GET cdn.fluidplayer.com/v2/current/fluidplayer.min.css
200 OK 35 kB URL
cdn.fluidplayer.com/v2/current/fluidplayer.min.css
IP / ASN
95.173.205.14
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (34580)
First Seen 2023-04-08
Last Seen 2025-07-31
Times Seen 264
Size 35 kB (34581 bytes)
MD5 ccf7e6c79062d3b214a26e1416948b99
SHA1 2081069fe50d99f5dc159c68e5ca0ea4b9942725
SHA256 b89485f60b9d7cf92ab0ac946c1728454a609e4466026626035e2102b4811193
Certificate Info
Issuer Let's Encrypt
Subject fluidplayer.com
Fingerprint FB:6B:1E:37:55:E2:A1:08:16:79:98:F8:7F:61:16:96:E1:FA:72:0A
Validity Mon, 19 May 2025 07:02:06 GMT - Sun, 17 Aug 2025 07:02:05 GMT
GET /v2/current/fluidplayer.min.css HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: text/css
last-modified: Mon, 23 Mar 2020 11:58:08 GMT
etag: W/"5e78a450-8715"
expires: Thu, 07 Nov 2024 08:32:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBX63NDQH32T4BAAwBuUwKDAH340EAAAwBnJIhJwG3AAAAAA
x-77-nzt-ray: 2a494a1582a4753092ff5868848da417
x-77-cache: HIT
x-77-age: 81625
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/85324bd83aa8d3f8d12b181876942b5b7628cb3a.jpg
200 OK 8.6 kB URL
s3t3d2y9.afcdn.net/library/628853/85324bd83aa8d3f8d12b181876942b5b7628cb3a.jpg
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x100, components 3
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 8.6 kB (8550 bytes)
MD5 cbc036ff2af19532605e6c63e4198ea4
SHA1 85324bd83aa8d3f8d12b181876942b5b7628cb3a
SHA256 855a207f3fa7912c020d74629100d53122be0ef061b761c0948420225648821f
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/85324bd83aa8d3f8d12b181876942b5b7628cb3a.jpg HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: image/jpeg
content-length: 8550
last-modified: Wed, 10 Jul 2019 11:57:21 GMT
etag: "5d25d2a1-2166"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Fri, 10 Jan 2025 15:30:58 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3pb/XAAwBuUwKAQH31RcAAAwBnJIhHwG3ER3JAQ
x-77-nzt-ray: 2a494a1577a1213092ff5868eb01e614
x-77-cache: HIT
x-77-age: 14139301
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 3ad7e0aaa69cef6865553f0cdeb0034c
SHA1 a9779943e34fcd265343cff1b127b323d9dff475
SHA256 f79362f4d3719cb228d4921fc74e4ff95d796ad84dd1cef3556431836fd39e45
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84J7H3PGHdXKnCSwmAxl5NQIDyAn7le3Us9snO7erKqJa1LH%2BVUt2qS9AdJlokihe6S5hCGntMw2qh%2BLWxm1ltJhkTe5TcVCVayBOqM4p%2BMF7Lyyg470X2mYGITBsMUaZFhy0Y3P"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:13 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345758f7b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2340&min_rtt=459&rtt_var=2096&sent=443&recv=541&lost=0&retrans=0&sent_bytes=27448&recv_bytes=29510&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=1546&inflight_dur=54&x=44"
OPTIONS hdbkome.com/get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424
200 OK 0 B URL
hdbkome.com/get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424
IP / ASN
31.220.27.155
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject hdbkome.com
Fingerprint 81:4F:9B:92:78:B4:52:8B:8A:1B:E1:29:A9:CA:3D:F8:37:D8:11:B6
Validity Mon, 31 Mar 2025 23:25:21 GMT - Sun, 29 Jun 2025 23:25:20 GMT
OPTIONS /get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424 HTTP/1.1
Host: hdbkome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 23 Jun 2025 07:17:14 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 dd2a0308715c651c75150927d1cd5373
SHA1 0553c580e2c828598594d312b1dbdd022769be12
SHA256 9cb783e7088a0c772d9a659564b8d0cbd824369a9a8e16bb0739f121d03a5cdb
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
x-route-id: script
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=2506230217c477299960ea41caa8edafd959; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=899wARlhUu05rNu8uH%2Bgx8NxEnRVmq2H9aBIkngvXo4wUTVOb9vu4jbO%2Bju7eqoGh9IDc1hywslhnXGi95QTRtN0SRmqGXYI9K9tCoRHOUD2joyDZA%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344cfe1656bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/14fabfe407646ae0967b014d48c6450157426d62.webp
200 OK 6.2 kB URL
s3t3d2y9.afcdn.net/library/628853/14fabfe407646ae0967b014d48c6450157426d62.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 6.2 kB (6154 bytes)
MD5 bf29415e63e8e049bc626d261d966f36
SHA1 14fabfe407646ae0967b014d48c6450157426d62
SHA256 2dd354d6d1845ddaa32cce8744b6b66dc2375486ecc47b9d576daec91c91e7db
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/14fabfe407646ae0967b014d48c6450157426d62.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 6154
last-modified: Wed, 03 Nov 2021 18:41:25 GMT
etag: "6182d7d5-180a"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 29 May 2025 12:17:57 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3JaAcAAwBuUwKAQH3XgsAAAwBJRPCMQG3GiIOAQ
x-77-nzt-ray: 2a494a1577a121309eff5868ef71a409
x-77-cache: HIT
x-77-age: 1876005
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET acdn.phascregairks.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
200 OK 21 kB URL
acdn.phascregairks.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
IP / ASN
45.133.44.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3
First Seen 2025-02-24
Last Seen 2025-07-25
Times Seen 25
Size 21 kB (21327 bytes)
MD5 0b5001046d3385db1b5d3ca0a3b4669c
SHA1 60e56a7b580167a9d8e25229282dad8495dea07f
SHA256 77f045790eef5c21bdedc2abf1c2beb81eb3b953ea5766e6c251a73dff914e91
Certificate Info
Issuer Let's Encrypt
Subject acdn.phascregairks.com
Fingerprint 64:FF:D5:A9:07:BD:D4:0C:9D:3E:52:E2:26:54:C1:F8:57:01:EA:06
Validity Mon, 09 Jun 2025 02:31:55 GMT - Sun, 07 Sep 2025 02:31:54 GMT
GET /1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg HTTP/1.1
Host: acdn.phascregairks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/jpeg
content-length: 21327
server: nginx
last-modified: Sun, 26 Mar 2023 11:38:25 GMT
etag: "64202eb1-534f"
expires: Wed, 25 Jun 2025 07:17:15 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET z.cdn.adtarget.me/smc?s=22&u=bYqBpwWaLE7r8YeClXjN
204 No Content 0 B URL
z.cdn.adtarget.me/smc?s=22&u=bYqBpwWaLE7r8YeClXjN
IP / ASN
5.79.65.76
#60781 LeaseWeb Netherlands B.V.
Requested by https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject adtarget.me
Fingerprint D7:96:C5:2E:69:AA:33:20:E4:3C:95:B5:34:EE:47:0A:B1:A1:47:6F
Validity Sat, 17 May 2025 23:13:55 GMT - Fri, 15 Aug 2025 23:13:54 GMT
GET /smc?s=22&u=bYqBpwWaLE7r8YeClXjN HTTP/1.1
Host: z.cdn.adtarget.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
X-Firefox-Spdy: h2
GET sconvtrk.com/conversion/e16e07a5070db5d243a26543f1787e6fa7a8ef3c/?visitor_id=960912425052278785&aid=285749
400 Bad Request 0 B URL
sconvtrk.com/conversion/e16e07a5070db5d243a26543f1787e6fa7a8ef3c/?visitor_id=960912425052278785&aid=285749
IP / ASN
212.117.190.211
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject sconvtrk.com
Fingerprint EE:CE:83:0A:C3:18:B2:CD:86:99:78:85:54:36:AB:CC:BA:13:C1:D1
Validity Sun, 22 Jun 2025 08:52:30 GMT - Sat, 20 Sep 2025 08:52:29 GMT
GET /conversion/e16e07a5070db5d243a26543f1787e6fa7a8ef3c/?visitor_id=960912425052278785&aid=285749 HTTP/1.1
Host: sconvtrk.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 400 Bad Request
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/plain; charset=utf-8
content-length: 88
access-control-allow-origin: *
access-control-allow-headers: Content-Type
X-Firefox-Spdy: h2
GET ad.twinrdengine.com/adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw=
200 OK 4.0 kB URL
ad.twinrdengine.com/adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw=
IP / ASN
34.111.67.216
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (1085)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.0 kB (3996 bytes)
MD5 af933f3dbd852e9f588c87e077326b32
SHA1 d5cf5b33722dba495760e437085abf29652e3ab8
SHA256 6d9ce530440ef09370aafaa01b8fc505a636dcb0c97460fc35d97e2c4bf6bb07
Certificate Info
Issuer Google Trust Services
Subject ad.twinrdengine.com
Fingerprint 75:B1:93:97:33:E7:45:78:93:2E:70:94:B0:3E:35:55:1E:89:43:19
Validity Sun, 04 May 2025 12:55:38 GMT - Sat, 02 Aug 2025 13:51:33 GMT
GET /adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw= HTTP/1.1
Host: ad.twinrdengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
content-type: text/xml
content-encoding: gzip
via: 1.1 google
date: Mon, 23 Jun 2025 07:17:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 4
Size 36 B (36 bytes)
MD5 2e9a5cb4c9281ba1cfc66282c6ed1184
SHA1 fac5c12f5bb4f96add11538c5ecc94dbdf2e8de7
SHA256 0b5bceb0f44b98b3ca077576949737a84da2773e8697bf84d5165ce08ca237e5
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oTiCmZIRppOLWK4aBVjxbPej2hTbTglkcRc9Xr5OieH8ZoDGKlZBixy9Nzt4JpY2QRO2702EtWk9zgez5hBHUEq%2F7Zk2NbWcgiZKW0%2FEd2DloF8foMNbUIiXcpcCyuAd6BDJmR1L"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345cba6856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4973&min_rtt=1616&rtt_var=2589&sent=13&recv=11&lost=0&retrans=0&sent_bytes=3797&recv_bytes=2267&delivery_rate=503500&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15515&unsent_bytes=0&cid=38492c829776f2fd&ts=1038&inflight_dur=35&x=44"
GET 29177717-31474-ex.tassymethosif.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
200 OK 4.5 kB URL
29177717-31474-ex.tassymethosif.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
IP / ASN
88.208.22.2
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.5 kB (4501 bytes)
MD5 977edc4d51a07c0bf16bccbd9277d547
SHA1 87f63489c03abc7d34c04a5c5141ed51e562aa8a
SHA256 5ed7b62583725f4b07e079111ef5489bed0509bdf45e6f73c36450d23ce65534
Certificate Info
Issuer Let's Encrypt
Subject *.tassymethosif.com
Fingerprint 88:1D:C6:17:4D:97:2A:F6:22:08:95:72:78:25:4E:0A:8B:89:7A:00
Validity Sun, 11 May 2025 14:43:01 GMT - Sat, 09 Aug 2025 14:43:00 GMT
GET /v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid= HTTP/1.1
Host: 29177717-31474-ex.tassymethosif.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 23 Jun 2025 07:17:14 UTC
expires: Mon, 23 Jun 2025 07:17:14 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
GET 29177717-31474-ex.aceadynict.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A14%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%225%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
200 OK 4.5 kB URL
29177717-31474-ex.aceadynict.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A14%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%225%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
IP / ASN
88.208.22.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.5 kB (4453 bytes)
MD5 1f04c1b79f6bd56bfa835ed83b052685
SHA1 6f3e3bc0e9f1b72d77aec0615de65ee6cff174db
SHA256 e80db29e0ef799325104e744e7f09557ce8723696fd46789318afc09694774c6
Certificate Info
Issuer Let's Encrypt
Subject *.aceadynict.com
Fingerprint 3D:0A:AD:61:D4:EC:55:CD:4C:27:F0:01:23:B6:5B:9C:B3:4E:0E:7F
Validity Fri, 18 Apr 2025 14:27:23 GMT - Thu, 17 Jul 2025 14:27:22 GMT
GET /v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A14%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%225%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid= HTTP/1.1
Host: 29177717-31474-ex.aceadynict.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 23 Jun 2025 07:17:15 UTC
expires: Mon, 23 Jun 2025 07:17:15 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 85874021249c4d63e0629c8a1c9f3a7b
SHA1 2b65da0942bba7321bbaf49e50a2d6a53a284a88
SHA256 fbd62c64348491a83f1f2610fe45099dcae141d92a487c2d63685f00ea4d659c
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
x-route-id: script
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=25062302173acf6624a66e490dad3b1bf797; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET hdbkome.com/setuid?bYqBpwWaLE7r8YeClXjN
200 OK 74 B URL
hdbkome.com/setuid?bYqBpwWaLE7r8YeClXjN
IP / ASN
31.220.27.135
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-06
Last Seen 2025-08-02
Times Seen 2649
Size 74 B (74 bytes)
MD5 9e24e19b024c44b778301d880bd8e6f4
SHA1 d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
SHA256 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
Certificate Info
Issuer Let's Encrypt
Subject hdbkome.com
Fingerprint 81:4F:9B:92:78:B4:52:8B:8A:1B:E1:29:A9:CA:3D:F8:37:D8:11:B6
Validity Mon, 31 Mar 2025 23:25:21 GMT - Sun, 29 Jun 2025 23:25:20 GMT
GET /setuid?bYqBpwWaLE7r8YeClXjN HTTP/1.1
Host: hdbkome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/png
content-length: 74
set-cookie: dmpUid=bYqBpwWaLE7r8YeClXjN; expires=Tue, 23 Jun 2026 07:17:13 GMT; domain=hdbkome.com; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2024-08-19
Last Seen 2025-07-05
Times Seen 4
Size 51 B (51 bytes)
MD5 ad4da1cd47f0d0ae6c7ab1b7bc70e849
SHA1 b4008a441f201c249897d4ca73df577313b836a3
SHA256 6a09317b54b6508c6546e6de5618a246cffb9c70de27961bef339efcb5edb6b3
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2tAVdePx4RjDTUgUTC8SWRPOppcwI2%2FFfMaLRZ9CV78wfbVmMcSGQwzx8P4V8m28KOLOL7okhdmnB8pl3%2FfC%2BZ7C1YC6B8nNAGuk9yRXnN30ZFox3dex6q4NjVaeSDADc1mJnyRy"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345db90db4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2309&min_rtt=459&rtt_var=1827&sent=454&recv=550&lost=0&retrans=0&sent_bytes=32198&recv_bytes=33745&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2565&inflight_dur=92&x=44"
GET creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d0626c8bbc74d&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
200 OK 671 kB URL
creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d0626c8bbc74d&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
IP / ASN
88.208.20.10
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (52682), with NEL line terminators
First Seen 2025-06-07
Last Seen 2025-06-30
Times Seen 43
Size 671 kB (670845 bytes)
MD5 a7dcdd05da17d94495741d58e788a8a2
SHA1 12c8581010c1dc4a35f1705f487b70f2395da152
SHA256 bd2f12ce86b7ae692bc13c5c1bfd9e55ec4ef274422a2b4133379e49ff454c84
Certificate Info
Issuer Let's Encrypt
Subject creative.cambaddies.com
Fingerprint BF:ED:5F:C6:48:34:15:44:32:34:E5:D2:B7:E3:EF:B0:04:69:7B:E7
Validity Tue, 10 Jun 2025 05:50:02 GMT - Mon, 08 Sep 2025 05:50:01 GMT
GET /widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d0626c8bbc74d&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162 HTTP/1.1
Host: creative.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=10
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 23 Jun 2025 07:17:14 GMT
etag: "68401f4c-a3c7d-gzip"
expires: Mon, 23 Jun 2025 07:17:24 GMT
last-modified: Wed, 04 Jun 2025 10:26:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 36 B (36 bytes)
MD5 061a9d5b76f0fd9e484f925c85b4a6f5
SHA1 8f45ecb1a0b0f7686941ac30d0e0d7495f4e0d65
SHA256 8642985134b7db43cd9ca833a83e33559395e4d09951fd6a18a43f84ab67bc2a
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hKYTp2qqwVFOk0%2BVs8CoVFYxcj8WykefVyjaq3R753j2e3RhDk%2F5vPN8ejpWzKgvVk2Y%2BUIyOVyyrwO3hg96Cs8XOugjrLRVVYxCN5XuOELiVaPI%2BqTXH5cIYvjDY9ymZ1HCPYuC"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234689aa856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5692&min_rtt=1106&rtt_var=3466&sent=45&recv=29&lost=0&retrans=1&sent_bytes=15218&recv_bytes=6279&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2929&inflight_dur=187&x=44"
GET hotandgirls.site/js/common.js?t=1750663020
200 OK 28 kB URL
hotandgirls.site/js/common.js?t=1750663020
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with CRLF line terminators
First Seen 2025-05-21
Last Seen 2025-07-11
Times Seen 8
Size 28 kB (27611 bytes)
MD5 8078ff33b00fdb8bd526416f75abce09
SHA1 364a3088d86ae8441b8ee3188e5a48670deb9e0c
SHA256 d86fecc3ed9d2a82163baf4f85f13e0ea86ed239a4966ef5df3343c9b24ceba4
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /js/common.js?t=1750663020 HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 27611
last-modified: Wed, 30 Apr 2025 13:10:08 GMT
etag: "68122130-6bdb"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 31474.habiculpize.com/v2/a/na/js/247648?container=clck_ntvplay&subid=103417326
200 OK 82 kB URL
31474.habiculpize.com/v2/a/na/js/247648?container=clck_ntvplay&subid=103417326
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 82 kB (82095 bytes)
MD5 9ec24cdc2f3b7381e6ac5e5cadde63d6
SHA1 c87917565ae56e25cc4205fa6ec137a5f228c132
SHA256 cb1d326b607ab690faf650f365194686bd2dc15a310b5d71537f2b54a3e93938
Certificate Info
Issuer Let's Encrypt
Subject *.habiculpize.com
Fingerprint 9A:91:FD:2E:7F:01:13:D2:0A:B9:75:8E:91:E4:C3:D9:D0:CE:5B:FD
Validity Mon, 19 May 2025 14:54:13 GMT - Sun, 17 Aug 2025 14:54:12 GMT
GET /v2/a/na/js/247648?container=clck_ntvplay&subid=103417326 HTTP/1.1
Host: 31474.habiculpize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19530
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css2?family=Roboto+Slab&display=swap
200 OK 2.6 kB URL
fonts.googleapis.com/css2?family=Roboto+Slab&display=swap
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text
First Seen 2025-06-04
Last Seen 2025-07-30
Times Seen 161
Size 2.6 kB (2604 bytes)
MD5 a3ddfd2ed2d6036b6978146f77208559
SHA1 47ab40a1d8644c794875b1e605b13691373e1a90
SHA256 bcc60d686d891d88d8c52d439e4577eb1d552cb77acc6ff924b961bfc2285ccd
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint 58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /css2?family=Roboto+Slab&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jun 2025 07:17:14 GMT
date: Mon, 23 Jun 2025 07:17:14 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 17 kB URL
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-06-02
Last Seen 2025-08-02
Times Seen 2304
Size 17 kB (16755 bytes)
MD5 e9d2e14beb088f37fae98294940a9dcd
SHA1 1dafc3c55550249c8c2d782d5616c7b445c8e005
SHA256 f2e491cc46d3fcba81f729065d622bd722751d4a2e7f80b479aa64a92c17b5c7
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint 58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jun 2025 07:17:15 GMT
date: Mon, 23 Jun 2025 07:17:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
GET nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=301
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=301
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fstyle.css&l=3355&fd=301 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:15 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1Tzyphurop1NG7mbjgdUgeRmcUnzxao7uK8OKp4g9fahjJ1aq9SfGSTpzIc57%2BmfwktQoG8IWYaDjGv%2FZXxBcXbyOtM5qzMi%2FJEKJVJo6C1HxKOFKA%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d5e8356bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=jVjMcqVQnbmyrYNMQWSM1o7KUQK1Mv0jTzyYQxOgOX7yALoKu18qbMHJ6ptpyBLJNyDGjqWZHmCgI-O_1Jo7bzYIYGZLHJGE7WH9qPCQ_o7c0C-VdXcOOhMrb7cdGYOIeanVX-D8p5IUCI-RPFgWtPqLGrC_kcq36Rlk9zelxapXPHtL6VHhfQXHbgtj-pdTXBtnuizSjk4UQUXQbE7trHLYLmEnjf0RB6H4qmi3hSeLixIDNNWdtYteeAh1pLz0IDrPBHDlimTWjqYCnxapnRnqZr5x3mqOCzlvla_kCSJIln-68Nu_cMeYq7-c8Bs6DJhBcm1PWmy6KbuRidHbw_Dt0hZZIp0191vbBnoy2nZ_Hzvrj_Ctu9OQUcWHc4UujjKSC21P7EsJKL3U2Nnu6bJybpWKcEOlAsPbCaWMKBH1P8IEx49NQxMilxgaaEqlyKsMKgXQc1wPzHOnfYCX12qc_UMcVGBFFRoWphossQSOpe6xJJhnpjuYiU399Es59qJa3lU7RGGQ3Qay8EKVod7bNAQK5TGlfitheqiMygIh_elKttyBIRbOrGQwb_GHWIaUMuMszPGr84ce3dwFtePxeaiamiCCcOQqR_ztA8SeBPDIBaJMZfchBvjh1UsLmDyxSOQgN9sv5uVytbogvh9ebAXnc36moGHvUbh0QIl1bnzIyfXzkcaA5C3Nzrn7vOw1aUlawbvKI8_PBKVnIFNpTNferW9TS8h4lG-2t50H5hVJWhKJVbhRdLpsYsgPyJSMdT_zELzjERnae2DPwolwz8HB2dUAftgFvc2hP8n_2nhMjr8=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=jVjMcqVQnbmyrYNMQWSM1o7KUQK1Mv0jTzyYQxOgOX7yALoKu18qbMHJ6ptpyBLJNyDGjqWZHmCgI-O_1Jo7bzYIYGZLHJGE7WH9qPCQ_o7c0C-VdXcOOhMrb7cdGYOIeanVX-D8p5IUCI-RPFgWtPqLGrC_kcq36Rlk9zelxapXPHtL6VHhfQXHbgtj-pdTXBtnuizSjk4UQUXQbE7trHLYLmEnjf0RB6H4qmi3hSeLixIDNNWdtYteeAh1pLz0IDrPBHDlimTWjqYCnxapnRnqZr5x3mqOCzlvla_kCSJIln-68Nu_cMeYq7-c8Bs6DJhBcm1PWmy6KbuRidHbw_Dt0hZZIp0191vbBnoy2nZ_Hzvrj_Ctu9OQUcWHc4UujjKSC21P7EsJKL3U2Nnu6bJybpWKcEOlAsPbCaWMKBH1P8IEx49NQxMilxgaaEqlyKsMKgXQc1wPzHOnfYCX12qc_UMcVGBFFRoWphossQSOpe6xJJhnpjuYiU399Es59qJa3lU7RGGQ3Qay8EKVod7bNAQK5TGlfitheqiMygIh_elKttyBIRbOrGQwb_GHWIaUMuMszPGr84ce3dwFtePxeaiamiCCcOQqR_ztA8SeBPDIBaJMZfchBvjh1UsLmDyxSOQgN9sv5uVytbogvh9ebAXnc36moGHvUbh0QIl1bnzIyfXzkcaA5C3Nzrn7vOw1aUlawbvKI8_PBKVnIFNpTNferW9TS8h4lG-2t50H5hVJWhKJVbhRdLpsYsgPyJSMdT_zELzjERnae2DPwolwz8HB2dUAftgFvc2hP8n_2nhMjr8=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=jVjMcqVQnbmyrYNMQWSM1o7KUQK1Mv0jTzyYQxOgOX7yALoKu18qbMHJ6ptpyBLJNyDGjqWZHmCgI-O_1Jo7bzYIYGZLHJGE7WH9qPCQ_o7c0C-VdXcOOhMrb7cdGYOIeanVX-D8p5IUCI-RPFgWtPqLGrC_kcq36Rlk9zelxapXPHtL6VHhfQXHbgtj-pdTXBtnuizSjk4UQUXQbE7trHLYLmEnjf0RB6H4qmi3hSeLixIDNNWdtYteeAh1pLz0IDrPBHDlimTWjqYCnxapnRnqZr5x3mqOCzlvla_kCSJIln-68Nu_cMeYq7-c8Bs6DJhBcm1PWmy6KbuRidHbw_Dt0hZZIp0191vbBnoy2nZ_Hzvrj_Ctu9OQUcWHc4UujjKSC21P7EsJKL3U2Nnu6bJybpWKcEOlAsPbCaWMKBH1P8IEx49NQxMilxgaaEqlyKsMKgXQc1wPzHOnfYCX12qc_UMcVGBFFRoWphossQSOpe6xJJhnpjuYiU399Es59qJa3lU7RGGQ3Qay8EKVod7bNAQK5TGlfitheqiMygIh_elKttyBIRbOrGQwb_GHWIaUMuMszPGr84ce3dwFtePxeaiamiCCcOQqR_ztA8SeBPDIBaJMZfchBvjh1UsLmDyxSOQgN9sv5uVytbogvh9ebAXnc36moGHvUbh0QIl1bnzIyfXzkcaA5C3Nzrn7vOw1aUlawbvKI8_PBKVnIFNpTNferW9TS8h4lG-2t50H5hVJWhKJVbhRdLpsYsgPyJSMdT_zELzjERnae2DPwolwz8HB2dUAftgFvc2hP8n_2nhMjr8= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
HEAD ads.google.com/
429 Too Many Requests 0 B IP / ASN
142.250.74.174
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject adwords.google.com
Fingerprint 11:60:62:E1:64:75:24:D1:BF:CB:0A:E7:15:EC:34:52:65:A1:96:FE
Validity Mon, 02 Jun 2025 08:36:33 GMT - Mon, 25 Aug 2025 08:36:32 GMT
HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 23 Jun 2025 07:17:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/pixel/sbs?c=1
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/sbs?c=1
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 23 Jun 2025 07:17:16 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
POST 38.244.175.139/
0 B IP / ASN
0.0.0.0
#0
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
POST / HTTP/1.1
Host: 38.244.175.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 60
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
GET hotandgirls.site/uploads/thumb/5375f7cbfb4dedc9ab237e3035090d5d.jpg
200 OK 23 kB URL
hotandgirls.site/uploads/thumb/5375f7cbfb4dedc9ab237e3035090d5d.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", progressive, precision 8, 600x337, components 3
First Seen 2023-10-27
Last Seen 2025-07-11
Times Seen 20
Size 23 kB (23097 bytes)
MD5 5422dcb4912b134d6f3323422f327699
SHA1 f56736ec24112777d494261faa80467b6689e178
SHA256 022e12a18c9a41b378cb20c2bcf5f911ef0e93044e0858da33c6b9e4e8d0142b
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/5375f7cbfb4dedc9ab237e3035090d5d.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: image/jpeg
content-length: 23097
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-5a39"
expires: Tue, 23 Jun 2026 07:17:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55540&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=VHehhONsaRxvWUEfi2l5SXyEml4ckpCk3RiHj%2FMDbAzFklK%2FIJf7KBkMPG8mZ9gv7evHWAI%2FBuWas4zV9zmsq8J1rzkFwTw%2FuWest90mQCC%2Fxev7Qg%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344cfe1956bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET hotandgirls.site/uploads/thumb/545582993a07b4ee71102dc9dc57cac0.jpg
200 OK 14 kB URL
hotandgirls.site/uploads/thumb/545582993a07b4ee71102dc9dc57cac0.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
First Seen 2024-08-19
Last Seen 2025-07-11
Times Seen 10
Size 14 kB (14521 bytes)
MD5 ffe0918a74ecdc6392db951fc9332082
SHA1 84edc01308e88f8a3c08fdedca3ee907e623bf48
SHA256 01f152fc687b33acb84c643da524c2f0db222b4a1f55c2bcccd91c31331c0db9
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/545582993a07b4ee71102dc9dc57cac0.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1; kdSspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424; sb_main_21f748a5e12cd0c59a96322c4882e619=1; sb_count_21f748a5e12cd0c59a96322c4882e619=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/jpeg
content-length: 14521
last-modified: Tue, 26 Nov 2024 10:43:25 GMT
etag: "6745a64d-38b9"
expires: Tue, 23 Jun 2026 07:17:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-05
Times Seen 2
Size 51 B (51 bytes)
MD5 d228499c1a4fdd9ad56bcf1a4bf6d84b
SHA1 88d5bd8544af95ef6485c0ef0d17d210e9c50175
SHA256 88313fb1d704345381b006e1e9b98f4f9a6e39e6e540be1b577d2de9f89632d4
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X86vDMlL0c1N%2Bk4Qoc7LJ%2B5z9H4CMgwiY1UidC9jdUoD4SR4%2B3DbXZm0gWKo%2Fid9dNbTZzFXd8vrPmnOh%2Fid11WuWJg4hBKhSAJ5i4Si6VALkyJNP4FejJPyQzYRzVLEfxyE0ugf"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423463d96db4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1805&min_rtt=459&rtt_var=1542&sent=466&recv=559&lost=0&retrans=0&sent_bytes=35174&recv_bytes=38756&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=3540&inflight_dur=100&x=44"
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 50e030e968fae45a235bc527b0091352
SHA1 1ee4329dcc00abc8c24545af33f65aa69514eccc
SHA256 54712ecfae1ffa4dabbec5def0ec2f59013ad795519905fc5ffcf14a61f287ca
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aa7Q83EQUV3hrKmmZRFV0vF7vu4yDkasg47yURF7QEUhRoVHBxVylpSMw%2BZ0yP1YvhoyCUiaLdbOEVTyIgC%2Fa%2BnNxp%2FGBhnGLQD%2Fs%2FqUtUwiyRIEk77UnJgAf5GOD4ikeRYrBaZy"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:16 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423468e989b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1773&min_rtt=459&rtt_var=1118&sent=481&recv=569&lost=0&retrans=0&sent_bytes=42668&recv_bytes=43102&delivery_rate=574024&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4349&inflight_dur=147&x=44"
GET hdbkome.com/bqyrnys1.js
200 OK 25 kB URL
hdbkome.com/bqyrnys1.js
IP / ASN
31.220.27.155
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (19273)
First Seen 2025-03-15
Last Seen 2025-07-29
Times Seen 36
Size 25 kB (24833 bytes)
MD5 03bc762cc5b5c4b094217d31469fa935
SHA1 8368b5db4fe82b36332d9bfc085507e6b8ef8dd7
SHA256 aad8aefc19a351b0fb4646801eef9d55769d24270e0df8b00a963e59171a3d11
Certificate Info
Issuer Let's Encrypt
Subject hdbkome.com
Fingerprint 81:4F:9B:92:78:B4:52:8B:8A:1B:E1:29:A9:CA:3D:F8:37:D8:11:B6
Validity Mon, 31 Mar 2025 23:25:21 GMT - Sun, 29 Jun 2025 23:25:20 GMT
GET /bqyrnys1.js HTTP/1.1
Host: hdbkome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/javascript
last-modified: Fri, 20 Jun 2025 12:54:57 GMT
vary: Accept-Encoding
etag: W/"68555a21-6101"
content-encoding: gzip
X-Firefox-Spdy: h2
GET experttrafficcounter.com/stats
0 B URL
experttrafficcounter.com/stats
IP / ASN
0.0.0.0
#0
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /stats HTTP/1.1
Host: experttrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-05-21
Last Seen 2025-06-23
Times Seen 2
Size 51 B (51 bytes)
MD5 f0303239d024ba059dc5b8a801276878
SHA1 4c0a23ea7b195ea3cad7e35902f0883776008b52
SHA256 bf81cf9d403327921981c940e4e338c1f6a1ae1f840e1d2023d744fe58f9b5b3
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i8ftbH57hS0LmZBotku3hAwKEV0oyz8cNMjESUj9q5Lbj7%2F05bpElsWa3DCZX2s7EirO3oTCkC6z8va4J4NygYT3M7S32wXxub1op25R89fH%2BgKgY4KuIoOMYH4VnZlyytG4ia8P"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345fb925b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1959&min_rtt=459&rtt_var=1647&sent=460&recv=554&lost=0&retrans=0&sent_bytes=34132&recv_bytes=35481&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2873&inflight_dur=97&x=44"
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-05
Times Seen 2
Size 51 B (51 bytes)
MD5 c97412703c93173f73d4d22fc818a099
SHA1 41b6033831b20fe32a0f311b7617d0ec48b8f45c
SHA256 4f98bd5da207c0398e23d9586245222d163a8e6837d39ebfefc4c1655c8fb075
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CELGum%2FKnY5D47ZzeuRLUk72DT00RhEpOp%2By%2BSKDPGng8pQsoXg%2BQtbOC6loeBsCMoxDpzmeP85MZRtvKI3zETab%2FYoS3XxjLepGaD5zcub9bPcJnt67Unp%2B0SkcOJOnZjFZYqcD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423464a973b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1914&min_rtt=459&rtt_var=1445&sent=473&recv=563&lost=0&retrans=0&sent_bytes=38908&recv_bytes=39713&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=3665&inflight_dur=122&x=44"
GET hotandgirls.site/css/style-en.css
200 OK 6.7 kB URL
hotandgirls.site/css/style-en.css
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (1054)
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 9
Size 6.7 kB (6700 bytes)
MD5 d183ec3425c7c5437c1dccab65518037
SHA1 4b5e7f95ffd3803f1466c551f137a4ade3ceceac
SHA256 408d322a260ed467878a98ac289ac873c87cbd09a94ce31f5999b60acf0ac712
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /css/style-en.css HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: text/css
content-length: 6700
last-modified: Tue, 26 Nov 2024 09:45:45 GMT
etag: "674598c9-1a2c"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U4couiAITTe9%2BAgicpdH8FaByvkAaeOCl8RvjHl3xiuc504Rll0WhqryxNSLMNbF%2BgnjFv8O5Jbi5DfsCGZi6SVrr%2B8%2FxjsGP9Ni4r49xM2IHycq0Q%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d3e5956bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 084b57a36d610838bfc2f37e89db1d42
SHA1 489d4ac9e369e6b83546b6707030feb2c550eaf2
SHA256 a3e905ab13ef7bff38dd4e60df379ec5c58dbb8a011ab8212a5271375c333175
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=K3u1MNMbQgEN%2BBSFovbwUyB2caeXjBO6x5PICgP85iKSLUjOJ3xG5hkxYeQITmX54oIr8zPDkC20CQA%2FNN%2FtMasrb5wzXs4JyUkXOvm1js0C"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234568a8eb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 29177717-31474-ex.uncysiante.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
200 OK 4.5 kB URL
29177717-31474-ex.uncysiante.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.5 kB (4497 bytes)
MD5 c472f4ccf908c8345b4a1873789a422d
SHA1 ebd45d178f3f5448e4dd40b790b148b24797ff1b
SHA256 a87012238879c31c880f900741f14324482f32641a8c4f9e46e6b70f159a12fc
Certificate Info
Issuer Let's Encrypt
Subject *.uncysiante.com
Fingerprint 63:13:18:91:04:ED:CB:7F:4C:99:70:B7:81:1C:9D:04:BD:A6:D0:AB
Validity Sat, 17 May 2025 09:41:11 GMT - Fri, 15 Aug 2025 09:41:10 GMT
GET /v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%222%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid= HTTP/1.1
Host: 29177717-31474-ex.uncysiante.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 23 Jun 2025 07:17:14 UTC
expires: Mon, 23 Jun 2025 07:17:14 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
GET cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
200 OK 1.3 kB URL
cdn.show-sb.com/sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html
IP / ASN
172.67.170.115
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type HTML document, ASCII text
First Seen 2023-06-26
Last Seen 2025-08-02
Times Seen 629
Size 1.3 kB (1325 bytes)
MD5 f6990569c7ffeac1f4a3f6d9eee5da44
SHA1 e7d5e37acf89a8faee252c36fc2c9d6615501d76
SHA256 cc2a9756c81bd570fff8b32e48a413687c33f8abe9c934e743a0769178b4f690
Certificate Info
Issuer Google Trust Services
Subject show-sb.com
Fingerprint DF:A8:5A:11:E9:7E:8B:0E:2E:08:20:FB:02:FE:C4:E3:E7:97:E8:3A
Validity Thu, 12 Jun 2025 07:26:41 GMT - Wed, 10 Sep 2025 08:25:04 GMT
GET /sb/au/0c/c8/e1/0cc8e13ba9d5dbc867b982993e805a9d/1632728593.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 27 Sep 2021 07:43:24 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
vary: accept-encoding
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=PYJclVuAh205Wf01LG0H%2BD4n1pSQ0E5PqjfRFdHMeJGH7aO3ldT3Z9Gdd9Dk4EWIeG1O9ieUjjoGUqtkSBO6r51FYKxCgdachFJ7xW4%3D"}]}
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345d2b3356bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET i.cdnfimgs.com/auto/190x150/image/tesr/287/287/rect_68404a6367ed7t1749043811r9489.jpg
200 OK 13 kB URL
i.cdnfimgs.com/auto/190x150/image/tesr/287/287/rect_68404a6367ed7t1749043811r9489.jpg
IP / ASN
45.133.44.36
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, baseline, precision 8, 190x150, components 3
First Seen 2025-06-23
Last Seen 2025-07-05
Times Seen 2
Size 13 kB (12550 bytes)
MD5 0df6a4f163d2f0cdc6d9b4f7e92efdc0
SHA1 35171fad41fdaa9920531027a51e63953ac6d8c4
SHA256 e5d729c03b92e2fa8f60fe1d63af7e0c510e941f0e8d9c24b8c1274614e85d21
Certificate Info
Issuer Let's Encrypt
Subject i.cdnfimgs.com
Fingerprint 7B:6C:EB:88:EC:1C:AD:34:45:70:6F:AC:DC:02:61:C3:4E:42:33:9C
Validity Mon, 19 May 2025 06:33:15 GMT - Sun, 17 Aug 2025 06:33:14 GMT
GET /auto/190x150/image/tesr/287/287/rect_68404a6367ed7t1749043811r9489.jpg HTTP/1.1
Host: i.cdnfimgs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: image/jpeg
content-length: 12550
server: nginx
cache-control: max-age=1209600
x-cache-status: MISS
expires: Mon, 07 Jul 2025 07:17:14 GMT
x-cdn-host-id: ds5059
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 4
Size 36 B (36 bytes)
MD5 2e9a5cb4c9281ba1cfc66282c6ed1184
SHA1 fac5c12f5bb4f96add11538c5ecc94dbdf2e8de7
SHA256 0b5bceb0f44b98b3ca077576949737a84da2773e8697bf84d5165ce08ca237e5
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XIrWYj4yT161ELSc5t3wHLPNj509oA%2BMrJSXlmcSp%2BYbZh875bdsvPyrz3Q3DcHxPSrgvJyrvSZKL%2FgP5hPvLWOo55PCGI1vYx4QNW05slWr"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542344c1d44b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET hotandgirls.site/images/play.png
200 OK 1.6 kB URL
hotandgirls.site/images/play.png
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 227 x 258, 8-bit colormap, non-interlaced
First Seen 2023-05-23
Last Seen 2025-07-31
Times Seen 220
Size 1.6 kB (1559 bytes)
MD5 4628ea682db5a291b023bdb526c5333e
SHA1 001444b50b1f144dffe8970d9be2e0f6ada9c731
SHA256 98e42c7c9244df540b87362f9cd7d5db0a636f6393c14a103915e117bb0f6d26
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /images/play.png HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: image/png
content-length: 1559
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-617"
expires: Tue, 23 Jun 2026 07:17:11 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 85bdbbba5df495243a975bd2527f9d30
SHA1 d13ebdaef09298d81780981b225c2217f839b250
SHA256 924c90ca83c88dd517536e386cec9f3f091ad8811885f926869df4fa4c439f2a
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=YmNmtGGmC2%2B2Y5pkN54z2pyD3u1YyKdDiQhDxBvOThz3IBqMrfuyA6%2FdJFfuf3iqrQf7%2FnVWefW9S8fCc0SeeVENmLmFaiDhvExlAwwvzP2d"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542344f2932b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET hotandgirls.site/uploads/thumb/969d52465857442e68868b3c2d4463e4.jpg
200 OK 17 kB URL
hotandgirls.site/uploads/thumb/969d52465857442e68868b3c2d4463e4.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 9
Size 17 kB (17015 bytes)
MD5 45dfbda30dcaeb25e9a57953e5eefd31
SHA1 396d2c987b7f70d022fad4cd4fded961ddb57fc7
SHA256 3882009fe7ca81a90aad6e957d7eb1c67e222e0750b51310bcde4a84ae318aa7
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/969d52465857442e68868b3c2d4463e4.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1; kdSspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424; sb_main_21f748a5e12cd0c59a96322c4882e619=1; sb_count_21f748a5e12cd0c59a96322c4882e619=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/jpeg
content-length: 17015
last-modified: Tue, 26 Nov 2024 10:35:52 GMT
etag: "6745a488-4277"
expires: Tue, 23 Jun 2026 07:17:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET 31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_195_1&subid=103417326
200 OK 82 kB URL
31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_195_1&subid=103417326
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 82 kB (82109 bytes)
MD5 f6b64eae9dc52e90aaaf8d372f496236
SHA1 4d52da2af57cc55f79097d318700fb44d1720591
SHA256 7614a6f205c6e51634b14ef799f1be44d3360e4e61bac7325f63fac5e50511ee
Certificate Info
Issuer Let's Encrypt
Subject *.2489may2024.com
Fingerprint 22:A9:F0:36:70:DF:BB:11:76:A1:88:3A:63:75:CE:C7:A8:54:39:A5
Validity Thu, 29 May 2025 20:24:42 GMT - Wed, 27 Aug 2025 20:24:41 GMT
GET /v2/a/na/js/247450?container=clck_ntv_195_1&subid=103417326 HTTP/1.1
Host: 31474.2489may2024.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19541
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d1e197cc33bd2&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
200 OK 671 kB URL
creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d1e197cc33bd2&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
IP / ASN
88.208.20.10
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (52682), with NEL line terminators
First Seen 2025-06-07
Last Seen 2025-06-30
Times Seen 43
Size 671 kB (670845 bytes)
MD5 a7dcdd05da17d94495741d58e788a8a2
SHA1 12c8581010c1dc4a35f1705f487b70f2395da152
SHA256 bd2f12ce86b7ae692bc13c5c1bfd9e55ec4ef274422a2b4133379e49ff454c84
Certificate Info
Issuer Let's Encrypt
Subject creative.cambaddies.com
Fingerprint BF:ED:5F:C6:48:34:15:44:32:34:E5:D2:B7:E3:EF:B0:04:69:7B:E7
Validity Tue, 10 Jun 2025 05:50:02 GMT - Mon, 08 Sep 2025 05:50:01 GMT
GET /widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d1e197cc33bd2&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162 HTTP/1.1
Host: creative.cambaddies.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000
cache-control: max-age=10
content-encoding: gzip
content-type: application/javascript; charset=utf-8
date: Mon, 23 Jun 2025 07:17:14 GMT
etag: "68401f4c-a3c7d-gzip"
expires: Mon, 23 Jun 2025 07:17:24 GMT
last-modified: Wed, 04 Jun 2025 10:26:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 36 B (36 bytes)
MD5 fafd873eba762f94479a03dcabca468c
SHA1 46253822ae735deed205bf53e9e0bbb09e3b6670
SHA256 a2ee4dc83b66d919280404a0de84ff4b2ecd9c8711e759338056d64cd4e7368b
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5Zcg%2B2J2d06XsMVUQcJp4StMyQpfv2zBfJMc%2BZ%2F1W0r%2FC9hpymAdwxj1chIWGdAPWyr%2F7PMQ2gKxS7w%2BEvBSVJoFCotTkOfIrxezWWY9BXfpyBi9cdAU0RlEc2rcSQdrW2SWpIcw"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345f1a7856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4653&min_rtt=1616&rtt_var=1764&sent=23&recv=16&lost=0&retrans=0&sent_bytes=7589&recv_bytes=3069&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=1406&inflight_dur=67&x=44"
GET 1035--byqbpwwale7r8yeclxjn.stbid.ru/empty
200 OK 43 B URL
1035--byqbpwwale7r8yeclxjn.stbid.ru/empty
IP / ASN
80.87.198.24
#29182 JSC IOT
Requested by https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 172848
Size 43 B (43 bytes)
MD5 ad4b0f606e0f8465bc4c4c170b37e1a3
SHA1 50b30fd5f87c85fe5cba2635cb83316ca71250d7
SHA256 cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Certificate Info
Issuer GlobalSign nv-sa
Subject *.stbid.ru
Fingerprint CD:D0:42:9B:03:7A:27:A9:42:E1:4D:28:F3:FC:EA:D1:AC:D7:13:7E
Validity Tue, 22 Apr 2025 09:20:40 GMT - Sun, 24 May 2026 09:20:39 GMT
GET /empty HTTP/1.1
Host: 1035--byqbpwwale7r8yeclxjn.stbid.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://uuidksinc.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.27.0
Date: Mon, 23 Jun 2025 07:17:15 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: close
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 85bdbbba5df495243a975bd2527f9d30
SHA1 d13ebdaef09298d81780981b225c2217f839b250
SHA256 924c90ca83c88dd517536e386cec9f3f091ad8811885f926869df4fa4c439f2a
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bFoQfALJvOwMttNPjdeT7A%2BDh8tkLwWUKR%2BfTE3LJXxd7B4EKPZYCcDmfrOyJD0g5d%2B%2BCOF7xWZZE%2BhZIhraZhP5%2FDa8u0A3nmt5TJcJr6YHU9c6T1BpN2aKFP3pYiNoVu83K3vo"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234666a9b56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6189&min_rtt=1616&rtt_var=3410&sent=38&recv=25&lost=0&retrans=1&sent_bytes=12912&recv_bytes=5520&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2578&inflight_dur=173&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-28
Times Seen 2
Size 36 B (36 bytes)
MD5 081a684ba9715db0245b180d4bbd8bf1
SHA1 85ec2e0019a788ea6b6961b5127c16af337fe50f
SHA256 6604e63fdc502f22a222645fa63b3d3f375eff3afd4dbd69f2273830c43b8999
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9flX0FPajnz6rT%2FBZ2m6FXraMvRL2vuy4Uo4XrI3pDy6AcLCD%2FNEbRq%2BlyUzJgTBuhMwECFLv9W1J%2FL7TSyHWxb0NUb3znFGsQHYXwY3f%2FRsPioG%2BUMN%2F8EUCyeWrpehddBhE1tb"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234666a9c56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6189&min_rtt=1616&rtt_var=3410&sent=39&recv=25&lost=0&retrans=1&sent_bytes=13645&recv_bytes=5520&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2579&inflight_dur=173&x=44"
GET video.videotouch88.info/api/video/tag?sourceId=55541&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55541&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55541&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BJrnPwE%2FR8xM2a6qhV%2BGaDF7GftATJtCLMrbXr5%2Bm%2Fp%2F9K1%2B0XazNP5rM%2FcqPkKuSVkB6VVkNipIpbSxMoDBNddg7kF49LaWOCWVhp8N4MIUI2kMLg%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d1e3d56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET hotandgirls.site/uploads/thumb/41b7b80077ebb673c861c129e4cf6537.jpg
200 OK 20 kB URL
hotandgirls.site/uploads/thumb/41b7b80077ebb673c861c129e4cf6537.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
First Seen 2023-10-27
Last Seen 2025-07-11
Times Seen 20
Size 20 kB (19560 bytes)
MD5 411c840fc9792c3689906fe85126e946
SHA1 76ac3a7bc5a6ef3552d942daa19d184ffb4ce8a8
SHA256 6d53665acedbfe140ec61123cd99c53e2f7b2ef6db4b323acd9f61ab0396953a
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/41b7b80077ebb673c861c129e4cf6537.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1; kdSspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424; sb_main_21f748a5e12cd0c59a96322c4882e619=1; sb_count_21f748a5e12cd0c59a96322c4882e619=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/jpeg
content-length: 19560
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-4c68"
expires: Tue, 23 Jun 2026 07:17:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd0zM77R6Wze5GojGJuysRPFV3VU_K1HS1Vd3TkxEhGJQ9jnjxJJVvkg2ui6x_gCAz3oKC4ymHzcU_QVjwpPRkYPRBvR_1vYLve6--PCzOSYCCnm29pwZCSrrcrLu117dFylRpaht3a55bd6_WtkXaCq7W-pXTvbe8RlB336i9zeNdtey7nut6rldbFZonqr88QyGyh6FXD9164Ne9ZoC-_n9tCgeGOmC9c_ICBJs--2fyEUQ8Rtp9dJOb3Vxlb97qFpLmSqPHTj5Id1NVpugu0kQ7SNKTeTeUmRLyzRJUejJXANU7qhQgElOy9PJjROnJnCai3vEF00iCp4jY0yh7Y3A5hqBjxOoAgv1OgJhhYxNp9_6G0iXdu0BphU7J5Sd_QZRTcvnxi0i7P6xI0a_dUbLIhUoN-omF6I8hOmNkxQT5YAminCDOP4dgv5HlJ-tIu0ebRioIZmfqRTKG5ENQ46CojnBQJA6KzEGXndUCtx3EHm20kpDFV9yABgHjkRu2fdelYXwFRVxRGyLPhojlELHeR6b3sSuG0MXPMDsWhjkw-ZQ47--jxyxKTlAagpISlIKgzAnKnj1m0vjG3mfSFJE3j_48NuxI5Z1DeqzyDk8JqB5CM3sksk_MAeL80miQGDZSlaNRbkc0YvYwOyfPV5NzPvuWYJef1XwvuRK0aZN7fszcuBnSsNXw_Thot33e8kIYYSHM0mwgAzElNx68hExMiYOnENEJjJwgFs-BFq-ClhZ0x2KQPtpROU1ZR2hp6kbkHExZZPll5HvOoTwnr8z2d_3vr8Hj02uTxswQa4tMW3wsfiHoyHuj26okR7dVaciPm1kuumJAq93eyWnOLz14l--VSrO1m2b43fW4Aqr04V1u8nWaMpF2DPl-RTDG9arSMSc_rZltHm0VZmel0GmRrW_dWF3rZpobI1Q6Bq2EfforYjElz7xza_ZvX1v7AkKPoQuLbnFK5gahJoizfZhswd8oAi0XPVHmoCzsSPvR4lIKAskXNY0szH_qaJGPNK1eU2EPzT10tAOaHyDtWvS0RU9aUDmEKS6N8kyfXvtjTiOSziiS2jmKpJZfXYzZiLNa048arXa7xZMWSxqs4TdY2HR5GNCwFYRBE7mZ7nz4z96_AQAA__9Jx114mQQAAA==
200 OK 0 B URL
nannyirrationalacquainted.com/ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd0zM77R6Wze5GojGJuysRPFV3VU_K1HS1Vd3TkxEhGJQ9jnjxJJVvkg2ui6x_gCAz3oKC4ymHzcU_QVjwpPRkYPRBvR_1vYLve6--PCzOSYCCnm29pwZCSrrcrLu117dFylRpaht3a55bd6_WtkXaCq7W-pXTvbe8RlB336i9zeNdtey7nut6rldbFZonqr88QyGyh6FXD9164Ne9ZoC-_n9tCgeGOmC9c_ICBJs--2fyEUQ8Rtp9dJOb3Vxlb97qFpLmSqPHTj5Id1NVpugu0kQ7SNKTeTeUmRLyzRJUejJXANU7qhQgElOy9PJjROnJnCai3vEF00iCp4jY0yh7Y3A5hqBjxOoAgv1OgJhhYxNp9_6G0iXdu0BphU7J5Sd_QZRTcvnxi0i7P6xI0a_dUbLIhUoN-omF6I8hOmNkxQT5YAminCDOP4dgv5HlJ-tIu0ebRioIZmfqRTKG5ENQ46CojnBQJA6KzEGXndUCtx3EHm20kpDFV9yABgHjkRu2fdelYXwFRVxRGyLPhojlELHeR6b3sSuG0MXPMDsWhjkw-ZQ47--jxyxKTlAagpISlIKgzAnKnj1m0vjG3mfSFJE3j_48NuxI5Z1DeqzyDk8JqB5CM3sksk_MAeL80miQGDZSlaNRbkc0YvYwOyfPV5NzPvuWYJef1XwvuRK0aZN7fszcuBnSsNXw_Thot33e8kIYYSHM0mwgAzElNx68hExMiYOnENEJjJwgFs-BFq-ClhZ0x2KQPtpROU1ZR2hp6kbkHExZZPll5HvOoTwnr8z2d_3vr8Hj02uTxswQa4tMW3wsfiHoyHuj26okR7dVaciPm1kuumJAq93eyWnOLz14l--VSrO1m2b43fW4Aqr04V1u8nWaMpF2DPl-RTDG9arSMSc_rZltHm0VZmel0GmRrW_dWF3rZpobI1Q6Bq2EfforYjElz7xza_ZvX1v7AkKPoQuLbnFK5gahJoizfZhswd8oAi0XPVHmoCzsSPvR4lIKAskXNY0szH_qaJGPNK1eU2EPzT10tAOaHyDtWvS0RU9aUDmEKS6N8kyfXvtjTiOSziiS2jmKpJZfXYzZiLNa048arXa7xZMWSxqs4TdY2HR5GNCwFYRBE7mZ7nz4z96_AQAA__9Jx114mQQAAA==
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd0zM77R6Wze5GojGJuysRPFV3VU_K1HS1Vd3TkxEhGJQ9jnjxJJVvkg2ui6x_gCAz3oKC4ymHzcU_QVjwpPRkYPRBvR_1vYLve6--PCzOSYCCnm29pwZCSrrcrLu117dFylRpaht3a55bd6_WtkXaCq7W-pXTvbe8RlB336i9zeNdtey7nut6rldbFZonqr88QyGyh6FXD9164Ne9ZoC-_n9tCgeGOmC9c_ICBJs--2fyEUQ8Rtp9dJOb3Vxlb97qFpLmSqPHTj5Id1NVpugu0kQ7SNKTeTeUmRLyzRJUejJXANU7qhQgElOy9PJjROnJnCai3vEF00iCp4jY0yh7Y3A5hqBjxOoAgv1OgJhhYxNp9_6G0iXdu0BphU7J5Sd_QZRTcvnxi0i7P6xI0a_dUbLIhUoN-omF6I8hOmNkxQT5YAminCDOP4dgv5HlJ-tIu0ebRioIZmfqRTKG5ENQ46CojnBQJA6KzEGXndUCtx3EHm20kpDFV9yABgHjkRu2fdelYXwFRVxRGyLPhojlELHeR6b3sSuG0MXPMDsWhjkw-ZQ47--jxyxKTlAagpISlIKgzAnKnj1m0vjG3mfSFJE3j_48NuxI5Z1DeqzyDk8JqB5CM3sksk_MAeL80miQGDZSlaNRbkc0YvYwOyfPV5NzPvuWYJef1XwvuRK0aZN7fszcuBnSsNXw_Thot33e8kIYYSHM0mwgAzElNx68hExMiYOnENEJjJwgFs-BFq-ClhZ0x2KQPtpROU1ZR2hp6kbkHExZZPll5HvOoTwnr8z2d_3vr8Hj02uTxswQa4tMW3wsfiHoyHuj26okR7dVaciPm1kuumJAq93eyWnOLz14l--VSrO1m2b43fW4Aqr04V1u8nWaMpF2DPl-RTDG9arSMSc_rZltHm0VZmel0GmRrW_dWF3rZpobI1Q6Bq2EfforYjElz7xza_ZvX1v7AkKPoQuLbnFK5gahJoizfZhswd8oAi0XPVHmoCzsSPvR4lIKAskXNY0szH_qaJGPNK1eU2EPzT10tAOaHyDtWvS0RU9aUDmEKS6N8kyfXvtjTiOSziiS2jmKpJZfXYzZiLNa048arXa7xZMWSxqs4TdY2HR5GNCwFYRBE7mZ7nz4z96_AQAA__9Jx114mQQAAA== HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:14 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c07f8b0b49c822dca981f5a32ef7a2f3
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET hdbkome.com/get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424
200 OK 7.9 kB URL
hdbkome.com/get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424
IP / ASN
31.220.27.135
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 7.9 kB (7856 bytes)
MD5 815572e02107abc1e877df36392a8ae9
SHA1 eecf657419d68735a9e38c0583a414df05e84355
SHA256 66b9aee122f87fb0cc9ea27039c29b37ed6e0b75dce2ca7c847f16785a4fad16
Certificate Info
Issuer Let's Encrypt
Subject hdbkome.com
Fingerprint 81:4F:9B:92:78:B4:52:8B:8A:1B:E1:29:A9:CA:3D:F8:37:D8:11:B6
Validity Mon, 31 Mar 2025 23:25:21 GMT - Sun, 29 Jun 2025 23:25:20 GMT
GET /get_data?v=default&page=https%253A%252F%252Fhotandgirls.site%252F%253Fvid%253D3%2526ad%253D103417326%2526site%253D7807247%2526source%253Dcadu%2526aduClickId%253D960912425052278785&domain=hotandgirls.site&blockID=367726&width=190&height=160&windowWidth=1280&gdpr=0&gdprConsent=&os=&osVersion=&limit=1&format=json&sspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424 HTTP/1.1
Host: hdbkome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: dmpUid=bYqBpwWaLE7r8YeClXjN
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.23.2
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
referer:
content-encoding: gzip
X-Firefox-Spdy: h2
GET 29177717-31474-3424.pelverityrerlob.com/v2/a/na/image?d=BQ5qQHPerpRWqDnBKgs8L6cMmvm_clz8aMPV8orDATVWatBpddCIIf3-vmUoOx_sjPc44ptPyNUEIoIO6cYJF7ln_3JZuVskMSz7gzlomOE7sOxIcdyHHsducAJ7LL3QURNXQiOuE4wm_tiqbkKEEe_kBepWNs1j7jmQEJHREsn0ozsWmc9pWWxBo-esf-4mmqNG5GE67MHucdiHGR5VrbJ7ZbMYNsvZqaibysfUGWNj8k9946P2YrLeN-IEMSPAFuWMUgyiyCkgaBg8atoP1P2V2z93_19-jSdyJMaWKdoetwY6XXw2fUTrpqYOKaQPT67oq0PKahI7tHCVb1ntAxWpa-odnXv8HukidvBo3_uvkLbjWnc83HiKlatZ6cgM1x4V4StZogzHaNbt7qX4wwmPz2g0XLM0wiyFnviuM0fIowFI5qssX6rag1oZL7uSlRCSyjqBEnl6r8BvI7WWQn-InKXBi2tU9S_79vpzpNDZDT5vMCOW31APHOmapInbOKe3jtsTJiT9C9ZvHwsDEaCP1qIL2TDA5HpzMrKwVV5LA_QSyRpeIPFJWaTtMHC47gL1DgVN_RdZdtkEuEQ81l3rGn-aJmNZr461ugXoRS2wS4tB8p512JNlR0CH3iwyQ9sHfclN0Vt-oggaV5jz06lIYeFWxqjdebD5S9W37EaFu7TWQAn2RZ6_68aoc11juMw2oFnh7RVidkI3UjO3I2V7q-IcZWfcR2ulE6Xpnwk5LUrZqNJFGNUXAj4qBS-xasmoTgoz52_K4ndbx4doVrI3AQkyyDoRVHqTdlRzPigRQMTm13PpwGi09iEsWiYaPO5y89zBcEp3vYbXoKSgrI62jSWYYKDJ5GkfGZXoV0CPKrppWDRheeOfM9GprUeHRTMsgjLbwlmCeiRv-oXMv_F5sRK_wMinIEyHOhuj9cqJb5uTtZcycxGBAG3R33q14dcpeA9C4q6MYkjUf8RxLUTQC0KAZLWwoK7arELVKZwlB5tP1UgkT46GHrS-7kFGWVLVOmVBGIWW8Ltujv8Q7jwMGeyWTAD4dcF7dtsOaFtA-zwLAnAtrMoDtYg-2Y77zJt1pmsaAt80HwpHgyg8g4o7v_2KkU8dS-m1j3A04iHFMU7N9rYaqliLgI1fgTRNdKsbFwXxN3D2TQNPV3QnFfNQDrexcTEk6Zg87YyOKZ6qHzE1FZ4HWONbxnsB5KDDMsN5u4dJXPpGsunToiUTRNUrccZJ3MdCoD0yvwK6hT2-D9rDe247Tll9i8JoZOxRcDqjQywr_W-8OauK6OHeDJoeVSSqeslHq5Kr
200 OK 68 B URL
29177717-31474-3424.pelverityrerlob.com/v2/a/na/image?d=BQ5qQHPerpRWqDnBKgs8L6cMmvm_clz8aMPV8orDATVWatBpddCIIf3-vmUoOx_sjPc44ptPyNUEIoIO6cYJF7ln_3JZuVskMSz7gzlomOE7sOxIcdyHHsducAJ7LL3QURNXQiOuE4wm_tiqbkKEEe_kBepWNs1j7jmQEJHREsn0ozsWmc9pWWxBo-esf-4mmqNG5GE67MHucdiHGR5VrbJ7ZbMYNsvZqaibysfUGWNj8k9946P2YrLeN-IEMSPAFuWMUgyiyCkgaBg8atoP1P2V2z93_19-jSdyJMaWKdoetwY6XXw2fUTrpqYOKaQPT67oq0PKahI7tHCVb1ntAxWpa-odnXv8HukidvBo3_uvkLbjWnc83HiKlatZ6cgM1x4V4StZogzHaNbt7qX4wwmPz2g0XLM0wiyFnviuM0fIowFI5qssX6rag1oZL7uSlRCSyjqBEnl6r8BvI7WWQn-InKXBi2tU9S_79vpzpNDZDT5vMCOW31APHOmapInbOKe3jtsTJiT9C9ZvHwsDEaCP1qIL2TDA5HpzMrKwVV5LA_QSyRpeIPFJWaTtMHC47gL1DgVN_RdZdtkEuEQ81l3rGn-aJmNZr461ugXoRS2wS4tB8p512JNlR0CH3iwyQ9sHfclN0Vt-oggaV5jz06lIYeFWxqjdebD5S9W37EaFu7TWQAn2RZ6_68aoc11juMw2oFnh7RVidkI3UjO3I2V7q-IcZWfcR2ulE6Xpnwk5LUrZqNJFGNUXAj4qBS-xasmoTgoz52_K4ndbx4doVrI3AQkyyDoRVHqTdlRzPigRQMTm13PpwGi09iEsWiYaPO5y89zBcEp3vYbXoKSgrI62jSWYYKDJ5GkfGZXoV0CPKrppWDRheeOfM9GprUeHRTMsgjLbwlmCeiRv-oXMv_F5sRK_wMinIEyHOhuj9cqJb5uTtZcycxGBAG3R33q14dcpeA9C4q6MYkjUf8RxLUTQC0KAZLWwoK7arELVKZwlB5tP1UgkT46GHrS-7kFGWVLVOmVBGIWW8Ltujv8Q7jwMGeyWTAD4dcF7dtsOaFtA-zwLAnAtrMoDtYg-2Y77zJt1pmsaAt80HwpHgyg8g4o7v_2KkU8dS-m1j3A04iHFMU7N9rYaqliLgI1fgTRNdKsbFwXxN3D2TQNPV3QnFfNQDrexcTEk6Zg87YyOKZ6qHzE1FZ4HWONbxnsB5KDDMsN5u4dJXPpGsunToiUTRNUrccZJ3MdCoD0yvwK6hT2-D9rDe247Tll9i8JoZOxRcDqjQywr_W-8OauK6OHeDJoeVSSqeslHq5Kr
IP / ASN
88.208.22.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 17333
Size 68 B (68 bytes)
MD5 91e42db1c66c0b276abf6234dc50b2eb
SHA1 c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
SHA256 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Certificate Info
Issuer Let's Encrypt
Subject *.pelverityrerlob.com
Fingerprint C5:95:27:AC:E4:95:2E:5D:42:15:E4:9A:0C:7E:C0:10:28:CA:36:A9
Validity Wed, 16 Apr 2025 14:27:11 GMT - Tue, 15 Jul 2025 14:27:10 GMT
GET /v2/a/na/image?d=BQ5qQHPerpRWqDnBKgs8L6cMmvm_clz8aMPV8orDATVWatBpddCIIf3-vmUoOx_sjPc44ptPyNUEIoIO6cYJF7ln_3JZuVskMSz7gzlomOE7sOxIcdyHHsducAJ7LL3QURNXQiOuE4wm_tiqbkKEEe_kBepWNs1j7jmQEJHREsn0ozsWmc9pWWxBo-esf-4mmqNG5GE67MHucdiHGR5VrbJ7ZbMYNsvZqaibysfUGWNj8k9946P2YrLeN-IEMSPAFuWMUgyiyCkgaBg8atoP1P2V2z93_19-jSdyJMaWKdoetwY6XXw2fUTrpqYOKaQPT67oq0PKahI7tHCVb1ntAxWpa-odnXv8HukidvBo3_uvkLbjWnc83HiKlatZ6cgM1x4V4StZogzHaNbt7qX4wwmPz2g0XLM0wiyFnviuM0fIowFI5qssX6rag1oZL7uSlRCSyjqBEnl6r8BvI7WWQn-InKXBi2tU9S_79vpzpNDZDT5vMCOW31APHOmapInbOKe3jtsTJiT9C9ZvHwsDEaCP1qIL2TDA5HpzMrKwVV5LA_QSyRpeIPFJWaTtMHC47gL1DgVN_RdZdtkEuEQ81l3rGn-aJmNZr461ugXoRS2wS4tB8p512JNlR0CH3iwyQ9sHfclN0Vt-oggaV5jz06lIYeFWxqjdebD5S9W37EaFu7TWQAn2RZ6_68aoc11juMw2oFnh7RVidkI3UjO3I2V7q-IcZWfcR2ulE6Xpnwk5LUrZqNJFGNUXAj4qBS-xasmoTgoz52_K4ndbx4doVrI3AQkyyDoRVHqTdlRzPigRQMTm13PpwGi09iEsWiYaPO5y89zBcEp3vYbXoKSgrI62jSWYYKDJ5GkfGZXoV0CPKrppWDRheeOfM9GprUeHRTMsgjLbwlmCeiRv-oXMv_F5sRK_wMinIEyHOhuj9cqJb5uTtZcycxGBAG3R33q14dcpeA9C4q6MYkjUf8RxLUTQC0KAZLWwoK7arELVKZwlB5tP1UgkT46GHrS-7kFGWVLVOmVBGIWW8Ltujv8Q7jwMGeyWTAD4dcF7dtsOaFtA-zwLAnAtrMoDtYg-2Y77zJt1pmsaAt80HwpHgyg8g4o7v_2KkU8dS-m1j3A04iHFMU7N9rYaqliLgI1fgTRNdKsbFwXxN3D2TQNPV3QnFfNQDrexcTEk6Zg87YyOKZ6qHzE1FZ4HWONbxnsB5KDDMsN5u4dJXPpGsunToiUTRNUrccZJ3MdCoD0yvwK6hT2-D9rDe247Tll9i8JoZOxRcDqjQywr_W-8OauK6OHeDJoeVSSqeslHq5Kr HTTP/1.1
Host: 29177717-31474-3424.pelverityrerlob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: image/png
content-length: 68
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET hotandgirls.site/uploads/thumb/6138ba2fa9473a981f0f5df3510acce2.jpg
200 OK 18 kB URL
hotandgirls.site/uploads/thumb/6138ba2fa9473a981f0f5df3510acce2.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 352x198, components 3
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 18 kB (18454 bytes)
MD5 4c7344a8dbf73ddf0cb6f65239c0cb5a
SHA1 5f35b67ce905333c46b8a4a32afc55df117c85d9
SHA256 f62d467badd83bb318a027dbedaa7231028dfec1578223833f6a88db2d5c4f00
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/6138ba2fa9473a981f0f5df3510acce2.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: image/jpeg
content-length: 18454
last-modified: Tue, 26 Nov 2024 10:42:36 GMT
etag: "6745a61c-4816"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9i2o1y8z5HPAtHobD0zwVs1pRxWG6cs53x47cFPuVruqj39b%2Bi70oTP8Dk%2BfUfLqdLRX2ufz1ogWLPgPQ6UjiyNjvQShG3UYM%2FIQHxvgPIfHnn13mg%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344cfe2156bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=304
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=304
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fcss%2Fanimate.css&l=78689&fd=304 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:16 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 e1fb94d970fa56490fe7e20a2f5882f0
SHA1 28bc6e3ed369b90340c2d41452c817047f462f28
SHA256 871fda2eba2ecb4f318939207e89e3d150b70fc717c60539bef7fa77f83cef37
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uNHeAjHUnLNqMflpKbqq69V3jq7GTJ8h0TjfSGO%2BF5gKhXUYy1W94iI9iZgO1pex0HkeTYlffRyEZFT3AmIuX0NInVR8fvBBhFfDr6tUqV9Dsjyg5Q9O0Nl%2BVdzPSQzEpBL8W3py"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157679999; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423466c981b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1921&min_rtt=459&rtt_var=1097&sent=476&recv=566&lost=0&retrans=0&sent_bytes=39878&recv_bytes=41406&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4004&inflight_dur=144&x=44"
GET s.viiwmjfw.com/n/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwayzkqjnesdfqxhz3upse3j3fbudrupmleg4lvei446sshafyeu3sgnrilw5qio5wuucfxgi3eyivwsrs526yadvfowm3soj4ba67xkz472ukljfqtoz45tnuyaqa3qe2e3acgkwrxh4pj7xzxlecsmxag2zs6mb7x2u2dlr5hsyl6offdmbl6hyqdi52fcrkqesyrifrbg7s3p76fgsgrmlewz2slx5h6u4csqzhfd7cuzdp3ky7sogvpfelrxjwzxyxx5vfzs5bxzbgffuqm4eo2mspti3huo4gvm3eizen2k3ae5xht2cfk3regoxku5ye6rdpivlgjwktulb2h63qwb2dwmynasaiidyytwmihbrlakvitfuksigqzdwleqwpmkjbmg4dbm4qtngcvrsepxnxs2wb5kka=?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
200 OK 74 B URL
s.viiwmjfw.com/n/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwayzkqjnesdfqxhz3upse3j3fbudrupmleg4lvei446sshafyeu3sgnrilw5qio5wuucfxgi3eyivwsrs526yadvfowm3soj4ba67xkz472ukljfqtoz45tnuyaqa3qe2e3acgkwrxh4pj7xzxlecsmxag2zs6mb7x2u2dlr5hsyl6offdmbl6hyqdi52fcrkqesyrifrbg7s3p76fgsgrmlewz2slx5h6u4csqzhfd7cuzdp3ky7sogvpfelrxjwzxyxx5vfzs5bxzbgffuqm4eo2mspti3huo4gvm3eizen2k3ae5xht2cfk3regoxku5ye6rdpivlgjwktulb2h63qwb2dwmynasaiidyytwmihbrlakvitfuksigqzdwleqwpmkjbmg4dbm4qtngcvrsepxnxs2wb5kka=?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE}
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-06
Last Seen 2025-08-02
Times Seen 2649
Size 74 B (74 bytes)
MD5 9e24e19b024c44b778301d880bd8e6f4
SHA1 d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
SHA256 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
Certificate Info
Issuer Google Trust Services
Subject viiwmjfw.com
Fingerprint 4F:F8:D0:0E:7B:61:2E:76:52:89:C4:C1:31:AA:F4:67:A9:82:69:54
Validity Sun, 22 Jun 2025 16:48:01 GMT - Sat, 20 Sep 2025 17:46:40 GMT
GET /n/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwayzkqjnesdfqxhz3upse3j3fbudrupmleg4lvei446sshafyeu3sgnrilw5qio5wuucfxgi3eyivwsrs526yadvfowm3soj4ba67xkz472ukljfqtoz45tnuyaqa3qe2e3acgkwrxh4pj7xzxlecsmxag2zs6mb7x2u2dlr5hsyl6offdmbl6hyqdi52fcrkqesyrifrbg7s3p76fgsgrmlewz2slx5h6u4csqzhfd7cuzdp3ky7sogvpfelrxjwzxyxx5vfzs5bxzbgffuqm4eo2mspti3huo4gvm3eizen2k3ae5xht2cfk3regoxku5ye6rdpivlgjwktulb2h63qwb2dwmynasaiidyytwmihbrlakvitfuksigqzdwleqwpmkjbmg4dbm4qtngcvrsepxnxs2wb5kka=?cur=${AUCTION_CURRENCY}&bid=${AUCTION_PRICE} HTTP/1.1
Host: s.viiwmjfw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VG%2FcYVhuTV6O%2FTEBa6IqZxpnb3WHxeD%2FvOcaBMZlC1F9cziG76duo%2B6%2BJfN%2BYeT%2FkswZ65FAAIrMFNn%2FEdnHh1WsGpcLNIT6%2FFZl1jj4aObc9I9jsn2Weh78wLl9J9x3IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
cf-ray: 954234630a370b3d-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5747&min_rtt=529&rtt_var=4547&sent=63&recv=77&lost=0&retrans=0&sent_bytes=6474&recv_bytes=6327&delivery_rate=450645&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15488&unsent_bytes=0&cid=096908dd0ca3541e&ts=358&inflight_dur=45&x=44"
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 6ec093d10ef43ee6ef2620a55e1043ca
SHA1 bcf1caba62da38e805faea4fd9e4774e4f6b4c40
SHA256 57f4204afa2b1e87b5d85bcd82d9b90ca5c36f0cf10024d2ea55efd22d20f495
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
x-route-id: script
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=25062302178fbe6a1607704c56b5be01561a; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=udvDNaHgBRlMc9Eobgvy6EX1tAPkHbwz%2BAThrQ0bLokIqZcuqZoD4icgGxbBuG%2FovcSPmV%2B5OdSNGZWdYHdVUm8eIE0Chf%2B23xlEXg7f%2BPqkr4c%2BNg%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d4e7656bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET vast.yomeno.xyz/vast?spot_id=1426464&utm_content=103417326
200 OK 22 kB URL
vast.yomeno.xyz/vast?spot_id=1426464&utm_content=103417326
IP / ASN
62.122.173.18
#50245 Serverel Inc.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (2573)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 22 kB (21715 bytes)
MD5 dabfd2fd7046f76d3216163bc57c952e
SHA1 641b0ac62e1fc01128b2e66aef81497078280593
SHA256 90a393b53b13f1ba62befd4be4e34bea8a594f6e69c341ef6179b0fbe0360b7c
Certificate Info
Issuer Let's Encrypt
Subject vast.yomeno.xyz
Fingerprint 8B:6A:4D:FB:A4:A1:8B:3B:9F:CA:01:82:F0:42:F1:27:57:DE:C7:33
Validity Wed, 04 Jun 2025 03:21:44 GMT - Tue, 02 Sep 2025 03:21:43 GMT
GET /vast?spot_id=1426464&utm_content=103417326 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
GET vast.yomeno.xyz/vast?spot_id=1426464&utm_content=103417326
200 OK 22 kB URL
vast.yomeno.xyz/vast?spot_id=1426464&utm_content=103417326
IP / ASN
62.122.173.18
#50245 Serverel Inc.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (2573)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 22 kB (21714 bytes)
MD5 5132ceaed90b97eead63f4b1426d2f31
SHA1 f25c698002cc5a4ed0272ea7b10003b274d60d62
SHA256 aa2d1cca55a3abb9a53e72045f9a3f618c4a36ad5c42e469167b4ba3e4213e8f
Certificate Info
Issuer Let's Encrypt
Subject vast.yomeno.xyz
Fingerprint 8B:6A:4D:FB:A4:A1:8B:3B:9F:CA:01:82:F0:42:F1:27:57:DE:C7:33
Validity Wed, 04 Jun 2025 03:21:44 GMT - Tue, 02 Sep 2025 03:21:43 GMT
GET /vast?spot_id=1426464&utm_content=103417326 HTTP/1.1
Host: vast.yomeno.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.20.1
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
vary: Accept-Encoding, *
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,
access-control-expose-headers: Content-Length,Content-Range
content-encoding: gzip
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 a2c99d0af20213416a4cd3f1c9914a14
SHA1 f9390c25216bde1d4b03affd3310337d5228b9e6
SHA256 dab7fa81ce0b6321acfb6d405cee413c6ba022881107b5091c60d5d26d30311b
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 276
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=U1pvd%2F4BtA5%2B8vRHJrZnNvluIqP%2FfH3hKn8geWBWneLdlfRo5r88A8a7xm0GZLFKE%2F3AUXB1jDAV2S8OTUyTiJYTkZCOo5ptZ4DlnH9j4kNV"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:12 GMT
d-ipp-uid=a83b5e7e4bb8ce2b791186afb0fad272a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032641937%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:12 GMT
cf-ray: 954234512d5f569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbkome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
302 Found 74 B URL
s.uuidksinc.net/match/1/?cb_url=https%3A%2F%2Fhdbkome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent=
IP / ASN
185.98.54.153
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 74 B (74 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject uuidksinc.net
Fingerprint B2:2C:11:39:BE:ED:2C:65:24:97:47:B9:22:F5:FC:49:D6:D3:C0:6C
Validity Fri, 02 May 2025 23:22:10 GMT - Thu, 31 Jul 2025 23:22:09 GMT
GET /match/1/?cb_url=https%3A%2F%2Fhdbkome.com%2Fsetuid%3F%5BUID%5D&gdpr=0&gdpr_consent= HTTP/1.1
Host: s.uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: nginx/1.23.2
date: Mon, 23 Jun 2025 07:17:12 GMT
content-length: 0
access-control-allow-headers: X-Requested-With, Cache-Control, Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
location: https://hdbkome.com/setuid?bYqBpwWaLE7r8YeClXjN
set-cookie: jcsuuid=bYqBpwWaLE7r8YeClXjN; expires=Tue, 23 Jun 2026 07:17:12 GMT; domain=uuidksinc.net; path=/; secure; SameSite=None
X-Firefox-Spdy: h2
GET tsyndicate.com/api/v2/ssp/set-client-id/X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t?id=bYqBpwWaLE7r8YeClXjN
200 OK 43 B URL
tsyndicate.com/api/v2/ssp/set-client-id/X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t?id=bYqBpwWaLE7r8YeClXjN
IP / ASN
95.216.34.183
#24940 Hetzner Online GmbH
Requested by https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-05-10
Last Seen 2025-08-02
Times Seen 9113
Size 43 B (43 bytes)
MD5 ba036c43037cfe89320d1ef7b64cd43f
SHA1 88c72d3e26047eb1e45e5564a76427734f120efe
SHA256 42cb846e07917f6731406e500f24aeb2e88c42cda124eaa59e08c5331cad8bcb
Certificate Info
Issuer Let's Encrypt
Subject tsyndicate.com
Fingerprint 10:90:2B:70:64:84:EE:7C:A4:28:A7:46:9B:C9:E8:42:65:36:E7:2D
Validity Mon, 23 Jun 2025 00:11:38 GMT - Sun, 21 Sep 2025 00:11:37 GMT
GET /api/v2/ssp/set-client-id/X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t?id=bYqBpwWaLE7r8YeClXjN HTTP/1.1
Host: tsyndicate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: image/gif
content-length: 43
pragma: no-cache
expires: 0
vary: *
x-api-version: 2
set-cookie: ccid-X1Edn2OQGBSoDtSyyVQmYf1FVPo9GS5t=bYqBpwWaLE7r8YeClXjN; path=/; secure; SameSite=None
cache-control: no-cache, no-store, no-transform, must-revalidate, no-transform
x-robots-tag: none, noindex, nofollow
report-to: { "url": "https://pxl.tsyndicate.com/api/v1/heavy-ad/report", "max_age": 86401 }
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
permissions-policy: ch-ua-model=(self "https://tsyndicate.com"), ch-ua-platform-version=(self)
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 1f7bdeb7f8b467d215d2a6eb160ed70e
SHA1 65384d89ac74bc41cf0fe2ad11232511dcac06fb
SHA256 e94d9307d923da16d8fd422a475835445b8627bfa7f5b74b20845108e67c9c6a
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rvf8r9oA%2B1QRxJzpyb5Uzqiq6DZ3QUkSVb5MP011G1QcuFB%2BQAoi6i5K7ygClsc0n5uQVpVG12GKR%2B7WPy%2BLzSVNUljAOkwSHlnBiEkOs0cq3D%2B%2FofnIkEF%2BrCza9lOQATnAWloR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:16 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542346cc992b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1733&min_rtt=459&rtt_var=602&sent=487&recv=574&lost=0&retrans=0&sent_bytes=44605&recv_bytes=44886&delivery_rate=574024&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4974&inflight_dur=182&x=44"
GET cdn.fluidplayer.com/v2/current/fluidplayer.min.js
200 OK 126 kB URL
cdn.fluidplayer.com/v2/current/fluidplayer.min.js
IP / ASN
95.173.205.14
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2023-03-07
Last Seen 2025-07-31
Times Seen 351
Size 126 kB (125605 bytes)
MD5 75fe4c766bbf4b39fe3d753e6a2438a0
SHA1 c08fe1b344edb4f563b019b1d2e4621fd4656a7f
SHA256 6d35529e97ac48abda83c68a13d780e8505ec839865a7fb84a91fde809cc6f14
Certificate Info
Issuer Let's Encrypt
Subject fluidplayer.com
Fingerprint FB:6B:1E:37:55:E2:A1:08:16:79:98:F8:7F:61:16:96:E1:FA:72:0A
Validity Mon, 19 May 2025 07:02:06 GMT - Sun, 17 Aug 2025 07:02:05 GMT
GET /v2/current/fluidplayer.min.js HTTP/1.1
Host: cdn.fluidplayer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript
last-modified: Mon, 23 Mar 2020 11:58:08 GMT
etag: W/"5e78a450-1eaa5"
expires: Thu, 07 Nov 2024 08:32:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
x-77-nzt: EwwBX63NDQH32T4BAAwBuUwKDAH3E0IAAAwBnJIhHwG3AAAAAA
x-77-nzt-ray: 2a494a1582a4753092ff5868d2c18f16
x-77-cache: HIT
x-77-age: 81625
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=SKuWpfTRXbgjgk1sq_qlQt57wVAHtHACQDPmF8d0D7XhjdNXg-3XE3U9HN2QTC04M61mLeCqy1iRdVbL93d5xBdRIsVbX9UDjOj3nsTZP_d5Xg-LAFAGUDxL4rN0eFAT006ZUbiDjydOKVz49znN9nm6UH673E88JehgoyQms7KlLb4UXE2nkQ_v4n2vQR3xTdrJsiBAEgBvUOw4Y2Quxlhe6R94jJWJPsIMPFguldrM1_IISVlCg2Hqh1hIxjhPq0NwJ6anQ2Iiyj-kjbnnegrz1rfe0at1E_G-pcnlqjtiYdwuMRX61vFE7J63PWtDTzRrqlQw2Zk4ExeRIx1hxjLPeMFdOncChmYEUJP34mY1VKrAFCOxDGNfU74JN5beFeizCx-KDP_RYXzDLhLCVM9sHCXYA46ysdVHAKaYq28MuoVPwyXGTCNeCXd-GbG58ulCSmjvl5GVn0Dxaa9lC5Lk-CFNwLqdExzcv4LyybqTLfdcggpGmY2irzyisAeKPFzv0XrCiwQ9zicaIzVnxRmyWo5iw0IshxXuhE_gThzTwiN9X5eGovALVNFqvQ621KXN3g8paB2SQgH_9e1bE_FWaEQ4Wz5MNhiYY1eV14X8b0N7wyqNybVdjiD6oqJbD3yOeexs1v8YVkbYWlqXq0RMAsEE7-3WYMShA6aZovoMWRWOcAASjyW21LPCHQZ9_t9IQoGCgkhFt57d6aD77Y00exso7wCGRGHgizrBv1eel4Xfd_h-7Vyf5bkU28Ozn2N_vmKCI7oVBLQNYjcn2lCaZAXLKhmg3ZJRQKHjIKOFbDW79WY=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=SKuWpfTRXbgjgk1sq_qlQt57wVAHtHACQDPmF8d0D7XhjdNXg-3XE3U9HN2QTC04M61mLeCqy1iRdVbL93d5xBdRIsVbX9UDjOj3nsTZP_d5Xg-LAFAGUDxL4rN0eFAT006ZUbiDjydOKVz49znN9nm6UH673E88JehgoyQms7KlLb4UXE2nkQ_v4n2vQR3xTdrJsiBAEgBvUOw4Y2Quxlhe6R94jJWJPsIMPFguldrM1_IISVlCg2Hqh1hIxjhPq0NwJ6anQ2Iiyj-kjbnnegrz1rfe0at1E_G-pcnlqjtiYdwuMRX61vFE7J63PWtDTzRrqlQw2Zk4ExeRIx1hxjLPeMFdOncChmYEUJP34mY1VKrAFCOxDGNfU74JN5beFeizCx-KDP_RYXzDLhLCVM9sHCXYA46ysdVHAKaYq28MuoVPwyXGTCNeCXd-GbG58ulCSmjvl5GVn0Dxaa9lC5Lk-CFNwLqdExzcv4LyybqTLfdcggpGmY2irzyisAeKPFzv0XrCiwQ9zicaIzVnxRmyWo5iw0IshxXuhE_gThzTwiN9X5eGovALVNFqvQ621KXN3g8paB2SQgH_9e1bE_FWaEQ4Wz5MNhiYY1eV14X8b0N7wyqNybVdjiD6oqJbD3yOeexs1v8YVkbYWlqXq0RMAsEE7-3WYMShA6aZovoMWRWOcAASjyW21LPCHQZ9_t9IQoGCgkhFt57d6aD77Y00exso7wCGRGHgizrBv1eel4Xfd_h-7Vyf5bkU28Ozn2N_vmKCI7oVBLQNYjcn2lCaZAXLKhmg3ZJRQKHjIKOFbDW79WY=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=SKuWpfTRXbgjgk1sq_qlQt57wVAHtHACQDPmF8d0D7XhjdNXg-3XE3U9HN2QTC04M61mLeCqy1iRdVbL93d5xBdRIsVbX9UDjOj3nsTZP_d5Xg-LAFAGUDxL4rN0eFAT006ZUbiDjydOKVz49znN9nm6UH673E88JehgoyQms7KlLb4UXE2nkQ_v4n2vQR3xTdrJsiBAEgBvUOw4Y2Quxlhe6R94jJWJPsIMPFguldrM1_IISVlCg2Hqh1hIxjhPq0NwJ6anQ2Iiyj-kjbnnegrz1rfe0at1E_G-pcnlqjtiYdwuMRX61vFE7J63PWtDTzRrqlQw2Zk4ExeRIx1hxjLPeMFdOncChmYEUJP34mY1VKrAFCOxDGNfU74JN5beFeizCx-KDP_RYXzDLhLCVM9sHCXYA46ysdVHAKaYq28MuoVPwyXGTCNeCXd-GbG58ulCSmjvl5GVn0Dxaa9lC5Lk-CFNwLqdExzcv4LyybqTLfdcggpGmY2irzyisAeKPFzv0XrCiwQ9zicaIzVnxRmyWo5iw0IshxXuhE_gThzTwiN9X5eGovALVNFqvQ621KXN3g8paB2SQgH_9e1bE_FWaEQ4Wz5MNhiYY1eV14X8b0N7wyqNybVdjiD6oqJbD3yOeexs1v8YVkbYWlqXq0RMAsEE7-3WYMShA6aZovoMWRWOcAASjyW21LPCHQZ9_t9IQoGCgkhFt57d6aD77Y00exso7wCGRGHgizrBv1eel4Xfd_h-7Vyf5bkU28Ozn2N_vmKCI7oVBLQNYjcn2lCaZAXLKhmg3ZJRQKHjIKOFbDW79WY= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET s.viiwmjfw.com/i/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwgqzkqjnesdfqxhz3upse3j3fbudrupm7eg4lveljqqbshehyjgu67iajso5xqozwuusawikk2a3h6j4yjmvkdvf3wbutq63zz74knqzchtwsinfjuowl6pjrhs4scmqah4yjbmryboeibazdbgt3ajeuvo5apmr7hb4lun3jex2cj4jylumpflnc6oqdyzvq3txfspgihhexeq5w2aseu57imwsfqkujma52xvqb4ucw7i5v6kzuzodvhyuoqj2klrd4sjx4wlroy62jlbrnfohvtfzmqqtf3vduktxgxhit427sernccpazbeobda4nb2ki2bv2qc23pfansqdzjh7kwom62o546e5kjhmksrmcowwr6fhouzwpnicy=
200 OK 74 B URL
s.viiwmjfw.com/i/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwgqzkqjnesdfqxhz3upse3j3fbudrupm7eg4lveljqqbshehyjgu67iajso5xqozwuusawikk2a3h6j4yjmvkdvf3wbutq63zz74knqzchtwsinfjuowl6pjrhs4scmqah4yjbmryboeibazdbgt3ajeuvo5apmr7hb4lun3jex2cj4jylumpflnc6oqdyzvq3txfspgihhexeq5w2aseu57imwsfqkujma52xvqb4ucw7i5v6kzuzodvhyuoqj2klrd4sjx4wlroy62jlbrnfohvtfzmqqtf3vduktxgxhit427sernccpazbeobda4nb2ki2bv2qc23pfansqdzjh7kwom62o546e5kjhmksrmcowwr6fhouzwpnicy=
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-06
Last Seen 2025-08-02
Times Seen 2649
Size 74 B (74 bytes)
MD5 9e24e19b024c44b778301d880bd8e6f4
SHA1 d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
SHA256 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
Certificate Info
Issuer Google Trust Services
Subject viiwmjfw.com
Fingerprint 4F:F8:D0:0E:7B:61:2E:76:52:89:C4:C1:31:AA:F4:67:A9:82:69:54
Validity Sun, 22 Jun 2025 16:48:01 GMT - Sat, 20 Sep 2025 17:46:40 GMT
GET /i/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwgqzkqjnesdfqxhz3upse3j3fbudrupm7eg4lveljqqbshehyjgu67iajso5xqozwuusawikk2a3h6j4yjmvkdvf3wbutq63zz74knqzchtwsinfjuowl6pjrhs4scmqah4yjbmryboeibazdbgt3ajeuvo5apmr7hb4lun3jex2cj4jylumpflnc6oqdyzvq3txfspgihhexeq5w2aseu57imwsfqkujma52xvqb4ucw7i5v6kzuzodvhyuoqj2klrd4sjx4wlroy62jlbrnfohvtfzmqqtf3vduktxgxhit427sernccpazbeobda4nb2ki2bv2qc23pfansqdzjh7kwom62o546e5kjhmksrmcowwr6fhouzwpnicy= HTTP/1.1
Host: s.viiwmjfw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 74
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kukEcsyNetYsuhXoDCq%2FvwVwX%2BMYmhgEYZk7jsBBO71Bo3X31BJdcw75fM7ZEJuFFdVzLVHcaWpRIZy7NPCNuVAdrI8%2BVAifS56wqy6zwbMk0e%2BBbWgXlhWQzU3TLOEvlA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
cf-ray: 954234630a380b3d-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5747&min_rtt=529&rtt_var=4547&sent=64&recv=77&lost=0&retrans=0&sent_bytes=7201&recv_bytes=6327&delivery_rate=450645&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15488&unsent_bytes=0&cid=096908dd0ca3541e&ts=362&inflight_dur=45&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 36 B (36 bytes)
MD5 60d0a73b9975927fc70d56c883c7a669
SHA1 41536619c106daba74ad150e4d5c7f37e8d887f2
SHA256 5206749e108009f7ab54c4e91fba00579bf2ddd297e1a39601982a114d40cd38
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8Bqek8gVTUhQ49ymSB5yE0Ksppq7yDvnlYzgJKsSzjQu8oRBBHDwy8rzm9WZhsa5a1iUyWWT4V1RGRmHLQfw29r7jzLCfkNkZFFMirFoMwWdZrlKqnl1Zw%2B46ksMrMD9aOuDz9cZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234633a8656ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4546&min_rtt=1616&rtt_var=1537&sent=30&recv=20&lost=0&retrans=0&sent_bytes=9182&recv_bytes=4712&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2062&inflight_dur=89&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 42a93b9e1930392a29e9eb04913d7445
SHA1 4cbcb71469394cde5cd815dd5ba3cb69564ec618
SHA256 7f04e5c83cd0c69fbb7709d68600cfbfc4f7adce2db1e0a921f6d2a8acd3aa85
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9puW1qw7gYYQ8mX4ygvwJhlT%2Frvs9L86zyPy5%2FWp1LlJArwDoibs71vVLkXEzJIn%2FvY6WpoJi05%2BVYOmAkhpGF%2F9k%2F1XjTYOujl9zdKzuV67swqaanUWaTtne6Q7Rk73BaCKB3Dt"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234634a8756ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4376&min_rtt=1616&rtt_var=1493&sent=33&recv=21&lost=0&retrans=0&sent_bytes=10661&recv_bytes=4756&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2077&inflight_dur=103&x=44"
GET nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=231
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=231
IP / ASN
172.240.127.234
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fssp%2Fvpn%2Fclassic-push%2Fsmall%2Fjs%2Fscript.js&l=962&fd=231 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 23 Jun 2025 07:17:16 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET 31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_182_1&subid=103417326
200 OK 82 kB URL
31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_182_1&subid=103417326
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 82 kB (82112 bytes)
MD5 170302c9eefff49367348506d8779670
SHA1 d61da6c8c4c4c0d0d3f8e5934a104fe884315ea1
SHA256 d32a278b0223dd5895dc4af5a0b69c0dc714d36a4fefd0e59c53d78c25efebaf
Certificate Info
Issuer Let's Encrypt
Subject *.2489may2024.com
Fingerprint 22:A9:F0:36:70:DF:BB:11:76:A1:88:3A:63:75:CE:C7:A8:54:39:A5
Validity Thu, 29 May 2025 20:24:42 GMT - Wed, 27 Aug 2025 20:24:41 GMT
GET /v2/a/na/js/247450?container=clck_ntv_182_1&subid=103417326 HTTP/1.1
Host: 31474.2489may2024.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19537
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=FV-ey3rONGQebmHXc1QjLdxlQz5SPCQMB5Fooq7ckp3JJv2VJsAQ_AWf7gATBE_jsy8HDxgFoQkBdiWQ_Uh6mw-ZHdK2znpeQPHtdqfSqeKCcuzBchmx2Iihy9PX7OacUgJ-OJfG9wtU1FBjmOWW11hpx6RmziYZKVznCyT30ZRFnCjqmHBTBOb6pGq9Js9yDPnqsSnU1YLUmAJZUDhk1te6Acej0i3xDPoP0U6bzutgXie-ApZUngJCPyd9-SrQBYhD_X5_Zc2R0tAvQCclgI2CnxtDTCCHCh-WeZHGQR5oj0zrHeCyfzKCN4sWh2R1p7NlSMDl-uw_ww-PHnTOy3gIU1jlQERNG3rP9hgkZitQ3qkElvrNPaRL8br2x5c1qYu2GuRxEyLqgdTUtUfHp_EINDWv6cuo4bXmSYwy_bRTT6GiVRCv-7NtVREzocknH44nU0e9QNESp-SRGegs6PWxE63kOTHE5g3ZUqSoQXyRLHsf1sZJ8WY3AtU8iP8pXpqZoAo63qsUAt7Mbv1URoyV7I_lguNyDa24i3C2eo0uI0GyzS-2ZdNn9s5PZqm0vqxZYL4PmEU0RE7sywvC3PGrETjpbVHLdZQ9Q13dHTGclhEyK-Q_Z66RvyWflXhjC_uJt-8j1wSee0AXFCrqT-lPktUkaLimBugK2gDTlJHlEFUYKH3wP8ps9Vf3k-SNmDOgDekSiATnSXq_s_Nv0-WCbgNdq7PpxiMoDZ2UJl6qiB_c0Xbx-YGPNCqwFm52wW_yyUJVjmelOqU2L_EugPVKmMF--nQCIMmZN4ERIHXgzu1JoPM=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=FV-ey3rONGQebmHXc1QjLdxlQz5SPCQMB5Fooq7ckp3JJv2VJsAQ_AWf7gATBE_jsy8HDxgFoQkBdiWQ_Uh6mw-ZHdK2znpeQPHtdqfSqeKCcuzBchmx2Iihy9PX7OacUgJ-OJfG9wtU1FBjmOWW11hpx6RmziYZKVznCyT30ZRFnCjqmHBTBOb6pGq9Js9yDPnqsSnU1YLUmAJZUDhk1te6Acej0i3xDPoP0U6bzutgXie-ApZUngJCPyd9-SrQBYhD_X5_Zc2R0tAvQCclgI2CnxtDTCCHCh-WeZHGQR5oj0zrHeCyfzKCN4sWh2R1p7NlSMDl-uw_ww-PHnTOy3gIU1jlQERNG3rP9hgkZitQ3qkElvrNPaRL8br2x5c1qYu2GuRxEyLqgdTUtUfHp_EINDWv6cuo4bXmSYwy_bRTT6GiVRCv-7NtVREzocknH44nU0e9QNESp-SRGegs6PWxE63kOTHE5g3ZUqSoQXyRLHsf1sZJ8WY3AtU8iP8pXpqZoAo63qsUAt7Mbv1URoyV7I_lguNyDa24i3C2eo0uI0GyzS-2ZdNn9s5PZqm0vqxZYL4PmEU0RE7sywvC3PGrETjpbVHLdZQ9Q13dHTGclhEyK-Q_Z66RvyWflXhjC_uJt-8j1wSee0AXFCrqT-lPktUkaLimBugK2gDTlJHlEFUYKH3wP8ps9Vf3k-SNmDOgDekSiATnSXq_s_Nv0-WCbgNdq7PpxiMoDZ2UJl6qiB_c0Xbx-YGPNCqwFm52wW_yyUJVjmelOqU2L_EugPVKmMF--nQCIMmZN4ERIHXgzu1JoPM=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=FV-ey3rONGQebmHXc1QjLdxlQz5SPCQMB5Fooq7ckp3JJv2VJsAQ_AWf7gATBE_jsy8HDxgFoQkBdiWQ_Uh6mw-ZHdK2znpeQPHtdqfSqeKCcuzBchmx2Iihy9PX7OacUgJ-OJfG9wtU1FBjmOWW11hpx6RmziYZKVznCyT30ZRFnCjqmHBTBOb6pGq9Js9yDPnqsSnU1YLUmAJZUDhk1te6Acej0i3xDPoP0U6bzutgXie-ApZUngJCPyd9-SrQBYhD_X5_Zc2R0tAvQCclgI2CnxtDTCCHCh-WeZHGQR5oj0zrHeCyfzKCN4sWh2R1p7NlSMDl-uw_ww-PHnTOy3gIU1jlQERNG3rP9hgkZitQ3qkElvrNPaRL8br2x5c1qYu2GuRxEyLqgdTUtUfHp_EINDWv6cuo4bXmSYwy_bRTT6GiVRCv-7NtVREzocknH44nU0e9QNESp-SRGegs6PWxE63kOTHE5g3ZUqSoQXyRLHsf1sZJ8WY3AtU8iP8pXpqZoAo63qsUAt7Mbv1URoyV7I_lguNyDa24i3C2eo0uI0GyzS-2ZdNn9s5PZqm0vqxZYL4PmEU0RE7sywvC3PGrETjpbVHLdZQ9Q13dHTGclhEyK-Q_Z66RvyWflXhjC_uJt-8j1wSee0AXFCrqT-lPktUkaLimBugK2gDTlJHlEFUYKH3wP8ps9Vf3k-SNmDOgDekSiATnSXq_s_Nv0-WCbgNdq7PpxiMoDZ2UJl6qiB_c0Xbx-YGPNCqwFm52wW_yyUJVjmelOqU2L_EugPVKmMF--nQCIMmZN4ERIHXgzu1JoPM= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 36e1d7414f4a95f54d346ad9771642c0
SHA1 c4d18c912b1db4467618f44f74f014570bbf7c42
SHA256 a21a38e44fc1ee2fb76fc2788648f5fc05761a584cce8864c9c4de0f20d526f4
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rk8ui4ycr6Hl8x8dfk65eF9rYWxVhfkkuv%2BtPMiFV0F%2BxgUjaDwVZXiT4h7hjlvcPV7Dlz%2B4KuKKvfeemHN%2BYwSPO7zWFO%2FUl2FJi1C7y2zgrlkWm66N0Jpo1Jorqo6Wy7IdIMGS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:13 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423457d8f9b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2713&min_rtt=459&rtt_var=2317&sent=446&recv=543&lost=0&retrans=0&sent_bytes=28445&recv_bytes=30379&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=1618&inflight_dur=60&x=44"
GET 29177717-31474-1948.supopurytheals.com/v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L5cMmvkz5JiPNpORJ8lypFO9L7fTHJnw5LVW7Oy5Y3a3EaTBNN8Oi9oLH4QO6cYJF8H1aD588V5sdgf9eO6c5Dyftj9HMsqjd9Y6lWqlOf5yucPyDCHqV5BKRNuiY2QckL0xIhmo1fMl1p6CxlUjPVCfz8r1dPcrodqqj8T0WZ5yr0JWnViGc244TJcTZrNqudEzCc1vXnw0mEgk5tp4y_wEALSQ2WmWvJXaiDygI_JipfF0NTekzKMvT39SC8Qyl-WipIUVJtFVnpq_QZpW3HiEJSv5ajEFWqbOpZMlgV_9KIVgGxrH4Z3co7mcOhHJJMU21Pi0QBWYx-3zVL5zIcyoECBy_tpRJA042MU-FTNEqm59-BSOAERXpFSXyYjhLHzpi-_Fj-82RzCHobv-wCu-AD5N_arVs3UJ3cuhjI0ZmGvQPkWOCW6Fy7zCWof7rseBtVaq7Ph7di3vVjgoyoCOJYBLbYohmFEsuxwg8EaEWDL4QxFtCNIWdam2-sWThCyOOnXQBHnJCuAle_HAqPBXjEw_v6A5vog0uCDWEkZhmz8V18pEy64idNZ2S9cyzCp61wNGzF_22NAph6BwOis2dolonWovySfehYO0iyLsBlsBDJgZdiqzQ6xD3HOtY3clTp5nxqAMgds59lm5uTmlVr1FtdjmIRWdceT8IFF_M_pYFmm7-1cL8rrVSJ1sgqbVCxfKLdxYpsqOJ7AvQGHhaFTswtVYODU95FNKOgRQ1RV7lmQPTdrCtRiEt0kJHNQ8c2oB9HBU4zswASlRJgNHe3a-gDUwMqW__rZ7Z4hpJoHSBsZmjpZkCzNmJZUSiGR2nHBIh8OPSRpoNZf3jBADX60DMNtarYdVmCguK59zvfrL1_wFyG2nLnFJuDWyWSuDMox_U9Z4voTSmW__44-fIgOjWoqap67piDDrd6szlH3rnxv1zAdfustYmuUyOoGnux0c5x4xBWLh8SdFTf8lYkwHGQ6rwpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw37TtdAbmZUR_XHIjQvdeZJ58kxgU
200 OK 68 B URL
29177717-31474-1948.supopurytheals.com/v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L5cMmvkz5JiPNpORJ8lypFO9L7fTHJnw5LVW7Oy5Y3a3EaTBNN8Oi9oLH4QO6cYJF8H1aD588V5sdgf9eO6c5Dyftj9HMsqjd9Y6lWqlOf5yucPyDCHqV5BKRNuiY2QckL0xIhmo1fMl1p6CxlUjPVCfz8r1dPcrodqqj8T0WZ5yr0JWnViGc244TJcTZrNqudEzCc1vXnw0mEgk5tp4y_wEALSQ2WmWvJXaiDygI_JipfF0NTekzKMvT39SC8Qyl-WipIUVJtFVnpq_QZpW3HiEJSv5ajEFWqbOpZMlgV_9KIVgGxrH4Z3co7mcOhHJJMU21Pi0QBWYx-3zVL5zIcyoECBy_tpRJA042MU-FTNEqm59-BSOAERXpFSXyYjhLHzpi-_Fj-82RzCHobv-wCu-AD5N_arVs3UJ3cuhjI0ZmGvQPkWOCW6Fy7zCWof7rseBtVaq7Ph7di3vVjgoyoCOJYBLbYohmFEsuxwg8EaEWDL4QxFtCNIWdam2-sWThCyOOnXQBHnJCuAle_HAqPBXjEw_v6A5vog0uCDWEkZhmz8V18pEy64idNZ2S9cyzCp61wNGzF_22NAph6BwOis2dolonWovySfehYO0iyLsBlsBDJgZdiqzQ6xD3HOtY3clTp5nxqAMgds59lm5uTmlVr1FtdjmIRWdceT8IFF_M_pYFmm7-1cL8rrVSJ1sgqbVCxfKLdxYpsqOJ7AvQGHhaFTswtVYODU95FNKOgRQ1RV7lmQPTdrCtRiEt0kJHNQ8c2oB9HBU4zswASlRJgNHe3a-gDUwMqW__rZ7Z4hpJoHSBsZmjpZkCzNmJZUSiGR2nHBIh8OPSRpoNZf3jBADX60DMNtarYdVmCguK59zvfrL1_wFyG2nLnFJuDWyWSuDMox_U9Z4voTSmW__44-fIgOjWoqap67piDDrd6szlH3rnxv1zAdfustYmuUyOoGnux0c5x4xBWLh8SdFTf8lYkwHGQ6rwpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw37TtdAbmZUR_XHIjQvdeZJ58kxgU
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 17333
Size 68 B (68 bytes)
MD5 91e42db1c66c0b276abf6234dc50b2eb
SHA1 c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
SHA256 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Certificate Info
Issuer Let's Encrypt
Subject *.supopurytheals.com
Fingerprint DB:E4:46:06:D3:D5:DE:03:9F:3F:A8:8E:65:3C:34:C6:45:C2:54:7D
Validity Mon, 12 May 2025 14:45:24 GMT - Sun, 10 Aug 2025 14:45:23 GMT
GET /v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L5cMmvkz5JiPNpORJ8lypFO9L7fTHJnw5LVW7Oy5Y3a3EaTBNN8Oi9oLH4QO6cYJF8H1aD588V5sdgf9eO6c5Dyftj9HMsqjd9Y6lWqlOf5yucPyDCHqV5BKRNuiY2QckL0xIhmo1fMl1p6CxlUjPVCfz8r1dPcrodqqj8T0WZ5yr0JWnViGc244TJcTZrNqudEzCc1vXnw0mEgk5tp4y_wEALSQ2WmWvJXaiDygI_JipfF0NTekzKMvT39SC8Qyl-WipIUVJtFVnpq_QZpW3HiEJSv5ajEFWqbOpZMlgV_9KIVgGxrH4Z3co7mcOhHJJMU21Pi0QBWYx-3zVL5zIcyoECBy_tpRJA042MU-FTNEqm59-BSOAERXpFSXyYjhLHzpi-_Fj-82RzCHobv-wCu-AD5N_arVs3UJ3cuhjI0ZmGvQPkWOCW6Fy7zCWof7rseBtVaq7Ph7di3vVjgoyoCOJYBLbYohmFEsuxwg8EaEWDL4QxFtCNIWdam2-sWThCyOOnXQBHnJCuAle_HAqPBXjEw_v6A5vog0uCDWEkZhmz8V18pEy64idNZ2S9cyzCp61wNGzF_22NAph6BwOis2dolonWovySfehYO0iyLsBlsBDJgZdiqzQ6xD3HOtY3clTp5nxqAMgds59lm5uTmlVr1FtdjmIRWdceT8IFF_M_pYFmm7-1cL8rrVSJ1sgqbVCxfKLdxYpsqOJ7AvQGHhaFTswtVYODU95FNKOgRQ1RV7lmQPTdrCtRiEt0kJHNQ8c2oB9HBU4zswASlRJgNHe3a-gDUwMqW__rZ7Z4hpJoHSBsZmjpZkCzNmJZUSiGR2nHBIh8OPSRpoNZf3jBADX60DMNtarYdVmCguK59zvfrL1_wFyG2nLnFJuDWyWSuDMox_U9Z4voTSmW__44-fIgOjWoqap67piDDrd6szlH3rnxv1zAdfustYmuUyOoGnux0c5x4xBWLh8SdFTf8lYkwHGQ6rwpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw37TtdAbmZUR_XHIjQvdeZJ58kxgU HTTP/1.1
Host: 29177717-31474-1948.supopurytheals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 68
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd05nMuIdlf0p0TeLuSgRP1VXVkzI1XW1V9_RkRAgGZY8jXjxJ5Ztkg-si6x8gyIy3oOB4ymFz8U8QFjwpPRkYfVDvR32v4Pveqy8PijMSoaCnm-_pgVSKLq_U_drrWzLlurS19bu1wK_7l2pbMm1Gl2r9ypneW0Ejqvtv1N4WbEcvh37g-4Ef1G5KIxLdX56hkNnDdlBv-_UorAcrEfrm_7UtPFjqgffOyAuQfPrsn8lHkGyMtPvourA7uc7evNEtFM21QY8ff5DupLpM0V2kifGQpMfzbmg7JeSbJej0eK4AundYKUAsp2Tp5ceI0-M5TcS9o3OmsYJIEfOnUfbGEGoMScdgeh-S_04AxrG-gbR7f12bku6eo7RCp-Tik78gyym5-PhFpN0frirZr93RqsilTi36iYPsjyE7Y2TFBPlgCbKcgOWfQ_LfyPKTW0i7hxtWaUjuZuplMoYSQ1DroaiO9FAkHorMQ5ef1iK_FbGANppJm7NVP6JRxEXst1uh79M2W0XBKmpD5NkQTA3BzB4ys4cdOYQpfobddrDcg82nxHt_Dz3uUAqC0hKUlKCUBGVOUPbcEVc2tO4-V7aIg3kM57HhRjrvHNAjnXdESkDNEIa7Q5l9YvfB8gujQWL5SFeOxrkb0Zi7g-yMPF9NzvvsW4IdcVoLg2Q1atEVEYSM-2ylTdvNRhiyqNUKRTNow0oHaZdmAxnIKbn24CVkcko8PIWYTmDVBEw-B1q8Clo60G2HQfpoW-c05R1plK1bmQtw7ZDlF5HvegfqjLwy29-Vv7-GYCeXJ42ZgRmHzDh8LH8h6Kh7o9u6JIe3dWnJjxtZLrtyQKvd3slpLi48eFfsltrwtet2-N0VVgFV-vCusPktmnKZdiz5_qrkXJib2jBBflqzWyLeLOz21cKkRXZr89rNtW5mhLVSp2PQStinv4LJKXnmnRuzf_va2heQZgxTOHSLEzI3SD0By_ZgswV_qwmMWvTEmYeycCMTxotLJQmUWNQ0drD_qeNFPjK0ek2lO7D30DEeaL6PtOvQMw495UDVELa4MMozc3L5jzmNWHmjWBnvMFZGfXU-ZitPa0lDhMz3W6vNoNFKRNCIOEtWWlGbN6nfaAjkdrr94T-7_wYAAP__ta_NppkEAAA=
200 OK 0 B URL
nannyirrationalacquainted.com/impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd05nMuIdlf0p0TeLuSgRP1VXVkzI1XW1V9_RkRAgGZY8jXjxJ5Ztkg-si6x8gyIy3oOB4ymFz8U8QFjwpPRkYfVDvR32v4Pveqy8PijMSoaCnm-_pgVSKLq_U_drrWzLlurS19bu1wK_7l2pbMm1Gl2r9ypneW0Ejqvtv1N4WbEcvh37g-4Ef1G5KIxLdX56hkNnDdlBv-_UorAcrEfrm_7UtPFjqgffOyAuQfPrsn8lHkGyMtPvourA7uc7evNEtFM21QY8ff5DupLpM0V2kifGQpMfzbmg7JeSbJej0eK4AundYKUAsp2Tp5ceI0-M5TcS9o3OmsYJIEfOnUfbGEGoMScdgeh-S_04AxrG-gbR7f12bku6eo7RCp-Tik78gyym5-PhFpN0frirZr93RqsilTi36iYPsjyE7Y2TFBPlgCbKcgOWfQ_LfyPKTW0i7hxtWaUjuZuplMoYSQ1DroaiO9FAkHorMQ5ef1iK_FbGANppJm7NVP6JRxEXst1uh79M2W0XBKmpD5NkQTA3BzB4ys4cdOYQpfobddrDcg82nxHt_Dz3uUAqC0hKUlKCUBGVOUPbcEVc2tO4-V7aIg3kM57HhRjrvHNAjnXdESkDNEIa7Q5l9YvfB8gujQWL5SFeOxrkb0Zi7g-yMPF9NzvvsW4IdcVoLg2Q1atEVEYSM-2ylTdvNRhiyqNUKRTNow0oHaZdmAxnIKbn24CVkcko8PIWYTmDVBEw-B1q8Clo60G2HQfpoW-c05R1plK1bmQtw7ZDlF5HvegfqjLwy29-Vv7-GYCeXJ42ZgRmHzDh8LH8h6Kh7o9u6JIe3dWnJjxtZLrtyQKvd3slpLi48eFfsltrwtet2-N0VVgFV-vCusPktmnKZdiz5_qrkXJib2jBBflqzWyLeLOz21cKkRXZr89rNtW5mhLVSp2PQStinv4LJKXnmnRuzf_va2heQZgxTOHSLEzI3SD0By_ZgswV_qwmMWvTEmYeycCMTxotLJQmUWNQ0drD_qeNFPjK0ek2lO7D30DEeaL6PtOvQMw495UDVELa4MMozc3L5jzmNWHmjWBnvMFZGfXU-ZitPa0lDhMz3W6vNoNFKRNCIOEtWWlGbN6nfaAjkdrr94T-7_wYAAP__ta_NppkEAAA=
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC_1RSz2skRRSuzu5FFPyBehFhDh4UZNLd05nMuIdlf0p0TeLuSgRP1VXVkzI1XW1V9_RkRAgGZY8jXjxJ5Ztkg-si6x8gyIy3oOB4ymFz8U8QFjwpPRkYfVDvR32v4Pveqy8PijMSoaCnm-_pgVSKLq_U_drrWzLlurS19bu1wK_7l2pbMm1Gl2r9ypneW0Ejqvtv1N4WbEcvh37g-4Ef1G5KIxLdX56hkNnDdlBv-_UorAcrEfrm_7UtPFjqgffOyAuQfPrsn8lHkGyMtPvourA7uc7evNEtFM21QY8ff5DupLpM0V2kifGQpMfzbmg7JeSbJej0eK4AundYKUAsp2Tp5ceI0-M5TcS9o3OmsYJIEfOnUfbGEGoMScdgeh-S_04AxrG-gbR7f12bku6eo7RCp-Tik78gyym5-PhFpN0frirZr93RqsilTi36iYPsjyE7Y2TFBPlgCbKcgOWfQ_LfyPKTW0i7hxtWaUjuZuplMoYSQ1DroaiO9FAkHorMQ5ef1iK_FbGANppJm7NVP6JRxEXst1uh79M2W0XBKmpD5NkQTA3BzB4ys4cdOYQpfobddrDcg82nxHt_Dz3uUAqC0hKUlKCUBGVOUPbcEVc2tO4-V7aIg3kM57HhRjrvHNAjnXdESkDNEIa7Q5l9YvfB8gujQWL5SFeOxrkb0Zi7g-yMPF9NzvvsW4IdcVoLg2Q1atEVEYSM-2ylTdvNRhiyqNUKRTNow0oHaZdmAxnIKbn24CVkcko8PIWYTmDVBEw-B1q8Clo60G2HQfpoW-c05R1plK1bmQtw7ZDlF5HvegfqjLwy29-Vv7-GYCeXJ42ZgRmHzDh8LH8h6Kh7o9u6JIe3dWnJjxtZLrtyQKvd3slpLi48eFfsltrwtet2-N0VVgFV-vCusPktmnKZdiz5_qrkXJib2jBBflqzWyLeLOz21cKkRXZr89rNtW5mhLVSp2PQStinv4LJKXnmnRuzf_va2heQZgxTOHSLEzI3SD0By_ZgswV_qwmMWvTEmYeycCMTxotLJQmUWNQ0drD_qeNFPjK0ek2lO7D30DEeaL6PtOvQMw495UDVELa4MMozc3L5jzmNWHmjWBnvMFZGfXU-ZitPa0lDhMz3W6vNoNFKRNCIOEtWWlGbN6nfaAjkdrr94T-7_wYAAP__ta_NppkEAAA= HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:16 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: d0e8e95142f73aef1b6e79665e7e8e29
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-11
Times Seen 3
Size 51 B (51 bytes)
MD5 73e6b7ed88462f6bf26e6aa76794a515
SHA1 554a6250e05431b538104b3f4529ebf9da8f24bc
SHA256 ec836ea079cca1b3cedcf5a1d32dc485d1e95f0c4451a1a9b7b8a95aee0098f2
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRp0WGHxo%2BydzxLMnBCg9U3%2BQHq63HcBpttdTskEttTXTmQKtAgM%2FJECodTJWMvsKTGAgE49yNcs790ZUBCEq%2FAcg6BPbYRP6zksei096z7xUyu%2FcuP3oODH0F6ivQ8bs%2B46zji%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:16 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423468e988b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1773&min_rtt=459&rtt_var=1118&sent=480&recv=569&lost=0&retrans=0&sent_bytes=41752&recv_bytes=43102&delivery_rate=574024&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4340&inflight_dur=147&x=44"
GET catastropherectificationamusing.com/sbar.json?key=21f748a5e12cd0c59a96322c4882e619
200 OK 6.0 kB URL
catastropherectificationamusing.com/sbar.json?key=21f748a5e12cd0c59a96322c4882e619
IP / ASN
172.240.108.84
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 6.0 kB (5975 bytes)
MD5 73f7333e1aa724ac00a1395ce491959f
SHA1 86a20132c0c65da80b6e0d85e8bf3b506fbb467a
SHA256 293cb62d3e3ae39f2fad334421f7ce91611f95db15b5b68603017ac5365e1445
Certificate Info
Issuer Let's Encrypt
Subject catastropherectificationamusing.com
Fingerprint 51:BA:E1:9F:B8:18:49:9E:EA:7E:3D:EB:A6:DF:44:1C:21:B9:33:75
Validity Mon, 28 Apr 2025 19:19:39 GMT - Sun, 27 Jul 2025 19:19:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=21f748a5e12cd0c59a96322c4882e619 HTTP/1.1
Host: catastropherectificationamusing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 23 Jun 2025 07:17:13 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
accept-ch: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
custom-referer: https://hotandgirls.site
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
set-cookie: pdhtkv=true; expires=Tue, 24 Jun 2025 07:17:13 GMT; path=/; secure; SameSite=None
uncs=1; expires=Tue, 24 Jun 2025 07:17:13 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Tue, 24 Jun 2025 07:17:13 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Tue, 24 Jun 2025 07:17:13 GMT; path=/; secure; SameSite=None
u_pl25009664=1; expires=Tue, 24 Jun 2025 07:17:13 GMT; path=/; secure; SameSite=None
slec21f748a5e12cd0c59a96322c4882e619=[4323731]; expires=Mon, 23 Jun 2025 07:17:18 GMT; path=/; secure; SameSite=None
x-envoy-upstream-service-time: 220
Host: catastropherectificationamusing.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c8b017dc2653d4fd80c0341e3d9f87c5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 6fcac948df9755258f70b66b9294bd20
SHA1 9f77259c63d8e45ad748cac864c178d62eb90633
SHA256 d5f1f6b441b2148440788593b19fa1b062dfebbcfdd780c6a0cc7c46c8fa2966
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xw%2FwqLUuegoq1r5OpSM4LLhuW5RKY4zXAkreWFvbjixPpFJ70RPHFhanAnlR0lcoZcn6eK%2FcyxlWp%2FqtBDc69KKyvyLJf5KVlXKL3F%2BG%2Bhd0XY5hbbeKvy%2FIWeuLRJhC%2FRsxrlSe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345fa924b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2147&min_rtt=459&rtt_var=1694&sent=458&recv=553&lost=0&retrans=0&sent_bytes=33189&recv_bytes=35437&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2867&inflight_dur=95&x=44"
GET hotandgirls.site/css/add-style.css
200 OK 2.4 kB URL
hotandgirls.site/css/add-style.css
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 9
Size 2.4 kB (2436 bytes)
MD5 11119d5e54558b2f7a2293efe64fbe22
SHA1 6d658f9c06e7a3c0ceea79b77076dfd21e340cfc
SHA256 1a2d046cc45c0bc83376a96747b3a049d272ddc72fb6f0a2847cdb721a3fd0a7
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /css/add-style.css HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: text/css
content-length: 2436
last-modified: Wed, 27 Nov 2024 13:26:41 GMT
etag: "67471e11-984"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=CR5Ko3uW0IE7T5b1VUyUs9EXtJJrdwoy5HcJ04e2RXSZl-_qKyNIeFgavgtanl9xQ2NJByR3S0bzkFY9n0Vt-R54f1N2lgKkclGFHmeJMD6rWz4gfwrbpcT9b3saEN9fHFhF7VaWE84Hb-G1OSL04VH9brb8cDOHA55xkk7QWkLQKiMIvc0-NVCH30BSe5Z8ZqOBErGnwjTVmb_gZyD4IwrlZ8RC44CgiiaCNx-FUBtbqE2-e_6AQfzJgViP8fQFM9szUqHc1UB-es2oHIhEYcdug-j4-PDJdbjKyPiE1p9oU00h92hLuPwOx-VIH6j8w04fXmbLWPUL1RUEu48N40ZVrOZ524f9xut6mnb66wMjVR61p8j9Xxmsn4vRBj9EmA3rQJCLL0UtOBxkyc8975ZIbcliFSvEIBDl9RSPO3jZKOSUQcUtOVpGdFFAKb9Q8XpDJMeMhyrZSuKR_k7N4ctjq7aIIaCB3jyL8ir5FqQ7i3a1vOKuZJO8CpW0X4horb0OjJQarmCOJ-Kt6wDBYotL_ar18h2sbatBth0Yw0R0qZk_3Nrl2L0BjwF0lQW2arPIm2gPHP2j0X90nBVYgc-44lyDhTx4Dij3rmQAno3oY5D9Fn_5fKCJ3RKAofHfIGYNAwsQ2_KU2mPqyycl61kY6pfaKdJ7qf5GJOmcUyBfek9rDedT_SJH6zZX74PXbtt215ByhTlyavr6oASCEzEus0v7MPcXiNA84qLW5pqBdlCLPvy-3TBq_SgbFNkj8EK46C9lyYymn-njRYqTDbJv45ONO2Hf0xUkdvIvliv78C3ATwU=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=CR5Ko3uW0IE7T5b1VUyUs9EXtJJrdwoy5HcJ04e2RXSZl-_qKyNIeFgavgtanl9xQ2NJByR3S0bzkFY9n0Vt-R54f1N2lgKkclGFHmeJMD6rWz4gfwrbpcT9b3saEN9fHFhF7VaWE84Hb-G1OSL04VH9brb8cDOHA55xkk7QWkLQKiMIvc0-NVCH30BSe5Z8ZqOBErGnwjTVmb_gZyD4IwrlZ8RC44CgiiaCNx-FUBtbqE2-e_6AQfzJgViP8fQFM9szUqHc1UB-es2oHIhEYcdug-j4-PDJdbjKyPiE1p9oU00h92hLuPwOx-VIH6j8w04fXmbLWPUL1RUEu48N40ZVrOZ524f9xut6mnb66wMjVR61p8j9Xxmsn4vRBj9EmA3rQJCLL0UtOBxkyc8975ZIbcliFSvEIBDl9RSPO3jZKOSUQcUtOVpGdFFAKb9Q8XpDJMeMhyrZSuKR_k7N4ctjq7aIIaCB3jyL8ir5FqQ7i3a1vOKuZJO8CpW0X4horb0OjJQarmCOJ-Kt6wDBYotL_ar18h2sbatBth0Yw0R0qZk_3Nrl2L0BjwF0lQW2arPIm2gPHP2j0X90nBVYgc-44lyDhTx4Dij3rmQAno3oY5D9Fn_5fKCJ3RKAofHfIGYNAwsQ2_KU2mPqyycl61kY6pfaKdJ7qf5GJOmcUyBfek9rDedT_SJH6zZX74PXbtt215ByhTlyavr6oASCEzEus0v7MPcXiNA84qLW5pqBdlCLPvy-3TBq_SgbFNkj8EK46C9lyYymn-njRYqTDbJv45ONO2Hf0xUkdvIvliv78C3ATwU=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=CR5Ko3uW0IE7T5b1VUyUs9EXtJJrdwoy5HcJ04e2RXSZl-_qKyNIeFgavgtanl9xQ2NJByR3S0bzkFY9n0Vt-R54f1N2lgKkclGFHmeJMD6rWz4gfwrbpcT9b3saEN9fHFhF7VaWE84Hb-G1OSL04VH9brb8cDOHA55xkk7QWkLQKiMIvc0-NVCH30BSe5Z8ZqOBErGnwjTVmb_gZyD4IwrlZ8RC44CgiiaCNx-FUBtbqE2-e_6AQfzJgViP8fQFM9szUqHc1UB-es2oHIhEYcdug-j4-PDJdbjKyPiE1p9oU00h92hLuPwOx-VIH6j8w04fXmbLWPUL1RUEu48N40ZVrOZ524f9xut6mnb66wMjVR61p8j9Xxmsn4vRBj9EmA3rQJCLL0UtOBxkyc8975ZIbcliFSvEIBDl9RSPO3jZKOSUQcUtOVpGdFFAKb9Q8XpDJMeMhyrZSuKR_k7N4ctjq7aIIaCB3jyL8ir5FqQ7i3a1vOKuZJO8CpW0X4horb0OjJQarmCOJ-Kt6wDBYotL_ar18h2sbatBth0Yw0R0qZk_3Nrl2L0BjwF0lQW2arPIm2gPHP2j0X90nBVYgc-44lyDhTx4Dij3rmQAno3oY5D9Fn_5fKCJ3RKAofHfIGYNAwsQ2_KU2mPqyycl61kY6pfaKdJ7qf5GJOmcUyBfek9rDedT_SJH6zZX74PXbtt215ByhTlyavr6oASCEzEus0v7MPcXiNA84qLW5pqBdlCLPvy-3TBq_SgbFNkj8EK46C9lyYymn-njRYqTDbJv45ONO2Hf0xUkdvIvliv78C3ATwU= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET cdn.storageimagedisplay.com/si/af/8b/74/af8b74def5e24f9582f73ba12bab9177/1680148975.png
200 OK 65 kB URL
cdn.storageimagedisplay.com/si/af/8b/74/af8b74def5e24f9582f73ba12bab9177/1680148975.png
IP / ASN
45.133.44.2
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
First Seen 2023-06-24
Last Seen 2025-07-31
Times Seen 197
Size 65 kB (65159 bytes)
MD5 c6a1f91858a0ead000fd923888b0b941
SHA1 ef5ec08b41a7a8618ae2bb8003f5d6cad068a57c
SHA256 19fc121de270074fd89cd824f91c2cee3720e6c0f7511e70c7b4c4443223f41b
Certificate Info
Issuer Let's Encrypt
Subject cdn.storageimagedisplay.com
Fingerprint 7C:BD:B0:48:37:0F:A4:22:46:5F:09:F9:77:FA:07:FF:25:25:52:76
Validity Sun, 11 May 2025 02:32:51 GMT - Sat, 09 Aug 2025 02:32:50 GMT
GET /si/af/8b/74/af8b74def5e24f9582f73ba12bab9177/1680148975.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 65159
server: nginx/1.21.6
last-modified: Thu, 30 Mar 2023 04:03:04 GMT
etag: "642509f8-fe87"
expires: Wed, 25 Jun 2025 07:17:15 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 256cd200d4b187ccb61741112c2440b2
SHA1 acd900456faac3a65f54db2716517ba12d1a8e14
SHA256 3ccccaab8c33c1708d86310c818c3b730188525c6788da71eb0aa56bb53bd5a6
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047310/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
x-route-id: script
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=2506230217d7e32a6d9ad74706b99f3108a0; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=PaQ0fPqdW2Leww04r_K-U8-gv7p6bmwrBE0JjNptZN1LAX_M17gfcVJxkVYpg7JJ3zfNmzG5_eLBMUhe-OYx9YJRkbS_mnVazTPgu9iML6HNrntkYvauOpRqm9pFAK_VtN6PssCZs3W9YSCvOwfVZNstgiLEoB7m-t4cEsRRP4exdM3jtp2IPM9SDuHFPMztHbhy6jeLRajOcxH7yckyve-UB81zCNIbSaTuqeu97Dt49dMuaXCQOABAXdkKHcmqIQLZlBtumLj1HeDTJ4VZxQiJVzhiCaEiY-S81AZArXQHwZKbJciU5xKJKaVWy5ILf3-rOwYYgJCTBVNihxuqDjU1QaF4pEJJiWqMjw-9DQwqyqRzQZdUTDE-tg8GZvQEP8iclqS9TrBpIYh9Ijj_iPRnh4tXDbESmXUu1VsmAmc4uJsl3yyjA7nuPynXOL8qgCz4pS0ENua1QOGzQHt47WzTOb2UnXm8r9biKI7Uun9aXpa6Hr1Mo1Tu6YM8lQUemur1dkv7Wb2Doob1gOYR4PUxRnfABGeWd3OIvxI0tiXAllphBYoQRJ_bsGJi-ldE5Ifv8jQFnB1yMc6erpTXOlZAGg0W1qZgi_mEcXxtDzXH5YZY2C--synwi1EAByWa6mwKrMtysLEAAyF_jouDwjiBr6AebQyX25Fuc768XBSEKkct4IWGG422ku4H_RmtCvGtm2OS3ETxUcl7-kihUYPjZDFMp5MnLG_9LDapgXXxYYnnMUexrtOUY9HC_e21JjRwAJD-Mp7_74u9nzkATyy0fKZOwFdTINsfj8zHipOMpSHH5cs=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=PaQ0fPqdW2Leww04r_K-U8-gv7p6bmwrBE0JjNptZN1LAX_M17gfcVJxkVYpg7JJ3zfNmzG5_eLBMUhe-OYx9YJRkbS_mnVazTPgu9iML6HNrntkYvauOpRqm9pFAK_VtN6PssCZs3W9YSCvOwfVZNstgiLEoB7m-t4cEsRRP4exdM3jtp2IPM9SDuHFPMztHbhy6jeLRajOcxH7yckyve-UB81zCNIbSaTuqeu97Dt49dMuaXCQOABAXdkKHcmqIQLZlBtumLj1HeDTJ4VZxQiJVzhiCaEiY-S81AZArXQHwZKbJciU5xKJKaVWy5ILf3-rOwYYgJCTBVNihxuqDjU1QaF4pEJJiWqMjw-9DQwqyqRzQZdUTDE-tg8GZvQEP8iclqS9TrBpIYh9Ijj_iPRnh4tXDbESmXUu1VsmAmc4uJsl3yyjA7nuPynXOL8qgCz4pS0ENua1QOGzQHt47WzTOb2UnXm8r9biKI7Uun9aXpa6Hr1Mo1Tu6YM8lQUemur1dkv7Wb2Doob1gOYR4PUxRnfABGeWd3OIvxI0tiXAllphBYoQRJ_bsGJi-ldE5Ifv8jQFnB1yMc6erpTXOlZAGg0W1qZgi_mEcXxtDzXH5YZY2C--synwi1EAByWa6mwKrMtysLEAAyF_jouDwjiBr6AebQyX25Fuc768XBSEKkct4IWGG422ku4H_RmtCvGtm2OS3ETxUcl7-kihUYPjZDFMp5MnLG_9LDapgXXxYYnnMUexrtOUY9HC_e21JjRwAJD-Mp7_74u9nzkATyy0fKZOwFdTINsfj8zHipOMpSHH5cs=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047310&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=PaQ0fPqdW2Leww04r_K-U8-gv7p6bmwrBE0JjNptZN1LAX_M17gfcVJxkVYpg7JJ3zfNmzG5_eLBMUhe-OYx9YJRkbS_mnVazTPgu9iML6HNrntkYvauOpRqm9pFAK_VtN6PssCZs3W9YSCvOwfVZNstgiLEoB7m-t4cEsRRP4exdM3jtp2IPM9SDuHFPMztHbhy6jeLRajOcxH7yckyve-UB81zCNIbSaTuqeu97Dt49dMuaXCQOABAXdkKHcmqIQLZlBtumLj1HeDTJ4VZxQiJVzhiCaEiY-S81AZArXQHwZKbJciU5xKJKaVWy5ILf3-rOwYYgJCTBVNihxuqDjU1QaF4pEJJiWqMjw-9DQwqyqRzQZdUTDE-tg8GZvQEP8iclqS9TrBpIYh9Ijj_iPRnh4tXDbESmXUu1VsmAmc4uJsl3yyjA7nuPynXOL8qgCz4pS0ENua1QOGzQHt47WzTOb2UnXm8r9biKI7Uun9aXpa6Hr1Mo1Tu6YM8lQUemur1dkv7Wb2Doob1gOYR4PUxRnfABGeWd3OIvxI0tiXAllphBYoQRJ_bsGJi-ldE5Ifv8jQFnB1yMc6erpTXOlZAGg0W1qZgi_mEcXxtDzXH5YZY2C--synwi1EAByWa6mwKrMtysLEAAyF_jouDwjiBr6AebQyX25Fuc768XBSEKkct4IWGG422ku4H_RmtCvGtm2OS3ETxUcl7-kihUYPjZDFMp5MnLG_9LDapgXXxYYnnMUexrtOUY9HC_e21JjRwAJD-Mp7_74u9nzkATyy0fKZOwFdTINsfj8zHipOMpSHH5cs= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/81e16a3f603683b4955b735fb9ec077e46a8a4c7.webp
200 OK 7.2 kB URL
s3t3d2y9.afcdn.net/library/628853/81e16a3f603683b4955b735fb9ec077e46a8a4c7.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-03-27
Last Seen 2025-07-11
Times Seen 6
Size 7.2 kB (7172 bytes)
MD5 09416dbea0d83793adf2551613ce6877
SHA1 81e16a3f603683b4955b735fb9ec077e46a8a4c7
SHA256 f13012832b026fd8eddcf7f2a75360e3ba0ddd4386aaf1b61777a7e62fbe4654
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/81e16a3f603683b4955b735fb9ec077e46a8a4c7.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 7172
last-modified: Wed, 03 Nov 2021 16:35:18 GMT
etag: "6182ba46-1c04"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 29 May 2025 12:21:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3s58cAAwBuUwKAQH3qQwAAAwBJRPCNAG3VSEOAQ
x-77-nzt-ray: 2a494a1577a121309eff586854f12e12
x-77-cache: HIT
x-77-age: 1875891
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 60ae0233c8b39ee8c4cf8dbc47c348fc
SHA1 cd96b426914e84b5c94739a0d5d5624a31943e8c
SHA256 6da24f835b8d310dafe9cf7ecf210432b5b23d0a726669ff2ac461ec70cbc94e
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gtKwe3s916Jx7zmeHHWwC1wjJNlDdxrdZsAJW1zbeMjeRLEwfY4%2FNHNrVpfUTuYCoZUL7qsfe%2Bs1f4X%2FMG6Hkq9bbWOiSb4MeAHgPQBQ9DJXP53%2BLJjRb84UXP%2Bc2oKLqHF%2BPaW6"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345d290bb4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2519&min_rtt=459&rtt_var=1875&sent=451&recv=548&lost=0&retrans=0&sent_bytes=30349&recv_bytes=32876&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2467&inflight_dur=87&x=44"
GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/script.js
200 OK 962 B URL
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/script.js
IP / ASN
172.67.133.15
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text
First Seen 2023-06-25
Last Seen 2025-08-02
Times Seen 671
Size 962 B (962 bytes)
MD5 0013fbb3bd9e7300fa1bc9f62501dcf0
SHA1 447e4a8994979e2e158b9beff79b94e7d1b29508
SHA256 4cf18df81115ddab6967dc82096077ee024223dac3c6ffc9b810bffb7780a20e
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/vpn/classic-push/small/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/javascript
content-length: 962
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa84fe-3c2"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 352009
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=vffv32zBgY%2BpI617cm7yNBbD6O9uZpB03TigTpkmrRyqQxKRQfQhaEvnh9%2Bmp8HYCS40kk5ucZVaQOP0joR2h6J%2FBViwCJ0KwMORoKLldchlzouI"}]}
cf-ray: 954234665801b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97609
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:47:59 GMT
expires: Fri, 19 Jun 2026 10:47:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 332957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET hotandgirls.site/js/extra.js?t=1750663020
200 OK 13 kB URL
hotandgirls.site/js/extra.js?t=1750663020
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text
First Seen 2025-05-21
Last Seen 2025-07-11
Times Seen 8
Size 13 kB (13146 bytes)
MD5 3cde7a92e60b61bc5e78cd85e813ee0e
SHA1 1efeb956475d38b04b18f9a2a14680143c493d7f
SHA256 eee38bf743e320f65d0954974bb5b826756ac865ea62c95b177818ed2f5d574a
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /js/extra.js?t=1750663020 HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 13146
last-modified: Wed, 30 Apr 2025 12:12:44 GMT
etag: "681213bc-335a"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET hotandgirls.site/js/callback.js
200 OK 1.1 kB URL
hotandgirls.site/js/callback.js
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
First Seen 2023-03-07
Last Seen 2025-07-31
Times Seen 274
Size 1.1 kB (1075 bytes)
MD5 eea3019455e3b69e81f9164ff63270c9
SHA1 e71aff9e9141aba03062dd85ca8914dc441950da
SHA256 738f50746a3e0e95e04d04ddc6ea578505e4160fb965703e81cfa1aa76811a02
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /js/callback.js HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1075
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-433"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET hotandgirls.site/images/ytline.png
200 OK 1.1 kB URL
hotandgirls.site/images/ytline.png
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 621 x 44, 8-bit colormap, non-interlaced
First Seen 2023-05-23
Last Seen 2025-07-31
Times Seen 230
Size 1.1 kB (1135 bytes)
MD5 d387ac9c34b588eed5499b70b8d3f75b
SHA1 a53de3c96919f58e72f95845e2f702b211353f4f
SHA256 657cd0cf4828776274e9ada904c51434d7d52413dc674f6d8883f902fd0e0187
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /images/ytline.png HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: image/png
content-length: 1135
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-46f"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET catastropherectificationamusing.com/21/f7/48/21f748a5e12cd0c59a96322c4882e619.js
200 OK 65 kB URL
catastropherectificationamusing.com/21/f7/48/21f748a5e12cd0c59a96322c4882e619.js
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (64978), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 65 kB (64978 bytes)
MD5 cdb853603b2e119a1eed35c50c5b52a2
SHA1 73b8c0ea296fb6a30e9be84806a121ed0bf11470
SHA256 7dab5db880f546fe85424cbf8f85435a21c82f11a6f4ddacb891974b43d884af
Certificate Info
Issuer Let's Encrypt
Subject catastropherectificationamusing.com
Fingerprint 51:BA:E1:9F:B8:18:49:9E:EA:7E:3D:EB:A6:DF:44:1C:21:B9:33:75
Validity Mon, 28 Apr 2025 19:19:39 GMT - Sun, 27 Jul 2025 19:19:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /21/f7/48/21f748a5e12cd0c59a96322c4882e619.js HTTP/1.1
Host: catastropherectificationamusing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:01 GMT
Content-Type: application/javascript
Content-Length: 23605
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: catastropherectificationamusing.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 181cca5853a45726e02924b530157c2f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=99MtYFiIvcK1I8Cn-QZFfG9A7NEp2KCeWVGwFfMdHDsfLVler1hvO_JqU_gKrcENqELqQFyQ0EvF61BTLmALv2-yAc_INW2MorUmO5sr4EYenKw5p31_0Snkv1qySkmNJunwkOL6OSgNoiCA73fJoy6kT16wt4qEnre9RWLh8glhUEoe-7avzIbHh3_yjh8MLhHPnYTDDzcuGYUQZlMbLsvEAXKCkN0iwoeFdXfv30RbwLrGwABdIdtR_9XHbOqLO5Dnk2PtIPYo4EkoynUM1n_jlzucq4Hk394CmOTIn8IlQexWQTVNGkrS3fbvWgH7OkGQjiWwBViJGkJCNeX30zAzCJ_-96VrMXwoQ_eb80_YgQ2oeMJGygKCCrAEbMjgu1H4g-A1w3Wj3fS2qQlXBNROBKqn9JUcp2JvOZJKstOhLO2Z0jqBJHQeN2Gvu1ft2RgaXmV-f0ArzYj0fxHpIBEOzNQO0YRwV5aFiwvJGawtR6UDauatFHf5la2Rq3ZevGp5DWAVrnNCjy-OiZd7PK252yi-pgHuQfpTtZnhZnDgjWpaRjg_v35mv2FhdnSg7by4SmkwbdWrGitFgXlTrG8uk-E-GyC-u_tTO_9kIMgPmSC93vjaQi1cjGdWcb3IyZVC682nsXapOlXCAaI89PSkMtw8RylM__lc4XK6eyysk6pEhLEpqYZqhli7Fj251cRyu9JSPS4qAEhQ5Jziqh4vIX0jMcBP2x1j88xB3s7RKgw3fXhgxH7ATR65t3D53845_pMqTUx27cmcRdvXjYywGzAFtuRusnWUTnTuIwKg3rT2pns=
200 OK 43 B URL
engineexplicitfootrest.com/chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=99MtYFiIvcK1I8Cn-QZFfG9A7NEp2KCeWVGwFfMdHDsfLVler1hvO_JqU_gKrcENqELqQFyQ0EvF61BTLmALv2-yAc_INW2MorUmO5sr4EYenKw5p31_0Snkv1qySkmNJunwkOL6OSgNoiCA73fJoy6kT16wt4qEnre9RWLh8glhUEoe-7avzIbHh3_yjh8MLhHPnYTDDzcuGYUQZlMbLsvEAXKCkN0iwoeFdXfv30RbwLrGwABdIdtR_9XHbOqLO5Dnk2PtIPYo4EkoynUM1n_jlzucq4Hk394CmOTIn8IlQexWQTVNGkrS3fbvWgH7OkGQjiWwBViJGkJCNeX30zAzCJ_-96VrMXwoQ_eb80_YgQ2oeMJGygKCCrAEbMjgu1H4g-A1w3Wj3fS2qQlXBNROBKqn9JUcp2JvOZJKstOhLO2Z0jqBJHQeN2Gvu1ft2RgaXmV-f0ArzYj0fxHpIBEOzNQO0YRwV5aFiwvJGawtR6UDauatFHf5la2Rq3ZevGp5DWAVrnNCjy-OiZd7PK252yi-pgHuQfpTtZnhZnDgjWpaRjg_v35mv2FhdnSg7by4SmkwbdWrGitFgXlTrG8uk-E-GyC-u_tTO_9kIMgPmSC93vjaQi1cjGdWcb3IyZVC682nsXapOlXCAaI89PSkMtw8RylM__lc4XK6eyysk6pEhLEpqYZqhli7Fj251cRyu9JSPS4qAEhQ5Jziqh4vIX0jMcBP2x1j88xB3s7RKgw3fXhgxH7ATR65t3D53845_pMqTUx27cmcRdvXjYywGzAFtuRusnWUTnTuIwKg3rT2pns=
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type GIF image data, version 89a, 1 x 1
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 11425
Size 43 B (43 bytes)
MD5 28e463819a210071de3b45ebe7633613
SHA1 6dccd571828ec0912629119cf7eabfea9f33ddbc
SHA256 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /chicken.gif?z=2047164&var=103417326&pb=7e03ac42477a06c150f12709b8936adf1750670232&pbc=C-m8v38qD4KYG1lo&pbu=uMnCxbfYI-yYG1lo&psp=99MtYFiIvcK1I8Cn-QZFfG9A7NEp2KCeWVGwFfMdHDsfLVler1hvO_JqU_gKrcENqELqQFyQ0EvF61BTLmALv2-yAc_INW2MorUmO5sr4EYenKw5p31_0Snkv1qySkmNJunwkOL6OSgNoiCA73fJoy6kT16wt4qEnre9RWLh8glhUEoe-7avzIbHh3_yjh8MLhHPnYTDDzcuGYUQZlMbLsvEAXKCkN0iwoeFdXfv30RbwLrGwABdIdtR_9XHbOqLO5Dnk2PtIPYo4EkoynUM1n_jlzucq4Hk394CmOTIn8IlQexWQTVNGkrS3fbvWgH7OkGQjiWwBViJGkJCNeX30zAzCJ_-96VrMXwoQ_eb80_YgQ2oeMJGygKCCrAEbMjgu1H4g-A1w3Wj3fS2qQlXBNROBKqn9JUcp2JvOZJKstOhLO2Z0jqBJHQeN2Gvu1ft2RgaXmV-f0ArzYj0fxHpIBEOzNQO0YRwV5aFiwvJGawtR6UDauatFHf5la2Rq3ZevGp5DWAVrnNCjy-OiZd7PK252yi-pgHuQfpTtZnhZnDgjWpaRjg_v35mv2FhdnSg7by4SmkwbdWrGitFgXlTrG8uk-E-GyC-u_tTO_9kIMgPmSC93vjaQi1cjGdWcb3IyZVC682nsXapOlXCAaI89PSkMtw8RylM__lc4XK6eyysk6pEhLEpqYZqhli7Fj251cRyu9JSPS4qAEhQ5Jziqh4vIX0jMcBP2x1j88xB3s7RKgw3fXhgxH7ATR65t3D53845_pMqTUx27cmcRdvXjYywGzAFtuRusnWUTnTuIwKg3rT2pns= HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACBlEAAAAAAAAAAB; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
OACIBLOCK=ACBlEAAAAABoWN9Q; Path=/; Expires=Wed, 23 Jul 2025 07:17:13 GMT; Secure; SameSite=None
BCAI=ACBlEAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BMI=ACtoUAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
BCRI=AAAAAAAAAAAAAAAB; Path=/; Expires=Tue, 24 Jun 2025 07:17:13 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET go.forscprts.com/easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d1e197cc33bd2&sourceId=61816&p1=61319&p2=133453&p3=105342
302 Found 671 kB URL
go.forscprts.com/easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d1e197cc33bd2&sourceId=61816&p1=61319&p2=133453&p3=105342
IP / ASN
104.18.40.50
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 671 kB (670845 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject go.forscprts.com
Fingerprint CB:E7:F2:4E:3C:B6:58:0A:66:1D:83:35:57:32:8B:AA:4B:42:2F:FA
Validity Sun, 18 May 2025 11:27:25 GMT - Sat, 16 Aug 2025 12:27:17 GMT
GET /easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d1e197cc33bd2&sourceId=61816&p1=61319&p2=133453&p3=105342 HTTP/1.1
Host: go.forscprts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 23 Jun 2025 07:17:14 GMT
content-length: 0
location: https://creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d1e197cc33bd2&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9542345d3c6cb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 29177717-31474-ex.tassymethosif.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
200 OK 4.5 kB URL
29177717-31474-ex.tassymethosif.com/v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
IP / ASN
88.208.22.2
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.5 kB (4501 bytes)
MD5 a07ab8ae7f8731d8f42f22d97888729d
SHA1 61e63f102bceac3f78d9d22bf368448f2436413c
SHA256 c3654fe4e6f6ec8d31b7438ad26a38f3a93e23caf6cf68cb90f3f7f137c17496
Certificate Info
Issuer Let's Encrypt
Subject *.tassymethosif.com
Fingerprint 88:1D:C6:17:4D:97:2A:F6:22:08:95:72:78:25:4E:0A:8B:89:7A:00
Validity Sun, 11 May 2025 14:43:01 GMT - Sat, 09 Aug 2025 14:43:00 GMT
GET /v2/a/na/247450?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22150%22%2C%22150%22%2C%22150%22%2C%220%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%223%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid= HTTP/1.1
Host: 29177717-31474-ex.tassymethosif.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 23 Jun 2025 07:17:14 UTC
expires: Mon, 23 Jun 2025 07:17:14 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/c19ab2226fbc8ef31c42a35fa01e48a2a56c9a31.webp
200 OK 5.4 kB URL
s3t3d2y9.afcdn.net/library/628853/c19ab2226fbc8ef31c42a35fa01e48a2a56c9a31.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 5.4 kB (5412 bytes)
MD5 9471c8439547a8f536d3edbfcee11fea
SHA1 c19ab2226fbc8ef31c42a35fa01e48a2a56c9a31
SHA256 eea6d1c5011ef481dd3cb536fb7aed133dc93e8551096193ea5e6c0ec312ee99
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/c19ab2226fbc8ef31c42a35fa01e48a2a56c9a31.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/webp
content-length: 5412
last-modified: Wed, 03 Nov 2021 16:22:02 GMT
etag: "6182b72a-1524"
expires: Mon, 01 Jun 2026 14:10:50 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap01-sec01-prg1-1
x-77-nzt: EwwBX63NDQH3WngcAAwBuUwKCQH3oCcAAAwBJRPCLgG3FAAAAA
x-77-nzt-ray: 2a494a1577a121309dff58683f65573b
x-77-cache: HIT
x-77-age: 1865818
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/f6af457a1acedd535c9a4afdb910d4f4975709c3.webp
200 OK 6.8 kB URL
s3t3d2y9.afcdn.net/library/628853/f6af457a1acedd535c9a4afdb910d4f4975709c3.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 6.8 kB (6754 bytes)
MD5 84d2a7cc89b2d84b736615dae6f3b33c
SHA1 f6af457a1acedd535c9a4afdb910d4f4975709c3
SHA256 7e51ff5d15c0018a6ffdd9bb88b6089d54c35c38316d478af24bde6be1b91b14
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/f6af457a1acedd535c9a4afdb910d4f4975709c3.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 6754
last-modified: Wed, 03 Nov 2021 18:29:19 GMT
etag: "6182d4ff-1a62"
expires: Mon, 01 Jun 2026 14:10:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec01-prg1-1
x-77-nzt: EwwBX63NDQH3/YMcAAwBuUwKDAH3NxwAAAwBw7WvAgG3CQAAAA
x-77-nzt-ray: 2a494a1577a121309eff58687c13190a
x-77-cache: HIT
x-77-age: 1868797
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 85bdbbba5df495243a975bd2527f9d30
SHA1 d13ebdaef09298d81780981b225c2217f839b250
SHA256 924c90ca83c88dd517536e386cec9f3f091ad8811885f926869df4fa4c439f2a
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdQczwCtNLuNK5y%2F7V3aotIN93ViPhD8RYjSryEIqQTwEH%2BDSXlBzNPR%2BafnnfzAfDF3ExDBaXAXrloA4CfVCcXHjGvb%2B%2FrZFNoBOP28rnTO5mbA8DEeAe2oVvg14iPiI7vWdHeZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345cba6a56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4973&min_rtt=1616&rtt_var=2589&sent=13&recv=11&lost=0&retrans=0&sent_bytes=3797&recv_bytes=2267&delivery_rate=503500&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15515&unsent_bytes=0&cid=38492c829776f2fd&ts=1038&inflight_dur=35&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-05
Times Seen 5
Size 36 B (36 bytes)
MD5 cea6cc0a68cd5c5212b2057f64c9f8e7
SHA1 ceca3e569588d85e30b71b81c7a916c487bee8ec
SHA256 e00dc964be8e54847233cfdce8e722be445b30bb9f645c939627d0e2e3955090
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YtC%2B45d8WhuN%2Fb7yj4M0FbvKGkovBIG2Z1P%2Bq%2BwOThG4YCWGyCyIRdXLfZfy6d1is%2Btlet8ND1p2TVgqyzV9u%2BGUky2W20HHmRsfjJ815ypgUTF0%2BRnO2w48N1TTlLFFseEbSN1U"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234694aae56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5742&min_rtt=1106&rtt_var=2700&sent=48&recv=31&lost=0&retrans=1&sent_bytes=16003&recv_bytes=6658&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=3041&inflight_dur=194&x=44"
GET 29177717-31474-3424.supopurytheals.com/v2/a/na/image?d=BQ5qQHPez5QuqzmxKK87L6fsmvmvsmGoS86nIDrWghpy5nRCgsyFdDUzPJyC-ZDpn7auqpEdgvz5HpwO4sYSF5pqchIG3MY0-PpdlJKHziLJyD8SjNfW0uxH0BFvHtA-9YiC0Hx0rmvHUzRMFZ3q1LvD0__fxhDeIr8S6Dn-cgiR7K-joISST_E5e-nW30jMYWUxRqOdcxrQR3K83LVXS7QQGVnTpyson5dDbbVNDkMxBn1KUIy88bMhruaoyryYfBgob4WNiom3toGQtR2W54qqSwCpUMWqmTdDZjFslD2qPgzFHz_yMr-rRd5XJY_QeY_uyLuuZvwHseBPcmihwqUHgbwhbGOzxt6E43c4Gz6tk9Z161sU5QD7Wt2rpiUKEQ24L9237vpAYcRqo8paXCTJNRrsiEciUM1rvQPAFfLc9XhugpmDmsTpnIyWZR43SpQCMgp3J9X4CW5Hx9iA6EqOGKLwszTLPR63IA7Mmt6CpZ4zZvB4AC-T7qju52CduECSBtwFQd2EpxJfw7KVDIYXJ88C-hPc8dCi8RRZd3DtOAjIyGzj3xfQE7dtp6Zl7Tlg7am2fU35UxJDn-prfkS8JgWtmHgKQ-fe5zdrhGHPzRJKoQiJdxMY2yC_sA08Kmlp-ftRo7xbMfQeJjw_5Uwt2dTPMelnO2M8Z3mwFwpCxvZMA75cI0H2H06K8yHOum_xaINoHW0PEyT0D6V_cVCggrIrxTXRgnxm1cHLju-NO3UOWclLqj_ZE9k1Lu7wS1G1epl-CaKIl6_tcHC2EQk5o96idcQNC_LmSNhkjr_MDIBVLsX-QCz_cRXDzhuU9tECEkcW5UuXWHZnfbWhTd1w9xhPaTFPUqdOvzMFpU0dFFFEdYtrJGoWzWjFpxNqL7i770PxEmOF-FG79jXKFaRtVpwF_dX9fEuw22QYxyHV1p_F_2nx6XNOT-_ZM6LTGz8IJYoA4nqpsiFIVx4oJZ55ztkTMkjDe8baYNdXlY0YTleiEsAUa9G9o5Nmliu4GMmL-fm88ilvbZc2TiZu3DItfkOWv5Ni45xzwowv6TDZSZYWRZTaUgcGrJWo186SPxBInJOjcSGyUzCezJyahNM5ealo93aK2ouoWfSU37ob_2lXLe0A-GU3UTA41uh3c1MHZwlX6n2zbL867maFr-_DJOPlIU5o_4CkJ9KgT6m-f0AxTYEJFy7L5w8T-H3Hyor99XFC_GKYlPKBitfTi9ka5cfiX9rRsX1YEY2rxN4L-rzUhJI6i--eA1n_EiCGusZ_dtxO95se78sALCL8ZzJ5l9da3_M-uTAOgX9YYzgy4t85TaqZEG7n1_xR6H2QRdc
200 OK 68 B URL
29177717-31474-3424.supopurytheals.com/v2/a/na/image?d=BQ5qQHPez5QuqzmxKK87L6fsmvmvsmGoS86nIDrWghpy5nRCgsyFdDUzPJyC-ZDpn7auqpEdgvz5HpwO4sYSF5pqchIG3MY0-PpdlJKHziLJyD8SjNfW0uxH0BFvHtA-9YiC0Hx0rmvHUzRMFZ3q1LvD0__fxhDeIr8S6Dn-cgiR7K-joISST_E5e-nW30jMYWUxRqOdcxrQR3K83LVXS7QQGVnTpyson5dDbbVNDkMxBn1KUIy88bMhruaoyryYfBgob4WNiom3toGQtR2W54qqSwCpUMWqmTdDZjFslD2qPgzFHz_yMr-rRd5XJY_QeY_uyLuuZvwHseBPcmihwqUHgbwhbGOzxt6E43c4Gz6tk9Z161sU5QD7Wt2rpiUKEQ24L9237vpAYcRqo8paXCTJNRrsiEciUM1rvQPAFfLc9XhugpmDmsTpnIyWZR43SpQCMgp3J9X4CW5Hx9iA6EqOGKLwszTLPR63IA7Mmt6CpZ4zZvB4AC-T7qju52CduECSBtwFQd2EpxJfw7KVDIYXJ88C-hPc8dCi8RRZd3DtOAjIyGzj3xfQE7dtp6Zl7Tlg7am2fU35UxJDn-prfkS8JgWtmHgKQ-fe5zdrhGHPzRJKoQiJdxMY2yC_sA08Kmlp-ftRo7xbMfQeJjw_5Uwt2dTPMelnO2M8Z3mwFwpCxvZMA75cI0H2H06K8yHOum_xaINoHW0PEyT0D6V_cVCggrIrxTXRgnxm1cHLju-NO3UOWclLqj_ZE9k1Lu7wS1G1epl-CaKIl6_tcHC2EQk5o96idcQNC_LmSNhkjr_MDIBVLsX-QCz_cRXDzhuU9tECEkcW5UuXWHZnfbWhTd1w9xhPaTFPUqdOvzMFpU0dFFFEdYtrJGoWzWjFpxNqL7i770PxEmOF-FG79jXKFaRtVpwF_dX9fEuw22QYxyHV1p_F_2nx6XNOT-_ZM6LTGz8IJYoA4nqpsiFIVx4oJZ55ztkTMkjDe8baYNdXlY0YTleiEsAUa9G9o5Nmliu4GMmL-fm88ilvbZc2TiZu3DItfkOWv5Ni45xzwowv6TDZSZYWRZTaUgcGrJWo186SPxBInJOjcSGyUzCezJyahNM5ealo93aK2ouoWfSU37ob_2lXLe0A-GU3UTA41uh3c1MHZwlX6n2zbL867maFr-_DJOPlIU5o_4CkJ9KgT6m-f0AxTYEJFy7L5w8T-H3Hyor99XFC_GKYlPKBitfTi9ka5cfiX9rRsX1YEY2rxN4L-rzUhJI6i--eA1n_EiCGusZ_dtxO95se78sALCL8ZzJ5l9da3_M-uTAOgX9YYzgy4t85TaqZEG7n1_xR6H2QRdc
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 17333
Size 68 B (68 bytes)
MD5 91e42db1c66c0b276abf6234dc50b2eb
SHA1 c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
SHA256 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Certificate Info
Issuer Let's Encrypt
Subject *.supopurytheals.com
Fingerprint DB:E4:46:06:D3:D5:DE:03:9F:3F:A8:8E:65:3C:34:C6:45:C2:54:7D
Validity Mon, 12 May 2025 14:45:24 GMT - Sun, 10 Aug 2025 14:45:23 GMT
GET /v2/a/na/image?d=BQ5qQHPez5QuqzmxKK87L6fsmvmvsmGoS86nIDrWghpy5nRCgsyFdDUzPJyC-ZDpn7auqpEdgvz5HpwO4sYSF5pqchIG3MY0-PpdlJKHziLJyD8SjNfW0uxH0BFvHtA-9YiC0Hx0rmvHUzRMFZ3q1LvD0__fxhDeIr8S6Dn-cgiR7K-joISST_E5e-nW30jMYWUxRqOdcxrQR3K83LVXS7QQGVnTpyson5dDbbVNDkMxBn1KUIy88bMhruaoyryYfBgob4WNiom3toGQtR2W54qqSwCpUMWqmTdDZjFslD2qPgzFHz_yMr-rRd5XJY_QeY_uyLuuZvwHseBPcmihwqUHgbwhbGOzxt6E43c4Gz6tk9Z161sU5QD7Wt2rpiUKEQ24L9237vpAYcRqo8paXCTJNRrsiEciUM1rvQPAFfLc9XhugpmDmsTpnIyWZR43SpQCMgp3J9X4CW5Hx9iA6EqOGKLwszTLPR63IA7Mmt6CpZ4zZvB4AC-T7qju52CduECSBtwFQd2EpxJfw7KVDIYXJ88C-hPc8dCi8RRZd3DtOAjIyGzj3xfQE7dtp6Zl7Tlg7am2fU35UxJDn-prfkS8JgWtmHgKQ-fe5zdrhGHPzRJKoQiJdxMY2yC_sA08Kmlp-ftRo7xbMfQeJjw_5Uwt2dTPMelnO2M8Z3mwFwpCxvZMA75cI0H2H06K8yHOum_xaINoHW0PEyT0D6V_cVCggrIrxTXRgnxm1cHLju-NO3UOWclLqj_ZE9k1Lu7wS1G1epl-CaKIl6_tcHC2EQk5o96idcQNC_LmSNhkjr_MDIBVLsX-QCz_cRXDzhuU9tECEkcW5UuXWHZnfbWhTd1w9xhPaTFPUqdOvzMFpU0dFFFEdYtrJGoWzWjFpxNqL7i770PxEmOF-FG79jXKFaRtVpwF_dX9fEuw22QYxyHV1p_F_2nx6XNOT-_ZM6LTGz8IJYoA4nqpsiFIVx4oJZ55ztkTMkjDe8baYNdXlY0YTleiEsAUa9G9o5Nmliu4GMmL-fm88ilvbZc2TiZu3DItfkOWv5Ni45xzwowv6TDZSZYWRZTaUgcGrJWo186SPxBInJOjcSGyUzCezJyahNM5ealo93aK2ouoWfSU37ob_2lXLe0A-GU3UTA41uh3c1MHZwlX6n2zbL867maFr-_DJOPlIU5o_4CkJ9KgT6m-f0AxTYEJFy7L5w8T-H3Hyor99XFC_GKYlPKBitfTi9ka5cfiX9rRsX1YEY2rxN4L-rzUhJI6i--eA1n_EiCGusZ_dtxO95se78sALCL8ZzJ5l9da3_M-uTAOgX9YYzgy4t85TaqZEG7n1_xR6H2QRdc HTTP/1.1
Host: 29177717-31474-3424.supopurytheals.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:17 GMT
content-type: image/png
content-length: 68
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET 29177717-31474-1948.tassymethosif.com/v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L6fsmvmv_N0OXZND90jOQVcyDlWAGCU1BG7GpoG-ArD3XcHALbC4Fi70DIQO6cYJF8GVoFb2Z6jz_bFrBTVLCjG_yjBHMsqncemfNi2zPiideU_eY_lDfdUwKScBvZ8uwtDS_dchcOQ_Em_tAUA-rz2dNjEMjQdD88hqkHAJiKphZf9FgxyFxfzX5uWmw05yaHBCz-u0ZVCxbpTGGXbi2BdfhRzU-LMxeUBkOkiCt1eH-DBZTVcQNzlBIHBpfKVG9qGJ-O7vn_iH4M9cGOoFCoiJFQuRhyKzANTOpZMlgV8eOv1my_WKgZncg1mHOg9HgxDpUX83PuHi65kDdKeuyCOqkKcMTJg-39bow4ef_bBxBrP_cHpg7_rqcQN94cbYpJohA3Y6B65y53XDG18XLKhcMv0AHbBXaLnNoIFMZgV3qHGxxiXj4-SSz8SsrzfgoW4ZvPh3VnyNKAXeLuD2jN06hO1zTvNVABsthtfqZg0lpboudBFtCNIWRam2-sWvhG2OJfXQCLkx0mIqdMxj09RXjEw_v6C5uQgFuCDSEkZBlz8V18pEy74iFOZ2SNAywCh61wNKzF_22NAph7we7ZpX7YhonWrvgWMpMHNMV_z0xlsBDKgJBoL7pXd3Xl82bGQLY9hlhX5Ew5cbFxg9aFcjWPhVOOhcr3PYYdDEI1Fczwb0PkldOHPbYll1BKNIuMxJNZNEZyFYW7QHWZCjhl_66z4nEj00zO7BOhPjft84JgPPHS83AIFczBKEt0k5HFQ7c2YB9HBU43swYSlRJgNHe3a-hDUwNmMg-6FQlxL0K4HSBsaGi5ZkO73INDiveglbXRNbt8rLXzuZE6CepzYSQVTJxcGhpMU0LLZfmjCz4gllWCJdZYJXYyev2xE3LFT6Z2OPO6QqQF_aVtGuZGg5JsOrzeXQuKIwj47yM9xWZrM7vIzPu3AGa3Tm603qPIoIMocd597JHiBghoBqTyU2ubIuMZt_wpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw32ahF_maYsAT0hO3_P6ih5TpX1Sw
200 OK 68 B URL
29177717-31474-1948.tassymethosif.com/v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L6fsmvmv_N0OXZND90jOQVcyDlWAGCU1BG7GpoG-ArD3XcHALbC4Fi70DIQO6cYJF8GVoFb2Z6jz_bFrBTVLCjG_yjBHMsqncemfNi2zPiideU_eY_lDfdUwKScBvZ8uwtDS_dchcOQ_Em_tAUA-rz2dNjEMjQdD88hqkHAJiKphZf9FgxyFxfzX5uWmw05yaHBCz-u0ZVCxbpTGGXbi2BdfhRzU-LMxeUBkOkiCt1eH-DBZTVcQNzlBIHBpfKVG9qGJ-O7vn_iH4M9cGOoFCoiJFQuRhyKzANTOpZMlgV8eOv1my_WKgZncg1mHOg9HgxDpUX83PuHi65kDdKeuyCOqkKcMTJg-39bow4ef_bBxBrP_cHpg7_rqcQN94cbYpJohA3Y6B65y53XDG18XLKhcMv0AHbBXaLnNoIFMZgV3qHGxxiXj4-SSz8SsrzfgoW4ZvPh3VnyNKAXeLuD2jN06hO1zTvNVABsthtfqZg0lpboudBFtCNIWRam2-sWvhG2OJfXQCLkx0mIqdMxj09RXjEw_v6C5uQgFuCDSEkZBlz8V18pEy74iFOZ2SNAywCh61wNKzF_22NAph7we7ZpX7YhonWrvgWMpMHNMV_z0xlsBDKgJBoL7pXd3Xl82bGQLY9hlhX5Ew5cbFxg9aFcjWPhVOOhcr3PYYdDEI1Fczwb0PkldOHPbYll1BKNIuMxJNZNEZyFYW7QHWZCjhl_66z4nEj00zO7BOhPjft84JgPPHS83AIFczBKEt0k5HFQ7c2YB9HBU43swYSlRJgNHe3a-hDUwNmMg-6FQlxL0K4HSBsaGi5ZkO73INDiveglbXRNbt8rLXzuZE6CepzYSQVTJxcGhpMU0LLZfmjCz4gllWCJdZYJXYyev2xE3LFT6Z2OPO6QqQF_aVtGuZGg5JsOrzeXQuKIwj47yM9xWZrM7vIzPu3AGa3Tm603qPIoIMocd597JHiBghoBqTyU2ubIuMZt_wpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw32ahF_maYsAT0hO3_P6ih5TpX1Sw
IP / ASN
88.208.22.2
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 17333
Size 68 B (68 bytes)
MD5 91e42db1c66c0b276abf6234dc50b2eb
SHA1 c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
SHA256 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Certificate Info
Issuer Let's Encrypt
Subject *.tassymethosif.com
Fingerprint 88:1D:C6:17:4D:97:2A:F6:22:08:95:72:78:25:4E:0A:8B:89:7A:00
Validity Sun, 11 May 2025 14:43:01 GMT - Sat, 09 Aug 2025 14:43:00 GMT
GET /v2/a/na/image?d=BQ5qQHPer5RuqDkBKgc8L6fsmvmv_N0OXZND90jOQVcyDlWAGCU1BG7GpoG-ArD3XcHALbC4Fi70DIQO6cYJF8GVoFb2Z6jz_bFrBTVLCjG_yjBHMsqncemfNi2zPiideU_eY_lDfdUwKScBvZ8uwtDS_dchcOQ_Em_tAUA-rz2dNjEMjQdD88hqkHAJiKphZf9FgxyFxfzX5uWmw05yaHBCz-u0ZVCxbpTGGXbi2BdfhRzU-LMxeUBkOkiCt1eH-DBZTVcQNzlBIHBpfKVG9qGJ-O7vn_iH4M9cGOoFCoiJFQuRhyKzANTOpZMlgV8eOv1my_WKgZncg1mHOg9HgxDpUX83PuHi65kDdKeuyCOqkKcMTJg-39bow4ef_bBxBrP_cHpg7_rqcQN94cbYpJohA3Y6B65y53XDG18XLKhcMv0AHbBXaLnNoIFMZgV3qHGxxiXj4-SSz8SsrzfgoW4ZvPh3VnyNKAXeLuD2jN06hO1zTvNVABsthtfqZg0lpboudBFtCNIWRam2-sWvhG2OJfXQCLkx0mIqdMxj09RXjEw_v6C5uQgFuCDSEkZBlz8V18pEy74iFOZ2SNAywCh61wNKzF_22NAph7we7ZpX7YhonWrvgWMpMHNMV_z0xlsBDKgJBoL7pXd3Xl82bGQLY9hlhX5Ew5cbFxg9aFcjWPhVOOhcr3PYYdDEI1Fczwb0PkldOHPbYll1BKNIuMxJNZNEZyFYW7QHWZCjhl_66z4nEj00zO7BOhPjft84JgPPHS83AIFczBKEt0k5HFQ7c2YB9HBU43swYSlRJgNHe3a-hDUwNmMg-6FQlxL0K4HSBsaGi5ZkO73INDiveglbXRNbt8rLXzuZE6CepzYSQVTJxcGhpMU0LLZfmjCz4gllWCJdZYJXYyev2xE3LFT6Z2OPO6QqQF_aVtGuZGg5JsOrzeXQuKIwj47yM9xWZrM7vIzPu3AGa3Tm603qPIoIMocd597JHiBghoBqTyU2ubIuMZt_wpraDFSqn3KhKOPGHVDAgnF7U_Jzmj_w45k_bcR9GmvAI-82i2vyoKAor7M68D43G8w9dKVteN9VZBFgGLyNI3hvgbC7xrkaGSGZvMyuczrroyVLKth2ZB4KBh95KJWzS5CX7QDQSO0gbNqtxQA2fWW8WioE1wi_sIW2Eyuw9Y86JOqhFJXpx_M7-zmpsNXmRlzMAegmyxumI59P4v8OmRZccqUEtwWNugujuk1XJqRQxmFevWWaGBkbvFG_8_hxamdQfWv1mKSR27Jhfxw32ahF_maYsAT0hO3_P6ih5TpX1Sw HTTP/1.1
Host: 29177717-31474-1948.tassymethosif.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 68
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET a.magsrv.com/ad-provider.js
200 OK 182 kB URL
a.magsrv.com/ad-provider.js
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (39182)
First Seen 2025-06-17
Last Seen 2025-06-24
Times Seen 67
Size 182 kB (182521 bytes)
MD5 84f7ceec0cfb0944ae5f5a4b867974ac
SHA1 7c6460cb729e63a5d75c2b9959a45745217113d9
SHA256 9d93a9cf79ec76ba6b498128273988e3a3e67981aef72a1884c6f8afcac9817e
Certificate Info
Issuer Let's Encrypt
Subject magsrv.com
Fingerprint E1:20:8C:28:EE:7A:93:40:E0:BE:4B:F4:77:62:14:FC:23:07:AD:18
Validity Tue, 10 Jun 2025 10:16:21 GMT - Mon, 08 Sep 2025 10:16:20 GMT
GET /ad-provider.js HTTP/1.1
Host: a.magsrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript
etag: W/"7c6460cb729e63a5d75c2b9959a"
expires: Wed, 18 Jun 2025 17:22:31 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: EwwBX63NDQH3sRoAAAwBuUwKEwH3AwAAAAwBJRPCMQG3KAAAAA
x-77-nzt-ray: 2a494a1515a11e3092ff5868de1fad13
x-77-cache: HIT
x-77-age: 6833
vary: Accept-Encoding
content-encoding: gzip
server: CDN77-Turbo
x-77-pop: osloNO
X-Firefox-Spdy: h2
GET 31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_185_1&subid=103417326
200 OK 82 kB URL
31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_185_1&subid=103417326
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 82 kB (82112 bytes)
MD5 c99e70b84d2f3606d122b9a0497f6fe7
SHA1 5db97cd2b2497d236a521212081412b43e1d0644
SHA256 a4280c12bc81684b91964b22488de9086162258130488badd2a3f4c531454561
Certificate Info
Issuer Let's Encrypt
Subject *.2489may2024.com
Fingerprint 22:A9:F0:36:70:DF:BB:11:76:A1:88:3A:63:75:CE:C7:A8:54:39:A5
Validity Thu, 29 May 2025 20:24:42 GMT - Wed, 27 Aug 2025 20:24:41 GMT
GET /v2/a/na/js/247450?container=clck_ntv_185_1&subid=103417326 HTTP/1.1
Host: 31474.2489may2024.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19537
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
HEAD ads.google.com/
429 Too Many Requests 0 B IP / ASN
142.250.74.174
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject adwords.google.com
Fingerprint 11:60:62:E1:64:75:24:D1:BF:CB:0A:E7:15:EC:34:52:65:A1:96:FE
Validity Mon, 02 Jun 2025 08:36:33 GMT - Mon, 25 Aug 2025 08:36:32 GMT
HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 23 Jun 2025 07:17:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 1035--byqbpwwale7r8yeclxjn.stbid.ru/
302 Moved Temporarily 43 B URL
1035--byqbpwwale7r8yeclxjn.stbid.ru/
IP / ASN
80.87.198.24
#29182 JSC IOT
Requested by https://uuidksinc.net/matchx?gdpr=0&gdpr_consent=
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 43 B (43 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer GlobalSign nv-sa
Subject *.stbid.ru
Fingerprint CD:D0:42:9B:03:7A:27:A9:42:E1:4D:28:F3:FC:EA:D1:AC:D7:13:7E
Validity Tue, 22 Apr 2025 09:20:40 GMT - Sun, 24 May 2026 09:20:39 GMT
GET / HTTP/1.1
Host: 1035--byqbpwwale7r8yeclxjn.stbid.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://uuidksinc.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx/1.27.0
Date: Mon, 23 Jun 2025 07:17:15 GMT
Content-Length: 0
Location: https://1035--byqbpwwale7r8yeclxjn.stbid.ru/empty
Connection: close
Access-Control-Allow-Origin: *
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 4
Size 36 B (36 bytes)
MD5 32b6ba3687297ac63ff10f2029a367cb
SHA1 5194ab41badb763259cf468ea23771ab2b318c78
SHA256 5f4f8ad543c8db45c0c104977146a6a20d7d55cbf4447101c852f4aac95d09fd
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OpnbUClpVrkRwsuEjPYwUI3CL1zzWFRYyEKnUJOmQtHBtANtFTLmDLpDRbVpqmSoxRHZ63kMw60FA0poY6sFk2vQv94rwGzNT65pObz6uN3RaBoZs4tbyxWnHQhV8hmyJkKm4sLq"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345f0a7756ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4653&min_rtt=1616&rtt_var=1764&sent=22&recv=16&lost=0&retrans=0&sent_bytes=6865&recv_bytes=3069&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=1392&inflight_dur=67&x=44"
GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/style.css
200 OK 3.4 kB URL
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/style.css
IP / ASN
172.67.133.15
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text
First Seen 2024-02-12
Last Seen 2025-08-02
Times Seen 563
Size 3.4 kB (3355 bytes)
MD5 039a6734d79ed9aa51cf81c52479c5fe
SHA1 9cf29c4ea1a3880681d50c7228374f8073b7778b
SHA256 a15bad73fc8907795285b78a4a1a1bf5e7f68b4d39988b9bb165444819cf9eb1
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/vpn/classic-push/small/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa84fe-d1b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 352009
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=9rFbO1wCOUHSF19d6%2Fn86B37O03jRele6bNDbpnq3V7SrtqQUo%2BjyFrnz3F4wX4G94Bc1XYbtoOYmXz641ySDwoUSr0VREiDNm5QTjXsn4dVfmY6"}]}
cf-ray: 954234639ce3b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-11
Times Seen 2
Size 51 B (51 bytes)
MD5 dcdfe2d4211b6f25a870c89a9e779bd5
SHA1 99e431819e2161ef47c38a2a6fbbfcc7cbd09ff4
SHA256 e726467027542cfc8e1408929c6e03537ed6f35da1795950ea398299d8d50762
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y2g33x1DBLJiTnlg8eRa%2BD%2Bpd%2FqyFFIvGmwHMft%2Bfm2%2FrdAec26KiesPvCak5NrwWVTnqhcdu4RsONuJ6Ee1%2BeZ7AUlvAfe%2B%2FPRP9logoiYX8DvFvQ%2BFh7jGfnVTse5mG1d4gl4V"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423463f96eb4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1665&min_rtt=459&rtt_var=1437&sent=469&recv=560&lost=0&retrans=0&sent_bytes=37028&recv_bytes=38800&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=3555&inflight_dur=103&x=44"
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 a76d50a3638444bf918ba82e4549dda9
SHA1 a2a2eae7685892da643f9b1e1365879ef778982a
SHA256 1ae4329ad105d10fa746c9f35d7c5ee356027945f50443630e9adb36e0f3af4f
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UuCyw5bQ1C4iS6Rk5WDy6ijc6XWAllNFmsMJmOkGLja%2F3CCbq2bFu%2FU6rpIxNaVLRm2soXPKFv4wxRBV3zn%2BOtzvuhfEdYuuePUAAPZvnePD1jxeFNkLfJsc6hCfMQyYI4xPoI49"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157679999; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423466b980b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1921&min_rtt=459&rtt_var=1097&sent=477&recv=566&lost=0&retrans=0&sent_bytes=40788&recv_bytes=41406&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4005&inflight_dur=144&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 6
Size 36 B (36 bytes)
MD5 42a93b9e1930392a29e9eb04913d7445
SHA1 4cbcb71469394cde5cd815dd5ba3cb69564ec618
SHA256 7f04e5c83cd0c69fbb7709d68600cfbfc4f7adce2db1e0a921f6d2a8acd3aa85
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uRGF7istCMW8pMCPJQSQ8jLzvmyW6HcK5SGtf4eaINdFc5mx%2FSCjaPTmVRBN0tVtsfxhNKWQ1oO%2BUP6jwQJj93hED2sh6ZSRtvX9HH3eC8e8CAbBROLZ9U4BIsMdyYq0%2FTuUKXr%2B"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234689aa756ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6347&min_rtt=1616&rtt_var=2874&sent=43&recv=28&lost=0&retrans=1&sent_bytes=14460&recv_bytes=6236&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2926&inflight_dur=184&x=44"
GET fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
200 OK 40 kB URL
fonts.gstatic.com/s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 40128, version 1.0
First Seen 2025-01-08
Last Seen 2025-08-02
Times Seen 97609
Size 40 kB (40128 bytes)
MD5 9a01b69183a9604ab3a439e388b30501
SHA1 8ed1d59003d0dbe6360481017b44665153665fbe
SHA256 20b535fa80c8189e3b87d1803038389960203a886d502bc2ef1857affc2f38d2
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /s/roboto/v48/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 40128
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:47:59 GMT
expires: Fri, 19 Jun 2026 10:47:59 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:30:55 GMT
content-type: font/woff2
age: 332957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
HEAD ads.google.com/
429 Too Many Requests 0 B IP / ASN
142.250.74.174
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject adwords.google.com
Fingerprint 11:60:62:E1:64:75:24:D1:BF:CB:0A:E7:15:EC:34:52:65:A1:96:FE
Validity Mon, 02 Jun 2025 08:36:33 GMT - Mon, 25 Aug 2025 08:36:32 GMT
HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 23 Jun 2025 07:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET 29177717-31474-ex.prernittorring.com/v2/a/na/247648?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=tiny%2Chorny%2Cteen%2Cpounded&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%224%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
200 OK 4.5 kB URL
29177717-31474-ex.prernittorring.com/v2/a/na/247648?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=tiny%2Chorny%2Cteen%2Cpounded&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%224%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid=
IP / ASN
88.208.22.1
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.5 kB (4541 bytes)
MD5 2c0927357eec20f8740d2d334ccbf5b2
SHA1 fc62ec71712d80da1b2557886384383711f0ebdb
SHA256 23e3a5d1e4366826203e84a947a52d799e57f77daac65a69156a3192a52821d7
Certificate Info
Issuer Let's Encrypt
Subject *.prernittorring.com
Fingerprint 9E:8C:77:9C:BA:FC:2E:C1:DF:B7:BE:DC:0D:3E:2A:EF:79:7F:49:F3
Validity Tue, 13 May 2025 14:31:38 GMT - Mon, 11 Aug 2025 14:31:37 GMT
GET /v2/a/na/247648?subId=103417326&pageUri=https%3A%2F%2Fhotandgirls.site%2F%3Fvid%3D3%26ad%3D103417326%26site%3D7807247%26source%3Dcadu%26aduClickId%3D960912425052278785&referer=&av=1&abl=1&kws=tiny%2Chorny%2Cteen%2Cpounded&rtg=&bdd=%5B%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0%22%2C%22false%22%2C%22Linux%20x86_64%22%2C%22llvmpipe%22%2C%22Mozilla%22%2C%22llvmpipe%22%2C%22Mesa%22%2C%22false%22%2C%22true%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%221280%22%2C%221024%22%2C%22false%22%2C%221%22%2C%2248%22%2C%220%22%2C%22aaaaacccefiflmmprrsstlllecstaaahtscellllpss%22%2C%22Mon%20Jun%2023%202025%2007%3A17%3A13%20GMT%2B0000%20(GMT)%22%2C%220%22%2C%22en-US%22%2C%22en-US%2Cen%22%2C%22false%22%2C%22true%22%2C%22781877177%22%2C%222697903995%22%2C%224%22%2C%22false%22%2C%22%5B%5D%22%5D&dcid= HTTP/1.1
Host: 29177717-31474-ex.prernittorring.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:17 GMT
content-type: application/json; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
last-modified: Mon, 23 Jun 2025 07:17:17 UTC
expires: Mon, 23 Jun 2025 07:17:17 UTC
content-encoding: gzip
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55539&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SR7s%2BoFfeFltmnYM9UGxlwlumNrJGBkz6pfXQ1NPfWz6kGLajlKCwYzJx5xjxawk59Dw730grHDTkq05zAsiYaaDu6hQ4qHlYs%2FgcZ9gp%2FDg1r6Qlg%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344cfe1356bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55538&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AtfOeiZLWamm8G2EHvdsomoGiDVdOWgIMBxAHZIOkwZjoIZUzx8C2%2B%2B8e7difx66a3OpNrgv7kNNorCkOi3%2BNwfIo3qm0eoIkBpGhYJDXelwDq%2BtUw%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:12 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:12 GMT
cf-ray: 9542344dff7b56bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/78d107b7aac211704a0673bb0863be51a6a4b686.webp
200 OK 7.5 kB URL
s3t3d2y9.afcdn.net/library/628853/78d107b7aac211704a0673bb0863be51a6a4b686.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 7.5 kB (7480 bytes)
MD5 45f4174ee83ad7b16364b8b2bf701e78
SHA1 78d107b7aac211704a0673bb0863be51a6a4b686
SHA256 63c593fa215e6b26b931b725a8cf7d5d3f50c5689eb81cae4af93aefd153014d
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/78d107b7aac211704a0673bb0863be51a6a4b686.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/webp
content-length: 7480
last-modified: Wed, 03 Nov 2021 18:29:20 GMT
etag: "6182d500-1d38"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 29 May 2025 12:22:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3sp8cAAwBuUwKDAH3+hYAAAwB1GY4EQG3WR8OAQ
x-77-nzt-ray: 2a494a1577a121309dff5868ab859a3b
x-77-cache: HIT
x-77-age: 1875890
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/88f3bce90422dd5ad406495f0e6131cb7e5c974e.webp
200 OK 4.6 kB URL
s3t3d2y9.afcdn.net/library/628853/88f3bce90422dd5ad406495f0e6131cb7e5c974e.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 4.6 kB (4634 bytes)
MD5 e4818dcc7fd2a227ae9e0a28928667f0
SHA1 88f3bce90422dd5ad406495f0e6131cb7e5c974e
SHA256 eb419ce92191c2faa0e864fcae36d54f2f4ffdb151cd484d3dc67616444bb800
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/88f3bce90422dd5ad406495f0e6131cb7e5c974e.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 4634
last-modified: Wed, 12 Jan 2022 20:51:58 GMT
etag: "61df3f6e-121a"
expires: Wed, 17 Sep 2025 16:03:41 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec02-prg1-1
x-77-nzt: EwwBX63NDQH3MK7zAAwBuUwKCQH31REAAAwBw7WvBgG3F5d7AA
x-77-nzt-ray: 2a494a1577a121309eff5868cb419202
x-77-cache: HIT
x-77-age: 15969840
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
HEAD ads.google.com/
429 Too Many Requests 0 B IP / ASN
142.250.74.174
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject adwords.google.com
Fingerprint 11:60:62:E1:64:75:24:D1:BF:CB:0A:E7:15:EC:34:52:65:A1:96:FE
Validity Mon, 02 Jun 2025 08:36:33 GMT - Mon, 25 Aug 2025 08:36:32 GMT
HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 23 Jun 2025 07:17:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-28
Times Seen 2
Size 36 B (36 bytes)
MD5 081a684ba9715db0245b180d4bbd8bf1
SHA1 85ec2e0019a788ea6b6961b5127c16af337fe50f
SHA256 6604e63fdc502f22a222645fa63b3d3f375eff3afd4dbd69f2273830c43b8999
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7FI2B8UdMoR%2FkebZG56zI9kzVH7ldqC%2BvRE7A4jSw3mzznh66VAmhFFWr%2B7DNaK0WR07esej5cvdj5ua2WSivp3RVT3eAAgFRlc1tDGYI6RQotT99dfYvjnVA1DQyQbvVyJ%2BGoLe"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345cba6956ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4973&min_rtt=1616&rtt_var=2589&sent=17&recv=11&lost=0&retrans=0&sent_bytes=5337&recv_bytes=2267&delivery_rate=503500&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=15515&unsent_bytes=0&cid=38492c829776f2fd&ts=1040&inflight_dur=35&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-05
Times Seen 2
Size 36 B (36 bytes)
MD5 8ab26011dc744d21e9eb064d28866ab6
SHA1 6a9d12f522c64b29a5c387fa18b22d9f40ddb0d5
SHA256 f21128430b821f87e9a49e6384f13e67ed2fc9a34d968bf7137acdf4eb72b42c
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CFYCoWkhfrt%2BkskKwH9gR42H8AuiwzvCczKqjrKnpKKgkktjESHTtD2dg9ZRdnISV%2BYJYlknFaIIGqsMhU9uPPG%2FyT1WzUKu8cfjlnWiHZUu%2FR46yqeF7KWDBKEmkTpw2IqWTnu"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234632a8556ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4546&min_rtt=1616&rtt_var=1537&sent=28&recv=20&lost=0&retrans=0&sent_bytes=8425&recv_bytes=4712&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2060&inflight_dur=88&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-05
Times Seen 5
Size 36 B (36 bytes)
MD5 cea6cc0a68cd5c5212b2057f64c9f8e7
SHA1 ceca3e569588d85e30b71b81c7a916c487bee8ec
SHA256 e00dc964be8e54847233cfdce8e722be445b30bb9f645c939627d0e2e3955090
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=AtFHw6hZ9iGLymE77%2F%2F95AbRlyMqKjVnuv%2BNZdnI14aWilmbjPeyKZnMqCOrXATBacD5dV1vinq41LiN0WBMdd0vl3egL6hpQFLvwqp4hP34"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542344e8874b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-05-21
Last Seen 2025-07-05
Times Seen 3
Size 36 B (36 bytes)
MD5 bd148f8ac8f11853a5aedb5c24095b7a
SHA1 824ba5b7feee3e19c104928539dd78b44dc7cefb
SHA256 3bfa4e4c3845885e5a82957472c527447253594e7efab8907992a5ddf61aebd1
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=SNWHyer3Cc9co%2FA16dUj37vJOKU6Slmk3zCPrCT%2FTnksBSl8Lfcdwer4nuCNtF5e5C08felxSTm1IapMAzwYHOUqc7nTIWqaMgTRQ44whcVt"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542344fea00b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/animate.css
200 OK 79 kB URL
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/css/animate.css
IP / ASN
172.67.133.15
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text
First Seen 2024-01-20
Last Seen 2025-08-02
Times Seen 4044
Size 79 kB (78689 bytes)
MD5 3d4123dbfb33d27a5cfdfcfa91df6783
SHA1 e7d0eeeec54b848f0bc3da8685fa3bc88429d660
SHA256 cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/vpn/classic-push/small/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: text/css
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: W/"65aa84fe-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
age: 352009
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2FQ3I8%2BfImER%2BnAVmxxul6TSH0X9tFocYT4aSn9QUa6Kf2CXY2Gq7VqAMYkXyW4Tj0TyOcKcK2bihcvU8lQ4%2FvNnwaO10ELeqMdOM8%2FMrvAsuUbbT"}]}
cf-ray: 95423463acf9b4eb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET hotandgirls.site/js/lazyload.js
200 OK 1.9 kB URL
hotandgirls.site/js/lazyload.js
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text
First Seen 2023-03-07
Last Seen 2025-07-31
Times Seen 275
Size 1.9 kB (1908 bytes)
MD5 6cbeab4d6e9323eb35e29128563b119d
SHA1 ab5d687c8d0a81c19684081eb530cf28f20158ea
SHA256 6f08b68dcdf0cf11ccc5af3ea3592dddbfb42f58ae12899de5ff507f834dcd2c
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /js/lazyload.js HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1908
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-774"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-11
Times Seen 2
Size 51 B (51 bytes)
MD5 dcdfe2d4211b6f25a870c89a9e779bd5
SHA1 99e431819e2161ef47c38a2a6fbbfcc7cbd09ff4
SHA256 e726467027542cfc8e1408929c6e03537ed6f35da1795950ea398299d8d50762
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HlrO1JJOqiZAKnxsLuZhIGOox9y2l%2FI91royOo7cl2WAX32OVWeTMvwtyyqJ93UZnM0klm6rQCqqK5O99ef2XK6ZV88UUGtPDadYbMMdk3bRkWmudQ0tkD3%2BAyRuri4HaDFj7SAS"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345d190ab4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2519&min_rtt=459&rtt_var=1875&sent=452&recv=548&lost=0&retrans=0&sent_bytes=31264&recv_bytes=32876&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2469&inflight_dur=87&x=44"
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-28
Times Seen 2
Size 36 B (36 bytes)
MD5 b4ae78613c3568bd28fff05f04fc5425
SHA1 bb50a4f17dcad3a052d4e6ab5922423959e62217
SHA256 30d400f4aea0e12372e935d3138ed5e3757f6e8c55ad525185b509dfeca2e470
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeCF094NQBnHMMj5Uhpoz5KLyVp4f3g9POEHeAn7olnL1L%2FwwbdlDOa162RmEv262SSsHn0NJMnOMddUagcA9rDNBIbTUn2krN9VA4ef2Y4PLig%2BIpWCuM%2F4Hc%2BejgC8C8BTLOO5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234632a8456ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4546&min_rtt=1616&rtt_var=1537&sent=31&recv=20&lost=0&retrans=0&sent_bytes=9907&recv_bytes=4712&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2065&inflight_dur=89&x=44"
GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
200 OK 84 kB URL
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/js/jquery.min.js
IP / ASN
172.67.133.15
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (32025)
First Seen 2023-03-07
Last Seen 2025-08-02
Times Seen 8790
Size 84 kB (84380 bytes)
MD5 4a356126b9573eb7bd1e9a7494737410
SHA1 8258d046f17dd3c15a5d3984e1868b7b5d1db329
SHA256 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/vpn/classic-push/small/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/javascript
content-length: 84380
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa84fe-1499c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 412516
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=dz5W0ZSVcKsdiBjNuCgwXfMIE1%2FD0dKaLJS%2BFxsPqagkbU1re6hx7oLhXnnjE7r48%2FelR7x1A%2FAPn3Yv5NKEt1ejevJXMFJVGt3kbjrLlKxwENqt"}]}
cf-ray: 954234641ba30b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-28
Times Seen 2
Size 36 B (36 bytes)
MD5 081a684ba9715db0245b180d4bbd8bf1
SHA1 85ec2e0019a788ea6b6961b5127c16af337fe50f
SHA256 6604e63fdc502f22a222645fa63b3d3f375eff3afd4dbd69f2273830c43b8999
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OY8tkgbcyP7Xe3qBS1xH%2BPGCktMpoGZOJRMFbQpVYGADfeKFgra%2Bilh8%2Bs9y6B1NqaiyUJMCFZTtHJ4kGx5s6x4j8EUB1HUDTGRFKdaqPQsJ%2F8tDRAuMr9ibTE0cQoZoqsYGDLIL"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234634a8856ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4649&min_rtt=1616&rtt_var=1665&sent=35&recv=22&lost=0&retrans=0&sent_bytes=11420&recv_bytes=4800&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=2152&inflight_dur=112&x=44"
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-05-21
Last Seen 2025-06-23
Times Seen 2
Size 51 B (51 bytes)
MD5 6d063042e08cbf7e6eba0cea387215b4
SHA1 63f4d24c5adc1fac7565894f068557ac6f88c2e7
SHA256 321c8b7121f1021f2a23243e779ea201dc800c6e6201e6c3f515d8872b723476
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pCjSst957pVy9%2Bh8ja60vQGqEsv2q4zwLkPSkMzvAyjd8HNaXX3uJD7aYQCgNlPJkvDeJFdg3fpTuI4UJx09YCg2DIpbdVqC1XGqWM6WKZnOmAXwul7lH9Y53FUFLSRgnCQMn9nz"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:16 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423469898bb4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1709&min_rtt=459&rtt_var=739&sent=484&recv=572&lost=0&retrans=0&sent_bytes=43640&recv_bytes=44017&delivery_rate=574024&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=4449&inflight_dur=179&x=44"
GET hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
200 OK 78 kB URL
hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Resource Info
File type HTML document, ASCII text, with very long lines (775), with CRLF, LF line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 78 kB (77780 bytes)
MD5 8678b46afd63045082f0cbfc633bc324
SHA1 dca235832dd7a5a74d775693725411797a2fee3c
SHA256 b557545ee1663276e93917f7584e6f3a939b4951220493079ec9a1c790d46805
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785 HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:00 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; path=/
ctl=1750663020; expires=Tue, 23-Jun-2026 07:17:00 GMT; Max-Age=31536000; path=/
userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; expires=Tue, 24-Jun-2025 07:17:00 GMT; Max-Age=86400; path=/
i=1; expires=Mon, 23-Jun-2025 13:17:00 GMT; Max-Age=21600; path=/
source=cadu; expires=Tue, 23-Sep-2025 07:17:00 GMT; Max-Age=7948800; path=/
ad=103417326; expires=Tue, 23-Sep-2025 07:17:00 GMT; Max-Age=7948800; path=/
site=7807247; expires=Tue, 23-Sep-2025 07:17:00 GMT; Max-Age=7948800; path=/
sub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
onlySale=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
c_visit=1; expires=Tue, 24-Jun-2025 07:17:00 GMT; Max-Age=86400; path=/
popNext_=1; expires=Tue, 24-Jun-2025 07:17:00 GMT; Max-Age=86400; path=/
content-encoding: gzip
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=7hZ0zHKal4NPRAlmI9Cw3JwHS%2BIp19uJHxttxpkMb4LeNJHho2%2Faudv4L9HWEtc7%2FzmimtHoQboD%2BXL7WZtOFjLczzkv9cNemAESj6lrBHq%2BsRKAMA%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d0e3456bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/cfd91e46514f945d7066a3e9fdf8021aefa39690.webp
200 OK 4.5 kB URL
s3t3d2y9.afcdn.net/library/628853/cfd91e46514f945d7066a3e9fdf8021aefa39690.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x300, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 4.5 kB (4454 bytes)
MD5 fafa8a3773a4cf9cea2913a6a6e4eafc
SHA1 cfd91e46514f945d7066a3e9fdf8021aefa39690
SHA256 2a7d30b2f475218ef709c57283bb864b0d660fa5212c592465867b6070366849
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/cfd91e46514f945d7066a3e9fdf8021aefa39690.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 4454
last-modified: Mon, 01 Jul 2024 16:10:43 GMT
etag: "6682d503-1166"
expires: Wed, 17 Sep 2025 16:30:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec01-prg1-1
x-77-nzt: EwwBX63NDQH317fzAAwBuUwKCQH3EgoAAAwBw7WvAgG36I57AA
x-77-nzt-ray: 2a494a1577a121309eff58689d218000
x-77-cache: HIT
x-77-age: 15972311
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 5
Size 36 B (36 bytes)
MD5 60d0a73b9975927fc70d56c883c7a669
SHA1 41536619c106daba74ad150e4d5c7f37e8d887f2
SHA256 5206749e108009f7ab54c4e91fba00579bf2ddd297e1a39601982a114d40cd38
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZkvfPLFPam08%2FdntANNS9q3VK1%2FusRLZjWCSOWWzdeuu9x8gSqDCbJ7ja7%2BYWphBv3%2Fr4wu4T5WbTLyjTbZEqX6BctVDUwa9y1aPRK3SFkE2"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 954234568a94b4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 29177717-31474-1948.gloricragnews.com/v2/a/na/image?d=BQ5qQHPer5RmqDkBKjs8L6cMlPmz5EGwTd--vW_iJ8JYKschltV2vP293rE4Y_GPwMkA67G9Av4BDIcO6cYJF8G0rFb-ZqgN8vBrhVVLyHkAFFTWZRLJAnmqJRfyWJlbFeCuwLvUoIRXJ-aLlM6w1KTaa2rIPHZjR2tO2TrtIsh-kt7MqK25Fi1NWwKp86x3Vhf1h6hIGE2JpVaF5DS0fRdwKFZlWcD8ncWzY_FPs66ovOnFKZ3Fr98iB1wAXWINsroV3fS4samZ9CBiL40eHghz3jruSwLrfZ3dXwEAB1S3JagAPghMmvVHpHRSIONBCa9OTsbg6aTDEU6go577t5wBN9sc5pSr95FDvf2bjDdo8ovvT9rcw_uBzkQCNLHQ-w8D7HMEpBzEtvhVc6d8Tum0lCH4W66JAnFclPR6JGUYQXwtHBgflzxCs7EtULrcF2I9hP7d0AY9mKWSG95AM_68Go9XWOIoaKPH5H48P1iAUJju1I7ciBuQ-2EpichideGnCx4IxTcgG1pCe2VsHoaE3u1-f-nYsrMKIuyKYAG0jFAqYR8xy_eZlqnuCZtyguTL-V5ud4vKL4cZJYOupBNZpeF-B9jJLIyG_rWEg7IEt6I-jXis_YyuGyZfxsKfmhyxev9Po9uoDcGOkfiUdNFNI0plx-astG10vWA2a9vxURZ1u2BCWNzbzILH3m4j4uv6yxRH5lGfYQwxHu-4CL-_eebZ4iRtrmqfztvgiGDRT9zUT4FbrZNDEQRnsWirHow9122gINP4_QyqN4iKbspTU7WgXJTJI0BpsY3PKasdiMdZkr8gE74GWp_hLYh02bAsxpnj1vLLQVwdHSdFZ9YMnhOcKoojufyB-x3qWTUoCeFouhYV0OXNPe-507u2bW3Dl2lcKWYekF_kuKSDLV3nmodupLDtLiPANThEvxOtZpGKdjYkMVf65--FbcnbnUadzbZJRWF2t3zETduIntJFvcMoZF2UEwOzUUCe-kQ7H9-zBBa1s7qYjoCNX3IQKEFDD0Ze_n6rxamq2ETGC3RO2eqxkxZi0vEkNznUL2Ey-8zjGBVDQt-2wcgUPU0qAxy0FvHvq8nILUelvvS1UGWXx51mn-g9a8XG79I_GOS7HACizwAghdl9w0t8dhL5O-Iue_o4nMDvhe2c9yi64jRIwAfLHAOScoltooisgmILUjyg93oQoNNis9OA7f13SBPxuFwyymO6tVOgxU1H5hUqJh_RMZ1F2xTPp-15ywiUK26AlYzlJ0QOUmIyMod0bCfJ0YofLTEvPr0hy6Lta3_esAipsvFPvg
200 OK 68 B URL
29177717-31474-1948.gloricragnews.com/v2/a/na/image?d=BQ5qQHPer5RmqDkBKjs8L6cMlPmz5EGwTd--vW_iJ8JYKschltV2vP293rE4Y_GPwMkA67G9Av4BDIcO6cYJF8G0rFb-ZqgN8vBrhVVLyHkAFFTWZRLJAnmqJRfyWJlbFeCuwLvUoIRXJ-aLlM6w1KTaa2rIPHZjR2tO2TrtIsh-kt7MqK25Fi1NWwKp86x3Vhf1h6hIGE2JpVaF5DS0fRdwKFZlWcD8ncWzY_FPs66ovOnFKZ3Fr98iB1wAXWINsroV3fS4samZ9CBiL40eHghz3jruSwLrfZ3dXwEAB1S3JagAPghMmvVHpHRSIONBCa9OTsbg6aTDEU6go577t5wBN9sc5pSr95FDvf2bjDdo8ovvT9rcw_uBzkQCNLHQ-w8D7HMEpBzEtvhVc6d8Tum0lCH4W66JAnFclPR6JGUYQXwtHBgflzxCs7EtULrcF2I9hP7d0AY9mKWSG95AM_68Go9XWOIoaKPH5H48P1iAUJju1I7ciBuQ-2EpichideGnCx4IxTcgG1pCe2VsHoaE3u1-f-nYsrMKIuyKYAG0jFAqYR8xy_eZlqnuCZtyguTL-V5ud4vKL4cZJYOupBNZpeF-B9jJLIyG_rWEg7IEt6I-jXis_YyuGyZfxsKfmhyxev9Po9uoDcGOkfiUdNFNI0plx-astG10vWA2a9vxURZ1u2BCWNzbzILH3m4j4uv6yxRH5lGfYQwxHu-4CL-_eebZ4iRtrmqfztvgiGDRT9zUT4FbrZNDEQRnsWirHow9122gINP4_QyqN4iKbspTU7WgXJTJI0BpsY3PKasdiMdZkr8gE74GWp_hLYh02bAsxpnj1vLLQVwdHSdFZ9YMnhOcKoojufyB-x3qWTUoCeFouhYV0OXNPe-507u2bW3Dl2lcKWYekF_kuKSDLV3nmodupLDtLiPANThEvxOtZpGKdjYkMVf65--FbcnbnUadzbZJRWF2t3zETduIntJFvcMoZF2UEwOzUUCe-kQ7H9-zBBa1s7qYjoCNX3IQKEFDD0Ze_n6rxamq2ETGC3RO2eqxkxZi0vEkNznUL2Ey-8zjGBVDQt-2wcgUPU0qAxy0FvHvq8nILUelvvS1UGWXx51mn-g9a8XG79I_GOS7HACizwAghdl9w0t8dhL5O-Iue_o4nMDvhe2c9yi64jRIwAfLHAOScoltooisgmILUjyg93oQoNNis9OA7f13SBPxuFwyymO6tVOgxU1H5hUqJh_RMZ1F2xTPp-15ywiUK26AlYzlJ0QOUmIyMod0bCfJ0YofLTEvPr0hy6Lta3_esAipsvFPvg
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced
First Seen 2023-04-05
Last Seen 2025-08-02
Times Seen 17333
Size 68 B (68 bytes)
MD5 91e42db1c66c0b276abf6234dc50b2eb
SHA1 c1986af3c26609b8b7d8933f99c51c1a89e9ea6b
SHA256 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
Certificate Info
Issuer Let's Encrypt
Subject *.gloricragnews.com
Fingerprint 81:D8:4A:08:52:15:C0:B0:86:00:2A:C0:42:C1:3A:2C:80:09:AD:A1
Validity Sun, 13 Apr 2025 14:29:45 GMT - Sat, 12 Jul 2025 14:29:44 GMT
GET /v2/a/na/image?d=BQ5qQHPer5RmqDkBKjs8L6cMlPmz5EGwTd--vW_iJ8JYKschltV2vP293rE4Y_GPwMkA67G9Av4BDIcO6cYJF8G0rFb-ZqgN8vBrhVVLyHkAFFTWZRLJAnmqJRfyWJlbFeCuwLvUoIRXJ-aLlM6w1KTaa2rIPHZjR2tO2TrtIsh-kt7MqK25Fi1NWwKp86x3Vhf1h6hIGE2JpVaF5DS0fRdwKFZlWcD8ncWzY_FPs66ovOnFKZ3Fr98iB1wAXWINsroV3fS4samZ9CBiL40eHghz3jruSwLrfZ3dXwEAB1S3JagAPghMmvVHpHRSIONBCa9OTsbg6aTDEU6go577t5wBN9sc5pSr95FDvf2bjDdo8ovvT9rcw_uBzkQCNLHQ-w8D7HMEpBzEtvhVc6d8Tum0lCH4W66JAnFclPR6JGUYQXwtHBgflzxCs7EtULrcF2I9hP7d0AY9mKWSG95AM_68Go9XWOIoaKPH5H48P1iAUJju1I7ciBuQ-2EpichideGnCx4IxTcgG1pCe2VsHoaE3u1-f-nYsrMKIuyKYAG0jFAqYR8xy_eZlqnuCZtyguTL-V5ud4vKL4cZJYOupBNZpeF-B9jJLIyG_rWEg7IEt6I-jXis_YyuGyZfxsKfmhyxev9Po9uoDcGOkfiUdNFNI0plx-astG10vWA2a9vxURZ1u2BCWNzbzILH3m4j4uv6yxRH5lGfYQwxHu-4CL-_eebZ4iRtrmqfztvgiGDRT9zUT4FbrZNDEQRnsWirHow9122gINP4_QyqN4iKbspTU7WgXJTJI0BpsY3PKasdiMdZkr8gE74GWp_hLYh02bAsxpnj1vLLQVwdHSdFZ9YMnhOcKoojufyB-x3qWTUoCeFouhYV0OXNPe-507u2bW3Dl2lcKWYekF_kuKSDLV3nmodupLDtLiPANThEvxOtZpGKdjYkMVf65--FbcnbnUadzbZJRWF2t3zETduIntJFvcMoZF2UEwOzUUCe-kQ7H9-zBBa1s7qYjoCNX3IQKEFDD0Ze_n6rxamq2ETGC3RO2eqxkxZi0vEkNznUL2Ey-8zjGBVDQt-2wcgUPU0qAxy0FvHvq8nILUelvvS1UGWXx51mn-g9a8XG79I_GOS7HACizwAghdl9w0t8dhL5O-Iue_o4nMDvhe2c9yi64jRIwAfLHAOScoltooisgmILUjyg93oQoNNis9OA7f13SBPxuFwyymO6tVOgxU1H5hUqJh_RMZ1F2xTPp-15ywiUK26AlYzlJ0QOUmIyMod0bCfJ0YofLTEvPr0hy6Lta3_esAipsvFPvg HTTP/1.1
Host: 29177717-31474-1948.gloricragnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 68
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
GET cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/img/close.png
200 OK 591 B URL
cdn.creative-stat1.com/sb/ssp/vpn/classic-push/small/img/close.png
IP / ASN
172.67.133.15
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 12 x 12, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-11
Last Seen 2025-08-02
Times Seen 2563
Size 591 B (591 bytes)
MD5 9fd5bcb6103d86e317bd1eb019bcbe71
SHA1 6b5a52ea669dcb74946f2bed4bdd7ec985026113
SHA256 0ddd3be104ac7945fb062096df62034a6a24ecc76ba92493c35c62c3c25982ae
Certificate Info
Issuer Google Trust Services
Subject creative-stat1.com
Fingerprint EA:78:8B:9D:53:DF:84:5F:BA:B0:1B:CB:77:59:D8:9B:CC:8C:CC:86
Validity Wed, 11 Jun 2025 22:34:34 GMT - Tue, 09 Sep 2025 23:32:59 GMT
GET /sb/ssp/vpn/classic-push/small/img/close.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/png
content-length: 591
server: cloudflare
last-modified: Fri, 19 Jan 2024 14:19:42 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
etag: "65aa84fe-24f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
accept-ranges: bytes
age: 412516
cf-cache-status: HIT
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WUDRnDYdhlMajs5UznqtQZDcL7IAeMmGTFCS8scRMs5xD920Bzm%2FAYTiOsqAYH%2BslkvpK4e%2F1vonp4C8UIKxzIqlHFcMDrrN0WRwCB%2Fx8L67k0p3"}]}
cf-ray: 954234641bb30b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 3ad7e0aaa69cef6865553f0cdeb0034c
SHA1 a9779943e34fcd265343cff1b127b323d9dff475
SHA256 f79362f4d3719cb228d4921fc74e4ff95d796ad84dd1cef3556431836fd39e45
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 218
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WE%2FrPYhz7542ZIQLhsVDzfk01W0zvchUwhDs%2FIikNfAI2GD%2FTPw02SnHMYUiN6CQVnTLjK7l6qbhcoqk60%2B6pZzX27vRlNhVai4aYg7wki%2BEAKSp0teMYxAM5XJG4CgtNzQlU1%2FY"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423463d96cb4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1665&min_rtt=459&rtt_var=1437&sent=468&recv=560&lost=0&retrans=0&sent_bytes=36114&recv_bytes=38800&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=3545&inflight_dur=103&x=44"
GET acdn.berculogive.com/1833/54430c23-0a77-11ec-ba28-5f54dd64648d.jpg
200 OK 53 kB URL
acdn.berculogive.com/1833/54430c23-0a77-11ec-ba28-5f54dd64648d.jpg
IP / ASN
45.133.44.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
First Seen 2023-06-29
Last Seen 2025-07-26
Times Seen 59
Size 53 kB (52747 bytes)
MD5 be3539b89a38139fc054bd693b9540f6
SHA1 a3d1faaba898e1f95ba50453f88da959f51e27fe
SHA256 90adfd1438b2b2c7812646ef314b539141dabaec286dc3700f2c8e1ac7669067
Certificate Info
Issuer Let's Encrypt
Subject acdn.berculogive.com
Fingerprint EB:33:38:B5:48:73:EF:CF:83:69:B4:91:ED:BB:A8:90:CB:4B:CD:5D
Validity Mon, 09 Jun 2025 03:35:13 GMT - Sun, 07 Sep 2025 03:35:12 GMT
GET /1833/54430c23-0a77-11ec-ba28-5f54dd64648d.jpg HTTP/1.1
Host: acdn.berculogive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:17 GMT
content-type: image/jpeg
content-length: 52747
server: nginx
last-modified: Tue, 31 Aug 2021 16:20:17 GMT
etag: "612e56c1-ce0b"
expires: Wed, 25 Jun 2025 07:17:17 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext
200 OK 12 kB URL
fonts.googleapis.com/css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext
IP / ASN
142.250.74.10
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (1572)
First Seen 2025-05-29
Last Seen 2025-08-02
Times Seen 195
Size 12 kB (11588 bytes)
MD5 684ac3a9c5c5eed65775c9f6f9c2a779
SHA1 dbae647e9992c1560be250c3da5cf5e28f6b6248
SHA256 3f6b969df114b23e088c9de0dddda536c5578ed21d8717e974f0287c7607b9bf
Certificate Info
Issuer Google Trust Services
Subject upload.video.google.com
Fingerprint 58:09:05:96:27:31:E2:3D:AB:89:AD:1C:2E:C3:03:82:B0:27:3D:86
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /css?family=Open+Sans:300,400&subset=cyrillic,greek,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cdn.fluidplayer.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 23 Jun 2025 07:17:01 GMT
date: Mon, 23 Jun 2025 07:17:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-28
Times Seen 2
Size 36 B (36 bytes)
MD5 b4ae78613c3568bd28fff05f04fc5425
SHA1 bb50a4f17dcad3a052d4e6ab5922423959e62217
SHA256 30d400f4aea0e12372e935d3138ed5e3757f6e8c55ad525185b509dfeca2e470
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J2dof6NRb0I7Q4g26oLwd3wD1AasfOJeHOVQirrYrWrR87FyvOFfbGOlGQhRNAusKoYXKpWlhonzyIlJICqIV%2BHS0ze7a3kTCBM3gSiae2WS9jSXUy1lcOUGYxfpFyoPLcFgFOD5"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345cda6b56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4557&min_rtt=1616&rtt_var=2096&sent=19&recv=13&lost=0&retrans=0&sent_bytes=6092&recv_bytes=2355&delivery_rate=503500&ss_exit_cwnd=0&ss_exit_reason=0&cwnd=17810&unsent_bytes=0&cid=38492c829776f2fd&ts=1117&inflight_dur=42&x=44"
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 51 B (51 bytes)
MD5 eef2dd30da507a0c7dc0734a411f17ce
SHA1 1c1a27baa1456e75b03998bf508e7b2a35d63ba6
SHA256 cc093ef90c5969feecdecf41f7661aab183a3baed334d385924dbcda586378ca
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 276
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=B%2B4VPuNvgq1V8f2ObyCp06F2ZSon%2FrITEV0B6MPJufJvqLWLXvKvB%2BkjVEvdTJpdvusx4qrrQNSjOuyBol1EVvbA8n1kFlivA841p0p%2Bjj4o"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:12 GMT
d-ipp-uid=bcd6ac50d2d93e8d6575f073617dd090a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A14%3A%2215636703212394%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:12 GMT
cf-ray: 9542344e0934569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2024-08-19
Last Seen 2025-07-11
Times Seen 4
Size 51 B (51 bytes)
MD5 16f1e4493f7d5e08bd8c877906c26109
SHA1 437a33278abe138d06118ad5b712d64959f3326e
SHA256 919719ad2f1372c1ed1317e54fba2e3d6ce58a1d17eac7ec343869a80428f505
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 218
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WxqwlbaIwKUp5Yp%2BmnOqcbHhPQFXrXp%2FnWnpy4aRj886HXX3lkV2LxaHEW9FIT%2FAba0t%2Fi04%2Faj%2BJojavh1kOD4N4UCmpGX2PpTEwegsQRy0"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:12 GMT
d-ipp-uid=505b59d27c0b52b94716191f9572ac35a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032661768%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:12 GMT
cf-ray: 954234519dff569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-06-23
Last Seen 2025-07-11
Times Seen 2
Size 51 B (51 bytes)
MD5 467fb9f6c19d15510fc3ff48214f3e9b
SHA1 50e202977b8eced22e11c967cb8764b0d4ff4b6f
SHA256 54ef1ebeaacdc9580428110aeb2ef87e19d545a680a06d9b55fc1c8ffbe3e2c2
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: application/json; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=QDFnBgapS7rhfqQTDGGWBdKvne%2Fv%2BJfdA4CQ1a77DMo8oFtrCZclV0kdoYQvq4qRvxpX%2FNbH7zGm4J2S08wj1RVBQVi4I67nEFaGojFdTjqw"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:12 GMT
d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:12 GMT
cf-ray: 95423451ee5c569b-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET 31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_183_1&subid=103417326
200 OK 82 kB URL
31474.2489may2024.com/v2/a/na/js/247450?container=clck_ntv_183_1&subid=103417326
IP / ASN
88.208.22.3
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (65536), with no line terminators
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 82 kB (82109 bytes)
MD5 61a77a37bd9fed344ac4a3724d80648f
SHA1 ceb88b086eb693f9ce5b81f51f78fab634ed0d06
SHA256 79e8d4f0f354378f3e78362b6add5859cae85f2bc330b6598edd18915d86077e
Certificate Info
Issuer Let's Encrypt
Subject *.2489may2024.com
Fingerprint 22:A9:F0:36:70:DF:BB:11:76:A1:88:3A:63:75:CE:C7:A8:54:39:A5
Validity Thu, 29 May 2025 20:24:42 GMT - Wed, 27 Aug 2025 20:24:41 GMT
GET /v2/a/na/js/247450?container=clck_ntv_183_1&subid=103417326 HTTP/1.1
Host: 31474.2489may2024.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: application/javascript; charset=UTF-8
content-length: 19542
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-max-age: 86400
referrer-policy: unsafe-url
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Device-Memory
accept-ch-lifetime: 31536000
X-Firefox-Spdy: h2
HEAD ads.google.com/
429 Too Many Requests 0 B IP / ASN
142.250.74.174
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject adwords.google.com
Fingerprint 11:60:62:E1:64:75:24:D1:BF:CB:0A:E7:15:EC:34:52:65:A1:96:FE
Validity Mon, 02 Jun 2025 08:36:33 GMT - Mon, 25 Aug 2025 08:36:32 GMT
HEAD / HTTP/1.1
Host: ads.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 429 Too Many Requests
content-length: 1103
content-type: text/html; charset=UTF-8
date: Mon, 23 Jun 2025 07:17:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET go.forscprts.com/easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d0626c8bbc74d&sourceId=61816&p1=61319&p2=133453&p3=105342
302 Found 671 kB URL
go.forscprts.com/easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d0626c8bbc74d&sourceId=61816&p1=61319&p2=133453&p3=105342
IP / ASN
104.18.40.50
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 671 kB (670845 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Google Trust Services
Subject go.forscprts.com
Fingerprint CB:E7:F2:4E:3C:B6:58:0A:66:1D:83:35:57:32:8B:AA:4B:42:2F:FA
Validity Sun, 18 May 2025 11:27:25 GMT - Sat, 16 Aug 2025 12:27:17 GMT
GET /easy?campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&memberId=063838003d0626c8bbc74d&sourceId=61816&p1=61319&p2=133453&p3=105342 HTTP/1.1
Host: go.forscprts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
date: Mon, 23 Jun 2025 07:17:14 GMT
content-length: 0
location: https://creative.cambaddies.com/widgets/Spot/lib-auto.js?action=sbSignupWithModel&animate=1&autoclose=0&autoplay=all&campaignId=86a0e36948c7aebf5e355fb6c31769a973ef74cefcca73dfb11a75c747e5a2ca&campaignType=smartpop&closeButtonDelay=0&creativeId=d672099c5f2288d5918979f1e2a1c3b11e99be326985f8b71819b8bb0627235b&hideButton=1&iterationId=967245&masterSmartpopId=12245&memberId=063838003d0626c8bbc74d&p1=61319&p2=133453&p3=105342&quality=240p&ruleId=365&smartpopId=14734&sourceId=61816&tag=-girls%2Fmobile&userId=a29e4fa1023dd45be975c4ab2c3f63fc721842490735020a0d0703eb57f7300d&variationId=34162
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, x-requested-with
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 9542345d6c8bb529-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
OPTIONS burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 36 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2025-05-21
Last Seen 2025-07-11
Times Seen 4
Size 36 B (36 bytes)
MD5 0905d0e595fe90cc77c73240ff09b284
SHA1 ca8a91d3e68dc75e8a17817134191da3a515b207
SHA256 59591ef6cdad86286186967f4c9303925b94c36743b84435528bd125ebb04733
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
OPTIONS /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hotandgirls.site/
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:16 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l%2FmCyYYliBTnIDtf9QhlrS9%2BKm9K4O3XXCiB6x1H7ybvQ%2FL7vn%2FpGd1k0AckGU%2FCIrk%2BhgzrSFXiC11TZhmq%2FIUTuWwkHJLDCqMBRctvvYSU4VvFsxl7Fp2t1UpUz4LDTIki%2FDcR"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542346c8abf56ab-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5190&min_rtt=1106&rtt_var=3130&sent=50&recv=33&lost=0&retrans=1&sent_bytes=16763&recv_bytes=7038&delivery_rate=503500&ss_exit_cwnd=17810&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=38492c829776f2fd&ts=3558&inflight_dur=216&x=44"
GET hotandgirls.site/js/jq.js
200 OK 84 kB URL
hotandgirls.site/js/jq.js
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, ASCII text, with very long lines (32023)
First Seen 2023-03-07
Last Seen 2025-07-26
Times Seen 303
Size 84 kB (83611 bytes)
MD5 103417c8826bf79206d953f8871f9b1f
SHA1 3ba3bc0562381569e95d1f13f08105891bd18da3
SHA256 81b6a1684a01efd545e67b5c43fdb43327dfb2e74e7df47d7cfdc7c56a79d252
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /js/jq.js HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 83611
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-1469b"
expires: Tue, 23 Jun 2026 07:17:01 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/498432/f355c4b7cfdebb17f5b19b4b5c21eea3e77eb21b.webp
200 OK 2.7 kB URL
s3t3d2y9.afcdn.net/library/498432/f355c4b7cfdebb17f5b19b4b5c21eea3e77eb21b.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x100, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2024-10-05
Last Seen 2025-07-11
Times Seen 12
Size 2.7 kB (2688 bytes)
MD5 10e402a31769e6f950198ded1f544d29
SHA1 f355c4b7cfdebb17f5b19b4b5c21eea3e77eb21b
SHA256 12298432a150dec6ff807534c9ed7a0d41ef3c5ffba98d5b796dbccda7e001d7
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/498432/f355c4b7cfdebb17f5b19b4b5c21eea3e77eb21b.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: image/webp
content-length: 2688
last-modified: Tue, 06 Feb 2024 15:57:24 GMT
etag: "65c256e4-a80"
expires: Fri, 19 Dec 2025 10:46:06 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec02-prg1-1
x-77-nzt: EwwBX63NDQH3csPzAAwBuUwKCQH3NwEAAAwBJRPCLgG3VkEBAA
x-77-nzt-ray: 2a494a1577a1213092ff58680b18ed14
x-77-cache: HIT
x-77-age: 15975282
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
200 OK 42 B URL
video.videotouch88.info/api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326
IP / ASN
104.21.58.225
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with no line terminators
First Seen 2023-05-09
Last Seen 2025-07-31
Times Seen 411
Size 42 B (42 bytes)
MD5 f415954b10a2419c1fa5697c818da116
SHA1 55c9925f22ee85fa54c73514bebff2a71e911f15
SHA256 dee092381bf403c68084047d869bdc8b3e157f01f9ff93479809538f97db87c8
Certificate Info
Issuer Google Trust Services
Subject videotouch88.info
Fingerprint 75:E3:97:F3:35:84:56:D9:11:20:14:6C:D1:9E:8C:05:3E:3E:2D:D3
Validity Tue, 03 Jun 2025 14:17:54 GMT - Mon, 01 Sep 2025 15:16:14 GMT
GET /api/video/tag?sourceId=55529&tmax=500&video-skipafter=5&count=2&utm_source=103417326&utm_content=103417326&subId=103417326 HTTP/1.1
Host: video.videotouch88.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:11 GMT
content-type: application/xml; charset=UTF-8
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=Hw2r%2FqbWCLPiEdym50ktho3fso28MWL2HuV61tR4kicudAHqQbAkDKFDq1xYTFHshZ3P2%2BaYBCTtp2gXGTjJGuW%2Bv984PB7zqgx0N8qQ4LOkCtJl6A%3D%3D"}]}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
content-encoding: br
set-cookie: d-vi-u-uni=811d9c3f940f9f397022db6df4758970a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-vi-u-uni%22%3Bi%3A1%3Bs%3A2%3A%22no%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=86400; Expires=Tue, 24 Jun 2025 07:17:11 GMT
d-vi-u-id=614e1f817d64ecb698e6d01b1d9eb5fda%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-vi-u-id%22%3Bi%3A1%3Bs%3A33%3A%22d51df7e4809ba95609f57f3dac95474df%22%3B%7D; HttpOnly; SameSite=None; Secure; Path=/; Max-Age=157680000; Expires=Sat, 22 Jun 2030 07:17:11 GMT
cf-ray: 9542344d0e2656bd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET uuidksinc.net/matchx?gdpr=0&gdpr_consent=
200 OK 3.0 kB URL
uuidksinc.net/matchx?gdpr=0&gdpr_consent=
IP / ASN
31.220.27.134
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type HTML document, ASCII text, with very long lines (2853)
First Seen 2025-05-15
Last Seen 2025-07-31
Times Seen 27
Size 3.0 kB (2959 bytes)
MD5 a36e640803e1515b42275f91e1d4fe08
SHA1 f014dac17b4b74222c24ee344c5b34830fab21f1
SHA256 82b9d35c21905c07287311d77ebf2525c2a78b4c85dd948ec5dbad0c618e9387
Certificate Info
Issuer Let's Encrypt
Subject uuidksinc.net
Fingerprint B2:2C:11:39:BE:ED:2C:65:24:97:47:B9:22:F5:FC:49:D6:D3:C0:6C
Validity Fri, 02 May 2025 23:22:10 GMT - Thu, 31 Jul 2025 23:22:09 GMT
GET /matchx?gdpr=0&gdpr_consent= HTTP/1.1
Host: uuidksinc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Cookie: jcsuuid=bYqBpwWaLE7r8YeClXjN
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: text/html
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
GET s.viiwmjfw.com/w/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwenjcseonwg55vjbflmswg7colosvqizbms4svkabemrskmraxux3rljrxelcsiqfs4k3cpqruiyypfzqxmndxirgpemlr5j5644pknwxwx6cijdixizhsjpo6natssm2zluufk2zxfkhmsxkhbactfleguqxwd3mqp2ltalnez7kk3j3vffsjuk5ljalxyvtibr6ouk3p3llm7zupra4j7whjfnnxvfeze56uujhyeqcdeeuaiiccausrshbvpuoh4njvbastshjd5jgvpycholqtgtqnc4j2g5ejuctyf3h5tdwag===
200 OK 74 B URL
s.viiwmjfw.com/w/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwenjcseonwg55vjbflmswg7colosvqizbms4svkabemrskmraxux3rljrxelcsiqfs4k3cpqruiyypfzqxmndxirgpemlr5j5644pknwxwx6cijdixizhsjpo6natssm2zluufk2zxfkhmsxkhbactfleguqxwd3mqp2ltalnez7kk3j3vffsjuk5ljalxyvtibr6ouk3p3llm7zupra4j7whjfnnxvfeze56uujhyeqcdeeuaiiccausrshbvpuoh4njvbastshjd5jgvpycholqtgtqnc4j2g5ejuctyf3h5tdwag===
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
First Seen 2023-04-06
Last Seen 2025-08-02
Times Seen 2649
Size 74 B (74 bytes)
MD5 9e24e19b024c44b778301d880bd8e6f4
SHA1 d2b1b39cb4434d34c22c2cf52cbbe9967b1b688e
SHA256 01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
Certificate Info
Issuer Google Trust Services
Subject viiwmjfw.com
Fingerprint 4F:F8:D0:0E:7B:61:2E:76:52:89:C4:C1:31:AA:F4:67:A9:82:69:54
Validity Sun, 22 Jun 2025 16:48:01 GMT - Sat, 20 Sep 2025 17:46:40 GMT
GET /w/1/ovihu7sui5nxy63gpn3eu2ydpzuxyzl2ifdfgaslivfmgg4nxrgeyyt3pvkukwl3pbtx65canjjx42zcgmqekqidavbewg3jiiuvu42vijgh4vcclv4haykqvtfukfx75x4i2rkz4247dwdqjbkeqwr6i42dqk4i36b2jeob5hojw4r3zsz3xbsrgpy2dcxio4fj4wh2jmye5i52q5fhs7k4jjefmcfdbetqsbnrimxeg4lvmizhfash2byuxzshm3aevb7vodouxpp6ph5hfnr6rvmyxpmpok4gg7v2wzbyk4iusszvbnkkio3nivvcjfblkq3izjyhnakgk5bxcnmdjade3acsi3rg66o4kfepcyhrnsnesxeqipay5hhflosfn4nm37fddgttpgrhcsj3cuunsskjmf3y2mc4wb36q4kqmmpbz5cv5o43l7wlrwgypl3rrbwenjcseonwg55vjbflmswg7colosvqizbms4svkabemrskmraxux3rljrxelcsiqfs4k3cpqruiyypfzqxmndxirgpemlr5j5644pknwxwx6cijdixizhsjpo6natssm2zluufk2zxfkhmsxkhbactfleguqxwd3mqp2ltalnez7kk3j3vffsjuk5ljalxyvtibr6ouk3p3llm7zupra4j7whjfnnxvfeze56uujhyeqcdeeuaiiccausrshbvpuoh4njvbastshjd5jgvpycholqtgtqnc4j2g5ejuctyf3h5tdwag=== HTTP/1.1
Host: s.viiwmjfw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: image/png
content-length: 74
server: cloudflare
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
cf-cache-status: DYNAMIC
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=rJUTMAOMhxfQjR44azXCPA1IBbLkMt%2FZrnPC19KI66Mj5YNbgyE%2Fz4PmxLvaT6%2BRM6OUrGQ3LnPHVDzXLwa3%2FwIM9cQzgTKVFks9Zw%3D%3D"}]}
cf-ray: 9542345f9e7956b7-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/77ff11d104f6649b065f311029bcd205b86a50d6.webp
200 OK 6.8 kB URL
s3t3d2y9.afcdn.net/library/628853/77ff11d104f6649b065f311029bcd205b86a50d6.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-03-27
Last Seen 2025-07-11
Times Seen 6
Size 6.8 kB (6842 bytes)
MD5 68c85bb58906a8f696fbd178d1cf96a9
SHA1 77ff11d104f6649b065f311029bcd205b86a50d6
SHA256 e55fdc5ebf9d22222f314152114d9174e0140c504e79346d7dddbe3b8457f980
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/77ff11d104f6649b065f311029bcd205b86a50d6.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 6842
last-modified: Wed, 03 Nov 2021 15:51:23 GMT
etag: "6182affb-1aba"
expires: Wed, 17 Sep 2025 16:56:59 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap01-sec01-prg1-1
x-77-nzt: EwwBX63NDQH3S7XzAAwBuUwKDAH3HQsAAAwBw7WvAgG3Nop7AA
x-77-nzt-ray: 2a494a1577a121309eff5868f58be20d
x-77-cache: HIT
x-77-age: 15971659
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET ad.twinrdengine.com/adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw=
200 OK 4.0 kB URL
ad.twinrdengine.com/adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw=
IP / ASN
34.111.67.216
#396982 GOOGLE-CLOUD-PLATFORM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type ASCII text, with very long lines (1079)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 4.0 kB (3978 bytes)
MD5 41d826f86b4fa879cf1898f77f0c93e1
SHA1 bf144b87191d96567662fb8140546bca0e0c0979
SHA256 5568811f463e2338b6b4e87e2429de2003135b4a0b0ada55a5d4d75399ebf5ad
Certificate Info
Issuer Google Trust Services
Subject ad.twinrdengine.com
Fingerprint 75:B1:93:97:33:E7:45:78:93:2E:70:94:B0:3E:35:55:1E:89:43:19
Validity Sun, 04 May 2025 12:55:38 GMT - Sat, 02 Aug 2025 13:51:33 GMT
GET /adraw?zone=01DXF6DT004000000000001WBR&subid=612210504a1440234390&kw= HTTP/1.1
Host: ad.twinrdengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
vary: origin
access-control-allow-credentials: true
access-control-allow-origin: https://hotandgirls.site
content-type: text/xml
content-encoding: gzip
via: 1.1 google
date: Mon, 23 Jun 2025 07:17:13 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
GET acdn.berculogive.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
200 OK 21 kB URL
acdn.berculogive.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
IP / ASN
45.133.44.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3
First Seen 2025-02-24
Last Seen 2025-07-25
Times Seen 25
Size 21 kB (21327 bytes)
MD5 0b5001046d3385db1b5d3ca0a3b4669c
SHA1 60e56a7b580167a9d8e25229282dad8495dea07f
SHA256 77f045790eef5c21bdedc2abf1c2beb81eb3b953ea5766e6c251a73dff914e91
Certificate Info
Issuer Let's Encrypt
Subject acdn.berculogive.com
Fingerprint EB:33:38:B5:48:73:EF:CF:83:69:B4:91:ED:BB:A8:90:CB:4B:CD:5D
Validity Mon, 09 Jun 2025 03:35:13 GMT - Sun, 07 Sep 2025 03:35:12 GMT
GET /1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg HTTP/1.1
Host: acdn.berculogive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/jpeg
content-length: 21327
server: nginx
last-modified: Sun, 26 Mar 2023 11:38:25 GMT
etag: "64202eb1-534f"
expires: Wed, 25 Jun 2025 07:17:15 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET acdn.berculogive.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
200 OK 21 kB URL
acdn.berculogive.com/1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg
IP / ASN
45.133.44.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x250, components 3
First Seen 2025-02-24
Last Seen 2025-07-25
Times Seen 25
Size 21 kB (21327 bytes)
MD5 0b5001046d3385db1b5d3ca0a3b4669c
SHA1 60e56a7b580167a9d8e25229282dad8495dea07f
SHA256 77f045790eef5c21bdedc2abf1c2beb81eb3b953ea5766e6c251a73dff914e91
Certificate Info
Issuer Let's Encrypt
Subject acdn.berculogive.com
Fingerprint EB:33:38:B5:48:73:EF:CF:83:69:B4:91:ED:BB:A8:90:CB:4B:CD:5D
Validity Mon, 09 Jun 2025 03:35:13 GMT - Sun, 07 Sep 2025 03:35:12 GMT
GET /1948/b89115df-cbca-11ed-a918-6fe1c571c053.jpg HTTP/1.1
Host: acdn.berculogive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/jpeg
content-length: 21327
server: nginx
last-modified: Sun, 26 Mar 2023 11:38:25 GMT
etag: "64202eb1-534f"
expires: Wed, 25 Jun 2025 07:17:15 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
GET fonts.gstatic.com/s/robotoslab/v35/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
200 OK 14 kB URL
fonts.gstatic.com/s/robotoslab/v35/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2
IP / ASN
142.250.74.35
#15169 GOOGLE
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type Web Open Font Format (Version 2), TrueType, length 13968, version 1.0
First Seen 2025-06-04
Last Seen 2025-08-02
Times Seen 268
Size 14 kB (13968 bytes)
MD5 1ff337f1742b74cf846d0bac50a16c3a
SHA1 5e60cdec5e138a203f28e136c32f1177943d8948
SHA256 484e9925bb3045e88a8eec1103ab125e6dbe486172fb56b06fe6751c8b570839
Certificate Info
Issuer Google Trust Services
Subject *.gstatic.com
Fingerprint 6C:DD:E7:B7:B0:02:A6:B7:4F:2D:EB:A1:11:A3:4B:1C:31:F9:07:F7
Validity Mon, 02 Jun 2025 08:36:37 GMT - Mon, 25 Aug 2025 08:36:36 GMT
GET /s/robotoslab/v35/BngbUXZYTXPIvIBgJJSb6s3BzlRRfKOFbvjojISmb2Rj.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13968
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 19 Jun 2025 10:50:24 GMT
expires: Fri, 19 Jun 2026 10:50:24 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 May 2025 23:39:56 GMT
content-type: font/woff2
age: 332811
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2024-05-28
Last Seen 2025-06-23
Times Seen 3
Size 51 B (51 bytes)
MD5 bf754e365b70c80dfe193fb0f90a666e
SHA1 8a05db05cb3c6edd7cc581c505a2543ec0e25bd5
SHA256 8b9a9cc19ed379b68badd15d7b83f163d2e4a4df427ae7db3ba1c6044aa214cc
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 286
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=08SOkDT9ZlfoZKUgCCMYoubo0o26Ij75pNjdmMvhzES7H9VGWiBo6SecVmP%2F7IaB9nSKICIdcfcj6s9NDVZnvEZHEkft8ixF7S3J54qJHhU4kG5QG%2FUMUKif2MY7n78g16xG2%2Fh1"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:15 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 95423463f96fb4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1625&min_rtt=459&rtt_var=1157&sent=470&recv=561&lost=0&retrans=0&sent_bytes=37944&recv_bytes=38845&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=3558&inflight_dur=115&x=44"
GET recordedthereby.com/sfp.js
200 OK 85 kB URL
recordedthereby.com/sfp.js
IP / ASN
185.196.197.71
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
First Seen 2025-01-25
Last Seen 2025-06-27
Times Seen 2209
Size 85 kB (85380 bytes)
MD5 108625937affa4b38bb17cea65510d72
SHA1 2c0f48e9efa3fb5554d1fa393b28d74d5339f9ee
SHA256 c84263fcf6b091998dd37f5f600b3bfea92ac1d31cbf9631bb87fa411124a9e0
Certificate Info
Issuer Let's Encrypt
Subject recordedthereby.com
Fingerprint 43:76:D8:56:43:66:8A:49:51:DC:E6:8E:5A:E9:35:93:29:07:37:C1
Validity Mon, 05 May 2025 21:20:39 GMT - Sun, 03 Aug 2025 21:20:38 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Mon, 23 Jun 2025 07:17:12 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 28255
Connection: keep-alive
Content-Encoding: gzip
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 52499c0a071d9ab6c97edc31ee49d81c
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
GET s3t3d2y9.afcdn.net/library/628853/cf6dee1569ec92dc6ac855935a870e9333c4fb2f.webp
200 OK 5.1 kB URL
s3t3d2y9.afcdn.net/library/628853/cf6dee1569ec92dc6ac855935a870e9333c4fb2f.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 5.1 kB (5110 bytes)
MD5 a5b496a85842549f7e55bcbe8d490a61
SHA1 cf6dee1569ec92dc6ac855935a870e9333c4fb2f
SHA256 13ff57d98f7a49671597d174a719de517e714a6049e75a87beaf744b805787c6
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/cf6dee1569ec92dc6ac855935a870e9333c4fb2f.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/webp
content-length: 5110
last-modified: Wed, 12 Jan 2022 20:51:58 GMT
etag: "61df3f6e-13f6"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 29 May 2025 12:16:13 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3I6AcAAwBuUwKAQH3bBkAAAwBJRPCNAG3gCIOAQ
x-77-nzt-ray: 2a494a1577a121309dff58689c11df3a
x-77-cache: HIT
x-77-age: 1876003
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=784
200 OK 0 B URL
nannyirrationalacquainted.com/pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=784
IP / ASN
192.243.59.12
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type N/A
First Seen 0001-01-01
Last Seen 2025-08-02
Times Seen 5606143
Size 0 B (0 bytes)
MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Certificate Info
Issuer Let's Encrypt
Subject nannyirrationalacquainted.com
Fingerprint 2A:C3:FA:F0:67:BA:AA:76:2F:14:F9:D5:47:AA:D5:03:EA:52:31:54
Validity Thu, 19 Jun 2025 00:50:28 GMT - Wed, 17 Sep 2025 00:50:27 GMT
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbls?bv=&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fau%2F0c%2Fc8%2Fe1%2F0cc8e13ba9d5dbc867b982993e805a9d%2F1632728593.html&l=1325&fd=784 HTTP/1.1
Host: nannyirrationalacquainted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Mon, 23 Jun 2025 07:17:15 GMT
Content-Length: 0
Connection: keep-alive
Host: nannyirrationalacquainted.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
GET acdn.berculogive.com/24377/4517efda-424a-11ec-a692-b0c73d2ad4ce.jpg
200 OK 40 kB URL
acdn.berculogive.com/24377/4517efda-424a-11ec-a692-b0c73d2ad4ce.jpg
IP / ASN
45.133.44.4
#39572 DataWeb Global Group B.V.
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x360, components 3
First Seen 2023-05-06
Last Seen 2025-07-28
Times Seen 70
Size 40 kB (39570 bytes)
MD5 ee12ef052aa86f3785643a091649b50f
SHA1 f916af590edc08764b51fe4c12c61a9cdd7629f2
SHA256 f29c9a83115c2ef667ce73ec6c6569a057dd308404b23170255bcc6785ce654d
Certificate Info
Issuer Let's Encrypt
Subject acdn.berculogive.com
Fingerprint EB:33:38:B5:48:73:EF:CF:83:69:B4:91:ED:BB:A8:90:CB:4B:CD:5D
Validity Mon, 09 Jun 2025 03:35:13 GMT - Sun, 07 Sep 2025 03:35:12 GMT
GET /24377/4517efda-424a-11ec-a692-b0c73d2ad4ce.jpg HTTP/1.1
Host: acdn.berculogive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:15 GMT
content-type: image/jpeg
content-length: 39570
server: nginx
last-modified: Wed, 10 Nov 2021 17:18:49 GMT
etag: "618bfef9-9a92"
expires: Wed, 25 Jun 2025 07:17:15 GMT
cache-control: max-age=172800
x-cdn-host-id: ah0543
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
POST burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
200 OK 51 B URL
burningpushing.info/api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326
IP / ASN
104.21.112.1
#13335 CLOUDFLARENET
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JSON text data
First Seen 2024-08-19
Last Seen 2025-07-05
Times Seen 4
Size 51 B (51 bytes)
MD5 ad4da1cd47f0d0ae6c7ab1b7bc70e849
SHA1 b4008a441f201c249897d4ca73df577313b836a3
SHA256 6a09317b54b6508c6546e6de5618a246cffb9c70de27961bef339efcb5edb6b3
Certificate Info
Issuer Google Trust Services
Subject burningpushing.info
Fingerprint FD:7A:43:07:6B:73:BC:72:16:71:AF:AC:BD:EF:03:CA:82:46:9A:B4
Validity Mon, 16 Jun 2025 20:38:16 GMT - Sun, 14 Sep 2025 21:35:57 GMT
POST /api/in-page/message?sourceId=53319&utm_source=103417326&utm_content=103417326 HTTP/1.1
Host: burningpushing.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hotandgirls.site/
Content-Type: application/json; charset=UTF-8
Content-Length: 218
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Cookie: d-ipp-uniq=6f98eda6095c05de70811ae1238883f3a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22d-ipp-uniq%22%3Bi%3A1%3Bi%3A0%3B%7D; d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 23 Jun 2025 07:17:14 GMT
content-type: application/json; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2h0S6B9dmPcAhuUoHdhvjWKyICOBVMwUkFRPZG7EeCu3V8L%2FBK89Zj9D8Hw7Zw79fb%2FpwMXZMz2yWW141qAdGn6cwTfxJIOxPFJX28h0j5ctfwTVDKi2G7FHDRtraY15pBcLw%2BTZ"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://hotandgirls.site
vary: -: Origin
access-control-allow-headers: Content-type
access-control-expose-headers: *
access-control-allow-credentials: true
set-cookie: d-ipp-uid=299f383a4e670543a59caaf8fefc78a0a%3A2%3A%7Bi%3A0%3Bs%3A9%3A%22d-ipp-uid%22%3Bi%3A1%3Bs%3A15%3A%22156367032717680%22%3B%7D; expires=Sat, 22-Jun-2030 07:17:14 GMT; Max-Age=157680000; path=/; HttpOnly; SameSite=None
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 9542345d1909b4f3-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2766&min_rtt=459&rtt_var=1843&sent=449&recv=547&lost=0&retrans=0&sent_bytes=29411&recv_bytes=32831&delivery_rate=458212&ss_exit_cwnd=14936&ss_exit_reason=2&cwnd=12000&unsent_bytes=0&cid=81bfc83a06816a94&ts=2462&inflight_dur=84&x=44"
GET s3t3d2y9.afcdn.net/library/628853/9e095d0b266701fb8c955161fbd668eecf9e5cd2.jpg
200 OK 7.5 kB URL
s3t3d2y9.afcdn.net/library/628853/9e095d0b266701fb8c955161fbd668eecf9e5cd2.jpg
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x100, components 3
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 7.5 kB (7483 bytes)
MD5 3cdb81591e2d28f986cb4c6c98240afd
SHA1 9e095d0b266701fb8c955161fbd668eecf9e5cd2
SHA256 20e2957f023216d7d41fd329d62676c80b622dcd191587032200931050d1494d
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/9e095d0b266701fb8c955161fbd668eecf9e5cd2.jpg HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:01 GMT
content-type: image/jpeg
content-length: 7483
last-modified: Wed, 10 Jul 2019 11:57:20 GMT
etag: "5d25d2a0-1d3b"
expires: Thu, 03 Jul 2025 12:01:47 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3vb3zAAwBuUwKAQH3GwQAAAwBJRPCLgG36v/fAA
x-77-nzt-ray: 2a494a1577a1213092ff58684c5bf214
x-77-cache: HIT
x-77-age: 15973821
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 69959db529e660af994661204c0135f5
SHA1 9b74f3bfc094eabeb1133b903b2edb268cff3954
SHA256 886c5d621ab54838244b71334dd246c86fcabb72520ea461cb834a5ee9ed18e7
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
x-route-id: script
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=2506230217a0e3a44efa4d459ca6b21e9f74; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
200 OK 3.8 kB URL
engineexplicitfootrest.com/ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326
IP / ASN
94.242.247.27
#7979 SERVERS-COM
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type XML 1.0 document, ASCII text, with very long lines (3747)
First Seen 2025-06-23
Last Seen 2025-06-23
Times Seen 1
Size 3.8 kB (3786 bytes)
MD5 0e62a42ce078fae6efe5b0c937cfd5b1
SHA1 a88eceea61762aec18525cafaf4b8e8675c16bcb
SHA256 b9509f9dbdf9a9d91c68c4f75b60096d75189368e1163a537fe62f068f1256da
Certificate Info
Issuer Buypass AS-983163327
Subject
Fingerprint EB:A1:97:7F:90:E4:D8:7D:3E:CD:F1:F1:63:FE:A5:46:9C:2A:B1:BF
Validity Mon, 03 Mar 2025 23:51:21 GMT - Sat, 30 Aug 2025 21:59:00 GMT
GET /ceef/gdt3g0/tbt/2047164/tlk.xml?var=103417326 HTTP/1.1
Host: engineexplicitfootrest.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hotandgirls.site
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://hotandgirls.site
access-control-allow-credentials: true
x-route-id: script
set-cookie: CHCK=1; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
UID=25062302171e055dea386f437e970954bc95; Path=/; Expires=Mon, 27 Jul 2026 07:17:12 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
GET hotandgirls.site/uploads/thumb/b42a99153848e0a09f5126f18fe8fc74.jpg
200 OK 17 kB URL
hotandgirls.site/uploads/thumb/b42a99153848e0a09f5126f18fe8fc74.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", progressive, precision 8, 352x198, components 3
First Seen 2025-04-16
Last Seen 2025-07-11
Times Seen 9
Size 17 kB (17088 bytes)
MD5 03777ace64bf9e31b03871888b355954
SHA1 6c3373f14fa4342939e80e35819f736893fc01ca
SHA256 63d0f2537baea147fab151365f29dd60b1bfeac8e92e17e064883abf56a4f27e
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET /uploads/thumb/b42a99153848e0a09f5126f18fe8fc74.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1; kdSspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424; sb_main_21f748a5e12cd0c59a96322c4882e619=1; sb_count_21f748a5e12cd0c59a96322c4882e619=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:12 GMT
content-type: image/jpeg
content-length: 17088
last-modified: Tue, 26 Nov 2024 10:36:52 GMT
etag: "6745a4c4-42c0"
expires: Tue, 23 Jun 2026 07:17:12 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/2a9156b537ca55e1acb3919acd6655e2c85a766b.webp
200 OK 4.7 kB URL
s3t3d2y9.afcdn.net/library/628853/2a9156b537ca55e1acb3919acd6655e2c85a766b.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-02-07
Last Seen 2025-07-11
Times Seen 7
Size 4.7 kB (4742 bytes)
MD5 e98eb0e6221b92b0330ecee824ad755d
SHA1 2a9156b537ca55e1acb3919acd6655e2c85a766b
SHA256 0808abd5dd729d9f8547e259afe3264a92264acfeec877218d399eb5c38af74e
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/2a9156b537ca55e1acb3919acd6655e2c85a766b.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 4742
last-modified: Wed, 12 Jan 2022 20:51:58 GMT
etag: "61df3f6e-1286"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 29 May 2025 12:25:04 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3s58cAAwBuUwKAQH3UxoAAAwB1GY4EQG3+CAOAQ
x-77-nzt-ray: 2a494a1577a121309eff5868f696bf02
x-77-cache: HIT
x-77-age: 1875891
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET s3t3d2y9.afcdn.net/library/628853/ead7061c309c888b43e6280510eb76414037fb03.webp
200 OK 5.8 kB URL
s3t3d2y9.afcdn.net/library/628853/ead7061c309c888b43e6280510eb76414037fb03.webp
IP / ASN
95.173.205.15
#60068 Datacamp Limited
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 300x250, Scaling: [none]x[none], YUV color, decoders should clamp
First Seen 2025-03-27
Last Seen 2025-07-11
Times Seen 6
Size 5.8 kB (5754 bytes)
MD5 9e389d47fc7f6cc9e2576735d0d4f8be
SHA1 ead7061c309c888b43e6280510eb76414037fb03
SHA256 0eea4c7489bcf992e21ebb7363e8304887bc9882f67793e109b47cd6d3094424
Certificate Info
Issuer Let's Encrypt
Subject afcdn.net
Fingerprint 09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
Validity Sat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT
GET /library/628853/ead7061c309c888b43e6280510eb76414037fb03.webp HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/webp
content-length: 5754
last-modified: Thu, 04 Nov 2021 09:02:15 GMT
etag: "6183a197-167a"
expires: Mon, 01 Jun 2026 14:11:27 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-served-by: hap02-sec01-prg1-1
x-77-nzt: EwwBX63NDQH3nnscAAwBuUwKEwH3PiQAAAwBw7WvBgG3DgAAAA
x-77-nzt-ray: 2a494a1577a121309eff586886e3780d
x-77-cache: HIT
x-77-age: 1866654
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2
GET hotandgirls.site//uploads/thumb/fa2b3742cda57cbf6784273a4d280122.jpg
200 OK 21 kB URL
hotandgirls.site//uploads/thumb/fa2b3742cda57cbf6784273a4d280122.jpg
IP / ASN
185.132.125.13
#9009 M247 Europe SRL
Requested by https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Resource Info
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 300x250, components 3
First Seen 2024-08-20
Last Seen 2025-07-11
Times Seen 8
Size 21 kB (20820 bytes)
MD5 71ab2a74a3955581def7d575d1ed4e69
SHA1 27fcbc217d81bed7a2d06f881752942529943e16
SHA256 25a7c94f1069120380b8f030a257ec35ad77fa41520c50192af0ec66e94aa95a
Certificate Info
Issuer Let's Encrypt
Subject hotandgirls.site
Fingerprint 66:A1:04:76:E5:F4:71:EB:20:44:FE:15:97:CD:B2:DA:CC:45:1E:1A
Validity Sun, 25 May 2025 11:07:54 GMT - Sat, 23 Aug 2025 11:07:53 GMT
GET //uploads/thumb/fa2b3742cda57cbf6784273a4d280122.jpg HTTP/1.1
Host: hotandgirls.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hotandgirls.site/?vid=3&ad=103417326&site=7807247&source=cadu&aduClickId=960912425052278785
Cookie: PHPSESSID=b0cb264820cac64c20b6f2ffac12088d; ctl=1750663020; userId=a9bb72135e26b15f522e5dbeefd879b4e5e2ad74; i=1; source=cadu; ad=103417326; site=7807247; c_visit=1; popNext_=1; kdSspUid=0b1516bc-5629-40ab-87f5-ec4cbb2b9424; sb_main_21f748a5e12cd0c59a96322c4882e619=1; sb_count_21f748a5e12cd0c59a96322c4882e619=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx/1.18.0 (Ubuntu)
date: Mon, 23 Jun 2025 07:17:13 GMT
content-type: image/jpeg
content-length: 20820
last-modified: Tue, 26 Nov 2024 09:25:36 GMT
etag: "67459410-5154"
expires: Tue, 23 Jun 2026 07:17:13 GMT
cache-control: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
