK

46 B

URL HTTP/1.1
ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml
IP
208.93.230.28:0
ASN
#29893 CHATANGO

File type
XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
489a85ae9059fbab14c176e10bdceae7
23a167e15ff489c149a1c1f633bfcd4597d9c0bd
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a

HTTP Headers

GET /groupinfo/l/i/littledreamclub/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:11 GMT
Content-Type: text/xml
Content-Length: 46
Last-Modified: Fri, 20 Nov 2020 04:47:50 GMT
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

314 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
314 B (314 bytes)
Hash
68cf5f64356628ab1ca602bda0db336c
a0bf29ead1425ba4d6446359869c3f0fe5224c0f
63b42150b609c10e9f4c78ec50781937d573e92f3180d98714b3ac0a567caf61

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 02:22:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314

ag.gbc.criteo.com/newidsd

185.235.84.178

200 OK

360 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.178:0
ASN
#44788 Criteo SA

File type
data
Size
360 B (360 bytes)
Hash
667718b0477486b2385d05e97dc4fada
47cbca4a540a711d0c37d50347a7b54c480bf975
c2cc207af4c046704fe7f85d8c6e2db72f1d012873e87cf96b0c9281442fd067

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93509
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 452504
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks

108.138.233.18

200 OK

0 B

URL HTTP/2
js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks
IP
108.138.233.18:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 11 Oct 2022 02:39:33 GMT
expires: Tue, 11 Oct 2022 02:54:33 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 0f1628acb8f1a10579cc0f46f36632fe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P4
x-amz-cf-id: CnWLzGRa4atFHRTcyhk-Ca6l4h_Xd23TAa_h3-d7_4tb-uHVu7dRGw==
age: 275
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=rtus&topUrl=teenplay.top HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=cfab8569-4f67-4c55-bfca-0b15514838d0; expires=Sun, 05 Nov 2023 02:44:11 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 484624
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.0.157

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.0.157:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st.chatango.com/
x-crto-bundle: 17nqpV9vMHVROWJyOEdkbUpDbjFkV1pPZkVRak8lMkJyWFdrS2FuayUyQjFHSGN0ajhoczZDNHJSTEV3c0JkV2ZPT2dzY2xCeFJMMWJKcEdsUDQlMkJiRlYlMkZjNDc1UkFyQ3hMcjElMkY4aWtUNWNXUXlDSktKY3VuSkRidG9pa3dCU2tZaGtWTFNwZGQ
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:11 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 670617
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 11 Oct 2022 02:44:08 GMT
date: Tue, 11 Oct 2022 02:44:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

185.235.84.86

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
185.235.84.86:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97660
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

teenplay.top/

172.67.145.84

200 OK

0 B

URL HTTP/2
teenplay.top/
IP
172.67.145.84:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO00KafF3sfS3Fe1jS2l0scbjvkWaJt3v4pA4tKifkGppkQFWsG2a5sJUTlBS0FOauI42%2BoUFQr0DXVtz88WJwjddjp9ZOsh8YJei25%2FHgixkZMelRVCsFXFy5taDv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7584408b5971b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations