tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430
301 Moved Permanently 0 B URL HTTP/1.1 tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 08 Mar 2023 11:37:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 08 Mar 2023 12:37:28 GMT
Location: https://tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pzuLbuP3hm7qZo3bI4k0OLLwRRi7GApUjEDufHStn0zkieQ2IHwwhaTleELlMD%2B2afdm%2B%2FoS2zPOL%2Bs%2FwHMK0v5rOjP7zpLCwuh24eBDfiFjPpQmOR%2Bhz2nRMFRAYsjqDUny%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7a4ac9507c10b4ee-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8f33f56c329fe0b1570d2ee3e000ce4e
b11fcecd7cc1210d3f3b4e1426a37d3cd138119e
ebcb744a032452533c000c0a9f193fd2566b2389729c41b6c5ed69b9e4cd42d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBCB744A032452533C000C0A9F193FD2566B2389729C41B6C5ED69B9E4CD42D4"
Last-Modified: Tue, 07 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Wed, 08 Mar 2023 16:50:14 GMT
Date: Wed, 08 Mar 2023 11:37:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0f2c901fe04f9e3d18e9c3387b076780
3f0115cd05d7857a8119eff0479f5812df155d3d
84518fa2565f7f63933d3c552e1dc07f84c71f4a3df5d2821484c371ef57b924
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "84518FA2565F7F63933D3C552E1DC07F84C71F4A3DF5D2821484C371EF57B924"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18669
Expires: Wed, 08 Mar 2023 16:48:37 GMT
Date: Wed, 08 Mar 2023 11:37:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8901ec6f89f9452d6335be4dd3c3821
aca9da9cfc93413247952e224ac69d684f51d3ac
560f8228fedc912e05b84af1d19fcefca3fec82415180df5d18c5b2a3f533a68
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560F8228FEDC912E05B84AF1D19FCEFCA3FEC82415180DF5D18C5B2A3F533A68"
Last-Modified: Tue, 07 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17796
Expires: Wed, 08 Mar 2023 16:34:04 GMT
Date: Wed, 08 Mar 2023 11:37:28 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Mar 2023 11:08:49 GMT
content-type: application/json
age: 1719
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uORYwuIFyyDubsfKoOGZrnex+I21pgs0DwxnWfgbiVmBqiJKqLhJUkORO9vYGVloYW/nhSBOFMg=
x-amz-request-id: GYJFDZN2FCHYPGQG
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 08 Mar 2023 11:35:36 GMT
age: 112
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP
Hash b60c57ac35b8d64860dfbf8513953e6e
dd1ff79897ab7559371166e8627cb0ff0d1efaf2
e1bf3803c0a6e9a15492bc714d5ec9163f8e606f1bbf785a68e0cd951a6ef2f7
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 11:37:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Mar 2023 11:37:28 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430
302 Found 0 B URL HTTP/2 tracking.t0r4.com/click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click?pid=740&offer_id=1072&sub1=34496&sub3=a_640873661d9f21000104c111&sub2=31430 HTTP/1.1
Host: tracking.t0r4.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Wed, 08 Mar 2023 11:37:28 GMT
content-length: 0
location: https://zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=34496&sub2=31430&campaign=&sum=&clickid=640873784b5b44000153b1fd
x-adjust-use-original-forwarded-for: 1
set-cookie: afclick=640873784b5b44000153b1fd; expires=Thu, 07 Mar 2024 11:37:28 GMT; secure; SameSite=None
afoffers={"1072":1678275448}; expires=Thu, 07 Mar 2024 11:37:28 GMT; secure; SameSite=None
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwnVZszjsxlzXTCccmYmdz6kKEB90vJ0KB5Qci6T1PqfowsauJ2PP5Wg%2Ff5%2BnuLHVbK7MPPdITAKjO3%2F5UlQHgLIg1VPh4NNdkGlmwoJLpcJr6Aj3%2BZNNJMTrzc1A0ZYO%2Fsucg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7a4ac9520a57b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=34496&sub2=31430&campaign=&sum=&clickid=640873784b5b44000153b1fd
302 Found 0 B URL HTTP/2 zzotrack.com/86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=34496&sub2=31430&campaign=&sum=&clickid=640873784b5b44000153b1fd
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /86f47e59-27d7-4e44-bd9c-5042398e42a9?pid=740&geo=NO&reff=&sub1=34496&sub2=31430&campaign=&sum=&clickid=640873784b5b44000153b1fd HTTP/1.1
Host: zzotrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 08 Mar 2023 11:37:28 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
pragma: no-cache
set-cookie: 86f47e59-27d7-4e44-bd9c-5042398e42a9-v4=PsUkTTm2QYkBgWSCpXM9s44f9PpZDav2gRgyAl6iTFA; Max-Age=86400; Expires=Thu, 09-Mar-2023 11:37:28 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=FhyFiTiAp%2FcPReniglCZacojP3LpIp4%2B0XOsBlu8RcZDc%2FaIkjYs7Hsj6bDC%2Bgn90fLtfY8BrD7%2BD7IGholgjXM5RbTbrCwAqisFX%2Fx8us6Kyo3jbCqjufS1M7uZyRoD2ro%2FKv5XXUjr1fsBwfW4IA%3D%3D; Max-Age=31536000; Expires=Thu, 07-Mar-2024 11:37:28 GMT; Domain=zzotrack.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/3HtowcmIRnI
IP
Hash b60c57ac35b8d64860dfbf8513953e6e
dd1ff79897ab7559371166e8627cb0ff0d1efaf2
e1bf3803c0a6e9a15492bc714d5ec9163f8e606f1bbf785a68e0cd951a6ef2f7
POST /s/gts1p5/3HtowcmIRnI HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 08 Mar 2023 11:37:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Mar 2023 11:03:42 GMT
age: 2027
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8e019732b1993c8891b16b1429246a33
5cd0a0f439466f7aac66e3edabde420dd76a754f
a4f35e8873fa7aecc355952af85d1bdbf7fdee88ffb3d266a5308d108f6b9a82
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4F35E8873FA7AECC355952AF85D1BDBF7FDEE88FFB3D266A5308D108F6B9A82"
Last-Modified: Tue, 07 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=850
Expires: Wed, 08 Mar 2023 11:51:39 GMT
Date: Wed, 08 Mar 2023 11:37:29 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bc9a86b8d3035b57b58750f8896202e8
1485042fff689cadbf0c7a540f430993f23d45e3
b06e4961e184d51008f4adb9c8fe571f08b21b4728e5eac0bb4795861e03aa2f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B06E4961E184D51008F4ADB9C8FE571F08B21B4728E5EAC0BB4795861E03AA2F"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17837
Expires: Wed, 08 Mar 2023 16:34:46 GMT
Date: Wed, 08 Mar 2023 11:37:29 GMT
Connection: keep-alive
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: URFvyk2Hsp7jdrC5QWf6WQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lw8UfRtuq8UVu9n+CScIgWkoPIA=
girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
200 OK 14 kB URL HTTP/1.1 girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (480), with CRLF line terminators
Hash fc6b7c363d988c1a00bf8b8a75ddc6f2
c12db139706da8cb94980c1edb8589a3540e4a8b
14dd56ae6d270c97e58026fa87b408da311358a2d264f062b9ea40fa9b8050b6
Analyzer Verdict Alert quad9 Sinkholed
GET /?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: text/html
Content-Length: 13794
Connection: keep-alive
set-cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc; path=/
cache-control: private, no-transform
girlsplay.life/media/d/radarnew/css/blue.css
200 OK 1.5 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/css/blue.css
IP
Hash 53c8fc393280d00814bfcb0ac9a9948b
41411e8e1fae0b3a35cb70f547df9df643a6a6dc
0ca1d39f999294e137c538278732cd5f2e0f6bd54617ec7e347773ac5b3d8272
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/css/blue.css HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: text/css
Content-Length: 1505
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "53c8fc393280d00814bfcb0ac9a9948b"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6E67CA57467A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#615580025/gid:0/gname:root/mode:33279/mtime:1655385539#562681000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:18:59.562681Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/css/stylesoutdoor.css
200 OK 9.9 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/css/stylesoutdoor.css
IP
File type assembler source, ASCII text, with CRLF line terminators
Hash 03f7f67a73bff5cb76ca8b0c3086915d
db6689a7344d784c97b12467264bdc9cc003844f
3aff9e59a46b2cdd488813c4874a7f9668f74761f94222ef32841fd4350ac8cc
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/css/stylesoutdoor.css HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: text/css
Content-Length: 9931
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "03f7f67a73bff5cb76ca8b0c3086915d"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6D256D808C08
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#619580032/gid:0/gname:root/mode:33279/mtime:1655385540#126682000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:00.126682Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/css/bootstrap-slider.min.css
200 OK 7.2 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/css/bootstrap-slider.min.css
IP
File type ASCII text, with very long lines (6195)
Hash 4961224724899c120f62718d9a05a11a
edb2043d6a2727c124a9d2b64a461ef682e73dad
a27ecbe0f63af48cceb0dc93fb842d3161462ca44d16bae13ea4a85488a7a8ce
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/css/bootstrap-slider.min.css HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: text/css
Content-Length: 7227
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4961224724899c120f62718d9a05a11a"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6E67B61F5999
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#615580025/gid:0/gname:root/mode:33279/mtime:1655385539#622681000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:18:59.622681Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/util/utils.js
200 OK 7.5 kB URL HTTP/1.1 girlsplay.life/util/utils.js
IP
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
Analyzer Verdict Alert quad9 Sinkholed
GET /util/utils.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Mon, 20 Feb 2023 09:36:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6D3783C1A7B7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676885559#334512232/gid:0/gname:root/mode:33188/mtime:1659085489#684136000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-07-29T09:04:49.684136Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/js/trls.js
200 OK 48 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/js/trls.js
IP
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash acbcd82ae39db3a4cc2eb4a43d8b4338
4bbfdc1fca56ef2aba7b5fd95034ea6860f30a5a
3fc88d3968cd86f76bc3d071b1d3de64729f06840621ab9a39b93f7e2add6303
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/js/trls.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 47770
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "acbcd82ae39db3a4cc2eb4a43d8b4338"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6D2596EC115D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385542#466686000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:02.466686Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/js/jquery.min.js
200 OK 93 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/js/jquery.min.js
IP
File type Unicode text, UTF-8 text, with very long lines (65480)
Hash 0b6ecf17e30037994d3ffee51b525914
d09d3a99ed25d0f1fbe6856de9e14ffd33557256
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/js/jquery.min.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 93435
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0b6ecf17e30037994d3ffee51b525914"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6DB573AE8DB7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385542#242685000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:02.242685Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/css/bootstrap.css
200 OK 110 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/css/bootstrap.css
IP
File type assembler source, ASCII text, with very long lines (540)
Size 110 kB (110239 bytes)
Hash 47ec8e4c717bce27e3dec25375b64c16
23ee6fedf86a1ebb17e96423086f910f72a9e8f5
37d237c2cfc632735d5a1c48184e7e7afc5358ffd8ab8d6bd9f90a16d1e2993f
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/css/bootstrap.css HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: text/css
Content-Length: 110239
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "47ec8e4c717bce27e3dec25375b64c16"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6E67B5903AD1
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#615580025/gid:0/gname:root/mode:33279/mtime:1655385539#758681000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:18:59.758681Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/js/main.js
200 OK 1.4 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/js/main.js
IP
File type ASCII text, with CRLF line terminators
Hash e2a64608889abbe3782f28e512a421dd
6c5e589d6cf3c8ee1eb63f057f9852ff67887c44
ebd7a92af4d051891df2bbad59bbf1b2a36fc68f1108b15504d12550d656f566
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/js/main.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 1446
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "e2a64608889abbe3782f28e512a421dd"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6CFF5EAF043A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385542#354685000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:02.354685Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/bbradar.js
200 OK 639 B URL HTTP/1.1 girlsplay.life/media/bbradar.js
IP
File type ASCII text, with very long lines (639), with no line terminators
Hash 0d553e4bac91c74bfee2dbabba61e99e
5af71e2377c9c012a7826a695f2724901941b19b
1be1304c675449b1bad38ea8c3da6c1da0763ed2fad339ee1aa461c7bf4e2a68
Analyzer Verdict Alert quad9 Sinkholed
GET /media/bbradar.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 639
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d553e4bac91c74bfee2dbabba61e99e"
Last-Modified: Mon, 20 Feb 2023 09:29:45 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6CFF70CAC04D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843341#395674119/gid:0/gname:root/mode:33279/mtime:1655384793#185591000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:06:33.185591Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/exit-new/exit1.js
200 OK 3.5 kB URL HTTP/1.1 girlsplay.life/media/exit-new/exit1.js
IP
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 625e5e2950612f771e246beb33c9ea61
e4fc251c6c000496c285f8dc3fa097040b031681
618f345a156a0eda55177a1bf0e8a414104f9b6c6ff5cdbe71966f081ccb8a46
Analyzer Verdict Alert quad9 Sinkholed
GET /media/exit-new/exit1.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 3473
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "625e5e2950612f771e246beb33c9ea61"
Last-Modified: Mon, 20 Feb 2023 09:32:43 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6D3AC43BCA2E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385544#182688000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:04.182688Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/js/bootstrap-slider.min.js
200 OK 26 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/js/bootstrap-slider.min.js
IP
File type ASCII text, with very long lines (25087)
Hash bb00d9d835171fe905a76787cbea604a
428580aaa3688c5dcca79b6428248b31af85ac1f
926ac5c114974a527367752eef1ab86bdb364c34fafb39e9b976c7ab0c2adda6
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/js/bootstrap-slider.min.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 26183
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bb00d9d835171fe905a76787cbea604a"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6DB57EFADEB8
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385541#918685000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:01.918685Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Wed, 08 Mar 2023 12:17:17 GMT
Date: Wed, 08 Mar 2023 11:37:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Wed, 08 Mar 2023 12:17:17 GMT
Date: Wed, 08 Mar 2023 11:37:30 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0ad01b9236cef16e2a27b5072869ce86
2080b5089717e80da4928358e628ec3a156889a8
8477ceae0d981e170d0d3e508fb9d4e4c73a48420faca79a6f7ee183d27603bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8477CEAE0D981E170D0D3E508FB9D4E4C73A48420FACA79A6F7EE183D27603BB"
Last-Modified: Tue, 07 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2387
Expires: Wed, 08 Mar 2023 12:17:17 GMT
Date: Wed, 08 Mar 2023 11:37:30 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F635db96d-4975-4fc8-bf04-2ef9218b8471.jpeg
200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F635db96d-4975-4fc8-bf04-2ef9218b8471.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b443d12d8a073ef982d51492ef2d84ae
f176f4794681f34a6460d03ec1c6b54e623277d9
07232a30472361cd911d0245981c3e270db1650671cfc911d7961f28f3015a59
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F635db96d-4975-4fc8-bf04-2ef9218b8471.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8844
x-amzn-requestid: 2571857a-eab1-42fd-94f2-f9d2744c414e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BJC80HwqIAMF4jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64004b84-01228e577eadc8a219f6646d;Sampled=0
x-amzn-remapped-date: Thu, 02 Mar 2023 07:08:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 96tlDenShCnJtzpebY57p9A7dSeEYWV5bEo3ceHwj5wl0nCauPA5HQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 cca7d60248a961ff8fc8c5640024b652.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 22:52:53 GMT
age: 45877
etag: "f176f4794681f34a6460d03ec1c6b54e623277d9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd10a4435-2b3a-4a93-bbc3-e30dbc6031af.jpeg
200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd10a4435-2b3a-4a93-bbc3-e30dbc6031af.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8a346d0f7b3548403692f652e6f8701
971046357ca17aa38a02a3929f1818c6a63a7511
8b02dff5cd5b71f505c63a81597cebe459c6b84b8f58e67e80545fe451bb6b00
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd10a4435-2b3a-4a93-bbc3-e30dbc6031af.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9694
x-amzn-requestid: 7c813b23-aaad-4ceb-9b6d-ed53efeb901f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BbhHKHzzIAMFlyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aefa-775cd5df60e5ce2006432ec3;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:39:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ZkaPZiH6iH3U_-GqjkTsdZw_ESddmFfih9CH8zCTtz6KiX0zH8CyKw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 22:15:35 GMT
age: 48115
etag: "971046357ca17aa38a02a3929f1818c6a63a7511"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 450e06cd480342c371770c69893f19a3
91c091d544cfcb72f1e081de195a2927e74027ab
7162c97a8ea4d2ba37b726ceb896b1efecef0270fa36849e0dfffa7f02896012
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d62e6f6-1ee9-44dd-8627-8cade4fe6191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11781
x-amzn-requestid: c97573ab-cff0-4171-ac86-a2419621e88d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_EF3PoAMFmKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec6-46b98a74161f8b102e959658;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Wb825P6lL789CIxZc-vuHDNEmhz4P4Ek-pAU3oOu0pU-ge3jFS9ftw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:57:30 GMT
age: 49200
etag: "91c091d544cfcb72f1e081de195a2927e74027ab"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F270fed16-34b7-4928-b816-bcf1ffb2cf2f.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F270fed16-34b7-4928-b816-bcf1ffb2cf2f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cfd15f03193db8f6de68a3d73cea9c95
d8d3d4bd9bd2601bc487838ffd7318e4a90b5958
15fb1ecdf6261f61d6f997bf4309dacdc15677c71b46f7257f868cbaa8a8f8f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F270fed16-34b7-4928-b816-bcf1ffb2cf2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10369
x-amzn-requestid: 8ebe427e-b86a-46d9-853a-0d9ed575c97e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_EFZ6IAMFaWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec6-7c86564d64e0192b2cf4ab2d;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: JqnAPF94n0ikt_0ynJ1NQa0WwtqtPKzpf2UJWhyXiIx_cR1dN8ArWg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 22:18:31 GMT
age: 47939
etag: "d8d3d4bd9bd2601bc487838ffd7318e4a90b5958"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511f1e1-8fc5-4048-a520-e65229a96e81.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511f1e1-8fc5-4048-a520-e65229a96e81.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa6deb90b0da01bce725870745a4b468
ae9c06fa4d60b48c9d9864422fa95ec2db8aa555
c2ce00a54a831ad47d01d3f660f38eafb7c2211a31e29c9c62922deb10edee71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd511f1e1-8fc5-4048-a520-e65229a96e81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10664
x-amzn-requestid: 5a171fc8-0471-483f-afc5-61ea9c7a688b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbg_dGbsoAMFaFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407aec9-7557d4d24d530d093862fcd1;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: U7wTC0bBG8A338UwuBRUxDycwV1QQ36ECz1NF9b31rvtWNAOqr4wwA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:57:30 GMT
etag: "ae9c06fa4d60b48c9d9864422fa95ec2db8aa555"
content-type: image/jpeg
age: 49200
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3b4c2db9869c88bae7d0404c1dcec413
e7c7dcc46ce107a7a026c0d4b4f2628c8e9b2f00
bec9134b244ba67c17b521040803ab01fb15e20f51b5d2f087b78a5c21b871bd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5cd018ed-7ccb-4718-8ca8-722523738a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10282
x-amzn-requestid: 1e8e3352-2149-4709-a610-a2c2a0cffe21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_TFcEoAMFskw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2e-76c8b341197f21f532ad217b;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: gBY6DCwsc-JgYL-zM5NXGQwQqSwJJVeaQFCpP1V8h8Qxgq4ptn67Zw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 50faaaa196a6b0875217ef7827f97d7c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:30 GMT
age: 50160
etag: "e7c7dcc46ce107a7a026c0d4b4f2628c8e9b2f00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
girlsplay.life/media/d/radarnew/js/bootstrap.min.js
200 OK 29 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (28941)
Hash ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/js/bootstrap.min.js HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:29 GMT
Content-Type: application/javascript
Content-Length: 29110
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "ba847811448ef90d98d272aeccef2a95"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6DB57ECDF492
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#623580037/gid:0/gname:root/mode:33279/mtime:1655385542#10685000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:02.010685Z
Expires: Thu, 07 Mar 2024 11:37:29 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/images/radar.gif
200 OK 176 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/images/radar.gif
IP
File type GIF image data, version 89a, 179 x 179\012- data
Size 176 kB (175791 bytes)
Hash 0d3a894b7b00a48996f702d71fe7e7c3
b4f278b2ff6d12f7fb38fdf91c42f3190a69e53c
89495896bcc3deb0b6a643cf55ddfe620ada0cdb66cd09ce4ba801a06396fcef
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/images/radar.gif HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:32 GMT
Content-Type: image/gif
Content-Length: 175791
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "0d3a894b7b00a48996f702d71fe7e7c3"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6E683C1698AE
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#619580032/gid:0/gname:root/mode:33279/mtime:1655385540#974683000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:00.974683Z
Expires: Thu, 07 Mar 2024 11:37:32 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/media/d/radarnew/images/outdoor.jpg
200 OK 222 kB URL HTTP/1.1 girlsplay.life/media/d/radarnew/images/outdoor.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1422x800, components 3\012- data
Size 222 kB (222141 bytes)
Hash fc523ba36d675d549f0c70815b6b1604
d8dc530c0e48382f06da7301a7bfb42072f28cfb
b0b9b668729dc630f2ff79478f74bdaa7d6eb53a5b8ae665a3144c5cf7629351
Analyzer Verdict Alert quad9 Sinkholed
GET /media/d/radarnew/images/outdoor.jpg HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/media/d/radarnew/css/stylesoutdoor.css
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:32 GMT
Content-Type: image/jpeg
Content-Length: 222141
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "fc523ba36d675d549f0c70815b6b1604"
Last-Modified: Mon, 20 Feb 2023 09:30:46 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 174A6D25DADC88FA
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1676843279#619580032/gid:0/gname:root/mode:33279/mtime:1655385540#814683000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:19:00.814683Z
Expires: Thu, 07 Mar 2024 11:37:32 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
girlsplay.life/favicon.ico
204 No Content 0 B URL HTTP/1.1 girlsplay.life/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 204 No Content
Server: nginx
Date: Wed, 08 Mar 2023 11:37:32 GMT
Connection: keep-alive
Cache-Control: no-transform
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg
200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 308fb110544acb22af953d016e908dcb
aac13edf8ff2a41fb20ee177e824a171bb5a6ca8
0165311d59648a7b0c88e8ba0633dbbae991e50103cdcd78846850c9bb6777aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faa786afe-f48c-401b-9b5a-1609870c531d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9944
x-amzn-requestid: 65d69b35-2088-4752-9673-18b3b1468a16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Bbf_MGcJoAMFZcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6407ad2d-3ce87bad27a47f2718c8800e;Sampled=0
x-amzn-remapped-date: Tue, 07 Mar 2023 21:31:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 7ellzIGW_TDDi5Q9uxinB_t5tvs0iiml3W0mhdx9EgPJP8FNX7-94Q==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 f958a3846d80a3925f664b320dfad9c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Mar 2023 21:41:29 GMT
etag: "aac13edf8ff2a41fb20ee177e824a171bb5a6ca8"
content-type: image/jpeg
age: 50168
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li&x=3
200 OK 0 B URL HTTP/1.1 girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li&x=3
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li&x=3 HTTP/1.1
Host: girlsplay.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://girlsplay.life/?u=7mzktee&o=ex1baaf&t=86f47e59-27d7-4e44-bd9c-5042398e42a9_740&cid=w4o2lv84v89jbr4ni52f15li
Cookie: sid=t2~hm2rsiddglpzocjn0jdtlkdc
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 Mar 2023 11:37:37 GMT
Content-Type: text/html
Content-Length: 9561
Connection: keep-alive
cache-control: private, no-transform
104.21.19.241
35.241.9.150
18.184.38.55
194.87.208.10
23.36.76.226