Report - teenplay.top/

Report Overview

Submitted URL
teenplay.top/
IP
104.21.71.127
ASN
#13335 CLOUDFLARENET
Submitted
2022-12-07 03:55:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	746 B	142.250.74.106
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	44 kB	142.250.74.168
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	54.230.245.100
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.7 kB	14 kB	142.250.74.132
t2.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	942 B	2.6 kB	142.250.74.100
dnacdn.net	3760	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	884 B	1.3 kB	178.250.2.146
js.juicyads.com	57029	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	417 B	420 B	143.204.55.76
i.imgur.com	5110	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	780 B	62 kB	151.101.244.193
lgarden.icu	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	804 B	670 B	81.171.28.44
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	500 B	46 kB	216.58.207.227
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	96 kB	34.120.237.76
trc-events.taboola.com	1779	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	564 B	163 B	141.226.228.48
ust.chatango.com	43894	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	422 B	349 B	208.93.230.22
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.164.183.116
chanekee.ga	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	56 kB	104.21.22.93
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.1 kB	8.4 kB	142.250.74.131
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	340 B	963 B	172.64.155.188
ag.gbc.criteo.com	5925	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386 B	492 B	185.235.84.141
gem.gbc.criteo.com	6039	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	493 B	178.250.6.3
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.7 kB	9.8 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	6.3 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
gum.criteo.com	381	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	11 kB	178.250.2.146
st.chatango.com	37357	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	249 kB	208.93.230.26
t1.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	950 B	2.3 kB	142.250.74.68
sb.scorecardresearch.com	134	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	962 B	926 B	143.204.55.96
simplewebanalysis.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385 B	405 B	52.28.211.11
foundfroshelves.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	6.0 kB	192.243.59.13
cdn.taboola.com	1040	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	170 kB	151.101.193.44
cdn.cloudimagesb.com	23099	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	402 B	112 kB	45.133.44.9
teenplay.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	786 B	8.0 kB	172.67.145.84
wxhiojortldjyegtkx.bid	398194	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	393 B	717 B	188.114.96.1
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	676 B	1.5 kB	23.36.77.32
t0.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.8 kB	142.250.74.132
www.effectivedisplayformats.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	10 kB	192.243.59.20
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.74.110
t3.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.5 kB	142.250.74.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-06	medium	foundfroshelves.com	Sinkholed
2022-12-06	medium	foundfroshelves.com	Sinkholed

JavaScript (33)

	URL	Size	First Seen	Last Seen
	cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js	712 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:51:41 Times Seen1 Hash 67026da52acb0313c853efc108fcc860 889022958dc36e647cb4f7891598deda644346fa 279839b408289dec971d7305ec6bea06cf683e8d109f8072e93fc9364b3d792d Loading...

	teenplay.top/	302 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 9e9a84fd05a64ecbc44af92e33ea81c6 f47a4dd07bc141fd18ca27f9906f972317dda834 e0caff71a934e1657d893fa2c14042a237e6787a941abf95473cc85523482794 Loading...

	teenplay.top/	349 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 22ba3944253ab64533f46acf308db4be 43f4f03e813cfbfc05c4a87a07cff75270028528 025161ba52551c8841b82f6c0fa49c81a644e7934faeaa8189b6286d519ba5e3 Loading...

	teenplay.top/	156 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash c937139263c9095926df06749c8b4b83 5f7ec65d56aec7961359a2b0de7da7a3ee3c79aa f282e9820d130c9923d8ce3a44125330c7d45836ea268bb11808375f1d8ea7aa Loading...

	teenplay.top/	199 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 58015f1b9d758cecb7d9c054e80e6018 b6d725201cd961f33448a669a3b2efefcb5b6794 96e55c31c6148206f5df07941c05df53913792cfa6ee3ed7d4f0b4756ae2366f Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	68 B	2023-03-07	2024-05-04
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-05-04 09:37:32 Times Seen458 Hash 441a378db25abb5c4db8560de9b87189 4801220a00826fb7fb65f2753204881f393e69dd 25ebf35db1f4166c31ae3ed946d1c1d436c4d5bbc9e1cdb791d4c892773e7dfe Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	86 kB	2023-03-08	2023-08-03
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:35 Last Seen2023-08-03 18:00:17 Times Seen190 Hash 3c9a9f8f1c541c665f8a87c7c3898545 1c1cdeac87ce7e305eba98165e4f5c77507ce559 50d1a532b7a1069fd21fa2f885a6b00287fd1936cb891b4c3e9ea1873b53ae2d Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	81 kB	2023-03-07	2023-08-15
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2023-08-15 01:59:11 Times Seen202 Hash 297f25982e1a4e3b913bf6bbf2f20a48 fc5c48872fb6b77925abd723548ee55405f86f1e e0c8d5e08615299748f3e05fa641051c19ac85cfdc0b2033e761df4576905bf2 Loading...

	www.googletagmanager.com/gtag/js?id=UA-141729945-17	112 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-141729945-17 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 7abb09a34156ac7e58db0aa54a452f15 9d85638079c2c3728c428c2a0888d84f89aa5094 2452881392a920d4453cc3497f632c4219117cac86fe12ca2102e102091ffe48 Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	82 B	2023-03-07	2024-05-04
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-05-04 09:37:33 Times Seen471 Hash 7b57040338cb73dfe12425b3a9cf20a3 cc85b6aa4c370f1e8b0cd12f38ff33aecb684a5c 21a433ef209a764be84f3677d6cee1ec9862db67bd02cb1dbe38e3d942474efc Loading...

	www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js	27 kB	2023-03-08	2023-03-08
Pretty URL www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:32:27 Last Seen2023-03-08 22:07:28 Times Seen1 Hash 464e58ee213f6fe278585756774e2ca3 c8224adcc9ed432fe15f43109bdde253877387b5 4cf98b6f3b01749ff363cd41cb5d1521aea98da500bdfca79123d4210886d3cb Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	514 B	2023-03-07	2024-05-04
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-05-04 09:37:32 Times Seen458 Hash 37c4b6da5dd2e1cab223e5875969a6d2 63bbb2f5888134503833b026eee6e43b25c32af9 c5532bc5d1630dc0b30da99828d86031356037d356bef00679956972051e136c Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	2.8 kB	2023-03-07	2024-05-04
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:53 Last Seen2024-05-04 09:37:32 Times Seen457 Hash 3243c0841916ec8412445cf28dc213e1 e03e2b55026c2d5a48478b494038ac237a570356 43809cbb40cf2c409373635a089746ebaf238092ec2dd2c0880e5ff57b729f99 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-04
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-04 19:13:00 Times Seen1637 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	http:blank	145 B	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash f416d9beccd662c07dad7bcf512bc66a 8ce6caad84b98f8780de8b27de12b2f7ba2ef04f dd5ac015514706e62189f5064bbc4489bbb02e5ed7534090c4ff50f5e13c7357 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.7323468302479295%22%7D	14 kB	2023-03-07	2023-05-06
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.7323468302479295%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:51:36 Last Seen2023-05-06 00:14:31 Times Seen2035 Hash 49e65b540d43d40997ce3844d41b2dd0 b7331c5edc086ee2c7731b1b36e937e7c44450a7 f185c1b78d87a007d9492a85c6ce64c06cc851ef9f13ca3caf8aaafe243b0ac2 Loading...

	teenplay.top/js/jquery.min.js	84 kB	2023-03-08	2023-06-16
Pretty URL teenplay.top/js/jquery.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-06-16 03:19:50 Times Seen6 Hash 1502356b3e93ccbe66894ce972e38fe6 98e13b02dc55595ff002aa07cc26705f6018c0cf b0beefadef42ab2a724d8683fd19f41a325f858912a8cbfd85cf22d9c9c0879c Loading...

	teenplay.top/	192 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 787c20374a71de8d7cb5e5f2ed8a4c76 7d0adce42518d3665d6480d41dfe66e8f89cb049 4c1bb58787b2a0d71386b90d9d0fc8a07eaccfe9b2d6a23e691f51b670b8dd91 Loading...

	teenplay.top/	12 kB	2023-03-08	2023-03-08
Pretty URL teenplay.top/ IP 172.67.145.84 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash d72f1bd359de2b89464997961d93ac61 c82b8cd735e5518007a8cb45d5b5463ae14a45c7 e58ea37a568fc7d76fa60332b5278bf2b79771adbc9353175a609723765beed2 Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	500 B	2023-03-07	2024-05-04
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:54 Last Seen2024-05-04 09:37:33 Times Seen455 Hash ff7740eb4626a42bc3c5931080184792 8eae299530fe6b2aa2f48d3af8e7c2566e10cd81 6b8a3c1db7301e1456b3e8324242f1d31b27dda2e945211bec25519eef3181ca Loading...

	cdn.taboola.com/libtrc/chatango-network/loader.js	81 kB	2023-03-08	2023-03-08
Pretty URL cdn.taboola.com/libtrc/chatango-network/loader.js IP 151.101.193.44 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash de949711b8772e115141541d7858fb06 e5e5cf60acf47686e06b20f9bdb4321c3c6dceaa 75f7cc237f1ab26a00f1e8921955d908f6e765d946c21d9b49df2682845e60c8 Loading...

	http:blank	3.8 kB	2023-03-08	2023-03-08
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 748ad65acdb3145d5bfa08b95f30c700 050d1a6aabb2cd3bed62cde2a4bf1d73dc256450 7674b436601399ea8fbc4dded490b25c8c90c42d79c8a83fd213ca7bafb72f75 Loading...

	gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.7323468302479295%22%7D	418 B	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top#%7B%22uid%22:%7B%22value%22:null,%22origin%22:0%7D,%22lwid%22:%7B%22value%22:null,%22origin%22:0%7D,%22bundle%22:%7B%22value%22:null,%22origin%22:0%7D,%22optout%22:%7B%22value%22:false,%22origin%22:0%7D,%22sid%22:%7B%22value%22:null,%22origin%22:0%7D,%22tld%22:%22st.chatango.com%22,%22topUrl%22:%22teenplay.top%22,%22cw%22:false,%22lsw%22:true,%22origin%22:%22rtus%22,%22rtusCallerId%22:72,%22requestId%22:%220.7323468302479295%22%7D IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:53:17 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 72ad3a00c4af14e8c301e9eafbe741ea 63dc5435a78e8b86fb54fa8be021d2f54b1903b1 d05385301aef1a77fd22c1c56c08102835063c8221b753de58aff20a800c95eb Loading...

	js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks	93 kB	2023-03-08	2023-03-08
Pretty URL js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks IP 143.204.55.76 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash d2f1326f87f14721373c160f248bca75 9d7772b67ffe90c602eea29528ad4eacfe8bd248 5b353cac3936763e19c4b3b8a031752c6d405111f608aa4d6884c1419382fbd9 Loading...

	teenplay.top/js/templatemo-script.js	975 B	2023-03-08	2023-03-08
Pretty URL teenplay.top/js/templatemo-script.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash 0662033db762067a3b72d3109e719685 fd794cea002f24b7117492673c1076feb529cf69 d9ab63ed1c18f942a134776de491d7b3415b93a494cff8508f56a9357fdb46a9 Loading...

	st.chatango.com/js/gz/emb.js	70 kB	2023-03-08	2023-08-02
Pretty URL st.chatango.com/js/gz/emb.js IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:31:00 Last Seen2023-08-02 16:24:05 Times Seen321 Hash 6e5a272631cff7d1e5bad3fe5dc26d4e a67a71638246e0a734395452d34c5be13896a10a 14187745a6e4c6e16d406ee95e451bde091fb317f87f4942b2aa31a1c9d4aed5 Loading...

	st.chatango.com/h5/gz/r1201220704/id.html	471 kB	2023-03-08	2023-08-15
Pretty URL st.chatango.com/h5/gz/r1201220704/id.html IP 208.93.230.26 ASN #29893 CHATANGO Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:43:35 Last Seen2023-08-15 01:59:11 Times Seen193 Hash acbc17af20041f60be8dfca8e96ff02a 72d436ec320d4f4355b05ce43e191a26f889e7cb 3cb24061cd1566e059ff4d286aab07546d9c79f59918dc95da408ebd875780ac Loading...

	sb.scorecardresearch.com/beacon.js	3.9 kB	2023-03-07	2024-01-14
Pretty URL sb.scorecardresearch.com/beacon.js IP 143.204.55.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:19 Last Seen2024-01-14 12:48:16 Times Seen58 Hash eaf85c1c6758e84acfe134efd70e9373 5caec39b3ce7c2ec9912aff8ae6fa05aa9fb757e ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117 Loading...

	gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS	30 kB	2023-03-07	2023-03-17
Pretty URL gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS IP 178.250.2.146 ASN #44788 Criteo SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:17:20 Last Seen2023-03-17 21:47:34 Times Seen1 Hash 49908b82b9e80d6ae18a2a5b3d383af9 b5fdbde84ebb8d44304a39a7eca9afc15fd0fc43 1294283dd1491c4767840ecaafa97659b0e3c560ef4048bd51907181c52af89e Loading...

		Size	First Seen	Last Seen
	#1 Eval - 19720c164d56f7e7dfe6748e376f868e	19 B	2023-03-07	2024-05-04
Pretty Observations First Seen2023-03-07 01:18:54 Last Seen2024-05-04 09:37:33 Times Seen626 Hash 19720c164d56f7e7dfe6748e376f868e 0387db7b6a453b71114985d199838b7a3928c76b 56e50d855741d508ab6465d3860ef0ad117ab967993b9111caeaec90f64e912b Loading...

	#2 Eval - 37cd3bd2adbd29e7fafaf20f77f4bf43	18 B	2023-03-07	2024-04-15
Pretty Observations First Seen2023-03-07 01:02:19 Last Seen2024-04-15 12:57:44 Times Seen656 Hash 37cd3bd2adbd29e7fafaf20f77f4bf43 d4a665f4bf3dc9a6f3ea3a55c50c5a37c6bd05f5 0f3342bc14063d9ed7a669eb067b50ea17b2cb7dcb51968939b72fa9ac862d91 Loading...

	#3 Eval - d0a209a82bbe1b378110b049656cc8b2	2.1 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 20:38:14 Last Seen2023-03-08 20:38:14 Times Seen1 Hash d0a209a82bbe1b378110b049656cc8b2 3879a4a2ce24629e6deb4a8841f41bb8e53aee15 1e2ee09f514d65c757d7ab5c51e738867866007a279a320a50ffdc7b00be6aab Loading...

		Size	First Seen	Last Seen
	#1 Write - c32a43df08590d5570fdfd0a25535a9a	129 B	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 12:39:43 Last Seen2023-03-08 20:38:14 Times Seen1 Hash c32a43df08590d5570fdfd0a25535a9a aa50a815668792965b65b248ca649008c0134e59 40f08c2fed916637f973febd8aa1d18359cdd854e578627877a521375d325dd2 Loading...

HTTP Transactions (110)

URL IP Response Size

teenplay.top/

172.67.145.84

301 Moved Permanently

0 B

URL HTTP/1.1
teenplay.top/
IP
172.67.145.84:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 07 Dec 2022 03:55:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 07 Dec 2022 04:55:12 GMT
Location: https://teenplay.top/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwwOQ5fMEOnP2lDndSo%2FkkrM7GgAhR20I%2F3yqGOmxPYE72Xex5d5D1ggppFMdNFHERQDtzW8Wn2XQR2sjSUpF8vot4YGmWVnorPhipWBfLnHA0HB7WAnQBDR4okDa2c%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 775a530cdc380b02-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7637
Expires: Wed, 07 Dec 2022 06:02:29 GMT
Date: Wed, 07 Dec 2022 03:55:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f83c5e33ba42e312ee398848bbb711f5
caa1fd23b1fbbe883292ded04404c1cfd861eb09
106d08fba45f1e13f85b4b5abc456594878494238933e54b6a06e21ed8a52bc9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2608
Cache-Control: max-age=112774
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:12 GMT
Etag: "638f19f6-1d7"
Expires: Thu, 08 Dec 2022 11:14:46 GMT
Last-Modified: Tue, 06 Dec 2022 10:31:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7639
Expires: Wed, 07 Dec 2022 06:02:31 GMT
Date: Wed, 07 Dec 2022 03:55:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 07 Dec 2022 03:20:27 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2085
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xCMx3zqjdrnqe1pIv1SrdifKS40ehtlCt5CEglhEkvcgcOIwAlwyjRs+CxR3VbYIbZPGvaUPMfE=
x-amz-request-id: 63MKCWXCNKKS97Y4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 03:49:13 GMT
age: 360
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
58ef23d0728a23449400f331022ad3c7
5268fc3ede0302400c3cf3c12e7e63cd54e865a6
07c0ea5089f45c2f07213ba4c51b99d2d29ee7801dd488e4ef916add45bc0468

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Server: ECS (amb/6B81)
Content-Length: 280

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 03:55:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 07 Dec 2022 03:11:20 GMT
cache-control: public,max-age=3600
age: 2633
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
0f7dcaa590e32cfd1c075255188d5f06
d4bb4954fefdb3b59560b54adf500e806e252e39
195795c2511b31519134f5eb4442d8708918ecaff72f8e821a5473ad7c97c448

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2578
Cache-Control: max-age=107675
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Etag: "638f062a-1d7"
Expires: Thu, 08 Dec 2022 09:49:48 GMT
Last-Modified: Tue, 06 Dec 2022 09:06:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
58ef23d0728a23449400f331022ad3c7
5268fc3ede0302400c3cf3c12e7e63cd54e865a6
07c0ea5089f45c2f07213ba4c51b99d2d29ee7801dd488e4ef916add45bc0468

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Last-Modified: Wed, 07 Dec 2022 03:55:13 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
aad46b3d022e422250600e01165ab24d
b8a2e0a08d8b8946ac82748e49d28c937738df5e
1b7fd40b95a67f89cb4834de2f5514924d4295fa74f8072b57fe8fe798b36238

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6295
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:13 GMT
Last-Modified: Wed, 07 Dec 2022 02:10:18 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

35.164.183.116

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.164.183.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: I019i8z+9kn4Q9aR/9iBmQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pdn+qMdGSRUIgMolVEwRhTTRx/k=

wxhiojortldjyegtkx.bid/rci?tr=false

188.114.96.1

200 OK

1 B

URL HTTP/2
wxhiojortldjyegtkx.bid/rci?tr=false
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

GET /rci?tr=false HTTP/1.1
Host: wxhiojortldjyegtkx.bid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:14 GMT
content-type: text/html;charset=UTF-8
content-length: 1
cache-control: no-transform,no-cache
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJkx0ky35hYs5dt4WvsgbRTK3kocfmwPEacBknHDS7ROetMkKuvPAAy2FsJQp7qg%2FMFwjyhY6lSBk%2FiLELDcfJnrlW405wVjSNhEkV8b1bpf%2BN3PrUKDEFG3iNBDCL%2FuHc0ncA2RIoji"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775a5313cfd2b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

teenplay.top/

172.67.145.84

200 OK

6.7 kB

URL HTTP/2
teenplay.top/
IP
172.67.145.84:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (12278), with CRLF, LF line terminators
Size
6.7 kB (6672 bytes)
Hash
e6464a302a696970343055d3ec86bcfa
6e90793fa0246b69506ae1e028a0a94c8e0e6e1b
f103fa70e363ea6e08841049312828c0d945bc406a1dcb5dfd38d554ef55b91f

HTTP Headers

GET / HTTP/1.1
Host: teenplay.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:13 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.2.34
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QET0fk7doqJ7ZgjC3DGDdSqRTr28k%2B1TV9q%2F1Tf9UX3Twx58FLExWJo0pDfoNLIsU9dGj6mO1nZatwSJ3Y2S17Ev0cPCHgVWkWP1BMJWskwoFtDrKnN5j6%2B%2FPHSFCDQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 775a530eabb9b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-141729945-17

142.250.74.168

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-141729945-17
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
44 kB (43580 bytes)
Hash
f68244a2f92a7ba117ce2439442187da
ce53ef1479ab475b6837c564219d97ba17f0801b
50631854ebe64429dcbd082f603b6f70f99957cd0380df5ceac936a33222fb8e

HTTP Headers

GET /gtag/js?id=UA-141729945-17 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 07 Dec 2022 03:55:14 GMT
expires: Wed, 07 Dec 2022 03:55:14 GMT
cache-control: private, max-age=900
last-modified: Wed, 07 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

i.imgur.com/kOEOLmX.jpg

151.101.244.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/kOEOLmX.jpg
IP
151.101.244.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
30 kB (30484 bytes)
Hash
c21b0de24e5c1d574eb150eecbd032b7
d6761ca75b681a86930bca004161f3bc83ada12c
e47b261f1e325300bf39fc141fe11e4af224c0596478fbcbae7cb5b8f52329d2

HTTP Headers

GET /kOEOLmX.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 18:57:35 GMT
etag: "c21b0de24e5c1d574eb150eecbd032b7"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:55:14 GMT
age: 3701975
x-served-by: cache-iad-kiad7000170-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 9921, 1
x-timer: S1670385314.137085,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30484
X-Firefox-Spdy: h2

i.imgur.com/VXrxMGg.jpg

151.101.244.193

200 OK

30 kB

URL HTTP/2
i.imgur.com/VXrxMGg.jpg
IP
151.101.244.193:0
ASN
#54113 FASTLY

File type
JPEG image data, progressive, precision 8, 468x60, components 3\012- data
Size
30 kB (30540 bytes)
Hash
d9897ee1e7b8410064cfeda76e85f00a
9a7748d890f28d678ee285d03bc4bf965feb3aee
8ffa5f10a26db6f85fb5a4a0ade16389cca0d63f2e341388036b5fde1c0f19d1

HTTP Headers

GET /VXrxMGg.jpg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 20 Nov 2020 08:58:33 GMT
etag: "d9897ee1e7b8410064cfeda76e85f00a"
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:55:14 GMT
age: 2919374
x-served-by: cache-iad-kcgs7200128-IAD, cache-hel1410025-HEL
x-cache: HIT, HIT
x-cache-hits: 6262, 1
x-timer: S1670385314.137586,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 30540
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30aec170d58f580f2ed4da4b92d72cc7
3b11a98ba9563f7f266e7a935e3b78bd0c0712aa
7b25e66e4383cdb29228d0451a4810eeab7d194ca81045e066c00c9467f29312

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c55335865017f02b25289872baf851d1
d76681a36273a9603cc533de240c7c1a4944ad29
d053ea9f792ec7e6b9cb182d39c7749de291190a69b3d3ddc82e3c34cf4fd8fc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D053EA9F792EC7E6B9CB182D39C7749DE291190A69B3D3DDC82E3C34CF4FD8FC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Wed, 07 Dec 2022 04:58:52 GMT
Date: Wed, 07 Dec 2022 03:55:14 GMT
Connection: keep-alive

chanekee.ga/Banners/chanekee.jpg

104.21.22.93

200 OK

55 kB

URL HTTP/2
chanekee.ga/Banners/chanekee.jpg
IP
104.21.22.93:0
ASN
#13335 CLOUDFLARENET

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1413x221, components 3\012- data
Size
55 kB (55155 bytes)
Hash
8dec9f6f86b1f5218252a970fd72e845
d3411815cdedee39ebaeb21a564abaa7b48f86a2
8930f6412d08744d5420e42466caa0f8dc44f88dc2dba8d4a4b1c6318b12d0b0

HTTP Headers

GET /Banners/chanekee.jpg HTTP/1.1
Host: chanekee.ga
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:14 GMT
content-type: image/jpeg
content-length: 55155
cache-control: public, max-age=604800
expires: Tue, 13 Dec 2022 17:55:40 GMT
last-modified: Wed, 08 Jul 2020 19:53:11 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 35974
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W19Fr8Iy%2BYyq6IyFUjPm9X1AOTEsDQk9g%2F3hN5DWTsI%2FBzDEGg7dv%2Bu%2BvLA8H1aBxod8gWmqHhi48BskIgvu8juOftKuGRs5k9pR5ZhrDJbq6KlxmgNEaUvAWOVxmg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 775a53161fab0b65-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.77.32

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
c55335865017f02b25289872baf851d1
d76681a36273a9603cc533de240c7c1a4944ad29
d053ea9f792ec7e6b9cb182d39c7749de291190a69b3d3ddc82e3c34cf4fd8fc

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "D053EA9F792EC7E6B9CB182D39C7749DE291190A69B3D3DDC82E3C34CF4FD8FC"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3818
Expires: Wed, 07 Dec 2022 04:58:52 GMT
Date: Wed, 07 Dec 2022 03:55:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b6710ea91e62cea7930b78130f9fce5e
722c7545d214f5f9bf703832df16db2368299da5
94ba3fb4cb6cddbe1efd524d0c744ce9282467c922ce4531fabf2ea2e6e324f8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94BA3FB4CB6CDDBE1EFD524D0C744CE9282467C922CE4531FABF2EA2E6E324F8"
Last-Modified: Tue, 06 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 07 Dec 2022 09:55:14 GMT
Date: Wed, 07 Dec 2022 03:55:14 GMT
Connection: keep-alive

lgarden.icu/external/loligarden.png

81.171.28.44

404 Not Found

9 B

URL HTTP/2
lgarden.icu/external/loligarden.png
IP
81.171.28.44:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Wed, 07 Dec 2022 03:55:14 GMT
server: Cowboy
set-cookie: sid=f481318e-75e2-11ed-8634-481dce01bc90; path=/; domain=.lgarden.icu; expires=Mon, 25 Dec 2090 07:09:21 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d5b697655b03bb95d8d3f47e0a1b6cce
26518dd3d228ada7802c5c3518f9de6a25ad2088
7e7adc6118a080a309c9e4134bbbf29534fa96ae5c89201ec15a92dbee22c962

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E7ADC6118A080A309C9E4134BBBF29534FA96AE5C89201EC15A92DBEE22C962"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16647
Expires: Wed, 07 Dec 2022 08:32:41 GMT
Date: Wed, 07 Dec 2022 03:55:14 GMT
Connection: keep-alive

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
d1f43882efc2b0547621a1f99c81a7e2
961f994b2eccbc6c0e013a5975d2567335c73efb
8ebd5510fbd9fadb64aa2366ab596c82afe73d07116b8f83fe1a407defc7843c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 07 Dec 2022 03:55:14 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 18:12:21 GMT
Expires: Tue, 13 Dec 2022 18:12:20 GMT
Etag: "961f994b2eccbc6c0e013a5975d2567335c73efb"
Cache-Control: max-age=569225,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 775a53182b39b4f9-OSL

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:52:41 GMT
expires: Tue, 05 Dec 2023 18:52:41 GMT
cache-control: public, max-age=31536000
age: 118953
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24f2da4ed2e3cd07b0999a67550d634
6e2277e734fd0015849c3554dd2cf2ae289c2cf2
74dc14d7d9ba8bba4a162680e59801af1d7c2995639df51f32ff2f3d4d0b0051

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7ffb9115c67b207e45a1c045380fafc1
c801c63aff668465afa137a5ad357f64c88562a4
b8d40824ef3e2d420fe301bd7f1b901e88a51e8365585527d30c7d0bc8d1967f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B8D40824EF3E2D420FE301BD7F1B901E88A51E8365585527D30C7D0BC8D1967F"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11476
Expires: Wed, 07 Dec 2022 07:06:30 GMT
Date: Wed, 07 Dec 2022 03:55:14 GMT
Connection: keep-alive

st.chatango.com/js/gz/emb.js

208.93.230.26

200 OK

24 kB

URL HTTP/1.1
st.chatango.com/js/gz/emb.js
IP
208.93.230.26:0
ASN
#29893 CHATANGO

File type
ASCII text, with very long lines (1651)
Size
24 kB (23804 bytes)
Hash
a543b2d0bd0671737d07034ada375e34
4f8a72210ccd1bbd1c254cf9138b7399503bb654
c237062303aaf130c2f1a7c9f7b71e6ba23e7c6f307c5d1f9ab2858371421cc3

HTTP Headers

GET /js/gz/emb.js HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:55:14 GMT
Content-Type: application/x-javascript
Content-Length: 23804
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Wed, 07 Dec 2022 03:55:14 GMT
Cache-Control: max-age=0
Content-Encoding: gzip
Accept-Ranges: bytes

www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js

192.243.59.20

200 OK

9.8 kB

URL HTTP/1.1
www.effectivedisplayformats.com/b4d48c91b57f98c648b006ef67833af7/invoke.js
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
exported SGML document, ASCII text, with very long lines (26947), with no line terminators
Size
9.8 kB (9781 bytes)
Hash
2d70de6eafc6da3abfcd8341aeb64ec5
a19e1026e37af5af63ebbf1ca5f043cc1643fcec
92cb62ec3a3d71986eea7fcdbdbc32d7277f32a288e9fca5d7264e37e40380be

HTTP Headers

GET /b4d48c91b57f98c648b006ef67833af7/invoke.js HTTP/1.1
Host: www.effectivedisplayformats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Wed, 07 Dec 2022 03:55:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cf07a23789528331841eebae723f1770
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

lgarden.icu/external/loligarden.png

81.171.28.44

404 Not Found

9 B

URL HTTP/2
lgarden.icu/external/loligarden.png
IP
81.171.28.44:0
ASN
#60781 LeaseWeb Netherlands B.V.

File type
ASCII text, with no line terminators
Size
9 B (9 bytes)
Hash
d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9

HTTP Headers

GET /external/loligarden.png HTTP/1.1
Host: lgarden.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cache-control: max-age=0, private, must-revalidate
content-length: 9
date: Wed, 07 Dec 2022 03:55:14 GMT
server: Cowboy
set-cookie: sid=f503a9d4-75e2-11ed-b209-481d72fb6616; path=/; domain=.lgarden.icu; expires=Mon, 25 Dec 2090 07:09:22 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:55:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:55:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:55:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4877
Expires: Wed, 07 Dec 2022 05:16:32 GMT
Date: Wed, 07 Dec 2022 03:55:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8438 bytes)
Hash
e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nm0qQpo75zvDYWxv8V3GvOSBFenh8ocfjV9d02Mc2l-ABieIb3h2uA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:53:40 GMT
age: 21695
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5216 bytes)
Hash
639e2589368c582a78dfccb17890f552
158b89c849ca0728151fd6d46f06b1d2c01afead
a2ae55dd59cbbf2fcb5ff552b450a1622156230425c1f430a44a791bfa55b3b3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa051c24a-9b15-4802-8ffe-63154898a5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5216
x-amzn-requestid: de340de7-410c-4481-85c4-0aec052ccf6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYFBzIAMFgsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-2f96b0db47a0aaaa057b5135;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qFeyXtnAicW0KDNjDmtP398s2j-OMl3H7Uim4Sr52kgmMtcnEefgZw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 07:24:07 GMT
age: 73868
etag: "158b89c849ca0728151fd6d46f06b1d2c01afead"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
13 kB (12705 bytes)
Hash
3a8c5b1e910fab7b6c39fd18fa233524
6aac0b6e8a60f99f196f0d177bb0530bc1591ee2
48890735eeff01c93797d7304474b2ff70f490110432fc9d8607a1ebd910cf5d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F849e6cc4-2b6a-4e78-ba2e-d46bfbadd6ba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12259
x-amzn-requestid: db1b424e-af8a-4a6f-92dc-27ccf3256d25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: coKPCHc9oAMFygg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638cbd93-56c293d73368cab66819d31e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 15:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VsWEwb3ynI-AP3uWwVHM6I7aY3f0TBLvge2Znt7hNIXlNtMbvpKmBQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:00:53 GMT
age: 71662
etag: "f01497a3eef693b70b18885156f63c9c7305ed7e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14896 bytes)
Hash
4884ce2731d3033b12e4792c1bbf453e
63b6efc98cb04228d82ac28fceb97bb1cf8d82fb
8c37704d0e1fd16239e28cbdb88c5ac6a2e9cfb70f8457bfab127202f89d3788

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F167b7461-ee08-4205-a299-12e7c883b958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14896
x-amzn-requestid: 58d94b15-dce0-44c0-96b1-917f1206a39e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cnA4RFkeoAMFfGQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c4834-7c1667b53795d5c11a3bfdda;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 07:11:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tM0WOO_Ypgj2QxJSz9GHZZTsKjzsvyD6tjpp4G0ZpuGAIGmnEe4oqQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 08:11:23 GMT
age: 71032
etag: "63b6efc98cb04228d82ac28fceb97bb1cf8d82fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8906 bytes)
Hash
b89a7fe1080499e4f7171f962b57fec4
62ef59be034071e667e3476ea0740077c86778c1
e17432ce6af0006ba36fd43e13c56c1bd1dd9b1d1bc250309bc2731ac8f52abb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F084354d3-0d22-4203-844f-c2f6ab2af36d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8906
x-amzn-requestid: 453c8d4f-205d-46ac-8d24-1c9849d71419
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvmAyEMnoAMFZwQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb6d1-7b5051335073a5d2339e02e1;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:40:33 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2LpJmaGp8UzaZHqa9WtCTvFq0oQYOVNAdKBdYHURf2d2v5fh7j44uQ==
via: 1.1 e124ba8d7ba1d81e2fdc59ac89f11b70.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
age: 21476
etag: "62ef59be034071e667e3476ea0740077c86778c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

39 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
39 kB (39182 bytes)
Hash
44397c4a50103299ef7ba0e5bbf11a0c
163fa2a97f84ce72ea7e131ddd8ea19c150914c3
ad365fb351e5e2ddd149487bd2e817d4f124743cc974e35e330e4ab4d75ecd3c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:57:19 GMT
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
age: 21476
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
975d829b6c1182baa9059ef46ba71c89
4cad25f5dc5997779e9bde153551bf7fa3481938
5a23467d164713da6a0ba9cff3d114780c255f12696ad50c3efc214c8895ee64

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=122373
Date: Wed, 07 Dec 2022 03:55:15 GMT
Etag: "638f4418-1d7"
Expires: Thu, 08 Dec 2022 13:54:48 GMT
Last-Modified: Tue, 06 Dec 2022 13:31:04 GMT
Server: ECS (bsa/EB1B)
X-Cache: Miss from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: y1cvIzHO1yflREHEY7s18KAfGV8lHGMN3uLl-ewko-s4dSz3XhYbmg==
Age: 1424

simplewebanalysis.com/stats

52.28.211.11

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
52.28.211.11:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
b13c2fc76a690a90361339cdaeeed10e
1b6a8096a22e3d5b02c09d8623e37a6579b75ea4
4bd2b7251ab95e054629b1149438f670896e37f31874180c4a3ead02ae2e25a4

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://teenplay.top
access-control-allow-credentials: true
set-cookie: uid_id2=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9:2:1; expires=Sat, 04 Dec 2032 03:55:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=lilibox.top

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=lilibox.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
c9c8baa571f4c0e6c2f108f8c75e3bf5
e2fc9c36fd35464011763b89812424557da86f2d
0992c33da7b6f26b79be24343a1b80f1cab299f50cae8a9a7ae5d938981ccb6d

HTTP Headers

GET /s2/favicons?domain=lilibox.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:34:46 GMT
expires: Wed, 07 Dec 2022 04:04:46 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=artbbs.st

142.250.74.132

301 Moved Permanently

329 B

URL HTTP/2
www.google.com/s2/favicons?domain=artbbs.st
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
329 B (329 bytes)
Hash
9df9366876748f4f712651cb87060af9
e681ceabf93723e3078008a438ff6b91b7a415e1
0513a91288bf49a57aa28ae4e8018a107ee4a06c71a22194e37876a0764e55eb

HTTP Headers

GET /s2/favicons?domain=artbbs.st HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
x-content-type-options: nosniff
server: sffe
content-length: 329
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:50:00 GMT
expires: Wed, 07 Dec 2022 04:20:00 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com

142.250.74.132

301 Moved Permanently

347 B

URL HTTP/2
www.google.com/s2/favicons?domain=barelylegalteens.xxxbit.com
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
347 B (347 bytes)
Hash
af2cda098107df7ea3b4b4cb81e22d5e
f6335f025ddb18557953f0ba3754a650c5bab0e3
def9dda21a561607ec1fc5a610325bb261b8c59aaaa1fb5fc34b15c3c277d3bf

HTTP Headers

GET /s2/favicons?domain=barelylegalteens.xxxbit.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
x-content-type-options: nosniff
server: sffe
content-length: 347
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:34:39 GMT
expires: Wed, 07 Dec 2022 04:04:39 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1236
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=galeryfantasi.top

142.250.74.132

301 Moved Permanently

337 B

URL HTTP/2
www.google.com/s2/favicons?domain=galeryfantasi.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
337 B (337 bytes)
Hash
d3cd18d5ee4ca80fedc9bc6f4a2d3465
5cee1d8ccf047bff0b07e5aa4c50784c54caa02f
4a244c95b5f986dd5588975dcd0655455d78a8a0f5c4119936fc727c6ca86d07

HTTP Headers

GET /s2/favicons?domain=galeryfantasi.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 337
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:34:47 GMT
expires: Wed, 07 Dec 2022 04:04:47 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 07 Dec 2022 02:41:08 GMT
expires: Wed, 07 Dec 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 4447
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=sextoplist.pw

142.250.74.132

301 Moved Permanently

333 B

URL HTTP/2
www.google.com/s2/favicons?domain=sextoplist.pw
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
a1225ab23ecb6de7d6ebeb2200c78e68
0db03352861d83661ed7402af3b1c0db85949113
24847b4b1c8e6ef28dbe71d5bdb80bfe126d05b03d86d28fa4f0d671a5aafabb

HTTP Headers

GET /s2/favicons?domain=sextoplist.pw HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
x-content-type-options: nosniff
server: sffe
content-length: 333
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:25:23 GMT
expires: Wed, 07 Dec 2022 03:55:23 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=fotoscaseras.top

142.250.74.132

301 Moved Permanently

336 B

URL HTTP/2
www.google.com/s2/favicons?domain=fotoscaseras.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
336 B (336 bytes)
Hash
64bef580b5311ddf627868e2fba11f7d
6a4b07e32f765e9eb2e1e59caa044677d2dce866
585dc7b3710daf0860ae23f04f1d03fe844f55db24627d5174804f13b41c52bd

HTTP Headers

GET /s2/favicons?domain=fotoscaseras.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 336
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:26:44 GMT
expires: Wed, 07 Dec 2022 03:56:44 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=celebmodel.buzz

142.250.74.132

301 Moved Permanently

335 B

URL HTTP/2
www.google.com/s2/favicons?domain=celebmodel.buzz
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
335 B (335 bytes)
Hash
1805583107b0523ed308dc2d26c79498
5dfb7d545ea8868abd2a8b9fd3518ab33e20c5c4
3b1f4b35cfa71cb2168d37e8a02e30903c9b089fcc49f05f1d54e6f2dcca8e96

HTTP Headers

GET /s2/favicons?domain=celebmodel.buzz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
expires: Wed, 07 Dec 2022 04:25:15 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 335
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=littleteenclubpw.com

142.250.74.132

301 Moved Permanently

340 B

URL HTTP/2
www.google.com/s2/favicons?domain=littleteenclubpw.com
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
340 B (340 bytes)
Hash
15653d2b4340481edf6e7616abf5d269
c888fc6743ce534c2a69eb83eb34c0c07f4680f5
b960a1c73729f5aa950f145d3e2474f2d20e8ca1f7ab2a3aefbe5769b010d87e

HTTP Headers

GET /s2/favicons?domain=littleteenclubpw.com HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
expires: Wed, 07 Dec 2022 04:25:15 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 340
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=sweetbody.top

142.250.74.132

301 Moved Permanently

333 B

URL HTTP/2
www.google.com/s2/favicons?domain=sweetbody.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
333 B (333 bytes)
Hash
acc8610766960916dcb84382a1288ba2
d99b1a2293e207688ccf282ccddeb00087c754b8
67be3e2e8c8a5f81621808fce617ed11fdb0f6b20deb1f6dd3c7933fc6b74386

HTTP Headers

GET /s2/favicons?domain=sweetbody.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
expires: Wed, 07 Dec 2022 04:25:15 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=

142.250.74.132

404 Not Found

1.6 kB

URL HTTP/2
www.google.com/s2/favicons?domain=
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1580 bytes)
Hash
4c897ae556077ac19ca558718789ba76
a673a81ea0a3e7a2fdf759a014a608df15efecbd
2d841defe31ddac7bb79861466085b6a632a04ea330532a98d8180f7dbaff68f

HTTP Headers

GET /s2/favicons?domain= HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 1580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=bigboxxx.top

142.250.74.132

301 Moved Permanently

332 B

URL HTTP/2
www.google.com/s2/favicons?domain=bigboxxx.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
332 B (332 bytes)
Hash
eb0230e2ac24982528c9fa37e73e004c
75231939eefe9eef94d8c1ac02cd794f98ad74c5
aed480cfd2287f61c1479fd3e1b5904594e390b6f8d7cde205721a1d2a5e5312

HTTP Headers

GET /s2/favicons?domain=bigboxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bigboxxx.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 332
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:49:48 GMT
expires: Wed, 07 Dec 2022 04:19:48 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 327
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
9084a518c70ad57bb3226fb519b648fd
79348ebe6f5900a035d4d65e08a7409fd9708f15
f0c6b0f66c31aa7cb2d2808eb4c04c3681d48e731efc8cbba0f3fef1d218ce7b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=oslo.ml

142.250.74.132

301 Moved Permanently

327 B

URL HTTP/2
www.google.com/s2/favicons?domain=oslo.ml
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
327 B (327 bytes)
Hash
03a3c94902d7cea78669ee49f62992d8
685b6242fb4f837d5da66fad81bc1155230d7573
680069624adbcd0d98df8c1ee52c778ac7a4fd3682cf6a0dc35ed8f7b67aaa87

HTTP Headers

GET /s2/favicons?domain=oslo.ml HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
x-content-type-options: nosniff
server: sffe
content-length: 327
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:33:26 GMT
expires: Wed, 07 Dec 2022 04:03:26 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5006b8e985c5838b7fd2f2b558a65bc4
183ff15e0faedf346305fd6fe1c70c9c7a1eef4a
fcbfec9f5fd0e10d44778c1df64d8612281cd39881cdfd0aa8ca30d13655655a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/s2/favicons?domain=bodyxxx.top

142.250.74.132

301 Moved Permanently

331 B

URL HTTP/2
www.google.com/s2/favicons?domain=bodyxxx.top
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
331 B (331 bytes)
Hash
c9676e90e1597bb90b7c88b3bf160df8
4b1ceb90d998788afee540f3fe3ba691ad037ec4
4d8b30ae66ecb549fcd937d4fcd7f946f81e585c9fccf9eb9f5ac00c0cf1ffb2

HTTP Headers

GET /s2/favicons?domain=bodyxxx.top HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
x-content-type-options: nosniff
server: sffe
content-length: 331
x-xss-protection: 0
date: Wed, 07 Dec 2022 03:36:11 GMT
expires: Wed, 07 Dec 2022 04:06:11 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4272427aec58f70a2189081cf08dd45a
4aafd88bba141908524806f443d4e8dfdcb5f816
3921b739fe40043d4c63c0e7c480cacad9480c5bb56166349c5cd1b7657516b2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3921B739FE40043D4C63C0E7C480CACAD9480C5BB56166349C5CD1B7657516B2"
Last-Modified: Mon, 05 Dec 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10153
Expires: Wed, 07 Dec 2022 06:44:28 GMT
Date: Wed, 07 Dec 2022 03:55:15 GMT
Connection: keep-alive

www.google-analytics.com/j/collect?v=1&_v=j98&a=2125065739&t=pageview&_s=1&dl=https%3A%2F%2Fteenplay.top%2F&ul=en-us&de=UTF-8&dt=Teen%20Play&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1633427699&gjid=1485688624&cid=1758939706.1670385316&tid=UA-141729945-17&_gid=1099952697.1670385316&_r=1&gtm=2oubu0&z=202167788

142.250.74.110

200 OK

1 B

URL HTTP/2
www.google-analytics.com/j/collect?v=1&_v=j98&a=2125065739&t=pageview&_s=1&dl=https%3A%2F%2Fteenplay.top%2F&ul=en-us&de=UTF-8&dt=Teen%20Play&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1633427699&gjid=1485688624&cid=1758939706.1670385316&tid=UA-141729945-17&_gid=1099952697.1670385316&_r=1&gtm=2oubu0&z=202167788
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?v=1&_v=j98&a=2125065739&t=pageview&_s=1&dl=https%3A%2F%2Fteenplay.top%2F&ul=en-us&de=UTF-8&dt=Teen%20Play&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=1633427699&gjid=1485688624&cid=1758939706.1670385316&tid=UA-141729945-17&_gid=1099952697.1670385316&_r=1&gtm=2oubu0&z=202167788 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://teenplay.top
date: Wed, 07 Dec 2022 03:55:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/s2/favicons?domain=migirls.tk

142.250.74.132

301 Moved Permanently

330 B

URL HTTP/2
www.google.com/s2/favicons?domain=migirls.tk
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size
330 B (330 bytes)
Hash
d928fbf30e695446d8e752752af12c00
95723b084f7e56267860f9ee4f67fe778fe91166
b51372ace9ef1c58b92f1d081441b60262f4811174bb45f5f6d5d34b340e00c5

HTTP Headers

GET /s2/favicons?domain=migirls.tk HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://migirls.tk&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
expires: Wed, 07 Dec 2022 04:25:15 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 330
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16

142.250.74.100

200 OK

565 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
565 B (565 bytes)
Hash
63f22f1ceefc11f583c1ef226bc113bc
03c1ad8c4ef751dab23658a66e1f70fe5a364558
3247333430d523ab8e1e023b9f2e1f5a7e592e705fb911940cfd2262cce78719

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://lilibox.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://lilibox.top/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 565
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 10:53:50 GMT
expires: Tue, 13 Dec 2022 10:53:50 GMT
cache-control: public, max-age=604800
age: 61285
last-modified: Sun, 05 Jul 2020 03:07:18 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16

142.250.74.100

200 OK

591 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
591 B (591 bytes)
Hash
27eaaa217e97f09b1e0e4ef5fe03ddea
8dba908621461e0ddccc275b2d3499597e982478
abbd0c903c75920669002d8d812580fe030bcf37788405bbf85c52631f4cfedb

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://fotoscaseras.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://fotoscaseras.top/wp-content/uploads/2019/06/favicons-1.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 591
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 01:37:13 GMT
expires: Thu, 08 Dec 2022 01:37:13 GMT
cache-control: public, max-age=604800
age: 526682
last-modified: Fri, 07 Jun 2019 19:58:03 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sweetbody.top&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://sextoplist.pw&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://barelylegalteens.xxxbit.com&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16

142.250.74.100

200 OK

524 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size
524 B (524 bytes)
Hash
fb8c9b7989d8ba21438d600b0756c2b9
55975f660a6e9e09091042120054eaa4853550a3
95f562037804f50a2745ffbdc791580096de62e37d437ee5b428572dd2aee8a3

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://artbbs.st&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-location: http://artbbs.st/images/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 17:55:38 GMT
expires: Tue, 13 Dec 2022 17:55:38 GMT
cache-control: public, max-age=604800
age: 35977
last-modified: Thu, 20 Aug 2020 00:02:02 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16

142.250.74.100

404 Not Found

726 B

URL HTTP/2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16
IP
142.250.74.100:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://celebmodel.buzz&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ee6bfe50f8e4b9c142f971a55496ac26
8c3fd42aaa7fa3ebdedc4f7b0271b8caae166e64
4582e8e1ada92a279cbc5d82904c7fd27b9d4b95bc06c7a8b3c13168978f0b33

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://galeryfantasi.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16

142.250.74.132

200 OK

555 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
555 B (555 bytes)
Hash
1670761b3f8ecc714c91168a1fd22a10
c98d47b667c12f120c8e017785e82503c4b218d4
65624d59c209631d78111f4d4abde29da680e453462e8822c49af3da2ac369cc

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://littleteenclubpw.com&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-location: https://i.imgur.com/ABb8xPB.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 555
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 06 Dec 2022 05:38:25 GMT
expires: Tue, 13 Dec 2022 05:38:25 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
content-type: image/png
age: 80210
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16

142.250.74.68

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bodyxxx.top&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16

142.250.74.68

404 Not Found

726 B

URL HTTP/2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16
IP
142.250.74.68:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://oslo.ml&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bigboxxx.top&size=16

142.250.74.132

404 Not Found

726 B

URL HTTP/2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bigboxxx.top&size=16
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
726 B (726 bytes)
Hash
b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64

HTTP Headers

GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=http://bigboxxx.top&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://teenplay.top/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 03:55:15 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

st.chatango.com/h5/gz/r1201220704/id.html

208.93.230.26

200 OK

224 kB

URL HTTP/1.1
st.chatango.com/h5/gz/r1201220704/id.html
IP
208.93.230.26:0
ASN
#29893 CHATANGO

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (54430), with CRLF, LF line terminators
Size
224 kB (224208 bytes)
Hash
2ff04e3060ebf6d04a895f2af779e79c
4583ade36a3969fe2fc7ddfc754038ed4c35b424
98bfe8760d1b37a21984eae3adfb3dc9fbf7a1375e7f6c2db45bb14a72974c61

HTTP Headers

GET /h5/gz/r1201220704/id.html HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:55:15 GMT
Content-Type: text/html
Content-Length: 224208
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Expires: Thu, 07 Dec 2023 03:55:15 GMT
Cache-Control: max-age=31536000
Content-Encoding: gzip
P3P: CP="Chatango does not have a P3P policy. Please see our privacy policy: http://chatango.com/page?full_privacy"
Accept-Ranges: bytes

192.243.59.13

307 Temporary Redirect

0 B

URL HTTP/1.1
foundfroshelves.com/watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1 HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 03:55:15 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Location: https://foundfroshelves.com/watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1&shu=d5984d3813dfc6581ea8ae13c59b47e944928dc8730fa77c8cc9f6d6c368eafd7a2f0e8ad2185435da2b053c94dc261756893849f4b08aca09222ea5e1ac093a58f5f337d9bf17773c620417da7b65cac48af8576f100fca19cb19815eb331&pst=1670385375&rmtc=t
Set-Cookie: u_pl=16262340; expires=Thu, 08 Dec 2022 03:55:15 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdGVlbnBsYXkudG9wLyJ9fQ.qpWDveDBGtZ--R3F1QMc_tuTsjFe-YQo-KZzEDFwDwE; expires=Wed, 07 Dec 2022 03:56:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fedd8f6714d28f69b8d5b1385dc5fa7a
Strict-Transport-Security: max-age=0; includeSubdomains

st.chatango.com/cfg/nc/r.json?d950330020000266839025590

208.93.230.26

200 OK

20 B

URL HTTP/1.1
st.chatango.com/cfg/nc/r.json?d950330020000266839025590
IP
208.93.230.26:0
ASN
#29893 CHATANGO

File type
JSON data\012- , ASCII text
Size
20 B (20 bytes)
Hash
345dbbbf4120bf2cc616c0cda02d92de
d0e690c4cb67b9443d45d8342c5788c9583a0064
fc6476e99bc2028c9c0d7d28edafdcc7c2fdeb1630913f685887a25125f4f4e2

HTTP Headers

GET /cfg/nc/r.json?d950330020000266839025590 HTTP/1.1
Host: st.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:55:16 GMT
Content-Type: application/octet-stream
Content-Length: 20
Last-Modified: Thu, 01 Dec 2022 15:09:02 GMT
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

cdn.taboola.com/libtrc/chatango-network/loader.js

151.101.193.44

200 OK

22 kB

URL HTTP/2
cdn.taboola.com/libtrc/chatango-network/loader.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65509)
Size
22 kB (21460 bytes)
Hash
9d1f2870f1d0422386455f98a343f786
5aee8ab8df866eb30acad82413b53ee12597065e
9ed1780adb0726f162377134344d238f8a6c784f5bf0ef7fbd247d4f0c6d3cc6

HTTP Headers

GET /libtrc/chatango-network/loader.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XtnPGTKctw4CAQo+LG8xNKau4bwn+QCruHSv58tNBRRR7BS7t0bCEu3FvMXifb40qP3cjgfqE68=
x-amz-request-id: JCNFJSW97RJ55PSP
last-modified: Tue, 06 Dec 2022 11:51:40 GMT
etag: "de949711b8772e115141541d7858fb06"
x-amz-version-id: AqeG_DSvcTo7Bcn_.t1hfEJ1TAD1ZqY2
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:55:16 GMT
via: 1.1 varnish
age: 11
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670385316.168882,VS0,VE5
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 38
content-length: 21460
X-Firefox-Spdy: h2

foundfroshelves.com/watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1&shu=d5984d3813dfc6581ea8ae13c59b47e944928dc8730fa77c8cc9f6d6c368eafd7a2f0e8ad2185435da2b053c94dc261756893849f4b08aca09222ea5e1ac093a58f5f337d9bf17773c620417da7b65cac48af8576f100fca19cb19815eb331&pst=1670385375&rmtc=t

192.243.59.13

200 OK

2.4 kB

URL HTTP/1.1
foundfroshelves.com/watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1&shu=d5984d3813dfc6581ea8ae13c59b47e944928dc8730fa77c8cc9f6d6c368eafd7a2f0e8ad2185435da2b053c94dc261756893849f4b08aca09222ea5e1ac093a58f5f337d9bf17773c620417da7b65cac48af8576f100fca19cb19815eb331&pst=1670385375&rmtc=t
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text, with very long lines (3118)
Size
2.4 kB (2443 bytes)
Hash
fd45bae21919418142de7dd93c7106a0
14f3d5d3a84a4902c034d033d614f0436018bacc
a9952d3bad7a1ab13feb14e3f738ba2376d38aef01c53e6d00216efee94dbfed

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /watch.1534126592265.js?key=b4d48c91b57f98c648b006ef67833af7&kw=%5B%22teen%22%2C%22play%22%5D&refer=https%3A%2F%2Fteenplay.top%2F&tz=0&dev=e&res=12.1055&uuid=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9%3A2%3A1&shu=d5984d3813dfc6581ea8ae13c59b47e944928dc8730fa77c8cc9f6d6c368eafd7a2f0e8ad2185435da2b053c94dc261756893849f4b08aca09222ea5e1ac093a58f5f337d9bf17773c620417da7b65cac48af8576f100fca19cb19815eb331&pst=1670385375&rmtc=t HTTP/1.1
Host: foundfroshelves.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://teenplay.top
Referer: https://teenplay.top/
Connection: keep-alive
Cookie: u_pl=16262340; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoxNjI2MjM0MCwiayI6ImI0ZDQ4YzkxYjU3Zjk4YzY0OGIwMDZlZjY3ODMzYWY3Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjoxNTQ0MTE1LCJwaWQiOjE0MTg4NywiYW4iOnRydWUsImxhbiI6dHJ1ZSwiY2lkIjoxNiwiYWlkIjoyMywicHQiOjQsInBrIjoiZjBocHBoOTR0IiwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjkwNzUzNDU3LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6Mzg5MTQsIm9uIjoiV2luZG93cyIsIm92IjoiMTAuMCIsImJpZCI6MTIwNjI1LCJibiI6IkZpcmVmb3giLCJidiI6IjEwNS4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vdGVlbnBsYXkudG9wLyJ9fQ.qpWDveDBGtZ--R3F1QMc_tuTsjFe-YQo-KZzEDFwDwE
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 07 Dec 2022 03:55:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://teenplay.top
Access-Control-Allow-Origin: https://teenplay.top
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=cb9ffd4e-122d-43e8-8b83-b834bb5c4ef9:2:1; expires=Wed, 14 Dec 2022 03:55:16 GMT; secure; SameSite=None
iprc8cdef0b9ef7055085437364cf2f884a8=3569684; expires=Wed, 07 Dec 2022 07:55:16 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 08 Dec 2022 03:55:16 GMT; secure; SameSite=None
uncs=1; expires=Thu, 08 Dec 2022 03:55:16 GMT; secure; SameSite=None
pdhtkv23=true; expires=Thu, 08 Dec 2022 03:55:16 GMT; secure; SameSite=None
uncs23=1; expires=Thu, 08 Dec 2022 03:55:16 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f46548c0cec17640aaad46d979d5af00
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js

151.101.193.44

200 OK

147 kB

URL HTTP/2
cdn.taboola.com/libtrc/impl.20221206-9-RELEASE.js
IP
151.101.193.44:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65509)
Size
147 kB (147441 bytes)
Hash
ed14506295f2d36ba1c947cf18f982f1
8bcb0936b86823b6eede23335a32943741c0db74
d35893f151f71ec05c2cbe5c36df80230c14bed25ac5c8a7a277e3ba3c483f92

HTTP Headers

GET /libtrc/impl.20221206-9-RELEASE.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: GJ/TYug6Y6wJpQ/xGmN1jNBtDY9WgBStGLQwy7qlMzZ//8FdBlS8ZDbuZEsurVSZq3yK0CZU2TI=
x-amz-request-id: V7XDYTDZNM3QFRRE
last-modified: Tue, 06 Dec 2022 11:09:50 GMT
etag: "ed14506295f2d36ba1c947cf18f982f1"
content-encoding: br
x-amz-version-id: eQ1gx7k6CXCSNKmlaWA.nuCrjL1_tj1K
content-type: application/javascript
accept-ranges: bytes
date: Wed, 07 Dec 2022 03:55:16 GMT
via: 1.1 varnish
age: 2672
x-served-by: cache-bma1657-BMA
x-cache: HIT
x-cache-hits: 721
x-timer: S1670385316.348712,VS0,VE0
cache-control: private,max-age=31536000
vary: Accept-Encoding
abp: 99
server: AmazonS3-br
content-length: 147441
X-Firefox-Spdy: h2

sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670385316132&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fteenplay.top%2F

143.204.55.96

204 No Content

0 B

URL HTTP/2
sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670385316132&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fteenplay.top%2F
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1670385316132&ns_c=windows-1252&ns_if=1&c7=https%3A%2F%2Fst.chatango.com%2Fh5%2Fgz%2Fr1201220704%2Fid.html&c8=&c9=https%3A%2F%2Fteenplay.top%2F HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 204 No Content
date: Wed, 07 Dec 2022 03:55:16 GMT
set-cookie: UID=1B00b04e350ff21fa78917a1670385316; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: WbswEJ5WrfY1FAz89Hjm01k47lSheqUJPOscHp-LoPshdEQoBfsBUw==
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
995fe19a8a49976e8e9d5a982de0d3d6
fcbf5b3a56fa563d99517e318961a0ebf02a4081
d32603d46aed45c2cf3cddcc6ef6d77716520ba2a7a1c7afe296da580f538bc0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2445
Cache-Control: max-age=114741
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:16 GMT
Etag: "638f224c-138"
Expires: Thu, 08 Dec 2022 11:47:37 GMT
Last-Modified: Tue, 06 Dec 2022 11:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312

trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=03%3A55%3A16.266&type=usage&msg=rtus&llvl=2&id=8725&cv=20221206-9-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D

141.226.228.48

204 No Content

0 B

URL HTTP/2
trc-events.taboola.com/chatango-chatango1/log/2/debug?tim=03%3A55%3A16.266&type=usage&msg=rtus&llvl=2&id=8725&cv=20221206-9-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D
IP
141.226.228.48:0
ASN
#200478 Taboola.com ltd

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /chatango-chatango1/log/2/debug?tim=03%3A55%3A16.266&type=usage&msg=rtus&llvl=2&id=8725&cv=20221206-9-RELEASE&lt=deflated&file=rtus.js&method=injectRtus&position=default&extraData=%7B%7D HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
server: nginx
date: Wed, 07 Dec 2022 03:55:16 GMT
x-fastly-to-nlb-rtt: 22575
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f371fd6cbe04abe5f0d8679af1f2a998
ac95c5a39304a338b963d591a374bd667c836143
bb563352d50a6732df1045dcf54d5242f7609753538c26735456fef24a4692e9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB563352D50A6732DF1045DCF54D5242F7609753538C26735456FEF24A4692E9"
Last-Modified: Tue, 06 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8887
Expires: Wed, 07 Dec 2022 06:23:23 GMT
Date: Wed, 07 Dec 2022 03:55:16 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
4c9688944e55047f879844d038061d17
e772514463f92964d1aa73b65a5b5e727665e2e6
b7da6d01a2e65b5691557e6c340a64632aed3e7fb41bf5a1e5fdbe96c7c9e700

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2283
Cache-Control: max-age=138364
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:16 GMT
Etag: "638f7f35-139"
Expires: Thu, 08 Dec 2022 18:21:20 GMT
Last-Modified: Tue, 06 Dec 2022 17:43:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:15 GMT
server: Kestrel
content-length: 0
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=lNJIhl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEdmSWR2aUNjczB1STZrcmZNSEhEcVk; expires=Mon, 01 Jan 2024 03:55:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 285175
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png

45.133.44.9

200 OK

112 kB

URL HTTP/2
cdn.cloudimagesb.com/cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png
IP
45.133.44.9:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 728 x 90, 8-bit/color RGBA, non-interlaced\012- data
Size
112 kB (112168 bytes)
Hash
c45241b13549342de998e8518b0430f8
4520fd975fc212eb0e8d67981697b04787280f6a
12d50ef4939929d2f45254e0a404bda1f11fb2509599a9a7cb5e601e9c8f66b6

HTTP Headers

GET /cti/c2/32/b3/c232b3e4524deb01952d81710da81554/1658915602.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: image/png
content-length: 112168
server: nginx/1.17.6
last-modified: Wed, 27 Jul 2022 09:53:30 GMT
etag: "62e10b1a-1b628"
expires: Fri, 09 Dec 2022 03:55:16 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
70e61a14d2296fcfede8714707eeb39d
72ca3d68eae189744173d8ed10f7a18290244c8b
af6a64d2a10dc95f377f8e8f443e496bad5f2444206192ca5e942eb58aa41838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2501
Cache-Control: max-age=110841
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:17 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:42:38 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312

ocsp.digicert.com/

93.184.220.29

200 OK

312 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
312 B (312 bytes)
Hash
70e61a14d2296fcfede8714707eeb39d
72ca3d68eae189744173d8ed10f7a18290244c8b
af6a64d2a10dc95f377f8e8f443e496bad5f2444206192ca5e942eb58aa41838

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2501
Cache-Control: max-age=110841
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:17 GMT
Etag: "638f12d9-138"
Expires: Thu, 08 Dec 2022 10:42:38 GMT
Last-Modified: Tue, 06 Dec 2022 10:00:57 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 312

ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml

208.93.230.22

200 OK

46 B

URL HTTP/1.1
ust.chatango.com/groupinfo/l/i/littledreamclub/gprofile.xml
IP
208.93.230.22:0
ASN
#29893 CHATANGO

File type
XML 1.0 document text\012- XML document text\012- HTML document, ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
489a85ae9059fbab14c176e10bdceae7
23a167e15ff489c149a1c1f633bfcd4597d9c0bd
2bf0b59a7518f8b73db880ecb0e510763231b2a8ef3a789504c9ab98e549904a

HTTP Headers

GET /groupinfo/l/i/littledreamclub/gprofile.xml HTTP/1.1
Host: ust.chatango.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://st.chatango.com
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 07 Dec 2022 03:55:16 GMT
Content-Type: text/xml
Content-Length: 46
Last-Modified: Fri, 20 Nov 2020 04:47:51 GMT
Connection: keep-alive
Expires: Wed, 07 Dec 2022 03:55:16 GMT
Cache-Control: max-age=0
Access-Control-Allow-Origin: *
Accept-Ranges: bytes

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-crto-bundle
Referer: https://st.chatango.com/
Origin: https://st.chatango.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-headers: X-CRTO-SID, X-CRTO-IDCPY, X-CRTO-OPTOUT, X-CRTO-BUNDLE
access-control-allow-origin: https://st.chatango.com
server-processing-duration-in-ticks: 588581
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

313 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
313 B (313 bytes)
Hash
adec7fbf9b7fd2a8af6df54429c86e2f
2e551f20c38bb7f6999a1837c6583688a99475ed
a62677d959e0d533318a38e03c63cee4af1a0d1da8144fc22977d96064302fce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1901
Cache-Control: max-age=100540
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 03:55:17 GMT
Etag: "638eecf4-139"
Expires: Thu, 08 Dec 2022 07:50:57 GMT
Last-Modified: Tue, 06 Dec 2022 07:19:16 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313

gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=teenplay.top&info=qYqJal80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEV2alRSN29vRmRMUlptU21QanIlMkZJTA&idsd=919524642,-1338977530&rtusCallerId=72&lsw=1

178.250.2.146

200 OK

9.2 kB

URL HTTP/2
gum.criteo.com/sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=teenplay.top&info=qYqJal80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEV2alRSN29vRmRMUlptU21QanIlMkZJTA&idsd=919524642,-1338977530&rtusCallerId=72&lsw=1
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type
data
Size
9.2 kB (9159 bytes)
Hash
586bcb3a44cee57ec3d0608d714e3d24
64b7ffd7be30fb93c7c652fc8caefff13b8d5fae
03bc36657b4a4b18b94182fe75e527f68d90b92a5a9cde640ff27f6a6e7373f3

HTTP Headers

GET /sid/json?origin=rtus&domain=st.chatango.com&sn=FirefoxSyncframe&so=0&topUrl=teenplay.top&info=qYqJal80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEV2alRSN29vRmRMUlptU21QanIlMkZJTA&idsd=919524642,-1338977530&rtusCallerId=72&lsw=1 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
server-processing-duration-in-ticks: 862077
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 07 Dec 2022 03:55:13 GMT
date: Wed, 07 Dec 2022 03:55:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sb.scorecardresearch.com/beacon.js

143.204.55.96

200 OK

0 B

URL HTTP/2
sb.scorecardresearch.com/beacon.js
IP
143.204.55.96:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /beacon.js HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 07 Dec 2022 01:08:32 GMT
cache-control: max-age=86400
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Cmg8S5zHuDTKVHzltgKE6znjC8m2ARUzhzwp4Zcs38n0Q52LD9a6bQ==
age: 10006
X-Firefox-Spdy: h2

dnacdn.net/dna

178.250.2.146

200 OK

0 B

URL HTTP/2
dnacdn.net/dna
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=lNJIhl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEdmSWR2aUNjczB1STZrcmZNSEhEcVk
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=qYqJal80M0RITmhlJTJCZkMwOUJGQlhaMUN2czE5eUVtcXJJaTAwYTVBUFZydkgxWEV2alRSN29vRmRMUlptU21QanIlMkZJTA; expires=Mon, 01 Jan 2024 03:55:16 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 261064
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

ag.gbc.criteo.com/newidsd

185.235.84.141

200 OK

0 B

URL HTTP/2
ag.gbc.criteo.com/newidsd
IP
185.235.84.141:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 86223
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks

143.204.55.76

200 OK

0 B

URL HTTP/2
js.juicyads.com/jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks
IP
143.204.55.76:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /jp.php?c=348413y2p294u4q2r2e4236434&u=http%3A%2F%2Fwww.juicyads.rocks HTTP/1.1
Host: js.juicyads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://teenplay.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
cache-control: max-age=900
date: Wed, 07 Dec 2022 03:55:14 GMT
expires: Wed, 07 Dec 2022 04:10:14 GMT
pragma: cache
server: nginx
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: g93hOCG2L7LUP4d1CHudRbZHXKQzsLGWPcqAY6CuT4Qz2xWv_TLg7A==
X-Firefox-Spdy: h2

gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sync?c=72&r=2&j=TRC.getRTUS HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 654715
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top

178.250.2.146

200 OK

0 B

URL HTTP/2
gum.criteo.com/syncframe?origin=rtus&topUrl=teenplay.top
IP
178.250.2.146:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /syncframe?origin=rtus&topUrl=teenplay.top HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://st.chatango.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=6dc80b5a-76bc-468e-9721-d85ca5aaaff0; expires=Mon, 01 Jan 2024 03:55:15 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 595067
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

gem.gbc.criteo.com/newidsd

178.250.6.3

200 OK

0 B

URL HTTP/2
gem.gbc.criteo.com/newidsd
IP
178.250.6.3:0
ASN
#44788 Criteo SA

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
date: Wed, 07 Dec 2022 03:55:16 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 115954
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations