teenplay.top/
172.67.145.84301 Moved Permanently 0 B IP 172.67.145.84:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 11 Oct 2022 02:44:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 03:44:07 GMT
Location: https://teenplay.top/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln7%2FnDWIbkWroasHvuFePTPpc%2FnjnNVVUDeRDY2P9zqu4Od7phL9T6L5AYCw6lgZfDZbF3lmUCo9KsPdtOpeDmdwRn1ENfFQv4VKU3WabgGY2gsVFDJcyyVopRusetY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 758440894c20b512-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
18.164.68.21200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 3f17af4e8a1739eda4a518039f4892f9
c3feba08ae7e8f57e0fe9bcd2ebedea6bda67cbb
c485b09cad08b5233fe8753682faf59219fe0d18fcc34d90dc88fb0971295f5f
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 02:08:12 GMT
Expires: Tue, 11 Oct 2022 02:29:08 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 3fc96eac90753d96374d6038f01cfe76.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: X8OwpqVnh5U1Q7Pi6lsqO8-m7tMsUlzEwfXiNLhGXa8CbSefK60Idg==
Age: 2155
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ef6d323da0ad155f526b4a57c2e46ccc
71686b19b3ca049b9b66f8740284c552a3f61a20
99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20532
Expires: Tue, 11 Oct 2022 08:26:19 GMT
Date: Tue, 11 Oct 2022 02:44:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15175
Expires: Tue, 11 Oct 2022 06:57:02 GMT
Date: Tue, 11 Oct 2022 02:44:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: e9kjBeQZlafwTZj7lHlapXz5rZRtKXgYhNLhxJ/FooSTaovdEubmdL/SrkoZ9yNsiSsBKcwUvSrZEy4ei1i8lw==
x-amz-request-id: EP3DC12YEHD9C27K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 02:00:40 GMT
age: 2607
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 02:44:07 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.21200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.21:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 11 Oct 2022 02:41:37 GMT
Expires: Tue, 11 Oct 2022 03:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a4b8b5ea0a3ab45ef51e6681d8320bc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: fhGOPD4VfwzOGLVz_nn106lLV-DVRCqsfnGWjycby5UOFHrcrt4XpQ==
Age: 150
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d545bc725dcd5d6f1dfc10a8b35aeb3a
82d92587953dac8a05d691730b8318719328de6b
9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4537
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Last-Modified: Tue, 11 Oct 2022 01:28:31 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0679abb83f67babee057b4e7b618faa5
0b385a7548d694be54027dc7803b6030c0d32aa9
82ea72d9a5a3ca844e3b83f884e56bdbc4cfa6673f470f444382bf5f8357575f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "82EA72D9A5A3CA844E3B83F884E56BDBC4CFA6673F470F444382BF5F8357575F"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5547
Expires: Tue, 11 Oct 2022 04:16:35 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive
chanekee.ga/Banners/chanekee.jpg
172.67.203.200200 OK 55 kB URL HTTP/2 chanekee.ga/Banners/chanekee.jpg
IP 172.67.203.200:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1413x221, components 3\012- data
Hash 8dec9f6f86b1f5218252a970fd72e845
d3411815cdedee39ebaeb21a564abaa7b48f86a2
8930f6412d08744d5420e42466caa0f8dc44f88dc2dba8d4a4b1c6318b12d0b0
GET /Banners/chanekee.jpg HTTP/1.1
Host: chanekee.ga
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: image/jpeg
content-length: 55155
cache-control: public, max-age=604800
expires: Mon, 17 Oct 2022 18:10:59 GMT
last-modified: Wed, 08 Jul 2020 19:53:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 30789
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FSkgLr5A4uBET6ZK1DS0VTTX22Gqu1h7RzmLDNZeFyCeE72XPNo66VuQK%2F5mpQkZAbK%2F92eKy2T0dWFUoCn94OsnSDzWGaEMgc8kUKHocFTcKFxcvzzWiMuoenAGrg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75844090cb280b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/kOEOLmX.jpg
151.101.84.193200 OK 30 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash c21b0de24e5c1d574eb150eecbd032b7
d6761ca75b681a86930bca004161f3bc83ada12c
e47b261f1e325300bf39fc141fe11e4af224c0596478fbcbae7cb5b8f52329d2
GET /kOEOLmX.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 18:57:35 GMT
etag: "c21b0de24e5c1d574eb150eecbd032b7"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:08 GMT
age: 3619983
x-served-by: cache-iad-kiad7000170-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 9371, 3
x-timer: S1665456248.449087,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30484
X-Firefox-Spdy: h2
wxhiojortldjyegtkx.bid/rci?tr=false
172.67.133.150200 OK 1 B URL HTTP/2 wxhiojortldjyegtkx.bid/rci?tr=false
IP 172.67.133.150:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
GET /rci?tr=false HTTP/1.1
Host: wxhiojortldjyegtkx.bid
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: text/html;charset=UTF-8
content-length: 1
cache-control: no-transform,no-cache
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEnw%2FRc6uIfdIYIs5rsRWU8s6qOave0I5kTs4tVIsQU%2B4v17a1x8TOR9cF8ec%2BHdVtcagKPg0K0wr1IjGTtcPP2%2BQoDgs7z19eDmfvQndNx3zERQ2MyCvzm8axQBh6smLe5g4RVpJ%2BZX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 758440900f02b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
i.imgur.com/VXrxMGg.jpg
151.101.84.193200 OK 30 kB IP 151.101.84.193:0
File type JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Hash d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1
GET /VXrxMGg.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 08:58:33 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:08 GMT
age: 2914881
x-served-by: cache-iad-kcgs7200128-IAD, cache-bma1674-BMA
x-cache: HIT, HIT
x-cache-hits: 5847, 2
x-timer: S1665456248.449497,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2c08f85bd74f5c0456761cd4180e3d1b
1fb1ed9973e481092ae4e51e7277e7e58144f994
e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0679abb83f67babee057b4e7b618faa5
0b385a7548d694be54027dc7803b6030c0d32aa9
82ea72d9a5a3ca844e3b83f884e56bdbc4cfa6673f470f444382bf5f8357575f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "82EA72D9A5A3CA844E3B83F884E56BDBC4CFA6673F470F444382BF5F8357575F"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5547
Expires: Tue, 11 Oct 2022 04:16:35 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-141729945-17
142.250.74.168200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-141729945-17
IP 142.250.74.168:0
File type ASCII text, with very long lines (1969)
Hash 8c593d1409940e0d2343239bcff7f2d7
b3cf57bbd31694ff529e5071526a3390e2f93a81
7dd9a0ae36865d87c056a88f62fe089549d38b4772c98e420a930a6d8b40fbcb
GET /gtag/js?id=UA-141729945-17 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 11 Oct 2022 02:44:08 GMT
expires: Tue, 11 Oct 2022 02:44:08 GMT
cache-control: private, max-age=900
last-modified: Tue, 11 Oct 2022 01:33:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0p98z+fYiCSiVFjOTtQgEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: FMboadtXE/kMzf1cpQ8QQFhM1EM=
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2c08f85bd74f5c0456761cd4180e3d1b
1fb1ed9973e481092ae4e51e7277e7e58144f994
e5e5d24ca076fb29f70c900432ad20cc1c838d61924c257d2fe01e898a76ecad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 50bff5a6ff613436a227551a90ddb328
97aca6598470104c536abae69c4d770d073d9f19
c7f82bfca87c7f8d7fcf9acb3ef145d76c8d54a370ffe5ca73a11ace5f2e8979
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7F82BFCA87C7F8D7FCF9ACB3EF145D76C8D54A370FFE5CA73A11ACE5F2E8979"
Last-Modified: Mon, 10 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4599
Expires: Tue, 11 Oct 2022 04:00:47 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive
lgarden.icu/external/loligarden.png
37.48.65.143404 Not Found 9 B URL HTTP/2 lgarden.icu/external/loligarden.png
IP 37.48.65.143:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 11 Oct 2022 02:44:08 GMT
server: Cowboy
set-cookie: sid=9464d25c-490e-11ed-a37b-a902f8b23031; path=/; domain=.lgarden.icu; expires=Sun, 29 Oct 2090 05:58:15 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad82659acd591c7cef05e62c1054c8c7
bbda17fc931c397238749eaffaeba7b39e0a0844
670f972a1625f00fa54a21b173c605c552c9693b41518ad6b1802016721aae4d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "670F972A1625F00FA54A21B173C605C552C9693B41518AD6B1802016721AAE4D"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19868
Expires: Tue, 11 Oct 2022 08:15:16 GMT
Date: Tue, 11 Oct 2022 02:44:08 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 421277
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 4535e5073c381fc075b0562e3f482ad4
5d14e069cb907ac83d30ab9fb321bd04a6a79b25
534d5b680dcaa311d710efeab1efcbe9b72575cc7866ac871b6cc959a4e8f07e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 08 Oct 2022 06:12:21 GMT
Expires: Sat, 15 Oct 2022 06:12:20 GMT
Etag: "5d14e069cb907ac83d30ab9fb321bd04a6a79b25"
Cache-Control: max-age=357490,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 758440956811b4f9-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e56ff5e888548d421925170a59c3227c
b5765c1bd31a2c977cf589bcdf82db4dd064e801
b4ee85fb6c0ee95aa7020a04c6dbeedc7c2f9656273ed7a240bb0db5994ba549
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B4EE85FB6C0EE95AA7020A04C6DBEEDC7C2F9656273ED7A240BB0DB5994BA549"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16670
Expires: Tue, 11 Oct 2022 07:21:59 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive
www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js
192.243.59.12200 OK 9.8 kB URL HTTP/1.1 www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type exported SGML document, ASCII text, with very long lines (26945), with no line terminators
Hash 67e9eaf79d0c163d4c5ddcf265fa1499
31bc20e457a83bc96951d8370ce79bef55cbd47b
6b616b22ff3a0cb4b8e4e22f6070a0ff3f2b32a90e76add49e31d34358aec8dd
Analyzer Verdict Alert quad9 Sinkholed
GET /b4d48c91b57f98c648b006ef67833af7/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 28eb119afa7e7fde17a52acbd56cc089
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20385
Expires: Tue, 11 Oct 2022 08:23:54 GMT
Date: Tue, 11 Oct 2022 02:44:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a038cab69baa881794ca6712d38fb838
dfad15b64839ef9b304f7c919a36c4e66cfd46b6
26fc7247d679fe9f5b583abd33e3b56857b003facbb3b22b7d38b5d859a8c423
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5184
x-amzn-requestid: 4051eb09-2dd2-4e38-8077-8bb8ac919aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQG9VIAMFYTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-549cfdff0ead4dce44a3e546;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O2kLG7kHxWyHMX1RACUtL5WNgv37BrGEHBu_9C2UxucDR8Resapi_Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 06:52:30 GMT
age: 71499
etag: "dfad15b64839ef9b304f7c919a36c4e66cfd46b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7e4295f-4a0f-41b3-9af0-e389d3d2e3a2.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7e4295f-4a0f-41b3-9af0-e389d3d2e3a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5cf3f16ee684e97de9eb2eb3f114dd6c
3ac02a6f6087870a21f9003c9f2518a81a22b278
c427d1f26292d3faee2f75c429e64b7ce21d08215dbb103f6e509c04e56d3e16
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7e4295f-4a0f-41b3-9af0-e389d3d2e3a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4413
x-amzn-requestid: dfa638b6-d27f-4597-804a-66161892a5df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcOH0_IAMFTJw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-4da796971b03eb9b585b36d0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XiFKCANOZryDyDPAy--tQHsQKHPq1XwGEs75-49pJWmDFjCZWGXN3w==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 14:22:31 GMT
age: 44498
etag: "3ac02a6f6087870a21f9003c9f2518a81a22b278"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e9aa9808428e5fd81ac9d61d6f7c708
3a8d76badce50dd98938885082dcb6e30363ae88
d8f7c48a1cbe04af2f7e0455d1ef7af9b63506b9ae343ebf14ece8689bb06bf6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0583d755-2f5b-458f-86f0-774b9909eb6f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11800
x-amzn-requestid: 94e8e091-1136-41a7-843c-44c4ffe9e688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZqylGGYwoAMFQIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6340fe20-60b47aeb3b55af4f755577f4;Sampled=0
x-amzn-remapped-date: Sat, 08 Oct 2022 04:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fzfUAL2jahiFgsqMExf1dB_7PFJt9wwO2BDKo3XJHSvk5AeeNP8FQg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:22:13 GMT
age: 15716
etag: "3a8d76badce50dd98938885082dcb6e30363ae88"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc6dbf06-fc04-4aa0-be3e-1b1f5a988e0f.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc6dbf06-fc04-4aa0-be3e-1b1f5a988e0f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a7910c19b8c04b1c7a9a03949dc54b8
40b0931f4705cc826564bd29418d17edbed84d7d
1f14b664a3587ad9b73b3d5bc37a670900622c467287f9a0dfad1f8bdf69606f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbc6dbf06-fc04-4aa0-be3e-1b1f5a988e0f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10795
x-amzn-requestid: 8efcb814-aa05-476a-b66a-161185920ed8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQHvHoAMFy_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-7eb4a30a5d0b102845ba50d6;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3gYj2RrQnvATq2N75NXCUmL8QB3cZKEtrRq2g-LphjXO6Es15eGW_A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 15:53:06 GMT
age: 39063
etag: "40b0931f4705cc826564bd29418d17edbed84d7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c510a5010677fcfa9ee8065c0abc894
5f2cf2a511760f5fd16d5c14a48a1aff185830e0
a07018792c7eb661bfddde47d26d728298c90314e52c96228a91c7d1978fedc6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: fb2bd595-cff6-4278-95cb-f42939d91f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt85Fd9IAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449052-326c047f01d742353e1891c8;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: u5XxBwVbvOux8Bv_DgbsHjE5KcQE5gy_F2mXDNFfgPxmTfsfwCQS7Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "5f2cf2a511760f5fd16d5c14a48a1aff185830e0"
content-type: image/jpeg
age: 17298
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a8720e1bfd92ce7ccfeb8ab6ca2477a
1277a8a73b2fbf48562a7f767c3219d836b1faa9
61cfaa0a0338ae710735fab66822d8227adeb6a8bc4035686fae4a4de6247f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 6e75c182-93bc-4339-a679-b069f78a397c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuQ0H3qoAMFi5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634490d1-4e134a93174cbf3559bea75c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2T5ArGyU86KvuyKtp_G0XC9MaZQWS2luBYlIKcQRWNeeUjqcmQgMSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:10:38 GMT
age: 16411
etag: "1277a8a73b2fbf48562a7f767c3219d836b1faa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lgarden.icu/external/loligarden.png
37.48.65.143404 Not Found 9 B URL HTTP/2 lgarden.icu/external/loligarden.png
IP 37.48.65.143:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Tue, 11 Oct 2022 02:44:09 GMT
server: Cowboy
set-cookie: sid=95068a84-490e-11ed-9f33-a90250ea52f1; path=/; domain=.lgarden.icu; expires=Sun, 29 Oct 2090 05:58:16 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2
st.chatango.com/js/gz/emb.js
208.93.230.28200 OK 24 kB URL HTTP/1.1 st.chatango.com/js/gz/emb.js
IP 208.93.230.28:0
File type ASCII text, with very long lines (1651)
Hash 43a6e3a24c5f6d710f01cd9ea166bedf
2b172372c84de07111687133d38ecaee8a15c99e
65878e1003da0b2d589980ebda0a59206831ff7e8be7747532c4080e35c600d7
GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:09 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes
ocsp.sca1b.amazontrust.com/
216.137.34.29200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 216.137.34.29:0
Hash 73e1625bc284b4dc6102ab07efc8228b
3da0cfc5075c568da9b0f36e0a1be17aa9be1c51
8520483f05631d3d6b351a25f039d90d7ce4181c168d498ab6fe4e4459a89c38
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 11 Oct 2022 02:44:09 GMT
Last-Modified: Tue, 11 Oct 2022 01:08:24 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 5afa85054bbc88552c8f1b1dd45fef78.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P2
X-Amz-Cf-Id: 18dS04A1O9vNTYjEAKogUyZZAMRO5PFvn3fqZvhHb3SrglZmhjNhvw==
Age: 5745
simplewebanalysis.com/stats
3.66.118.16200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.66.118.16:0
File type ASCII text, with no line terminators
Hash 86d53681c73c4253b46b4f18aae4f284
12c4ffd2c97334a47371879a7d6e44d00eb15d20
7ff585a4d872137bc44844f072cf231e408425b54974bd26012c573d95a71b3e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://teenplay.top
access-control-allow-credentials: true
set-cookie: uid_id2=9b31f352-9151-4552-8151-08cb3c2242eb:1:1; expires=Fri, 08 Oct 2032 02:44:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/favicons?domain=galeryfantasi.top
142.250.74.164301 Moved Permanently 337 B URL HTTP/2 www.google.com/s2/favicons?domain=galeryfantasi.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7a529c3542035672d72b3ea9eaa74170
9f26c803d344f85a49bd0325ba75aaeaa01c60fb
034b2806d9582fc5d7153e8ec5ae1343da09a33a0dd190372b7db0fca639d181
GET /s2/favicons?domain=galeryfantasi.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 337
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:35:34 GMT
expires: Tue, 11 Oct 2022 03:05:34 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=oslo.ml
142.250.74.164301 Moved Permanently 327 B URL HTTP/2 www.google.com/s2/favicons?domain=oslo.ml
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b6e83b7b75fd984be6f48a4f40a7b144
d8fcfb76b10d0a0f11b291ea7bce4d78454b6d5a
3892ce27b7cc712656e80c487b08f3721162c47f0811773a3a4fa91e14cd3eee
GET /s2/favicons?domain=oslo.ml HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
x-content-type-options: nosniff
server: sffe
content-length: 327
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:25:09 GMT
expires: Tue, 11 Oct 2022 02:55:09 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 11 Oct 2022 02:41:09 GMT
expires: Tue, 11 Oct 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 181
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=fotoscaseras.top
142.250.74.164301 Moved Permanently 336 B URL HTTP/2 www.google.com/s2/favicons?domain=fotoscaseras.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7429e7d8d7a6310d944869fc3a0eb7be
b606aff698976c5a3eebef3d9546de66f32dd9da
65e359aa72d3b9e8b77726234e46850b19a11d5ea4e1a96a2fdef5690cd15f17
GET /s2/favicons?domain=fotoscaseras.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:18:17 GMT
expires: Tue, 11 Oct 2022 02:48:17 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=dreamlist.top
142.250.74.164301 Moved Permanently 333 B URL HTTP/2 www.google.com/s2/favicons?domain=dreamlist.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 236db19888bae9696643ada8ba5730ea
a08bae3d21e58cf71da2f1f4e2a441715a8b1070
9f1a641e734f1a871587963f54a1ebb5b4f9869a9ad2b2b6741a46fef00c0ed2
GET /s2/favicons?domain=dreamlist.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:21:11 GMT
expires: Tue, 11 Oct 2022 02:51:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=thecams.top
142.250.74.164301 Moved Permanently 331 B URL HTTP/2 www.google.com/s2/favicons?domain=thecams.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d8db04a1504b9404e9d7861a9985dad0
f6a0c2dd3638b104a28ee0ea6613f97dfd28c5de
7c8fa0806933d439cc7896af6fa206cb2f9f362fa89cbe9885da782aed5def12
GET /s2/favicons?domain=thecams.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:35:34 GMT
expires: Tue, 11 Oct 2022 03:05:34 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 516
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=lilibox.top
142.250.74.164301 Moved Permanently 331 B URL HTTP/2 www.google.com/s2/favicons?domain=lilibox.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bfd792d204c498b42d3b2399ea1f4e39
5cddd477561edae96604f447cf561070af46e75c
2599cb3c8852370c6bb5c811d51051ad3ececa3c9b40894867a8ee8b06963c6f
GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:25:09 GMT
expires: Tue, 11 Oct 2022 02:55:09 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=teenstream.top
142.250.74.164301 Moved Permanently 334 B URL HTTP/2 www.google.com/s2/favicons?domain=teenstream.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6cc48ba915a378729f7e248407afa82d
41e013ad808980e46d9a647287fab6c013ce6c48
9fd4032f6e919a153ff255cf9eb11929da4d22b89cb65d6fc599ad83c213e2df
GET /s2/favicons?domain=teenstream.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 334
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:23:07 GMT
expires: Tue, 11 Oct 2022 02:53:07 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=lolibase.xyz
142.250.74.164301 Moved Permanently 332 B URL HTTP/2 www.google.com/s2/favicons?domain=lolibase.xyz
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7d5aecbfdf62eca2171105ab2eef535e
a527ae6103ed72107b53043ee579dcfaeb88caea
1952935b6c9c25e38b00aecd40b02fbab0b89f57edf867a500cdd5ab69bd9854
GET /s2/favicons?domain=lolibase.xyz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/favicons?domain=bodyxxx.top
142.250.74.164301 Moved Permanently 331 B URL HTTP/2 www.google.com/s2/favicons?domain=bodyxxx.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c010b8f93b900106d9124599bf8e376c
b9ab70fdb6eb3b65b0eda52feb9b21342e3e3b95
fa6b6f47f8b7bec2f174cbedd614574e5857dc69f18dfef5d82fb60af30dc358
GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=4ox.lol
142.250.74.164301 Moved Permanently 327 B URL HTTP/2 www.google.com/s2/favicons?domain=4ox.lol
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a544327df1220c646bb5c5d0e5b52bb5
2190daa3ec2206ad9147b84c7bf3f85f59ee989d
8d5fb50c0e8e8f12af655689700c2c407286a26137adba77ba3a25a827770e96
GET /s2/favicons?domain=4ox.lol HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com
142.250.74.164301 Moved Permanently 347 B URL HTTP/2 www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5943a98485eeaf40f74fac26683054af
f360b80e695b74f4105614a15aabe4e986e75242
8279429451d6446c07d80bdbbc9b208ee7da82acfb33a4decb86138a15bf3b4f
GET /s2/favicons?domain=barelylegalteens.xxxbit.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 347
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=secret-stars.link
142.250.74.164301 Moved Permanently 337 B URL HTTP/2 www.google.com/s2/favicons?domain=secret-stars.link
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d48a573c40052b88b9dc340eb6e1de5e
1ab50cd9d68cfb7c3c1f011d87030994b6f7992c
5dbe53ca82dd8002904d4cb5f2a0cbaf622b37710de1524261e1c11bff71d651
GET /s2/favicons?domain=secret-stars.link HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=sweetbody.top
142.250.74.164301 Moved Permanently 333 B URL HTTP/2 www.google.com/s2/favicons?domain=sweetbody.top
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c75a869ba00edb4f4a07e24930555dc6
a5ae4236cdd09c960bae5df2f1960446c519c083
e7e66ea681bf6277bd2dd3b6055eaa1c2375e984682263c6a230cf62918afd08
GET /s2/favicons?domain=sweetbody.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=littleteenclubpw.com
142.250.74.164301 Moved Permanently 340 B URL HTTP/2 www.google.com/s2/favicons?domain=littleteenclubpw.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 15653d2b4340481edf6e7616abf5d269
c888fc6743ce534c2a69eb83eb34c0c07f4680f5
b960a1c73729f5aa950f145d3e2474f2d20e8ca1f7ab2a3aefbe5769b010d87e
GET /s2/favicons?domain=littleteenclubpw.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=migirls.tk
142.250.74.164301 Moved Permanently 330 B URL HTTP/2 www.google.com/s2/favicons?domain=migirls.tk
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash be370c20378ef408f31d1bc40050fdb8
17eed4a2d3f07465e0192933f129935080edda45
63f6a9dc77cc13a1d41b0ca0b71ed4a4b5180ed5e9ab52fe86c15d43dbd9df10
GET /s2/favicons?domain=migirls.tk HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=camteens.cf
142.250.74.164301 Moved Permanently 331 B URL HTTP/2 www.google.com/s2/favicons?domain=camteens.cf
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8cc0a81ec013023bfe47213233ef8ad0
647a567c6218d6894c7e725e93dba6f1b14ee1cc
61ff719428c8a5619ace040eba4ba3a0727af128eefb58d61f2427460352d424
GET /s2/favicons?domain=camteens.cf HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 331
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=
142.250.74.164404 Not Found 1.6 kB URL HTTP/2 www.google.com/s2/favicons?domain=
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 4c897ae556077ac19ca558718789ba76
a673a81ea0a3e7a2fdf759a014a608df15efecbd
2d841defe31ddac7bb79861466085b6a632a04ea330532a98d8180f7dbaff68f
GET /s2/favicons?domain= HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=teens.llshort.com
142.250.74.164301 Moved Permanently 337 B URL HTTP/2 www.google.com/s2/favicons?domain=teens.llshort.com
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 78d9a4df6fb6ec190f1808c5ea4acdc9
9c0e1353fbcb3ea2a57cdf1ca8adca4c2fe66001
e0722f13a02d07010312c5da55ad52314216eeb46cf93a65b35c5e45b6374e2c
GET /s2/favicons?domain=teens.llshort.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=celebmodel.buzz
142.250.74.164301 Moved Permanently 335 B URL HTTP/2 www.google.com/s2/favicons?domain=celebmodel.buzz
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1805583107b0523ed308dc2d26c79498
5dfb7d545ea8868abd2a8b9fd3518ab33e20c5c4
3b1f4b35cfa71cb2168d37e8a02e30903c9b089fcc49f05f1d54e6f2dcca8e96
GET /s2/favicons?domain=celebmodel.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=sextoplist.pw
142.250.74.164301 Moved Permanently 333 B URL HTTP/2 www.google.com/s2/favicons?domain=sextoplist.pw
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ac0c1e73662e7001ee7f99fe230f3da4
1c7b0d5e3f238cbbbc511fba7fa5ffe80ab80172
f46653018c437019b1b4f7dc2dd917915f8aa3622e2f653ef1d60a6ba1dc9834
GET /s2/favicons?domain=sextoplist.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:14:11 GMT
expires: Tue, 11 Oct 2022 02:44:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1799
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/s2/favicons?domain=sexvibe.me
142.250.74.164301 Moved Permanently 330 B URL HTTP/2 www.google.com/s2/favicons?domain=sexvibe.me
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 41efaec76311f42302879f85cb13bf7a
fad389bca98097a07a583b5b3149f9438043b059
25d22541e8bb99fd4eb86cf67d3fd7fea49a3651bcdca53ad59bfbd32b1b7a8e
GET /s2/favicons?domain=sexvibe.me HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16
x-content-type-options: nosniff
server: sffe
content-length: 330
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:37:13 GMT
expires: Tue, 11 Oct 2022 03:07:13 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 78a3ee88876e1d435a7336de2648d41f
96ec618e5f3e76bdbc03e4e60a793ec396b40dd3
4eab0c4746253e517a0523b2e47d6d392c5e17e663ac59307182a566f31d86e6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/s2/favicons?domain=youngstar.cc
142.250.74.164301 Moved Permanently 332 B URL HTTP/2 www.google.com/s2/favicons?domain=youngstar.cc
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9f68089713a45a53e662421065fad6f5
54a0b68fd44108088519b497909bad303e822fac
34005e686b287d4359eb24edf29ec0241c2857893a9209c7d54fc547e43b7c3b
GET /s2/favicons?domain=youngstar.cc HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
expires: Tue, 11 Oct 2022 03:14:10 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b582667677702e4b89c8025325e294a7
aa7de6386a5d80acae3444099291afe9251fd004
cd4313f2d7edb0c9aaea26330fa55d82b338fe96ea4a20c7b539771f153d2a91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CD4313F2D7EDB0C9AAEA26330FA55D82B338FE96EA4A20C7B539771F153D2A91"
Last-Modified: Sun, 09 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4155
Expires: Tue, 11 Oct 2022 03:53:25 GMT
Date: Tue, 11 Oct 2022 02:44:10 GMT
Connection: keep-alive
www.google.com/s2/favicons?domain=artbbs.st
142.250.74.164301 Moved Permanently 329 B URL HTTP/2 www.google.com/s2/favicons?domain=artbbs.st
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5b57bfcf5256484a7ae4746e7ed9a18c
2df0727662ca3d5567962654e9c6c32f1fda70fe
54d304934889cf4a6570ed37a81e65f25880e84c631db2089d91fe3804cb831c
GET /s2/favicons?domain=artbbs.st HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Tue, 11 Oct 2022 02:19:35 GMT
expires: Tue, 11 Oct 2022 02:49:35 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1475
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0fa37076cf716e45f8c7d4c9d3763ec4
b5e15dbbf63afd38dafc5681994078585c2974a6
819e659d6a167e928acd75ce791dbe29c4ad44784b47a5beb0376cbfab59937f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
st.chatango.com/h5/gz/r0817221641/id.html
208.93.230.28200 OK 224 kB URL HTTP/1.1 st.chatango.com/h5/gz/r0817221641/id.html
IP 208.93.230.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size 224 kB (224127 bytes)
Hash fc3ae4d65fdfcf6587ee0fd2e6341ca1
29b97c7cfc4081d173d28c84c774bc3ce891724d
b0a40dcfdea8674321e505dac154350a1bb1ef6067670208b02b6e4bd874f3a9
GET /h5/gz/r0817221641/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:09 GMT
Content-Type: text/html
Content-Length: 224127
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
Expires: Wed, 11 Oct 2023 02:44:09 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes
st.chatango.com/cfg/nc/r.json?9c97380020000266839025590
208.93.230.24200 OK 20 B URL HTTP/1.1 st.chatango.com/cfg/nc/r.json?9c97380020000266839025590
IP 208.93.230.24:0
File type JSON data\012- , ASCII text
Hash 67a235cdf67d15044e66db2b3b799581
c6ddd33c979392cd5ba3a70d7c90360641e60c29
6eea499926669878dc267d25feeebbfd7826db0e55b82ce10db9e0004a3172b7
GET /cfg/nc/r.json?9c97380020000266839025590 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Wed, 17 Aug 2022 23:45:11 GMT
Connection: keep-alive
ETag: "62fd7d87-14"
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1
192.243.61.227307 Temporary Redirect 0 B URL HTTP/1.1 motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1 HTTP/1.1
Host: motivessuggest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Server: nginx/1.22.0
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Location: https://motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t
Set-Cookie: u_pl=16262340; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RlZW5wbGF5LnRvcC8ifX0.yYivSS_4TN8QXP4sQrKWOR9bxCstvdt4tJciCOifdyg; expires=Tue, 11 Oct 2022 02:45:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fd5a56abd5f7199edbe5ade9b2ca2253
Strict-Transport-Security: max-age=0; includeSubdomains
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
216.58.211.4200 OK 555 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1670761b3f8ecc714c91168a1fd22a10
c98d47b667c12f120c8e017785e82503c4b218d4
65624d59c209631d78111f4d4abde29da680e453462e8822c49af3da2ac369cc
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://i.imgur.com/ABb8xPB.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 555
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 09:52:36 GMT
expires: Thu, 13 Oct 2022 09:52:36 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 406294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
216.58.211.4200 OK 565 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 07:37:30 GMT
expires: Tue, 11 Oct 2022 07:37:30 GMT
cache-control: public, max-age=604800
age: 587200
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16
216.58.211.4200 OK 417 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash a963f74a2fd713e4823364a68d679715
49815d1cea08ef7c4b487aa04ca03179af72ad56
187dbc3ab7762ae08121b10088abe00eed5f34ef06ab0492d2188a8f5d6035e9
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sexvibe.me&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://sexvibe.me/wp-content/uploads/2020/12/cropped-cropped-afe37ca5-3517-4bab-be8f-1f7382c0a6b9_200x200-1-32x32.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 417
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 01:28:37 GMT
expires: Wed, 12 Oct 2022 01:28:37 GMT
cache-control: public, max-age=604800
age: 522933
last-modified: Tue, 02 Feb 2021 14:31:53 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
142.250.74.132404 Not Found 726 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16
142.250.74.132200 OK 443 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 6336cde5a7b910fd4cbfe0e37f99232e
af7148ad0790e7c2b93f985cedd4374ff82709f1
53cef3db37ebbaae376fb8e3bbd584eec2fe720158e28530f03c6e82362c1c82
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://thecams.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://thecams.top/data/favicon.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 03:27:06 GMT
expires: Mon, 17 Oct 2022 03:27:06 GMT
cache-control: public, max-age=604800
age: 83824
last-modified: Sat, 20 Feb 2021 07:16:50 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
216.58.211.4404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
142.250.74.132200 OK 591 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
IP 142.250.74.132:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 27eaaa217e97f09b1e0e4ef5fe03ddea
8dba908621461e0ddccc275b2d3499597e982478
abbd0c903c75920669002d8d812580fe030bcf37788405bbf85c52631f4cfedb
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fotoscaseras.top/wp-content/uploads/2019/06/favicons-1.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 591
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 18:15:39 GMT
expires: Mon, 17 Oct 2022 18:15:39 GMT
cache-control: public, max-age=604800
age: 30511
last-modified: Fri, 07 Jun 2019 19:58:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16
142.250.74.36200 OK 405 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16
IP 142.250.74.36:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash bd76bd93e551a820ffe9667fd4d177b1
a24201c78a608859871d27a70a3d89c286d59d4a
a06a9ef6a72f8f72665c5917be4bd187269299f848ebdefa46d3711fdafee356
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://4ox.lol&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://4ox.lol/wp-content/uploads/2022/06/cropped-Aleksandra-010-071-Copy-scaled-e1655895475940-180x180.jpg
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 405
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:05:33 GMT
expires: Wed, 12 Oct 2022 21:05:33 GMT
cache-control: public, max-age=604800
last-modified: Wed, 22 Jun 2022 20:01:56 GMT
content-type: image/jpeg
age: 452317
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16
142.250.74.36200 OK 681 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 76fa40794231b36bdba82da49c404650
c19cda36d0ada641da2ab23469570ecd01eac705
b7ac2b816ac48172443caf645a63c3bf9374df279a020f29a3aa2123b2127ea4
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://secret-stars.link&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://secret-stars.link/wp-content/uploads/2022/06/Sun-in-Love-128x128-1.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 681
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 18:11:26 GMT
expires: Wed, 12 Oct 2022 18:11:26 GMT
cache-control: public, max-age=604800
last-modified: Sun, 05 Jun 2022 02:48:21 GMT
content-type: image/png
age: 462764
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
216.58.211.4404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
IP 216.58.211.4:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16
142.250.74.36200 OK 334 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16
IP 142.250.74.36:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 16x16, components 3\012- data
Hash f13090ea037147ca6f016256aa98c1c3
8decf7c02729910c934be0aceaf13bcc022922f1
bc3b21962ffa6f1b3e8203c9c1855e859e73c660cfd365e47a1a6b67a721bbfd
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://dreamlist.top&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-location: http://dreamlist.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 334
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 08:55:23 GMT
expires: Wed, 12 Oct 2022 08:55:23 GMT
cache-control: public, max-age=604800
age: 496127
last-modified: Fri, 05 Apr 2019 01:41:05 GMT
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teens.llshort.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://youngstar.cc&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16
142.250.74.36200 OK 525 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0e7490fb45f75e701e6f881c482f41d0
eb49f737486f87c9155563697b47d5ed3b788fae
d3528057ed6f6e5ef6d921c1eda6c1f2ca0524c33c83619143967a8bb6c7e4ff
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://camteens.cf&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://img.sedoparking.com/templates/logos/sedo_logo.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 525
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 17:26:24 GMT
expires: Wed, 12 Oct 2022 17:26:24 GMT
cache-control: public, max-age=604800
last-modified: Mon, 26 Nov 2018 03:13:52 GMT
content-type: image/png
age: 465466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lolibase.xyz&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
142.250.74.36200 OK 524 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash fb8c9b7989d8ba21438d600b0756c2b9
55975f660a6e9e09091042120054eaa4853550a3
95f562037804f50a2745ffbdc791580096de62e37d437ee5b428572dd2aee8a3
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: http://artbbs.st/images/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 09 Oct 2022 18:24:06 GMT
expires: Sun, 16 Oct 2022 18:24:06 GMT
cache-control: public, max-age=604800
age: 116404
last-modified: Thu, 20 Aug 2020 00:02:02 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://teenstream.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Tue, 11 Oct 2022 02:44:10 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.taboola.com/libtrc/chatango-network/loader.js
151.101.85.44200 OK 21 kB URL HTTP/2 cdn.taboola.com/libtrc/chatango-network/loader.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Hash 4460cc304727ce319584cef82bcee856
8419e6c1a81f05f32b7ac932bd3420c5a46ec3f9
ac2a6d709ff841ccf30488968bd235e48b6ede230235e3375d4ce901e0313fc2
GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZcLWw3nAzNn0H273Qnsg616mZcuXBIg2s3Hr0vqfVPKSCwAGdus1VSu7Xb1L6P/w5Ubohh0EXNY=
x-amz-request-id: 2FGABG1DHPJHFJNX
last-modified: Thu, 06 Oct 2022 17:55:04 GMT
etag: "5c5d2aa8af2344a3b297ace11e1dc91c"
x-amz-version-id: x9ebDivxCXWCZOZak9uVu9BGM112yZFp
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:10 GMT
via: 1.1 varnish
age: 7
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1665456251.651085,VS0,VE1
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 49
content-length: 21222
X-Firefox-Spdy: h2
motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t
192.243.61.227200 OK 2.4 kB URL HTTP/1.1 motivessuggest.com/watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text, with very long lines (3035)
Hash 97e58a54cb4aee4cfdf56895adbe7984
6c8ddd85e34a797b0d5d16951f63c0b307cd35b3
98373a7d192242d82a9110824a6a11d62495a96a3dee89cd8f8076e032eff1be
Analyzer Verdict Alert quad9 Sinkholed
GET /watch.21954130561.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=r&res=12.31&uuid=9b31f352-9151-4552-8151-08cb3c2242eb%3A1%3A1&shu=5004ae54d2251890dda11ecd8882dfc63c3909cc4d6101f5ae2b30214ddb5d0762332fd0e797752d4d1417b3634cb176dd9f35776ffa2bd42d500cdefcb110da96001a780620bc1498c35ae3d15af8ef3ad42cee&pst=1665456310&rmtc=t HTTP/1.1
Host: motivessuggest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Referer: https://teenplay.top/
Connection: keep-alive
Cookie: u_pl=16262340; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjpmYWxzZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3RlZW5wbGF5LnRvcC8ifX0.yYivSS_4TN8QXP4sQrKWOR9bxCstvdt4tJciCOifdyg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 11 Oct 2022 02:44:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=9b31f352-9151-4552-8151-08cb3c2242eb:1:1; expires=Tue, 18 Oct 2022 02:44:10 GMT; secure; SameSite=None
iprcd3a3c7058592ed52998e2a3563cf17f9=3569684; expires=Tue, 11 Oct 2022 06:44:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
uncs=1; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
pdhtkv23=true; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
uncs23=1; expires=Wed, 12 Oct 2022 02:44:10 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9313614f8cc88c6099702c7f0a2ed8ac
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js
151.101.85.44200 OK 146 kB URL HTTP/2 cdn.taboola.com/libtrc/impl.20221006-24-RELEASE.js
IP 151.101.85.44:0
File type ASCII text, with very long lines (65508)
Size 146 kB (145663 bytes)
Hash fc285a975f67a54f7945c067c247cd30
37bd19d10e7f27d9f30cb00c4d46b0ebf37c0453
e8f163dbb4c93e8bb9943c323b1d367bc03c3842c605f0929c3e7d409fa61c00
GET /libtrc/impl.20221006-24-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: n6/SK19NLnheTLTO/dZ+gXN/mZ0mKtCyQZ9vIy45OV+8ykPPwaq4Ja0fCKOoy4MbaMRa7M1iVUE=
x-amz-request-id: F82GZ34E09M4KHVD
last-modified: Thu, 06 Oct 2022 17:20:43 GMT
etag: "fc285a975f67a54f7945c067c247cd30"
content-encoding: br
x-amz-version-id: 1yVrmQoBO9AjyLAf7I.EyG5yQOfZRwzF
content-type: application/javascript
accept-ranges: bytes
date: Tue, 11 Oct 2022 02:44:10 GMT
via: 1.1 varnish
age: 5004
x-served-by: cache-bma1667-BMA
x-cache: HIT
x-cache-hits: 959
x-timer: S1665456251.833254,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 90
server: AmazonS3-br
content-length: 145663
X-Firefox-Spdy: h2
sb.scorecardresearch.com/beacon.js
108.156.28.7200 OK 1.9 kB URL HTTP/2 sb.scorecardresearch.com/beacon.js
IP 108.156.28.7:0
File type ASCII text, with very long lines (3936)
Hash b67d2bfd2ffc510f6344e0dee7f05de3
db5a2e6076fbed3d01ddd5a5150a761cb6bc1886
1e6b30c3e6f7ac17aab743639939cc408ba4f6bde7176eb4438c6ead54c80e07
GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 10 Oct 2022 09:35:41 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a6a1a17bbe377bf7c4423397c71959da.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: sMJlVrKucJ8A4FMnwHaK_Zov1QdkFspn8IUjaaDZokyVPcD-oogniQ==
age: 61725
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash a1d2c6546fad781dd45fefc33944c3e6
ce2b02dec75ae5ad9cfa11bb4808c2bbf8f095f9
5b7c666aeca9d7d5aac6a2731e16b92e1c03424750d9ab6ebb36776265a1e06f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4907
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:22:24 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /chatango-chatango1/log/2/debug?tim=02%3A44%3A10.922&type=usage&msg=rtus&llvl=2&id=3789&cv=20221006-24-RELEASE<=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 11 Oct 2022 02:44:11 GMT
x-fastly-to-nlb-rtt: 22244
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b48f3a5fc0b451695780d7ae9af0a033
b1d460e31c68aab45337914ccf12a2dfd459f83c
ddb6305262d8f75627aac40034115ce82fb63d0d5ad0f1c68b6e5fada3dee7a6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DDB6305262D8F75627AAC40034115CE82FB63D0D5AD0F1C68B6E5FADA3DEE7A6"
Last-Modified: Mon, 10 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14548
Expires: Tue, 11 Oct 2022 06:46:39 GMT
Date: Tue, 11 Oct 2022 02:44:11 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 24e068ecf81e631246398296ae3aaea4
4fe014468c713b86961ccc6258a98af3a62e8ea5
45c62b250975a574fc20e59094b766abcff94da0b1f316010ba148812537371c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6333
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 00:58:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash bbd944499f09526843f6de28d394ce0b
4a5ee699e859e4c09f339d985609b9baa7a591ab
354f17b491e3ef314b57dc79afe8b21e8e8a9dea72b7813318a96adc70176da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:40:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
45.133.44.9200 OK 112 kB URL HTTP/2 cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size 112 kB (112168 bytes)
Hash c45241b13549342de998e8518b0430f8
4520fd975fc212eb0e8d67981697b04787280f6a
12d50ef4939929d2f45254e0a404bda1f11fb2509599a9a7cb5e601e9c8f66b6
GET /cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:11 GMT
content-type: image/png
content-length: 112168
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:30 GMT
etag: "62e10b1a-1b628"
expires: Thu, 13 Oct 2022 02:44:11 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash bbd944499f09526843f6de28d394ce0b
4a5ee699e859e4c09f339d985609b9baa7a591ab
354f17b491e3ef314b57dc79afe8b21e8e8a9dea72b7813318a96adc70176da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3813
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 01:40:38 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 408198
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml
208.93.230.28200 OK 46 B URL HTTP/1.1 ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml
IP 208.93.230.28:0
File type XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Hash 489a85ae9059fbab14c176e10bdceae7
23a167e15ff489c149a1c1f633bfcd4597d9c0bd
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a
GET /groupinfo/l/i/littledreamclub/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 11 Oct 2022 02:44:11 GMT
Content-Type: text/xml
Content-Length: 46
Last-Modified: Fri, 20 Nov 2020 04:47:50 GMT
Connection: keep-alive
Expires: Tue, 11 Oct 2022 02:44:11 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 68cf5f64356628ab1ca602bda0db336c
a0bf29ead1425ba4d6446359869c3f0fe5224c0f
63b42150b609c10e9f4c78ec50781937d573e92f3180d98714b3ac0a567caf61
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1286
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 02:44:11 GMT
Last-Modified: Tue, 11 Oct 2022 02:22:45 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 314
ag.gbc.criteo.com/newidsd
185.235.84.178200 OK 360 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.178:0
Hash 667718b0477486b2385d05e97dc4fada
47cbca4a540a711d0c37d50347a7b54c480bf975
c2cc207af4c046704fe7f85d8c6e2db72f1d012873e87cf96b0c9281442fd067
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 93509
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 452504
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks
108.138.233.18200 OK 0 B URL HTTP/2 js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks
IP 108.138.233.18:0
GET /jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Tue, 11 Oct 2022 02:39:33 GMT
expires: Tue, 11 Oct 2022 02:54:33 GMT
pragma: cache
server: nginx
x-cache: Hit from cloudfront
via: 1.1 0f1628acb8f1a10579cc0f46f36632fe.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P4
x-amz-cf-id: CnWLzGRa4atFHRTcyhk-Ca6l4h_Xd23TAa_h3-d7_4tb-uHVu7dRGw==
age: 275
X-Firefox-Spdy: h2
gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top
IP 178.250.0.157:0
GET /syncframe?origin=rtus&topUrl=teenplay.top HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=cfab8569-4f67-4c55-bfca-0b15514838d0; expires=Sun, 05 Nov 2023 02:44:11 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 484624
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP 178.250.0.157:0
GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://st.chatango.com/
x-crto-bundle: 17nqpV9vMHVROWJyOEdkbUpDbjFkV1pPZkVRak8lMkJyWFdrS2FuayUyQjFHSGN0ajhoczZDNHJSTEV3c0JkV2ZPT2dzY2xCeFJMMWJKcEdsUDQlMkJiRlYlMkZjNDc1UkFyQ3hMcjElMkY4aWtUNWNXUXlDSktKY3VuSkRidG9pa3dCU2tZaGtWTFNwZGQ
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:11 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 670617
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,400
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,400
IP 142.250.74.10:0
GET /css?family=Open+Sans:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 11 Oct 2022 02:44:08 GMT
date: Tue, 11 Oct 2022 02:44:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
185.235.84.86200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 185.235.84.86:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:10 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 97660
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
teenplay.top/
172.67.145.84200 OK 0 B IP 172.67.145.84:0
GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Tue, 11 Oct 2022 02:44:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO00KafF3sfS3Fe1jS2l0scbjvkWaJt3v4pA4tKifkGppkQFWsG2a5sJUTlBS0FOauI42%2BoUFQr0DXVtz88WJwjddjp9ZOsh8YJei25%2FHgixkZMelRVCsFXFy5taDv0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7584408b5971b4f7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2