{"report_id":"e60cb56a-b10b-4d90-878f-d86c615993c3","version":6,"status":"done","tags":[],"date":"2025-10-02T09:18:34Z","url":{"schema":"http","addr":"wgirlss.vc","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":0,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"final":{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"title":"Tiny Pictures"},"submit":{"url":{"schema":"http","addr":"wgirlss.vc","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":0,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"tags":null,"meta":null,"user":{"user_id":"akbkyowd9geqr98"}},"settings":{"access":"public","device_type":"desktop","expires_at":"2026-11-06T09:18:34Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":2}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null},"summary":[{"fqdn":"wgirlss.vc","ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2025-09-07T10:57:42.883195Z","last_seen":"2025-09-22T15:27:15.173955Z","alert_count":127,"request_count":64,"received_data":750355,"sent_data":37722,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}]},{"fqdn":"img94.pixhost.to","ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2024-03-03T12:00:04Z","last_seen":"2025-09-30T07:17:55.143529Z","alert_count":0,"request_count":3,"received_data":71283,"sent_data":1350,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}]},{"fqdn":"images4.imagebam.com","ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"domain_registered":"2006-09-22","domain_rank":1585641,"first_seen":"2021-05-23T15:28:58Z","last_seen":"2025-09-30T07:17:55.115565Z","alert_count":0,"request_count":6,"received_data":171654,"sent_data":2682,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"www.imgbur.cc","ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"domain_registered":"2023-08-21","domain_rank":0,"first_seen":"2023-10-18T23:11:50Z","last_seen":"2025-09-22T15:26:44.303002Z","alert_count":0,"request_count":10,"received_data":940148,"sent_data":4490,"comment":"","tags":null,"fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}]},{"fqdn":"s8d7.turboimg.net","ip":{"addr":"172.67.72.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2015-10-16","domain_rank":4519738,"first_seen":"2021-01-07T23:25:52Z","last_seen":"2025-09-22T15:26:44.355736Z","alert_count":0,"request_count":3,"received_data":33376,"sent_data":1338,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"i.imgur.com","ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"domain_registered":"2009-01-09","domain_rank":3309,"first_seen":"2012-05-21T08:09:36Z","last_seen":"2025-09-28T23:57:32.683749Z","alert_count":0,"request_count":6,"received_data":136620,"sent_data":2565,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":[{"sensor_name":"suricata","description":"Suricata /w Emerging Threats Pro","alerts":null}],"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/report.js?ver=1820","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"e750915e1cec2dda6aa240b193a960b8","sha1":"a7eda9f37770a056b70b35279b4bb5a1f55c9d5b","sha256":"1feb21e91253a450d8b9bc6273a8b4280664089793561d44f4ec474da496e43a","sha512":"df7f8913749303ff464c3bfc4ab32857278b2ea94fe9059d8f7c6ae432df2f51ad9eb64ae21a840626b5f348159aa25db0863ba4fa1f1a8cc7ff73a4fcdd3be5","ssdeep":"","tlshash":"8511906afb3d6c1242fe34d3f49f0acd3a7848215c506cb6dc6017b994ede5b112294e","size":925,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.700971Z","times_seen":572,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea9fc549978b364894849ab5db244fb8","sha1":"dff01d8f964e1ae6533990ec08b4a456dc125499","sha256":"60db727c3a1820bc428600bd1c417d305ad87e6066bc253965aa77de9508f14d","sha512":"5a0b12c7d2611cb636dea696af70d17e24e0dbe7859ef0e6a6ab6986c72b7a95e5f4ef0e0d007668a286fa75f3e4f2d30ea028e468556b6dcd4747438aeca4a2","ssdeep":"","tlshash":"4f4133d3648d1c35004d60a36cbd68c1de0bd0c9eb1cad2adf29b46d73818ed87b55aa","size":2288,"data":"","first_seen":"2025-10-02T09:18:41.117971Z","last_seen":"2025-10-02T09:18:41.117971Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"70eda2d8ed496ccea6ef8de9ed68fbaf","sha1":"4d8d61164978e7cf363d9eea2ee24f0814a22779","sha256":"bc528479e0f7527b00dbfa43f453d636ccbaf40fb727bb7b96bde4a76d5b4a03","sha512":"6026af0892dd56a1b08138f2f358c1cdc4fec0324a60fd47d45ed6db503a93a97c3d423bfaef4d9e9305619c74de1bb0e7551dd7935fb9a550c82c1e97b98597","ssdeep":"","tlshash":"d111904bf71d299e8ca209e3f74c24521877c0d9933c164aef2af93c9f8dd460ae5480","size":966,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-24T11:36:44.926889Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e774c6eac4073121eb55b9e21d3511","sha1":"5156ea2435d223d0519ddce05085a2510c7b1807","sha256":"45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5","sha512":"2fd9fdf983e2f651be2955965a0be96ad581a2544bfd5718d3959966bf6d6ed8a39bce6a3d076b735638bb24d1cfc5646f72ac151c295478abe2361e5298f4d9","ssdeep":"","tlshash":"45a012a1c08c0407823411120c002025202fc4780052de496cb159a050c4706036040a","size":77,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-28T07:38:14.635706Z","times_seen":1020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/forumdisplay.php?fid=6","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea9fc549978b364894849ab5db244fb8","sha1":"dff01d8f964e1ae6533990ec08b4a456dc125499","sha256":"60db727c3a1820bc428600bd1c417d305ad87e6066bc253965aa77de9508f14d","sha512":"5a0b12c7d2611cb636dea696af70d17e24e0dbe7859ef0e6a6ab6986c72b7a95e5f4ef0e0d007668a286fa75f3e4f2d30ea028e468556b6dcd4747438aeca4a2","ssdeep":"","tlshash":"4f4133d3648d1c35004d60a36cbd68c1de0bd0c9eb1cad2adf29b46d73818ed87b55aa","size":2288,"data":"","first_seen":"2025-10-02T09:18:41.117971Z","last_seen":"2025-10-02T09:18:41.117971Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","size":14799,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"ea9fc549978b364894849ab5db244fb8","sha1":"dff01d8f964e1ae6533990ec08b4a456dc125499","sha256":"60db727c3a1820bc428600bd1c417d305ad87e6066bc253965aa77de9508f14d","sha512":"5a0b12c7d2611cb636dea696af70d17e24e0dbe7859ef0e6a6ab6986c72b7a95e5f4ef0e0d007668a286fa75f3e4f2d30ea028e468556b6dcd4747438aeca4a2","ssdeep":"","tlshash":"4f4133d3648d1c35004d60a36cbd68c1de0bd0c9eb1cad2adf29b46d73818ed87b55aa","size":2288,"data":"","first_seen":"2025-10-02T09:18:41.117971Z","last_seen":"2025-10-02T09:18:41.117971Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/inline_edit.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"3781858ba413bfc2e58e9546669f097f","sha1":"3f9d6c9d1506b4d8ec3b1a7ba600f472f4cf0872","sha256":"a14ce315b9b11ef33e3ccd59a39f026336ae6a5af17a5672266435afa0af4652","sha512":"de8cfa1433891021350d06203feb45d16d7a72dbf9cbe0baaf2fa41f810691ce83671363024e49adb71e102daff6d60f410ee511a093baba1c9cab94d71fe251","ssdeep":"","tlshash":"1941efdafb2c521f00743169c13f52899a2e043194604cf6be7865965ec9d5e233acbf","size":2050,"data":"","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-03-23T02:07:37.654628Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","size":14799,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"b380a5a269b02d6ba3a36138b9aa035c","sha1":"73511e9d924118632bdf9fae60952cb8a109397b","sha256":"d891eb0930a9e978033bd318e1dfc97ab49d659c88c4e34ebfe847541556bf80","sha512":"96e611a6c11c9e7bfbcf9d78c217a2a7bad0a92c2d87c2bcde5781913ce4699f79decd83f7fc53f141c5e29797ecd6f65d456bd409f91fd8fb7d24dd2e4c0361","ssdeep":"","tlshash":"fdb012b3d41499318032039cd734a5ca50384a502447c47354b80bbd20515346474d19","size":95,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.765928Z","times_seen":366,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"03bff8af0b117a3649e03c4451fbef82","sha1":"5c553d419c73d3d6513e27d98d3556ab16a5ac81","sha256":"9d3f23bb29d3a4cb0d29918c942eb1ac1ac97da2d0ed8adc4b30bd874e198836","sha512":"63b3874f70a2611538ca6a35f2aa3a0f9bb93ac7fa8258a63f8edf9b289ba06b035b7de86781499ff86725b18be03cd1e21a80192228c3bbba4e78eabaf4e757","ssdeep":"","tlshash":"a9e020edd1591712407d304d3c903dcbb8360ca2231ccd75f7a0c396b464334005c720","size":362,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-12T19:10:50.511714Z","times_seen":223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","size":15709,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"3e778a0599600893f6740e061f0db321","sha1":"a9f01d1beac63e231a419894462ddf00adcd86ae","sha256":"391dc11066c3b8e2f89bfe77f24d5ccb9f39c5ab3a499559caa7a4d5a8b175c6","sha512":"60da55c43f8b588bfa9c280f855c11935b06942db1ea1dace8e65dfb315d22cde302286d00ab6e5c4db011f0f37faead51987ed5b9a1fef5123fda6fafad5cc6","ssdeep":"","tlshash":"5ab0929862985b5a02f311986a9814a616708abe816c695b2a05b914a20d84462cae43","size":125,"data":"","first_seen":"2023-03-07T14:37:29Z","last_seen":"2026-04-28T07:38:14.634211Z","times_seen":414,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89475,"data":"","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/forumdisplay.php?fid=6","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"62c2c2ab7028d706cf48e334e0be4ed5","sha1":"9d1974f9795f5fa3093d3ca5d136cb1343ec6786","sha256":"a14419f7da616d1c4cad1be1fb9a59e3628cddd44ba0a323bd8d251ab3ef3169","sha512":"771926191833a2e8711df06c0ae32ffffe147f4f37ceae569dadeae508e9a1f5ec04d2d18188f9923628e87241c1a1c077c5bbbc748c9fba7816f3d53c161abc","ssdeep":"","tlshash":"c5d0a7db27545b0742b345846b5c20e50931a6bfd27caa4b0f1ab968730c8a8b7e9992","size":252,"data":"","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-03-23T02:07:37.666753Z","times_seen":44,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/forumdisplay.php?fid=6","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e774c6eac4073121eb55b9e21d3511","sha1":"5156ea2435d223d0519ddce05085a2510c7b1807","sha256":"45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5","sha512":"2fd9fdf983e2f651be2955965a0be96ad581a2544bfd5718d3959966bf6d6ed8a39bce6a3d076b735638bb24d1cfc5646f72ac151c295478abe2361e5298f4d9","ssdeep":"","tlshash":"45a012a1c08c0407823411120c002025202fc4780052de496cb159a050c4706036040a","size":77,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-28T07:38:14.635706Z","times_seen":1020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"03bff8af0b117a3649e03c4451fbef82","sha1":"5c553d419c73d3d6513e27d98d3556ab16a5ac81","sha256":"9d3f23bb29d3a4cb0d29918c942eb1ac1ac97da2d0ed8adc4b30bd874e198836","sha512":"63b3874f70a2611538ca6a35f2aa3a0f9bb93ac7fa8258a63f8edf9b289ba06b035b7de86781499ff86725b18be03cd1e21a80192228c3bbba4e78eabaf4e757","ssdeep":"","tlshash":"a9e020edd1591712407d304d3c903dcbb8360ca2231ccd75f7a0c396b464334005c720","size":362,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-12T19:10:50.511714Z","times_seen":223,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","size":15709,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jeditable/jeditable.min.js","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:xlrPWi/42g6jYnrDJDpygVPsKy2fRXKJQwYp5:xlrPb42gQarVDpygKKy2fgCw+5","tlshash":"5df173a53290b5dc46ea7235e4db27096132b54607b9f036a4b508e42f78dc4e633fde","size":8067,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.673596Z","times_seen":646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6561014543b35259f84b002f9fe2d911","sha1":"9adef30f57086d737f6529d60242be08bf262091","sha256":"0364a328c5f241e4e8af49d0f3088edc26a7372833ea00f6a35bb8279656830d","sha512":"0ddb5d48cb1d3b4e0953e27405bb0e38919b1b4d322be99ca10d349e776d3194340758588e259454e9059a50e77896b05fcbb0545da7410ef1b31f1101c784ef","ssdeep":"","tlshash":"5ed0c795452a930055f36895ce6703090a3612e2394c5a17974697c4744b33dc3a7c99","size":215,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-19T06:50:43.974045Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/forumdisplay.php?fid=6","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"6561014543b35259f84b002f9fe2d911","sha1":"9adef30f57086d737f6529d60242be08bf262091","sha256":"0364a328c5f241e4e8af49d0f3088edc26a7372833ea00f6a35bb8279656830d","sha512":"0ddb5d48cb1d3b4e0953e27405bb0e38919b1b4d322be99ca10d349e776d3194340758588e259454e9059a50e77896b05fcbb0545da7410ef1b31f1101c784ef","ssdeep":"","tlshash":"5ed0c795452a930055f36895ce6703090a3612e2394c5a17974697c4744b33dc3a7c99","size":215,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-19T06:50:43.974045Z","times_seen":358,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jeditable/jeditable.min.js","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:xlrPWi/42g6jYnrDJDpygVPsKy2fRXKJQwYp5:xlrPb42gQarVDpygKKy2fgCw+5","tlshash":"5df173a53290b5dc46ea7235e4db27096132b54607b9f036a4b508e42f78dc4e633fde","size":8067,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.673596Z","times_seen":646,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89475,"data":"","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"e0e774c6eac4073121eb55b9e21d3511","sha1":"5156ea2435d223d0519ddce05085a2510c7b1807","sha256":"45a342390daafbd778ec29ac08c0cd3273410c225c6c1101306700c811b530b5","sha512":"2fd9fdf983e2f651be2955965a0be96ad581a2544bfd5718d3959966bf6d6ed8a39bce6a3d076b735638bb24d1cfc5646f72ac151c295478abe2361e5298f4d9","ssdeep":"","tlshash":"45a012a1c08c0407823411120c002025202fc4780052de496cb159a050c4706036040a","size":77,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-28T07:38:14.635706Z","times_seen":1020,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","size":14799,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/thread.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"540bea37310b2cc8978d6b85bd1053c9","sha1":"ec6ff587bf02e9c82b0224366bd9431bd6e351ae","sha256":"27d9988c04b4a3e56b18ac08125032f4d99314bfd330e88c369a5689afcc692e","sha512":"d75e9690001353fde77a8e177ec9fc4ee56ee5cf067c31e6027a2a29b9c6021c743f0c3a68c588bf598a788e1962d62aefbca723756b8b93df8dfc65d3d9313c","ssdeep":"384:K8T0O0Mp4hcpdBDRMb2HGkJp6pfAVDIb4Zv+qkLx3sp:7TcMp4ap+2Fp6popxW3I","tlshash":"91522181ff3c0b5e44ba21ad942e04f88d3d983749548db6fd3866a1b7c4a0e176d93a","size":13964,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-12T19:10:50.47372Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","size":15709,"data":"","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":false,"md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","size":89475,"data":"","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"introduction_type":"scriptElement","is_inline":true,"md5":"dbfffdd27dc96f0a67f1c35e91992f65","sha1":"b13d973e2130816640e2cbdd99d2bf507a3b5aac","sha256":"087af3e1e6a4ebb40712462987d2ebb79c802047ea47845967269a2acd5b9fee","sha512":"f73f918ecde1dc17dba10d6b57b3503a553288397aa1c0d0eb44d81de9a3cd69ca55236d41f91536a3b0f5f150c53b6d5fae6d9e0ec241691a644881077e3f0c","ssdeep":"","tlshash":"6fd05e04a7b80a9602b202e6852504c5d5bfe4e940c298d1ac5892aa148db55e685b72","size":236,"data":"","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.786231Z","times_seen":327,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"i.imgur.com/KYB7SI6.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /KYB7SI6.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Fri, 01 Mar 2024 09:18:32 GMT\r\netag: \"6b0d552f8cc22088b762f6350c1d71bb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: ud9RlX17unjBaKwOdum2ZnCxLnUoyqVmVCdyDzrf3kKZdhIIdpB8Dw==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Thu, 02 Oct 2025 09:18:14 GMT\r\nage: 2056117\r\nx-served-by: cache-iad-kiad7000150-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 21577, 1\r\nx-timer: S1759396694.182799,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 34705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":34705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"6b0d552f8cc22088b762f6350c1d71bb","sha1":"d8c2b4a8c2edaec452aecb4894efed2a7d5d143f","sha256":"bd5bf61a24a70da89042d3db08e13dbe7bd4eafc9fd3390d7597d970f1a921fd","sha512":"b8a5b043a87219119e861dea947b1ea4803965604d78be8f0cbb8e87a38e42781ddadd883759250596a6aeeb20637c622de56a952b816fae9f619ba8e42c4c52","ssdeep":"768:WG6Nuit8577sj7y1NkytxnCITPa4sywktGk9jG2qrKOhvJJjvkMbPzfC:JTi26E5AIzDsyw2Rj7qrKOhvJhxbP2","tlshash":"9ff2f1142fa18aafe090b743f936cf6404b6f8c5401175baa910447dada0f93fbced94","first_seen":"2024-06-30T01:47:08Z","last_seen":"2026-04-23T17:58:29.894677Z","times_seen":69,"resource_available":false,"data":null}},"time_used":41,"timings":{"blocked":24,"dns":0,"connect":0,"send":0,"wait":10,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/favicon.ico","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:16.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:17 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 3466\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:43:06 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3466,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"a897fe69eafdd574bda12a23a4920bf0","sha1":"d27ed9fe8fa5b14950cfc5fb0a2963518d3767bf","sha256":"93fd435b9c34166a9a3a52fc82befdc4102d7e3698f5b3bd1b69edc0858f245c","sha512":"9e7189620b8319d38b8eaaff4eb26f7977f420e22d58548fb98c8e05204365f076219d9714856974439028ee8159473939be2833657f08cc5e5d2b073b2c96f9","ssdeep":"","tlshash":"36616badea70955f789e39610ecd0701a3ae372c96833278d0c17bdf0091e0bab19475","first_seen":"2023-11-06T23:52:08Z","last_seen":"2025-11-21T07:14:45.049571Z","times_seen":16,"resource_available":false,"data":null}},"time_used":933,"timings":{"blocked":201,"dns":0,"connect":0,"send":0,"wait":732,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/tcat.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/tcat.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 131\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced","md5":"10b96a318e186e39860a5945a9071b92","sha1":"daa068efc07bb97ff0a2af218aedebbb28c9f1bb","sha256":"91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf","sha512":"7b1f7e9ee0a9157cf0edebfd597a9f1a7bf42bb1062c63b420a86234799b2db8bc707d4d570d4b5dab3c192347543f35c15767528eb3b390e3b03150e843c33c","ssdeep":"","tlshash":"11c02bf277614836ec150f770fd50124f9b0464072f52620004f80313c71104d4441c2","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.623144Z","times_seen":463,"resource_available":false,"data":null}},"time_used":1680,"timings":{"blocked":777,"dns":0,"connect":0,"send":0,"wait":903,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/buttons_bg.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/buttons_bg.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 101\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 30, 8-bit/color RGB, non-interlaced","md5":"10ce6152f07ec77d9f78d381f7509a05","sha1":"24a50f65d81e1546d9f3ae802ee90be3d791fc8f","sha256":"259e21c6d7c25318e4bc00d2a3ee1b48e24679da1346c2af7718fbb7703f3025","sha512":"f1696601b2112b665d7fe0e7384fcda34962296fcf2153f235008ca954891126052655207c557e740482df62999bfd869b496cd465e097b69f56e35aa5a2b8fd","ssdeep":"","tlshash":"7fb012d6bad0dc3ce39a4563c5110b10f570d2ad074536381c969a385561b00c1d0785","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-04-19T22:17:45.933326Z","times_seen":313,"resource_available":false,"data":null}},"time_used":1818,"timings":{"blocked":903,"dns":0,"connect":0,"send":0,"wait":915,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img94.pixhost.to/images/660/456277460_logi.jpg","fqdn":"img94.pixhost.to","domain":"pixhost.to","tld":"to"},"ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixhost.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 14:07:17 GMT","end":"Thu, 09 Oct 2025 14:07:16 GMT"},"fingerprint":{"sha1":"47:29:86:DA:76:45:39:89:11:DD:0E:B1:53:76:25:A5:3D:10:4E:69","sha256":"36:9D:8E:94:F4:21:C3:EE:D7:0B:D3:88:A8:9E:3F:A7:6A:6C:CF:F7:74:B5:AC:38:E0:88:68:72:EC:E1:0C:B3"}}},"request":{"raw":"GET /images/660/456277460_logi.jpg HTTP/1.1\r\nHost: img94.pixhost.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Thu, 02 Oct 2025 09:18:15 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 23471\r\nLast-Modified: Mon, 25 Mar 2024 10:25:12 GMT\r\nConnection: keep-alive\r\nETag: \"66015108-5baf\"\r\nCache-Control: max-age=604800, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":23471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 473x101, components 3","md5":"45e1622ff7510b1f1e166a04df8877c6","sha1":"f89e2e8c4f55a501b269c4662d9b62341d313a1f","sha256":"e604f0c8ce13c7d4327b906b8db28f03532268f1d813132833ff09e0bf0bf289","sha512":"c569f62988e3ce96cf1e79725e48942edec12b4eb00904e0c8198e12ce3a8cd9ee10324d17319479c8726c22d2212e5a1aee0be1f70b70cbcbd03e6bb374d682","ssdeep":"384:oc7UEfKB8bKtIcqL22Qey6rU/yIqPZK/Pw8XiGvFEvduVa5V7et5be0:owrS6Oicqq2Qey6g/1qBWBXnuv3nyn","tlshash":"c2b2f24ec9309fb72eeab432e5c5feb50b5b04395053c50734be93b939452642dc1b29","first_seen":"2024-08-19T15:22:14.663515Z","last_seen":"2026-03-03T09:49:22.790326Z","times_seen":21,"resource_available":false,"data":null}},"time_used":1709,"timings":{"blocked":1562,"dns":0,"connect":36,"send":0,"wait":70,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/css3.css?t=1663152267","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/css3.css?t=1663152267 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:21 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:27 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"926db993b5ce157d2f8dc0a3ebbb198b","sha1":"7b31fcb7d12af07bb714c01c03e13857a98a2bc3","sha256":"ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e","sha512":"b4123c9f2322e53f026cb79d2a1d6974fe865847e765a4dbb26df9dc00885f2e02ec727132c2e192dd3718adc49dd846a5448a410cdafcf9d90273518e688a04","ssdeep":"","tlshash":"ad5152bf341c06986326e94aba19dee3718f03136576aca5f1d0fc3c1202dbe5e558ad","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-04-28T07:38:14.623673Z","times_seen":330,"resource_available":false,"data":null}},"time_used":1881,"timings":{"blocked":912,"dns":0,"connect":0,"send":0,"wait":969,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/inline_edit.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/inline_edit.js?ver=1821 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:21 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:12 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2050,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"3781858ba413bfc2e58e9546669f097f","sha1":"3f9d6c9d1506b4d8ec3b1a7ba600f472f4cf0872","sha256":"a14ce315b9b11ef33e3ccd59a39f026336ae6a5af17a5672266435afa0af4652","sha512":"de8cfa1433891021350d06203feb45d16d7a72dbf9cbe0baaf2fa41f810691ce83671363024e49adb71e102daff6d60f410ee511a093baba1c9cab94d71fe251","ssdeep":"","tlshash":"1941efdafb2c521f00743169c13f52899a2e043194604cf6be7865965ec9d5e233acbf","first_seen":"2023-03-11T20:45:21Z","last_seen":"2026-03-23T02:07:37.654628Z","times_seen":41,"resource_available":true,"data":null}},"time_used":1896,"timings":{"blocked":979,"dns":0,"connect":0,"send":0,"wait":917,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/arrow_down.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/arrow_down.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 289\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":289,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"c6da159d691d842ac9072644949520e7","sha1":"23a92e9d6aaa254dcdf153b84103a66cdcbf75c6","sha256":"4899cf15bbcc4d6d63e0868f8febe6f0a8b93fcef72fc8e5c1da32636afce2e7","sha512":"b20eba332ecfa9797b741d429ce1e9509c4b0c27529734f2ee4b9fb1b4813e3d255ffc304fe0078935c12e9f8f58f2c601dc24b5e17061f9d369bb7b828227b7","ssdeep":"","tlshash":"84d0e7f3510c6c7fc08647755041c070dd11e7043b7311504889d37b0470f0cc55c944","first_seen":"2023-06-28T04:15:12Z","last_seen":"2026-04-14T12:00:58.520884Z","times_seen":208,"resource_available":false,"data":null}},"time_used":2861,"timings":{"blocked":2074,"dns":0,"connect":0,"send":0,"wait":787,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/f0/09/25/MEW1MQY_o.jpg","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /f0/09/25/MEW1MQY_o.jpg HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11946\r\nvary: x-s-token\r\nlast-modified: Fri, 20 Sep 2024 00:57:27 GMT\r\netag: \"2eaa-6228285e483c2\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11946,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 472x68, components 3","md5":"7577d743171de29d7d2d0de19e8ec1f5","sha1":"3fc60cf9212a832dcff4fd2b6f01a2ac9e72e589","sha256":"4bf2e0031249f3d37677cfaa9eca897f32b93ac70c62e7a1754f5898f4845af9","sha512":"67972f92e6ff2f11f644f886ed97c0789d0b191c7c2bb62aad5c265d6ce937a67e51d29c74bba0ee1bcaaf6d8573278ebbfb33eaedbf39d3c3f9131d619058af","ssdeep":"192:0mUS79dIdUp+fbW3EbjqInlGoUpKUNVkPtO7yyKcYeqLvcOCqiheZQu4iDSHOC:hZdOUpcy3EbjqInkL7otO7ylxvclPM0","tlshash":"6332c019baba47c8c3671db45a13706ce13d35ecabd05f59c3f1e992b2414c6e83182c","first_seen":"2024-10-04T10:45:17.544086Z","last_seen":"2026-03-28T07:25:35.744155Z","times_seen":34,"resource_available":false,"data":null}},"time_used":35,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":35,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/get/22.386.1758041950.353409076149?res=800","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:30.151Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /get/22.386.1758041950.353409076149?res=800 HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=4eNq575uxC1q02lI; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg10_=1759396710; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg1_=hcDbGT6Yh9BPdfkHuhuc; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:30 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:30 GMT\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range\r\ncontent-type: image/jpg\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":135073,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 799x799, components 3","md5":"af133e2415c81843b080fa9e2f4fd8cb","sha1":"7dfc5b2b7af2d51267a51ea52cd95db1b2e35c74","sha256":"820161ce161d69e3632e0c2b2b1a149821de99f127963f9f3d93220c44dcfd49","sha512":"dee940945777bea689d525152e2a09ca336158ac82e36550c471637f1d8e304606109c5728dec22f7b562a14abebb2a22e4b016452d9230dde7f60a5f926ef18","ssdeep":"1536:cccqVXhpmtcyAPONyXL7uUUVeGz+KGsNOwVXcsxxaNoFFBYf51U4lhttQOihNeNO:JZRsRIXtOsa/8NUFix1jhy1eNEe6XDcG","tlshash":"13d31325a6f50198c39a20339e2877d7c2f035bb649ca9fe239c57773461ca45bd5c8c","first_seen":"2025-10-02T09:18:41.080448Z","last_seen":"2025-10-02T09:18:41.080448Z","times_seen":1,"resource_available":false,"data":null}},"time_used":967,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":967,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/logo_wg_blue_370x100.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/logo_wg_blue_370x100.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 18188\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 370 x 100, 8-bit/color RGBA, non-interlaced","md5":"5edcce6435b4f03eb379dfc99db2ce39","sha1":"8d51946b5849704676379ab5f1e916770a984cb9","sha256":"fa43e867be6f55ab8ca334bc812de4a7c39c281265e29144e5635b1aa65b3e6d","sha512":"f0498787b14ab70eca9dd6f6b7df683fd0491b1231a624339552127328ec8d5a98ec92b774cae00a4c187d6f92f8a4cb74cae56321b832555dd012fd4160a5a2","ssdeep":"384:AJXE05HnZOEWOBc1K58Z0A+ZcOyi8ugCJIL:835HnZOEWPB+A2hmCeL","tlshash":"a782d0cdf58c74d2195f3801802d06c4a1a498df9b8b6a14f5caa6fe0895fe73a024ab","first_seen":"2023-11-06T23:52:08Z","last_seen":"2025-11-21T07:14:45.041937Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2922,"timings":{"blocked":1564,"dns":0,"connect":0,"send":0,"wait":1358,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/css3.css?t=1663152267","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/css3.css?t=1663152267 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:27 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"926db993b5ce157d2f8dc0a3ebbb198b","sha1":"7b31fcb7d12af07bb714c01c03e13857a98a2bc3","sha256":"ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e","sha512":"b4123c9f2322e53f026cb79d2a1d6974fe865847e765a4dbb26df9dc00885f2e02ec727132c2e192dd3718adc49dd846a5448a410cdafcf9d90273518e688a04","ssdeep":"","tlshash":"ad5152bf341c06986326e94aba19dee3718f03136576aca5f1d0fc3c1202dbe5e558ad","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-04-28T07:38:14.623673Z","times_seen":330,"resource_available":false,"data":null}},"time_used":1955,"timings":{"blocked":485,"dns":0,"connect":244,"send":0,"wait":978,"receive":0,"ssl":247},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.592Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.js?ver=1823 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89475,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"resource_available":true,"data":null}},"time_used":1490,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1489,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jeditable/jeditable.min.js","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jeditable/jeditable.min.js HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:21 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:16 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8067,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (826)","md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:xlrPWi/42g6jYnrDJDpygVPsKy2fRXKJQwYp5:xlrPb42gQarVDpygKKy2fgCw+5","tlshash":"5df173a53290b5dc46ea7235e4db27096132b54607b9f036a4b508e42f78dc4e633fde","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.673596Z","times_seen":646,"resource_available":true,"data":null}},"time_used":1840,"timings":{"blocked":923,"dns":0,"connect":0,"send":0,"wait":917,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.js?ver=1823 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89475,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"resource_available":true,"data":null}},"time_used":1737,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1736,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/get/22.386.1758041953.170934723203?res=800","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:30.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /get/22.386.1758041953.170934723203?res=800 HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=Fzj0WXip1H8vhqBb; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg10_=1759396710; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg1_=DLcdBMOTKlgnt9I0QfaN; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:30 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:30 GMT\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range\r\ncontent-type: image/jpg\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":117342,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 799x799, components 3","md5":"76828f9b6baac1275c394ac7dc93fdae","sha1":"3ff1773c79500be38f4fcfcc7a04d7edbe984f7e","sha256":"b3d468fed85c429391dd9a8a357214d62cc84702c66e0512d72844c72e7a0393","sha512":"c6e4bd8b291c7ec2ab9d290770a11c8ed67fc51a031d6b539eeb56e7c308aafdd3c6e69d7473f8fa96617a99e5779e640c9d4437599790e94cdeb801463cbbb5","ssdeep":"3072:IXqDMpT9vC6fmcTN0b+sCtZSasM/T33ud:OqGTBDI+sIHhTHa","tlshash":"67b302515966c007278e4387926f705330409b96b1ea07f03b54afaef6d7f3296acde1","first_seen":"2025-10-02T09:18:41.085041Z","last_seen":"2025-10-02T09:18:41.085041Z","times_seen":1,"resource_available":false,"data":null}},"time_used":678,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":678,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/SSaV5XL.jpeg","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /SSaV5XL.jpeg HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 01 Mar 2024 09:17:28 GMT\r\netag: \"ac5e0ea5afe9b03c41a39256936e0ebd\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: 7y5DmH5CX8qd4GlbXKIlIvfexQ_FLmc0JTOJteg63xstglplSdjTIQ==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\nage: 4323159\r\ndate: Thu, 02 Oct 2025 09:18:14 GMT\r\nx-served-by: cache-iad-kiad7000082-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 24475, 0\r\nx-timer: S1759396694.182694,VS0,VE1\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 9319\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 472x68, components 3","md5":"ac5e0ea5afe9b03c41a39256936e0ebd","sha1":"e401f6162453bcb561744420ed5e91835f97979e","sha256":"c7fc322a173f9beb1feb3957e07ee2bbfada340850a91d91896d2f47176ae894","sha512":"8313408c5c29a672b7394071ef83ba50e6ba0f12463e0eb18405a9fc7179f1c9af15b442718b4fd3eef0eec01f8afd0c08efe75fc85998aac717b19f1b72b6cd","ssdeep":"192:hNSB6YAHOjJMEB5u/F2jYRywPUZj88spk5a8oPVBc:2sqT8LcwPF8spIaHPXc","tlshash":"4b129d8fa47fbea39f9bc49a430b09691e25f9c4f628b33e5261142411bdc738d64b54","first_seen":"2024-07-29T14:39:01Z","last_seen":"2026-03-03T09:49:22.794629Z","times_seen":25,"resource_available":false,"data":null}},"time_used":66,"timings":{"blocked":25,"dns":2,"connect":8,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/logo_wg_blue_370x100.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.496Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/logo_wg_blue_370x100.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 18188\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 370 x 100, 8-bit/color RGBA, non-interlaced","md5":"5edcce6435b4f03eb379dfc99db2ce39","sha1":"8d51946b5849704676379ab5f1e916770a984cb9","sha256":"fa43e867be6f55ab8ca334bc812de4a7c39c281265e29144e5635b1aa65b3e6d","sha512":"f0498787b14ab70eca9dd6f6b7df683fd0491b1231a624339552127328ec8d5a98ec92b774cae00a4c187d6f92f8a4cb74cae56321b832555dd012fd4160a5a2","ssdeep":"384:AJXE05HnZOEWOBc1K58Z0A+ZcOyi8ugCJIL:835HnZOEWPB+A2hmCeL","tlshash":"a782d0cdf58c74d2195f3801802d06c4a1a498df9b8b6a14f5caa6fe0895fe73a024ab","first_seen":"2023-11-06T23:52:08Z","last_seen":"2025-11-21T07:14:45.041937Z","times_seen":16,"resource_available":false,"data":null}},"time_used":2270,"timings":{"blocked":969,"dns":0,"connect":0,"send":0,"wait":1301,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img94.pixhost.to/images/660/456277460_logi.jpg","fqdn":"img94.pixhost.to","domain":"pixhost.to","tld":"to"},"ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixhost.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 14:07:17 GMT","end":"Thu, 09 Oct 2025 14:07:16 GMT"},"fingerprint":{"sha1":"47:29:86:DA:76:45:39:89:11:DD:0E:B1:53:76:25:A5:3D:10:4E:69","sha256":"36:9D:8E:94:F4:21:C3:EE:D7:0B:D3:88:A8:9E:3F:A7:6A:6C:CF:F7:74:B5:AC:38:E0:88:68:72:EC:E1:0C:B3"}}},"request":{"raw":"GET /images/660/456277460_logi.jpg HTTP/1.1\r\nHost: img94.pixhost.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Thu, 02 Oct 2025 09:18:21 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 23471\r\nLast-Modified: Mon, 25 Mar 2024 10:25:12 GMT\r\nConnection: keep-alive\r\nETag: \"66015108-5baf\"\r\nCache-Control: max-age=604800, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]}],"data":{"size":23471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 473x101, components 3","md5":"45e1622ff7510b1f1e166a04df8877c6","sha1":"f89e2e8c4f55a501b269c4662d9b62341d313a1f","sha256":"e604f0c8ce13c7d4327b906b8db28f03532268f1d813132833ff09e0bf0bf289","sha512":"c569f62988e3ce96cf1e79725e48942edec12b4eb00904e0c8198e12ce3a8cd9ee10324d17319479c8726c22d2212e5a1aee0be1f70b70cbcbd03e6bb374d682","ssdeep":"384:oc7UEfKB8bKtIcqL22Qey6rU/yIqPZK/Pw8XiGvFEvduVa5V7et5be0:owrS6Oicqq2Qey6g/1qBWBXnuv3nyn","tlshash":"c2b2f24ec9309fb72eeab432e5c5feb50b5b04395053c50734be93b939452642dc1b29","first_seen":"2024-08-19T15:22:14.663515Z","last_seen":"2026-03-03T09:49:22.790326Z","times_seen":21,"resource_available":false,"data":null}},"time_used":219,"timings":{"blocked":73,"dns":0,"connect":36,"send":0,"wait":71,"receive":0,"ssl":38},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/showthread.css?t=1663152268","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/showthread.css?t=1663152268 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:28 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":729,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"505bdc48e30dc3be2936b660732c4a09","sha1":"eff3f44c9cf81385a094c97f82656dba0c0cac22","sha256":"52e7de2ab41fee74ab4c351aff8248a139559ce62c5e43792317e6a5ac598e20","sha512":"6270cfe3e588b06d3da80ae726af8e16a3737bb9ea7c9640d2dbfd4bfc20c2b696006d1526815aac0a2088ff650109ea138a0db72e4e5f3a73437a0c8693efc6","ssdeep":"","tlshash":"20012d050dab6aedec87a4717e91c748005b4c02a98e7d77f45a752c51ce0d1f03b75c","first_seen":"2023-05-22T04:59:32Z","last_seen":"2026-04-25T05:25:37.528115Z","times_seen":129,"resource_available":false,"data":null}},"time_used":979,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":979,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/buttons_bg.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/buttons_bg.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 101\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":101,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 30, 8-bit/color RGB, non-interlaced","md5":"10ce6152f07ec77d9f78d381f7509a05","sha1":"24a50f65d81e1546d9f3ae802ee90be3d791fc8f","sha256":"259e21c6d7c25318e4bc00d2a3ee1b48e24679da1346c2af7718fbb7703f3025","sha512":"f1696601b2112b665d7fe0e7384fcda34962296fcf2153f235008ca954891126052655207c557e740482df62999bfd869b496cd465e097b69f56e35aa5a2b8fd","ssdeep":"","tlshash":"7fb012d6bad0dc3ce39a4563c5110b10f570d2ad074536381c969a385561b00c1d0785","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-04-19T22:17:45.933326Z","times_seen":313,"resource_available":false,"data":null}},"time_used":1743,"timings":{"blocked":770,"dns":0,"connect":0,"send":0,"wait":973,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/t/800/q7QwLarzKV.jpg","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /t/800/q7QwLarzKV.jpg HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=F2XZn6SDJgdgdbJW; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg10_=1759396709; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg1_=zSGxoxrV2afAEQNx5wTa; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:29 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nlocation: https://www.imgbur.cc/get/22.386.1758041950.155933137358?res=800\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":60989,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":493,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/get/22.386.1758041958.677818100460?res=800","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:30.100Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /get/22.386.1758041958.677818100460?res=800 HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=pDZg3fAJCayXUwEP; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg10_=1759396710; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg1_=COj5MtKLtbb6eCoC5h4K; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:30 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:30 GMT\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range\r\ncontent-type: image/jpg\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":78602,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 799x799, components 3","md5":"428d00307c88427cbd87cf4c5f5d19e8","sha1":"859580d0775d4a99aad9730e999e264e742d9159","sha256":"f0ea60249737bc074e7a3b4a9d37ff834367cc6749bc877fd9e2b166ce0cbfc7","sha512":"b11c6f5b4ca352af10d0e61ac287abaf3d403496ed4e2b1289ce8de24626672933bed53b494b80ad018fc8a4ed2efa9a7e093dfbd50b9c26fa206c3de0011f7a","ssdeep":"1536:c5gnmayn4FXVOhn8cEtp1M0YaJeZIGe2ocdkkKck6VpkzRtTjkwYZHownN:lnjyn4FFhttk0N+IGkIqtwZhN","tlshash":"b37312d4113509bcad3a081a1ae9b13c3acb99dda1a63571fd2025b42edfafcc0719dc","first_seen":"2025-10-02T09:18:41.089565Z","last_seen":"2025-10-02T09:18:41.089565Z","times_seen":1,"resource_available":false,"data":null}},"time_used":630,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":630,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/f0/09/25/MEW1MQY_o.jpg","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /f0/09/25/MEW1MQY_o.jpg HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11946\r\nvary: x-s-token\r\nlast-modified: Fri, 20 Sep 2024 00:57:27 GMT\r\netag: \"2eaa-6228285e483c2\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11946,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 472x68, components 3","md5":"7577d743171de29d7d2d0de19e8ec1f5","sha1":"3fc60cf9212a832dcff4fd2b6f01a2ac9e72e589","sha256":"4bf2e0031249f3d37677cfaa9eca897f32b93ac70c62e7a1754f5898f4845af9","sha512":"67972f92e6ff2f11f644f886ed97c0789d0b191c7c2bb62aad5c265d6ce937a67e51d29c74bba0ee1bcaaf6d8573278ebbfb33eaedbf39d3c3f9131d619058af","ssdeep":"192:0mUS79dIdUp+fbW3EbjqInlGoUpKUNVkPtO7yyKcYeqLvcOCqiheZQu4iDSHOC:hZdOUpcy3EbjqInkL7otO7ylxvclPM0","tlshash":"6332c019baba47c8c3671db45a13706ce13d35ecabd05f59c3f1e992b2414c6e83182c","first_seen":"2024-10-04T10:45:17.544086Z","last_seen":"2026-03-28T07:25:35.744155Z","times_seen":34,"resource_available":false,"data":null}},"time_used":3161,"timings":{"blocked":1561,"dns":27,"connect":28,"send":0,"wait":32,"receive":0,"ssl":70},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/video.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/video.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 570\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":570,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"2c01b61fa388438b0fab30524290db33","sha1":"31663b5f42907643dc31d730ceeffcbafdad20ee","sha256":"7a6dc7c2ba07ed1d8287cb50801464e10590c0c0618c323ef2157745ca74f260","sha512":"bca71766ea69c82410c6bc5bb419719a26338d4cfcca580c1aa3622c014b072a789875bcccfce120760cf55821650694e7a4617ec48bef18b576ced614a3393d","ssdeep":"","tlshash":"4cf09699e047e57cfaf623243404d414c546171d10d19730094bf65818bb5cec1fc34a","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-02-12T23:53:19.122399Z","times_seen":18,"resource_available":false,"data":null}},"time_used":2866,"timings":{"blocked":1894,"dns":0,"connect":0,"send":0,"wait":972,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/0b/91/b7/MEPGKWU_o.png","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.501Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /0b/91/b7/MEPGKWU_o.png HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:21 GMT\r\ncontent-type: image/png\r\ncontent-length: 44731\r\nvary: x-s-token\r\nlast-modified: Fri, 13 Oct 2023 10:07:48 GMT\r\netag: \"aebb-607963a7d7522\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGBA, non-interlaced","md5":"5dc04640a2447d0b093e4cba51cec2f4","sha1":"0ca53866e4ed6e5a98a40a6c6c90fdc4dd40417f","sha256":"c4120403408d7087e1c2a34f1794a920c98233e878b3df4b5d9e877ed260ea79","sha512":"3b36933b9129ea29078fa9e301e6c98a1fae985652532a0eb2de84910d79d0507e145cf49d44201dce12766dbe30f8bbe575f3ce794c479bc424cccd0dd70c39","ssdeep":"768:LqDB7xVx9UbrnnZkUah3ZNx/uuF01ma0cHmvbw9yu5GGUaMcMHhjrE6Lknz:eDxxtaKUa5Z3/uuyYa0cHmNu5GGUjH5c","tlshash":"a11302acc00f5db5dc4781ff92328579bdd39d9ab452296a46ac34d232188edbd72330","first_seen":"2023-10-18T22:39:19Z","last_seen":"2026-04-12T19:10:50.475175Z","times_seen":45,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":57,"receive":28,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/global.css?t=1663152268","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/global.css?t=1663152268 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:28 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31277,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6dca31a92bd774f00e8513b3f141ca51","sha1":"2f8b2c7d691ee232eb76b0c3e7c905419efe896c","sha256":"969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623","sha512":"691fc035589397c4e661836d88524ad187a2499bff9d4f4f3bd5a85fafdd74fe697268272206432c35e24cfa6f339a18a5207b208aabacbd2e8a6edefc97cef3","ssdeep":"768:SSlX9UEND0StaM7xZ6h6tLSGOL3bLnSbcAmSna:SSB9UENCMrLSGOHLnSna","tlshash":"c4e2507b35511989720f90eafe15dbd9272f0092be0e1f25b4ad3d7ca3894e01537ea8","first_seen":"2023-04-14T13:41:58Z","last_seen":"2026-04-26T09:57:07.904639Z","times_seen":279,"resource_available":false,"data":null}},"time_used":1151,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1151,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/heart.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.591Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/heart.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 637\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"41a0b6e3ef059b9507b4b0616808c408","sha1":"3739d0c95531d18e6d1ddad097e84e3e8192281e","sha256":"2e3d03afd2a3b318757ea9b66dfaa9335df241746620a6ab69dea8cae591b926","sha512":"7e8fcb1ad7f51b60dd8ecf99349ad47d5e5ed1e4d9b9d4bc187309cd811c978b0927975d50f9974467687116bb86caae652ba1f44fd0da9dda39a5935dc13da5","ssdeep":"","tlshash":"bcf062c1b432c0ac931759fbe5211ea0093e361c4205adb6571c09bc930c8be95a2df7","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-02-12T23:53:19.143786Z","times_seen":34,"resource_available":false,"data":null}},"time_used":1928,"timings":{"blocked":1195,"dns":0,"connect":0,"send":0,"wait":733,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/global.css?t=1663152268","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/global.css?t=1663152268 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:15 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:28 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31277,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6dca31a92bd774f00e8513b3f141ca51","sha1":"2f8b2c7d691ee232eb76b0c3e7c905419efe896c","sha256":"969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623","sha512":"691fc035589397c4e661836d88524ad187a2499bff9d4f4f3bd5a85fafdd74fe697268272206432c35e24cfa6f339a18a5207b208aabacbd2e8a6edefc97cef3","ssdeep":"768:SSlX9UEND0StaM7xZ6h6tLSGOL3bLnSbcAmSna:SSB9UENCMrLSGOHLnSna","tlshash":"c4e2507b35511989720f90eafe15dbd9272f0092be0e1f25b4ad3d7ca3894e01537ea8","first_seen":"2023-04-14T13:41:58Z","last_seen":"2026-04-26T09:57:07.904639Z","times_seen":279,"resource_available":false,"data":null}},"time_used":2038,"timings":{"blocked":469,"dns":0,"connect":235,"send":0,"wait":1096,"receive":0,"ssl":237},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/general.js?ver=1827 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:11 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (322)","md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"resource_available":true,"data":null}},"time_used":1069,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1069,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"img94.pixhost.to/images/660/456277460_logi.jpg","fqdn":"img94.pixhost.to","domain":"pixhost.to","tld":"to"},"ip":{"addr":"94.229.45.2","port":443,"asn":48326,"as":"DataNetworks s.r.o.","country":"Slovakia","country_code":"SK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pixhost.to","organization":""},"issuer":{"commonName":"R11","organization":"Let's Encrypt"},"validity":{"start":"Fri, 11 Jul 2025 14:07:17 GMT","end":"Thu, 09 Oct 2025 14:07:16 GMT"},"fingerprint":{"sha1":"47:29:86:DA:76:45:39:89:11:DD:0E:B1:53:76:25:A5:3D:10:4E:69","sha256":"36:9D:8E:94:F4:21:C3:EE:D7:0B:D3:88:A8:9E:3F:A7:6A:6C:CF:F7:74:B5:AC:38:E0:88:68:72:EC:E1:0C:B3"}}},"request":{"raw":"GET /images/660/456277460_logi.jpg HTTP/1.1\r\nHost: img94.pixhost.to\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.24.0 (Ubuntu)\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: image/jpeg\r\nContent-Length: 23471\r\nLast-Modified: Mon, 25 Mar 2024 10:25:12 GMT\r\nConnection: keep-alive\r\nETag: \"66015108-5baf\"\r\nCache-Control: max-age=604800, public\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Ubuntu","description":"Ubuntu is a free and open-source operating system on Linux for the enterprise server, desktop, cloud, and IoT.","website":"https://www.ubuntu.com/server","common_platform_enumeration":"cpe:2.3:o:canonical:ubuntu_linux:*:*:*:*:*:*:*:*","icon":"Ubuntu.svg","categories":["Operating systems"]},{"name":"Nginx:1.24.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23471,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 473x101, components 3","md5":"45e1622ff7510b1f1e166a04df8877c6","sha1":"f89e2e8c4f55a501b269c4662d9b62341d313a1f","sha256":"e604f0c8ce13c7d4327b906b8db28f03532268f1d813132833ff09e0bf0bf289","sha512":"c569f62988e3ce96cf1e79725e48942edec12b4eb00904e0c8198e12ce3a8cd9ee10324d17319479c8726c22d2212e5a1aee0be1f70b70cbcbd03e6bb374d682","ssdeep":"384:oc7UEfKB8bKtIcqL22Qey6rU/yIqPZK/Pw8XiGvFEvduVa5V7et5be0:owrS6Oicqq2Qey6g/1qBWBXnuv3nyn","tlshash":"c2b2f24ec9309fb72eeab432e5c5feb50b5b04395053c50734be93b939452642dc1b29","first_seen":"2024-08-19T15:22:14.663515Z","last_seen":"2026-03-03T09:49:22.790326Z","times_seen":21,"resource_available":false,"data":null}},"time_used":220,"timings":{"blocked":74,"dns":0,"connect":36,"send":0,"wait":70,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.154Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/general.js?ver=1827 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:15 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:11 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (322)","md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"resource_available":true,"data":null}},"time_used":2017,"timings":{"blocked":460,"dns":0,"connect":231,"send":0,"wait":1090,"receive":0,"ssl":234},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/collapse.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.156Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/collapse.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 369\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:37 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":369,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"6af553ac5e86504743b02f220405abdd","sha1":"c07e8d586443c0ace4d91eea0d46476845b6baec","sha256":"408e40949e493302b9fd79a82e68c13509ba6370f04be5088ccd7503a4d1f94c","sha512":"ad6b02d1d9bbfd12b1eea6e8e59f5dd29229cefb66f92cef7e6a64f9839fb10273d226b8935bce9d44cabf08ee68c207670917b04322f9d3c8fa11df9ae291f2","ssdeep":"","tlshash":"b2e0f8d6a1522829dc94ae828906d008bb52272802899f4a8a0690a60039fc806b56fa","first_seen":"2023-05-08T13:43:42Z","last_seen":"2026-04-28T07:38:14.617711Z","times_seen":360,"resource_available":false,"data":null}},"time_used":2517,"timings":{"blocked":1563,"dns":0,"connect":0,"send":0,"wait":954,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/forum_icon_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:15.734Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/forum_icon_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 1130\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1130,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 30 x 120, 8-bit colormap, non-interlaced","md5":"212f6e3895ee44bf54b31cf39a162611","sha1":"7d1f15044536b4f243495c47b03b2334b5493b4f","sha256":"b95e7d7fb4d9efd1e305194cd5ec83f0b16a02baad62b355c66f1af8688a528b","sha512":"7c968518495f4b58c53f29a58bc0151ce5d37500769a1c7f838c39b56613eae5ba36a4f3f6fbc059fa117578b098411b56837319d772e61af97c76d4de9d55a9","ssdeep":"","tlshash":"f021b97b4b9164208d8c7bfc691374124e7a999d3846757fb1af2630041d5bb5409150","first_seen":"2023-05-08T13:43:42Z","last_seen":"2026-04-28T07:38:14.616417Z","times_seen":324,"resource_available":false,"data":null}},"time_used":966,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":966,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/jump.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/jump.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 305\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":305,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"4edbd2227ba89f7f4a5356c934728532","sha1":"64d76050b2f5d1cc8d6b5eb45db5146c60779be6","sha256":"65d5b4ca887168420193f5fad6cd1762cfe160f3d321490593c858c571545409","sha512":"8e6476356f6dba88d6f01d8c066c2b766f95eccb4fd5e875dc16b8476d60f48682562dbec785665319a2dfa11a42163b42be7a7534a7d19520804ca8f7455578","ssdeep":"","tlshash":"dae0e7d272177e3cc10155b9100920f4dc3f109c1750880ccd49523c68a2a5dddd04e5","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-04-24T11:36:44.884191Z","times_seen":38,"resource_available":false,"data":null}},"time_used":2802,"timings":{"blocked":1895,"dns":0,"connect":0,"send":0,"wait":907,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/f0/09/25/MEW1MQY_o.jpg","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /f0/09/25/MEW1MQY_o.jpg HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 11946\r\nvary: x-s-token\r\nlast-modified: Fri, 20 Sep 2024 00:57:27 GMT\r\netag: \"2eaa-6228285e483c2\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11946,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 472x68, components 3","md5":"7577d743171de29d7d2d0de19e8ec1f5","sha1":"3fc60cf9212a832dcff4fd2b6f01a2ac9e72e589","sha256":"4bf2e0031249f3d37677cfaa9eca897f32b93ac70c62e7a1754f5898f4845af9","sha512":"67972f92e6ff2f11f644f886ed97c0789d0b191c7c2bb62aad5c265d6ce937a67e51d29c74bba0ee1bcaaf6d8573278ebbfb33eaedbf39d3c3f9131d619058af","ssdeep":"192:0mUS79dIdUp+fbW3EbjqInlGoUpKUNVkPtO7yyKcYeqLvcOCqiheZQu4iDSHOC:hZdOUpcy3EbjqInkL7otO7ylxvclPM0","tlshash":"6332c019baba47c8c3671db45a13706ce13d35ecabd05f59c3f1e992b2414c6e83182c","first_seen":"2024-10-04T10:45:17.544086Z","last_seen":"2026-03-28T07:25:35.744155Z","times_seen":34,"resource_available":false,"data":null}},"time_used":36,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":36,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/showthread.php?tid=545","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T09:18:26.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /showthread.php?tid=545 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:27 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nSet-Cookie: mybb[lastactive]=1759396706; expires=Fri, 02-Oct-2026 09:18:26 GMT; path=/; domain=.wgirlss.vc\nmybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D; path=/; domain=.wgirlss.vc\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":51285,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (377), with CRLF, LF line terminators","md5":"f22d73226b2476b294e6d3e2c5ee751d","sha1":"9c365f56b42cebaac29655a23525d43e41c477d5","sha256":"0cd0fb276238f11e9808b392ad6214afb1d929f536ef5ec4cb8d8e7d1124d3e8","sha512":"49551eefe22cac82eb5a4f1c05a28f337c576a2bf07c5b968a2ceb344e532bebf7e07582aac63b32ec13f0c66796fa26d2201ba6c378d20d038fb980a35c6132","ssdeep":"1536:emuwUC7yMQ1NfK72XyDgMG70ygmen9+Sg3+QKISkSvqeQuwqNq6LWFb11:emuwUC7yiNEWAOthPe7","tlshash":"0f33c8261c9e993b4b8253f3b5213ffe2c778c90e3a54415f1e947a537c2e8b98324a5","first_seen":"2025-10-02T09:18:41.096957Z","last_seen":"2025-10-02T09:18:41.096957Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1398,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1398,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/star.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.511Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/star.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 507\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":507,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"326a371b68658af5b686032dd2228400","sha1":"1b73fe7082f7caab7b2e28171f983d589c627d90","sha256":"a9998e3929197f70abb1e475f7dcd76e7a9674bbfd68c02195afd756f51cad52","sha512":"ad674f27ed2996e8b15b994c313bb019dec0405b3c84f9e4c2f1ef5816f9efa011d2679394182f5d49f4a4485999316cf3331123908789cc06ec734ad188678c","ssdeep":"","tlshash":"e4f00e8376485aad8200106f28a2a436eff66fa00ad16c651b67c724342157e5bc8f7f","first_seen":"2023-05-22T04:59:32Z","last_seen":"2026-04-19T06:50:43.92225Z","times_seen":341,"resource_available":false,"data":null}},"time_used":2826,"timings":{"blocked":2073,"dns":0,"connect":0,"send":0,"wait":753,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/KYB7SI6.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /KYB7SI6.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Fri, 01 Mar 2024 09:18:32 GMT\r\netag: \"6b0d552f8cc22088b762f6350c1d71bb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: ud9RlX17unjBaKwOdum2ZnCxLnUoyqVmVCdyDzrf3kKZdhIIdpB8Dw==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nage: 2056132\r\nx-served-by: cache-iad-kiad7000150-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 21577, 3\r\nx-timer: S1759396710.595669,VS0,VE0\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 34705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"6b0d552f8cc22088b762f6350c1d71bb","sha1":"d8c2b4a8c2edaec452aecb4894efed2a7d5d143f","sha256":"bd5bf61a24a70da89042d3db08e13dbe7bd4eafc9fd3390d7597d970f1a921fd","sha512":"b8a5b043a87219119e861dea947b1ea4803965604d78be8f0cbb8e87a38e42781ddadd883759250596a6aeeb20637c622de56a952b816fae9f619ba8e42c4c52","ssdeep":"768:WG6Nuit8577sj7y1NkytxnCITPa4sywktGk9jG2qrKOhvJJjvkMbPzfC:JTi26E5AIzDsyw2Rj7qrKOhvJhxbP2","tlshash":"9ff2f1142fa18aafe090b743f936cf6404b6f8c5401175baa910447dada0f93fbced94","first_seen":"2024-06-30T01:47:08Z","last_seen":"2026-04-23T17:58:29.894677Z","times_seen":69,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T09:18:12.291Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:13 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nSet-Cookie: mybb[lastvisit]=1759396693; expires=Fri, 02-Oct-2026 09:18:13 GMT; path=/; domain=.wgirlss.vc\nmybb[lastactive]=1759396693; expires=Fri, 02-Oct-2026 09:18:13 GMT; path=/; domain=.wgirlss.vc\nsid=6cda27b98d80baadfced1c05420b7f42; path=/; domain=.wgirlss.vc; HttpOnly\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]}],"data":{"size":23269,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (2542), with CRLF, LF line terminators","md5":"34b6fc7f9e69376a36ae71ecfef62132","sha1":"38e25a0995ef03f1ab56baf7afe304763dc2f6c6","sha256":"7d2cf0b474800a5e8024845287c5bbb850a90c281587226e690afe2b9f29e4df","sha512":"6169b269f541e0875b45c11542d937d6bda1e2ca16faa22baf00b8cd775bbc3995fb23c760d37dd6dea27628139034d1ebdcea7e360591cf58aea503ba942ce3","ssdeep":"192:2sqyKEmsQxwRkimu55EoiT5YVI7yJk94wrdP3Mz8BsTSXR9rSh02FZomPqIya9fl:2eKEmwkimG6YVI7ykDvYCrf92Dyufl","tlshash":"e7a2c76354ac293f478383d274693badd1fb807de2ac092bf5e1483b37c5ed5a492189","first_seen":"2025-10-02T09:18:41.098744Z","last_seen":"2025-10-02T09:18:41.098744Z","times_seen":1,"resource_available":false,"data":null}},"time_used":2362,"timings":{"blocked":568,"dns":45,"connect":256,"send":0,"wait":1226,"receive":0,"ssl":267},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.js?ver=1823","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.js?ver=1823 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:14 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":89475,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (65451)","md5":"12b69d0ae6c6f0c42942ae6da2896e84","sha1":"d2cc8d43ce1c854b1172e42b1209502ad563db83","sha256":"6150a35c0f486c46cadf0e230e2aa159c7c23ecfbb5611b64ee3f25fcbff341f","sha512":"a55f55d56899ab440ef0cae17b28d5cc8f5b9766d1e9bc1a8ac6b89376924b476c1ab0c325497eb5d44af41f4ebf8eea236d87a36902244b8a3eca54994b8711","ssdeep":"1536:AjExXUqrnxDjoXEZxkMV4SYSt0zvDD6ip3h8cApwEjOPrBeU6QLiTFbc0QlQvakV:AYh8eip3huuf6IidlrvakdtQ47GKl","tlshash":"e893f9ddb2c6702257a720ba007f510bf236199d6c4d8450f265d8e9bcb8a4e827bf7d","first_seen":"2023-03-07T01:02:27Z","last_seen":"2026-04-28T16:04:27.311229Z","times_seen":15272,"resource_available":true,"data":null}},"time_used":1472,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1472,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/forumdisplay.php?fid=6","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2025-10-02T09:18:18.270Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /forumdisplay.php?fid=6 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: same-origin\r\nSec-Fetch-User: ?1\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:19 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nCache-Control: no-cache, private\r\nSet-Cookie: mybb[lastactive]=1759396698; expires=Fri, 02-Oct-2026 09:18:18 GMT; path=/; domain=.wgirlss.vc\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MyBB","description":"MyBB is a free and open-source forum software written in PHP.","website":"https://mybb.com","common_platform_enumeration":"cpe:2.3:a:mybb:mybb:*:*:*:*:*:*:*:*","icon":"MyBB.png","categories":["Message boards"]}],"data":{"size":72001,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, ASCII text, with very long lines (395)","md5":"074fa0d680ead5ebbb1c5efabdf94925","sha1":"6c0486194938bc983839423c6fc69d75f89844db","sha256":"63769347718cb277f98e1451c23fd0e6b69025a8f7e97096f9c3462518479636","sha512":"9bdf3a2c1e066c6b0689c357339b2c7ce4598603bc450534d9a36a22fc8c6217fac59385b51d15c20d9107e99b22a6938fbd5c8cbd83fcf3b310dd5129953ec6","ssdeep":"1536:smXZ7yS1HJwuCiAU1zx/Q0H+SFFwshsYqZTE:smXZ7yG","tlshash":"d063325a1e7d677b03c3cae3b0912b6794fb4ca8a1d4462ef5e9850536cff87e816084","first_seen":"2025-10-02T09:18:41.099956Z","last_seen":"2025-10-02T09:18:41.099956Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1297,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1297,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/music.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/music.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 437\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":437,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"98d781abca4189e6cd82f7ff0f76d4a7","sha1":"06d67cfdbe9fbf976339ebecd29b5f04146b8783","sha256":"e05b351401e5dbd058038244e70f90c229485fdb0392990c0f888b5bd5bf0483","sha512":"ba5928e62b6af393f5835a80b11ce54967da3a121c3f1753211e19824fb3a0c77e268502b6c408d5a2e7567604eadc04b648d16c27e5f122dc178ca9e2d7f242","ssdeep":"","tlshash":"54e023c3bbd0af3c751b2374852744521d60508203aef26ae713386443c85b810d9902","first_seen":"2023-11-12T04:35:13Z","last_seen":"2026-01-15T11:25:41.086585Z","times_seen":8,"resource_available":false,"data":null}},"time_used":2805,"timings":{"blocked":1895,"dns":0,"connect":0,"send":0,"wait":910,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/bug.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.599Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/bug.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 532\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:52 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":532,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"37f86512ae9419d5b02dfb821307e022","sha1":"39935cdda52416c198bd79570743bb1e16ddefd8","sha256":"065a045a4733545d18e709636226a9609c5d8b9b514af971bd1611c2c5549204","sha512":"67030e5398474a7a6ea7c087262e2bca347f0d55d477629fdfd40a312ed91a9b61e9cf23fc1f344d4ff4b4bb0a506c0d83c0869ad2c760291a73a30e79da764b","ssdeep":"","tlshash":"8df075a77b647c74539d6c32219fcc215607050c4924234b840f2b9360ec8cbc09abf6","first_seen":"2024-10-27T05:17:24.561855Z","last_seen":"2025-11-21T14:12:21.36501Z","times_seen":5,"resource_available":false,"data":null}},"time_used":4442,"timings":{"blocked":3704,"dns":0,"connect":0,"send":0,"wait":738,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/SSaV5XL.jpeg","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.500Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /SSaV5XL.jpeg HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 01 Mar 2024 09:17:28 GMT\r\netag: \"ac5e0ea5afe9b03c41a39256936e0ebd\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: 7y5DmH5CX8qd4GlbXKIlIvfexQ_FLmc0JTOJteg63xstglplSdjTIQ==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Thu, 02 Oct 2025 09:18:21 GMT\r\nage: 4323166\r\nx-served-by: cache-iad-kiad7000082-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 24475, 1\r\nx-timer: S1759396701.499641,VS0,VE2\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 9319\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":9319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 472x68, components 3","md5":"ac5e0ea5afe9b03c41a39256936e0ebd","sha1":"e401f6162453bcb561744420ed5e91835f97979e","sha256":"c7fc322a173f9beb1feb3957e07ee2bbfada340850a91d91896d2f47176ae894","sha512":"8313408c5c29a672b7394071ef83ba50e6ba0f12463e0eb18405a9fc7179f1c9af15b442718b4fd3eef0eec01f8afd0c08efe75fc85998aac717b19f1b72b6cd","ssdeep":"192:hNSB6YAHOjJMEB5u/F2jYRywPUZj88spk5a8oPVBc:2sqT8LcwPF8spIaHPXc","tlshash":"4b129d8fa47fbea39f9bc49a430b09691e25f9c4f628b33e5261142411bdc738d64b54","first_seen":"2024-07-29T14:39:01Z","last_seen":"2026-03-03T09:49:22.794629Z","times_seen":25,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/folders_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/folders_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/thread_status.css?t=1663152269\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 4485\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4485,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 340, 8-bit/color RGBA, non-interlaced","md5":"a8a79584d9a93d092b19b6a7c7bd78e2","sha1":"cc20c6864cabef4a78c92d176412d4a580fb1992","sha256":"fa836188e344f3a4427164dbea1cc39b8aee32be68885acb09c3df986c4a4e7c","sha512":"549123125aca8ac3fad70cb5c542fe52792b0d7feebf2d75854b0ed275db6f840d8af6908c9e5c366ae6da5687422eacb880e0da545d1a4be1959901dab496e2","ssdeep":"96:rnc7giRu6ZJ7JRRYd1Rnv4xN9bzlRH3y0HjjENLz:r4Tv/RgKfzHCmjjkLz","tlshash":"29917c5b95eb97e5253092d40fba1138727704ac9510dccba40aae6ecf0638cce65968","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-03-21T23:59:35.824759Z","times_seen":37,"resource_available":false,"data":null}},"time_used":1799,"timings":{"blocked":898,"dns":0,"connect":0,"send":0,"wait":901,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/report.js?ver=1820","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/report.js?ver=1820 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:14 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":925,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"e750915e1cec2dda6aa240b193a960b8","sha1":"a7eda9f37770a056b70b35279b4bb5a1f55c9d5b","sha256":"1feb21e91253a450d8b9bc6273a8b4280664089793561d44f4ec474da496e43a","sha512":"df7f8913749303ff464c3bfc4ab32857278b2ea94fe9059d8f7c6ae432df2f51ad9eb64ae21a840626b5f348159aa25db0863ba4fa1f1a8cc7ff73a4fcdd3be5","ssdeep":"","tlshash":"8511906afb3d6c1242fe34d3f49f0acd3a7848215c506cb6dc6017b994ede5b112294e","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.700971Z","times_seen":572,"resource_available":true,"data":null}},"time_used":1922,"timings":{"blocked":973,"dns":0,"connect":0,"send":0,"wait":949,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/headerlinks_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/headerlinks_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 2342\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 196, 8-bit colormap, non-interlaced","md5":"e38f7f29cf3f740d7dc3651cb82098ec","sha1":"65787e91831d3707a9ec747ab272c1fb5d52b2d8","sha256":"bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a","sha512":"160481f72d35abdbc7114bb1164915891335978ad8f60529af7e03082cbd29b833e761f97422838e05161ccbffc8b9760573ae27a3f35f367342f98b1abceacb","ssdeep":"","tlshash":"cb414bbb7671dd3c78f04437a0e7f598ee505e2c59948d762898b1909d3008294b1c88","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.630607Z","times_seen":515,"resource_available":false,"data":null}},"time_used":1706,"timings":{"blocked":736,"dns":0,"connect":0,"send":0,"wait":970,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/showthread_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.603Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/showthread_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/showthread.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 1455\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1455,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 100, 8-bit colormap, non-interlaced","md5":"d539ea2b126147223860ddbbe5c752c0","sha1":"dccc6df4f03a89ed39e138970ea530a31425c35b","sha256":"9525dfe2e9fb02b5b2875ba5151fcb62a680653d633f20926f3bf9f4003be80c","sha512":"bfbb5bdd05ac4518be278b08d5ffcd48182d75cca5881b3a1cc8c3d5e31b4970e74cfc92f749134c9e2fab1184d6747a5b04d231df8b7a01ab1780199e0fff15","ssdeep":"","tlshash":"4231e9f735c47a661d9213b98738224d0ebefe99202503f1654fe4e6380b3e5c15e4ad","first_seen":"2023-05-22T04:59:32Z","last_seen":"2026-04-19T06:50:43.949213Z","times_seen":250,"resource_available":false,"data":null}},"time_used":2287,"timings":{"blocked":1553,"dns":0,"connect":0,"send":0,"wait":734,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/0b/91/b7/MEPGKWU_o.png","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.157Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /0b/91/b7/MEPGKWU_o.png HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:15 GMT\r\ncontent-type: image/png\r\ncontent-length: 44731\r\nvary: x-s-token\r\nlast-modified: Fri, 13 Oct 2023 10:07:48 GMT\r\netag: \"aebb-607963a7d7522\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGBA, non-interlaced","md5":"5dc04640a2447d0b093e4cba51cec2f4","sha1":"0ca53866e4ed6e5a98a40a6c6c90fdc4dd40417f","sha256":"c4120403408d7087e1c2a34f1794a920c98233e878b3df4b5d9e877ed260ea79","sha512":"3b36933b9129ea29078fa9e301e6c98a1fae985652532a0eb2de84910d79d0507e145cf49d44201dce12766dbe30f8bbe575f3ce794c479bc424cccd0dd70c39","ssdeep":"768:LqDB7xVx9UbrnnZkUah3ZNx/uuF01ma0cHmvbw9yu5GGUaMcMHhjrE6Lknz:eDxxtaKUa5Z3/uuyYa0cHmNu5GGUjH5c","tlshash":"a11302acc00f5db5dc4781ff92328579bdd39d9ab452296a46ac34d232188edbd72330","first_seen":"2023-10-18T22:39:19Z","last_seen":"2026-04-12T19:10:50.475175Z","times_seen":45,"resource_available":false,"data":null}},"time_used":1707,"timings":{"blocked":1563,"dns":0,"connect":28,"send":0,"wait":55,"receive":28,"ssl":33},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/tcat.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:15.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/tcat.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 131\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced","md5":"10b96a318e186e39860a5945a9071b92","sha1":"daa068efc07bb97ff0a2af218aedebbb28c9f1bb","sha256":"91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf","sha512":"7b1f7e9ee0a9157cf0edebfd597a9f1a7bf42bb1062c63b420a86234799b2db8bc707d4d570d4b5dab3c192347543f35c15767528eb3b390e3b03150e843c33c","ssdeep":"","tlshash":"11c02bf277614836ec150f770fd50124f9b0464072f52620004f80313c71104d4441c2","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.623144Z","times_seen":463,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1009,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/headerlinks_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/headerlinks_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 2342\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 196, 8-bit colormap, non-interlaced","md5":"e38f7f29cf3f740d7dc3651cb82098ec","sha1":"65787e91831d3707a9ec747ab272c1fb5d52b2d8","sha256":"bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a","sha512":"160481f72d35abdbc7114bb1164915891335978ad8f60529af7e03082cbd29b833e761f97422838e05161ccbffc8b9760573ae27a3f35f367342f98b1abceacb","ssdeep":"","tlshash":"cb414bbb7671dd3c78f04437a0e7f598ee505e2c59948d762898b1909d3008294b1c88","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.630607Z","times_seen":515,"resource_available":false,"data":null}},"time_used":1649,"timings":{"blocked":740,"dns":0,"connect":0,"send":0,"wait":909,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.506Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (14798)","md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"resource_available":true,"data":null}},"time_used":969,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":969,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/buddy_online.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/buddy_online.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 330\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:36 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":330,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"6bd9bf44c2f3732935df9d0487e5a73f","sha1":"e86e993720e9add9e8bd9d5971cb32e4ccce0e69","sha256":"fe106a8979e106df449e1229f8c7c546e52de9fcc77b7734f22eb781868118ce","sha512":"293f3a0eaa530c222d569aa7235cac06f7fb760d7246fbf20e4f023e4ae0cfa5ef42d53a048ea271a07587a6fa189b8910de57fa099d56e82d49672fcc31f46e","ssdeep":"","tlshash":"11e0c0c231795e73511b071e8006fc216f115ca915914c88b81f00980211c5c90f5dd2","first_seen":"2023-07-12T13:53:02Z","last_seen":"2026-04-12T19:10:50.49075Z","times_seen":71,"resource_available":false,"data":null}},"time_used":2836,"timings":{"blocked":2073,"dns":0,"connect":0,"send":0,"wait":763,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/global.css?t=1663152268","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/global.css?t=1663152268 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:28 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":31277,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"6dca31a92bd774f00e8513b3f141ca51","sha1":"2f8b2c7d691ee232eb76b0c3e7c905419efe896c","sha256":"969bc9ffb0d9ee825abb23a99e1f634f4cffe59df319d1afdcdf61e5733c2623","sha512":"691fc035589397c4e661836d88524ad187a2499bff9d4f4f3bd5a85fafdd74fe697268272206432c35e24cfa6f339a18a5207b208aabacbd2e8a6edefc97cef3","ssdeep":"768:SSlX9UEND0StaM7xZ6h6tLSGOL3bLnSbcAmSna:SSB9UENCMrLSGOHLnSna","tlshash":"c4e2507b35511989720f90eafe15dbd9272f0092be0e1f25b4ad3d7ca3894e01537ea8","first_seen":"2023-04-14T13:41:58Z","last_seen":"2026-04-26T09:57:07.904639Z","times_seen":279,"resource_available":false,"data":null}},"time_used":1090,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1090,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/nav_bit.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/nav_bit.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:24 GMT\r\nContent-Type: image/png\r\nContent-Length: 86\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:40 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced","md5":"918839ed4dd4400570446568b618d34a","sha1":"b5e3d9cc407bf5b777d184e17cda2d1962abdb26","sha256":"59d3751e6d307cdf95243f8d969e93de7a67f631e173b7d7d9faf3086d2afc9e","sha512":"2f0a2ccc18d73389c4788ab3879fce3bc3f3052afd35afda5776978e33f2e0ad62ca9a0fe2837f1c0170ede081e29c7d81e37191c0b4b49ed775fc0f44415229","ssdeep":"","tlshash":"16a011e223a00e38e20a0323a008222aecf0020c2a30280808a88aa8220888882c02cf","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-04-19T06:50:43.946242Z","times_seen":260,"resource_available":false,"data":null}},"time_used":4550,"timings":{"blocked":3557,"dns":0,"connect":0,"send":0,"wait":993,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/favicon.ico","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:23.725Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:24 GMT\r\nContent-Type: image/x-icon\r\nContent-Length: 3466\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:43:06 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3466,"size_decoded":0,"mime_type":"image/x-icon","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"a897fe69eafdd574bda12a23a4920bf0","sha1":"d27ed9fe8fa5b14950cfc5fb0a2963518d3767bf","sha256":"93fd435b9c34166a9a3a52fc82befdc4102d7e3698f5b3bd1b69edc0858f245c","sha512":"9e7189620b8319d38b8eaaff4eb26f7977f420e22d58548fb98c8e05204365f076219d9714856974439028ee8159473939be2833657f08cc5e5d2b073b2c96f9","ssdeep":"","tlshash":"36616badea70955f789e39610ecd0701a3ae372c96833278d0c17bdf0091e0bab19475","first_seen":"2023-11-06T23:52:08Z","last_seen":"2025-11-21T07:14:45.049571Z","times_seen":16,"resource_available":false,"data":null}},"time_used":987,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":987,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/logo_wg_blue_370x100.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.587Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/logo_wg_blue_370x100.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 18188\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:39 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":18188,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 370 x 100, 8-bit/color RGBA, non-interlaced","md5":"5edcce6435b4f03eb379dfc99db2ce39","sha1":"8d51946b5849704676379ab5f1e916770a984cb9","sha256":"fa43e867be6f55ab8ca334bc812de4a7c39c281265e29144e5635b1aa65b3e6d","sha512":"f0498787b14ab70eca9dd6f6b7df683fd0491b1231a624339552127328ec8d5a98ec92b774cae00a4c187d6f92f8a4cb74cae56321b832555dd012fd4160a5a2","ssdeep":"384:AJXE05HnZOEWOBc1K58Z0A+ZcOyi8ugCJIL:835HnZOEWPB+A2hmCeL","tlshash":"a782d0cdf58c74d2195f3801802d06c4a1a498df9b8b6a14f5caa6fe0895fe73a024ab","first_seen":"2023-11-06T23:52:08Z","last_seen":"2025-11-21T07:14:45.041937Z","times_seen":16,"resource_available":false,"data":null}},"time_used":1199,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1199,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/t/800/qgleBj3qQG.jpg","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /t/800/qgleBj3qQG.jpg HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=c5FaVNl35Bx0c7W6; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg10_=1759396709; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg1_=91KpqedGj4aeyorOxEPy; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:29 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nlocation: https://www.imgbur.cc/get/22.386.1758041950.353409076149?res=800\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":135073,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":635,"timings":{"blocked":96,"dns":41,"connect":20,"send":0,"wait":443,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/get/22.386.1758041950.155933137358?res=800","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:30.108Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /get/22.386.1758041950.155933137358?res=800 HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=4hrypA0g5bUbHxFt; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg10_=1759396710; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg1_=3PpwXqwBSjrGt9I0Ec1u; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:30 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:30 GMT\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range\r\ncontent-type: image/jpg\r\nage: 0\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":60989,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 800x711, components 3","md5":"c6d5b549150d9713ff5278c496ac79a2","sha1":"4d4a536fe0ac6789e496f85b33d8b7f0c1519bae","sha256":"6bbbe5dfee484373936b0e530de9cfa49a87f49bc147c83902026f31076ff06b","sha512":"f5bdce025fe5e19e0d528a3a2e1f76fe3a4bb6f0a24b755f2e99bd3968eca7801afe1ece0e0cfb462c4d2a870c9a8ccb5d294c563b52772fea0b42b82e71ae6a","ssdeep":"1536:UgsVuYh3VJt4cpn1UgtuX8+TQjm/wJy3/NdtQ7pWq5F8:MVuo3l4cpDUXYjmIJw/Fqf8","tlshash":"b053027601773f4b7f2b05c2d09347d163356870398630d63d6906b2649acb76db4a6f","first_seen":"2025-10-02T09:18:41.106824Z","last_seen":"2025-10-02T09:18:41.106824Z","times_seen":1,"resource_available":false,"data":null}},"time_used":646,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":646,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.153Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:14 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (14798)","md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"resource_available":true,"data":null}},"time_used":738,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":738,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/star_ratings.css?t=1663152269","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/star_ratings.css?t=1663152269 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:29 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ce9c2a1ed05902cdaf4b4f5f0a609ceb","sha1":"9bdc1eed1b2a72b7099ceef0bd547e5003391f62","sha256":"e3442a0ea1d9596000bbbdedcef16335b7db116b6543c1fa40d9c309606dc077","sha512":"d0a0a50b55234012776c054bcd36eb4b382e4cf77f13e45c24bcd3210b418e1acb004cafac71c734cc4232a536452f115182ad14586b5921c99f5d25ef48541e","ssdeep":"","tlshash":"58217c30151e2b4ffe0ab2081c584be8163f0444bb1a0e4ceb7e29e8e6475dc13bac0d","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-04-25T05:25:37.462538Z","times_seen":194,"resource_available":false,"data":null}},"time_used":929,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":929,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/exclamation.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/exclamation.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 580\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":580,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"560c93b0c202c008a8738ca9480eda6a","sha1":"803235198664b1cfebf5966ab68324673a893650","sha256":"e19e63d9556ee7aec4673d8c916d3932a2cda9f87ad0cfb9d9fb5938e46b7597","sha512":"dc0ea6fa753205006ec60c84e01d6d7dd5aed0f824cd694ea0b6271d2edd375df861c8fcbd1c14d2dd0564930cf395486cf6cc8baa12320fa19535ed73ad4eb5","ssdeep":"","tlshash":"6cf0b76377897ce0154dd13a0312f43362e922cd18b32dc8020790a3d0da67004c8026","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-03-06T11:25:08.179149Z","times_seen":21,"resource_available":false,"data":null}},"time_used":2811,"timings":{"blocked":1895,"dns":0,"connect":0,"send":0,"wait":916,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s8d7.turboimg.net/t1/102833007_05gf472.jpg","fqdn":"s8d7.turboimg.net","domain":"turboimg.net","tld":"net"},"ip":{"addr":"172.67.72.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turboimg.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 00:30:54 GMT","end":"Mon, 08 Dec 2025 01:30:45 GMT"},"fingerprint":{"sha1":"38:91:DA:1C:6F:11:2C:48:F1:7E:69:08:95:7E:DD:A6:B9:99:DA:9E","sha256":"4B:75:3F:8A:F5:62:1E:FD:00:1C:BB:F7:1E:BF:BF:F7:03:F5:E3:6A:7E:15:D8:1E:FD:BF:3D:41:46:07:51:F4"}}},"request":{"raw":"GET /t1/102833007_05gf472.jpg HTTP/1.1\r\nHost: s8d7.turboimg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 09:18:21 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10325\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=k5lp3uggyQCUeD8aw1HnEVM%2BhI9YXNn7MamdRbK6Vr0jQ671PRnMZGygjv7SoeFuH2u62UgWgQOsdBheH4YWBpgSvOXzGDkS80vCpnzW\"}]}\r\ncache-control: public, max-age=315360000, must-revalidate, proxy-revalidate\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=10578\r\netag: \"66852112-2952\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 03 Jul 2024 09:59:46 GMT\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 669611\r\nvary: accept-encoding\r\ncf-ray: 98831ca85a67a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10325,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 472x68, components 3","md5":"f03d23de48c399eca8fa9990cf853d1e","sha1":"9ee8305265031506f7b1ee51feafad4332d260ad","sha256":"ef1c86679db0867b58a208b6aea6e8a7d945c7b824460494317f8f9844cf3bcf","sha512":"77b3d7a399dc9d38776fcca21520b5f7c83ea50508d3f40a35a8d8f6fbf1a7974c61e92a0c4cdd5ca8fcf9e9cbae1439b29f11de91bb3c3f9deff436428ccc7f","ssdeep":"192:wlZFKKodffwbdNDT/+y7aMArsxIqb0qPje4cgD9eS49Yhec2B/U92Q:cMf6DbKsIfCPcgwSsUwQ","tlshash":"5122bee7f29b0d13c6327b73814d1260925328277e96ae0eb85e5198cc7f5d64b08cad","first_seen":"2024-07-29T14:21:23Z","last_seen":"2025-11-21T07:14:45.041379Z","times_seen":34,"resource_available":false,"data":null}},"time_used":7,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jeditable/jeditable.min.js","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jeditable/jeditable.min.js HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:16 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":8067,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (826)","md5":"4f332fdf2de4e25eb3f5611bf7b6c354","sha1":"53e8a6136fa9af4fe8b50e8068899da860657e1b","sha256":"b76e0536e5ae607a8453dc2dd7ac8d08779ba93e8f8700113ee2c1106f31fd79","sha512":"259739d36bf7b4b74dc94b3b33433e1822f0792944f0126636ace5004d1f68a850fc7734c3ef1357502b14792116dd1cc4b091ecd3c9b4b66d6b4e1b8266cb43","ssdeep":"192:xlrPWi/42g6jYnrDJDpygVPsKy2fRXKJQwYp5:xlrPb42gQarVDpygKKy2fgCw+5","tlshash":"5df173a53290b5dc46ea7235e4db27096132b54607b9f036a4b508e42f78dc4e633fde","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-25T05:25:37.673596Z","times_seen":646,"resource_available":true,"data":null}},"time_used":1970,"timings":{"blocked":1061,"dns":0,"connect":0,"send":0,"wait":909,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/SSaV5XL.jpeg","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /SSaV5XL.jpeg HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/jpeg\r\nlast-modified: Fri, 01 Mar 2024 09:17:28 GMT\r\netag: \"ac5e0ea5afe9b03c41a39256936e0ebd\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: 7y5DmH5CX8qd4GlbXKIlIvfexQ_FLmc0JTOJteg63xstglplSdjTIQ==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nage: 4323174\r\nx-served-by: cache-iad-kiad7000082-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 24475, 2\r\nx-timer: S1759396710.594878,VS0,VE0\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 9319\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9319,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, baseline, precision 8, 472x68, components 3","md5":"ac5e0ea5afe9b03c41a39256936e0ebd","sha1":"e401f6162453bcb561744420ed5e91835f97979e","sha256":"c7fc322a173f9beb1feb3957e07ee2bbfada340850a91d91896d2f47176ae894","sha512":"8313408c5c29a672b7394071ef83ba50e6ba0f12463e0eb18405a9fc7179f1c9af15b442718b4fd3eef0eec01f8afd0c08efe75fc85998aac717b19f1b72b6cd","ssdeep":"192:hNSB6YAHOjJMEB5u/F2jYRywPUZj88spk5a8oPVBc:2sqT8LcwPF8spIaHPXc","tlshash":"4b129d8fa47fbea39f9bc49a430b09691e25f9c4f628b33e5261142411bdc738d64b54","first_seen":"2024-07-29T14:39:01Z","last_seen":"2026-03-03T09:49:22.794629Z","times_seen":25,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/jquery.plugins.min.js?ver=1821","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/jquery.plugins.min.js?ver=1821 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:13 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14799,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (14798)","md5":"cf1f71e20e14765d6d5ea640aa4f7fc7","sha1":"d1f3a0e46dd50d3a4d1839cb821ad42802619def","sha256":"a3f1ec1a12c5ba59cf41f98406b4a296f7a54b8c4904de9a6f1fc2e4db19b149","sha512":"db3f8dba9327793a4d00b0e1266ef60d6f2424ab1235d673def9ee026be896aa10cb02e0b95f8b82bdf76ac49720662c84fa2b419026178c905c5a9c2f1bff0a","ssdeep":"384:HWwrEXSUb3GjSPqGorxn+viQRvuB6haZ7braU:HWmE/3G2hcraU","tlshash":"f662924fba7523a48aff2177a01f196521339db508c24858f1bd87d95d78c0492afb3e","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.752115Z","times_seen":1254,"resource_available":true,"data":null}},"time_used":919,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":919,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"images4.imagebam.com/0b/91/b7/MEPGKWU_o.png","fqdn":"images4.imagebam.com","domain":"imagebam.com","tld":"com"},"ip":{"addr":"212.63.223.227","port":443,"asn":50827,"as":"SpaceDump IT AB","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.596Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.imagebam.com","organization":""},"issuer":{"commonName":"GoGetSSL RSA DV CA","organization":"GoGetSSL"},"validity":{"start":"Fri, 15 Nov 2024 00:00:00 GMT","end":"Sat, 15 Nov 2025 23:59:59 GMT"},"fingerprint":{"sha1":"B3:7B:BD:C4:71:57:E9:3A:FB:A2:EF:CD:8A:85:14:1C:0C:6C:70:D5","sha256":"FA:BD:AE:0C:A2:F4:BA:CF:95:89:41:83:C6:E0:11:24:51:D3:F7:1D:C5:B2:12:B6:BE:A4:34:EB:EE:FA:06:30"}}},"request":{"raw":"GET /0b/91/b7/MEPGKWU_o.png HTTP/1.1\r\nHost: images4.imagebam.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nserver: nginx/1.22.1\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\ncontent-type: image/png\r\ncontent-length: 44731\r\nvary: x-s-token\r\nlast-modified: Fri, 13 Oct 2023 10:07:48 GMT\r\netag: \"aebb-607963a7d7522\"\r\nx-cache: HIT\r\nx-whom: srv1535\r\naccept-ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.22.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":44731,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGBA, non-interlaced","md5":"5dc04640a2447d0b093e4cba51cec2f4","sha1":"0ca53866e4ed6e5a98a40a6c6c90fdc4dd40417f","sha256":"c4120403408d7087e1c2a34f1794a920c98233e878b3df4b5d9e877ed260ea79","sha512":"3b36933b9129ea29078fa9e301e6c98a1fae985652532a0eb2de84910d79d0507e145cf49d44201dce12766dbe30f8bbe575f3ce794c479bc424cccd0dd70c39","ssdeep":"768:LqDB7xVx9UbrnnZkUah3ZNx/uuF01ma0cHmvbw9yu5GGUaMcMHhjrE6Lknz:eDxxtaKUa5Z3/uuyYa0cHmNu5GGUjH5c","tlshash":"a11302acc00f5db5dc4781ff92328579bdd39d9ab452296a46ac34d232188edbd72330","first_seen":"2023-10-18T22:39:19Z","last_seen":"2026-04-12T19:10:50.475175Z","times_seen":45,"resource_available":false,"data":null}},"time_used":137,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":69,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"s8d7.turboimg.net/t1/102833007_05gf472.jpg","fqdn":"s8d7.turboimg.net","domain":"turboimg.net","tld":"net"},"ip":{"addr":"172.67.72.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turboimg.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 00:30:54 GMT","end":"Mon, 08 Dec 2025 01:30:45 GMT"},"fingerprint":{"sha1":"38:91:DA:1C:6F:11:2C:48:F1:7E:69:08:95:7E:DD:A6:B9:99:DA:9E","sha256":"4B:75:3F:8A:F5:62:1E:FD:00:1C:BB:F7:1E:BF:BF:F7:03:F5:E3:6A:7E:15:D8:1E:FD:BF:3D:41:46:07:51:F4"}}},"request":{"raw":"GET /t1/102833007_05gf472.jpg HTTP/1.1\r\nHost: s8d7.turboimg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10325\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=7CDP3c7TAF03iL9FA3h2X7kVN%2F4D5h5EXVvAeopUR8vqQsl6cCHfvzPJejCnzj%2B5zCF7tlGrG64OVOcDNv%2FJY%2BUADI4gNMQ70nHkk1VX\"}]}\r\ncache-control: public, max-age=315360000, must-revalidate, proxy-revalidate\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=10578\r\netag: \"66852112-2952\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 03 Jul 2024 09:59:46 GMT\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 669619\r\nvary: accept-encoding\r\ncf-ray: 98831cdaf88da0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10325,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 472x68, components 3","md5":"f03d23de48c399eca8fa9990cf853d1e","sha1":"9ee8305265031506f7b1ee51feafad4332d260ad","sha256":"ef1c86679db0867b58a208b6aea6e8a7d945c7b824460494317f8f9844cf3bcf","sha512":"77b3d7a399dc9d38776fcca21520b5f7c83ea50508d3f40a35a8d8f6fbf1a7974c61e92a0c4cdd5ca8fcf9e9cbae1439b29f11de91bb3c3f9deff436428ccc7f","ssdeep":"192:wlZFKKodffwbdNDT/+y7aMArsxIqb0qPje4cgD9eS49Yhec2B/U92Q:cMf6DbKsIfCPcgwSsUwQ","tlshash":"5122bee7f29b0d13c6327b73814d1260925328277e96ae0eb85e5198cc7f5d64b08cad","first_seen":"2024-07-29T14:21:23Z","last_seen":"2025-11-21T07:14:45.041379Z","times_seen":34,"resource_available":false,"data":null}},"time_used":6,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":6,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/thead.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/thead.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 115\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:42 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced","md5":"96dfa0b7296d710946b220639f5a9d1c","sha1":"40838eabc4f6384d72ec9adca7a773fc4db21c44","sha256":"d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f","sha512":"7d2df3e6522d5253eabf321574f9b319f2f5504a2fc469d4d4c49c5a8bdb68e13273ce62c88d8926163ac5a754d211d228765be73b8826cd8aef23211e39000c","ssdeep":"","tlshash":"e0b022c2ba02ac28e8e2a23382080302ac30022c0fa022000008c0088ab2388c088383","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.617053Z","times_seen":413,"resource_available":false,"data":null}},"time_used":1554,"timings":{"blocked":769,"dns":0,"connect":0,"send":0,"wait":785,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/t/800/z3ldy6v0QA.jpg","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.611Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /t/800/z3ldy6v0QA.jpg HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=VfFPbK5TLfjToAE9; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg10_=1759396709; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg1_=bgkJgpa9wr7KWUdE2njW; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:29 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nlocation: https://www.imgbur.cc/get/22.386.1758041953.170934723203?res=800\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":117342,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":495,"timings":{"blocked":96,"dns":0,"connect":0,"send":0,"wait":399,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/headerlinks_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:15.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/headerlinks_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 2342\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:38 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2342,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 196, 8-bit colormap, non-interlaced","md5":"e38f7f29cf3f740d7dc3651cb82098ec","sha1":"65787e91831d3707a9ec747ab272c1fb5d52b2d8","sha256":"bc8ea31d4d1a30effac6bed60a41d1ec64a7cd42a711c694a103e42da7aa4c0a","sha512":"160481f72d35abdbc7114bb1164915891335978ad8f60529af7e03082cbd29b833e761f97422838e05161ccbffc8b9760573ae27a3f35f367342f98b1abceacb","ssdeep":"","tlshash":"cb414bbb7671dd3c78f04437a0e7f598ee505e2c59948d762898b1909d3008294b1c88","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.630607Z","times_seen":515,"resource_available":false,"data":null}},"time_used":1009,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1009,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/thead.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:15.733Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/thead.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396693; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:16 GMT\r\nContent-Type: image/png\r\nContent-Length: 115\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:42 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced","md5":"96dfa0b7296d710946b220639f5a9d1c","sha1":"40838eabc4f6384d72ec9adca7a773fc4db21c44","sha256":"d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f","sha512":"7d2df3e6522d5253eabf321574f9b319f2f5504a2fc469d4d4c49c5a8bdb68e13273ce62c88d8926163ac5a754d211d228765be73b8826cd8aef23211e39000c","ssdeep":"","tlshash":"e0b022c2ba02ac28e8e2a23382080302ac30022c0fa022000008c0088ab2388c088383","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.617053Z","times_seen":413,"resource_available":false,"data":null}},"time_used":1011,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1011,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/rainbow.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/rainbow.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 587\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:54 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":587,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"1768d77c23f767a320204023a0207951","sha1":"326f029a3bfe196a6002eb8a3171f228250c3801","sha256":"44218316fa67ceb72947110a102b65c1534a1773f93ddc6543ca9703504c3414","sha512":"16beaf1fb73e3d59393625c5ffbcf93faf7e095c9eafd9ca5b6e54b91dca9c9ce9caaede33d48656c3c4aa65a2eafcbe702511f34d12e1c1ac19b0a898d5fc0a","ssdeep":"","tlshash":"e2f041caf1b47b19e40c2c4f809532d68c304946220b48c8ea2d3e9c0b756820570a86","first_seen":"2023-05-25T15:51:19Z","last_seen":"2026-03-21T23:59:35.832283Z","times_seen":17,"resource_available":false,"data":null}},"time_used":4519,"timings":{"blocked":3587,"dns":0,"connect":0,"send":0,"wait":932,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/default_avatar.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.510Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/default_avatar.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 992\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:37 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":992,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 100 x 100, 8-bit grayscale, non-interlaced","md5":"af3494feba7b57c111439fcd90f713e5","sha1":"b93a65926f30a3eca8a93928fcad747b58525309","sha256":"6dffa735ee25b187ddf40f3225fdce80a280db12175671ded6a4d7a7e99d2725","sha512":"eb22eb36ac0aa8968fc58dc161d075f0497d498d32899774559b9e110c15e5765b178fbb59cc90dbacc71a547e26c2dfc5af170a77c9d9757a1648d30eda728a","ssdeep":"","tlshash":"0011a8a3a63505169e017076814c20faffab19ef8419a1c58906968146f4f5b96840ef","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-04-23T17:58:29.898803Z","times_seen":513,"resource_available":false,"data":null}},"time_used":2862,"timings":{"blocked":2074,"dns":0,"connect":0,"send":0,"wait":788,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"s8d7.turboimg.net/t1/102833007_05gf472.jpg","fqdn":"s8d7.turboimg.net","domain":"turboimg.net","tld":"net"},"ip":{"addr":"172.67.72.150","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/","date":"2025-10-02T09:18:14.158Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"turboimg.net","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Tue, 09 Sep 2025 00:30:54 GMT","end":"Mon, 08 Dec 2025 01:30:45 GMT"},"fingerprint":{"sha1":"38:91:DA:1C:6F:11:2C:48:F1:7E:69:08:95:7E:DD:A6:B9:99:DA:9E","sha256":"4B:75:3F:8A:F5:62:1E:FD:00:1C:BB:F7:1E:BF:BF:F7:03:F5:E3:6A:7E:15:D8:1E:FD:BF:3D:41:46:07:51:F4"}}},"request":{"raw":"GET /t1/102833007_05gf472.jpg HTTP/1.1\r\nHost: s8d7.turboimg.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Thu, 02 Oct 2025 09:18:15 GMT\r\ncontent-type: image/jpeg\r\ncontent-length: 10325\r\nserver: cloudflare\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=wPT2g%2BDnT1uKKCs8uEUQAX8t5yr4wSgkFFB7e0qOFFLVYHs2dBb2xK4PH7IcmvtpjjvsPiYiemGieZBPnm%2BQRl3%2FT3UEVaiskDRRwk2w\"}]}\r\ncache-control: public, max-age=315360000, must-revalidate, proxy-revalidate\r\ncf-bgj: imgq:100,h2pri\r\naccept-ranges: bytes\r\ncf-polished: origSize=10578\r\netag: \"66852112-2952\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nlast-modified: Wed, 03 Jul 2024 09:59:46 GMT\r\npragma: public\r\ncf-cache-status: HIT\r\nage: 669605\r\nvary: accept-encoding\r\ncf-ray: 98831c848d04a0f0-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":10325,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 472x68, components 3","md5":"f03d23de48c399eca8fa9990cf853d1e","sha1":"9ee8305265031506f7b1ee51feafad4332d260ad","sha256":"ef1c86679db0867b58a208b6aea6e8a7d945c7b824460494317f8f9844cf3bcf","sha512":"77b3d7a399dc9d38776fcca21520b5f7c83ea50508d3f40a35a8d8f6fbf1a7974c61e92a0c4cdd5ca8fcf9e9cbae1439b29f11de91bb3c3f9deff436428ccc7f","ssdeep":"192:wlZFKKodffwbdNDT/+y7aMArsxIqb0qPje4cgD9eS49Yhec2B/U92Q:cMf6DbKsIfCPcgwSsUwQ","tlshash":"5122bee7f29b0d13c6327b73814d1260925328277e96ae0eb85e5198cc7f5d64b08cad","first_seen":"2024-07-29T14:21:23Z","last_seen":"2025-11-21T07:14:45.041379Z","times_seen":34,"resource_available":false,"data":null}},"time_used":1617,"timings":{"blocked":1561,"dns":0,"connect":2,"send":0,"wait":8,"receive":0,"ssl":46},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/thread_status.css?t=1663152269","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.595Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/thread_status.css?t=1663152269 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:29 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1280,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"f9acb8e798ba555dea862d2232fd56dc","sha1":"054ac17d7debc68eb8bb47358aaf64099484d56f","sha256":"b917355a9137d61bba64da6f482cb11778d08964f1eeb21179c93b26cc3f90b1","sha512":"91747338b1859632a447747acefc1be26241b324701c4986df014581eecbd1680a3d417f74e9e33050a72507f8eadf74c6ce20ed31290cfa800e0efc8bf2e061","ssdeep":"","tlshash":"5921ad021d552bc8bc9bd9902d556fb804af8485e89e0a3cd43e7e7c33dd9c0a0779e5","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-04-05T23:59:26.243571Z","times_seen":38,"resource_available":false,"data":null}},"time_used":985,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":985,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/heart.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.597Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/heart.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 637\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:53 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":637,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"41a0b6e3ef059b9507b4b0616808c408","sha1":"3739d0c95531d18e6d1ddad097e84e3e8192281e","sha256":"2e3d03afd2a3b318757ea9b66dfaa9335df241746620a6ab69dea8cae591b926","sha512":"7e8fcb1ad7f51b60dd8ecf99349ad47d5e5ed1e4d9b9d4bc187309cd811c978b0927975d50f9974467687116bb86caae652ba1f44fd0da9dda39a5935dc13da5","ssdeep":"","tlshash":"bcf062c1b432c0ac931759fbe5211ea0093e361c4205adb6571c09bc930c8be95a2df7","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-02-12T23:53:19.143786Z","times_seen":34,"resource_available":false,"data":null}},"time_used":2685,"timings":{"blocked":1896,"dns":0,"connect":0,"send":0,"wait":789,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/icons/star.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/icons/star.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:22 GMT\r\nContent-Type: image/png\r\nContent-Length: 538\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:55 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":538,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced","md5":"47a8fb962f258b2f6949b9df6a5864aa","sha1":"4eb41316a1220d75dca90d8fd0f82cf89f9b59cd","sha256":"a25bdfe56099b76c302d48a42b538caace7542b21b1f20a08ebd417cf77eeb86","sha512":"cbfbe5394dd3c140c73bb864286ce74778af4dc5e3ea9f7836861db1b8b240815b5e08dddb05e845612742abb8c2ee56976cfa76a454c3ccdf9b58aaa15a662e","ssdeep":"","tlshash":"49f02080d322608ed683823b908381e1282b16b861c0914826349f3043e7699a82ed86","first_seen":"2023-11-28T08:42:44Z","last_seen":"2026-01-15T11:25:41.092511Z","times_seen":27,"resource_available":false,"data":null}},"time_used":2646,"timings":{"blocked":1895,"dns":0,"connect":0,"send":0,"wait":751,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"i.imgur.com/KYB7SI6.png","fqdn":"i.imgur.com","domain":"imgur.com","tld":"com"},"ip":{"addr":"199.232.40.193","port":443,"asn":54113,"as":"FASTLY","country":"Denmark","country_code":"DK"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.502Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"*.imgur.com","organization":""},"issuer":{"commonName":"Sectigo RSA Domain Validation Secure Server CA","organization":"Sectigo Limited"},"validity":{"start":"Wed, 29 Jan 2025 00:00:00 GMT","end":"Sat, 14 Feb 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E4:72:56:8F:0D:0E:0B:E1:47:1E:79:39:7A:0F:AB:05:30:AF:2A:2D","sha256":"B2:9B:23:54:25:04:8F:9E:C6:BC:84:54:20:8B:AB:34:8C:F1:7E:8A:57:AD:55:F3:C9:40:C3:4E:8B:E5:30:6F"}}},"request":{"raw":"GET /KYB7SI6.png HTTP/1.1\r\nHost: i.imgur.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/png\r\nlast-modified: Fri, 01 Mar 2024 09:18:32 GMT\r\netag: \"6b0d552f8cc22088b762f6350c1d71bb\"\r\nx-amz-server-side-encryption: AES256\r\nx-amz-cf-pop: IAD89-P1\r\nx-amz-cf-id: ud9RlX17unjBaKwOdum2ZnCxLnUoyqVmVCdyDzrf3kKZdhIIdpB8Dw==\r\ncache-control: public, max-age=31536000\r\naccept-ranges: bytes\r\ndate: Thu, 02 Oct 2025 09:18:21 GMT\r\nage: 2056124\r\nx-served-by: cache-iad-kiad7000150-IAD, cache-cph2320041-CPH\r\nx-cache: Miss from cloudfront, HIT, HIT\r\nx-cache-hits: 21577, 2\r\nx-timer: S1759396702.500477,VS0,VE0\r\nstrict-transport-security: max-age=300\r\naccess-control-allow-methods: GET, OPTIONS\r\naccess-control-allow-origin: *\r\nserver: cat factory 1.0\r\nx-content-type-options: nosniff\r\ncontent-length: 34705\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":34705,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 472 x 68, 8-bit/color RGB, non-interlaced","md5":"6b0d552f8cc22088b762f6350c1d71bb","sha1":"d8c2b4a8c2edaec452aecb4894efed2a7d5d143f","sha256":"bd5bf61a24a70da89042d3db08e13dbe7bd4eafc9fd3390d7597d970f1a921fd","sha512":"b8a5b043a87219119e861dea947b1ea4803965604d78be8f0cbb8e87a38e42781ddadd883759250596a6aeeb20637c622de56a952b816fae9f619ba8e42c4c52","ssdeep":"768:WG6Nuit8577sj7y1NkytxnCITPa4sywktGk9jG2qrKOhvJJjvkMbPzfC:JTi26E5AIzDsyw2Rj7qrKOhvJhxbP2","tlshash":"9ff2f1142fa18aafe090b743f936cf6404b6f8c5401175baa910447dada0f93fbced94","first_seen":"2024-06-30T01:47:08Z","last_seen":"2026-04-23T17:58:29.894677Z","times_seen":69,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/star_ratings.css?t=1663152269","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.507Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/star_ratings.css?t=1663152269 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:28 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:29 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1321,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"ce9c2a1ed05902cdaf4b4f5f0a609ceb","sha1":"9bdc1eed1b2a72b7099ceef0bd547e5003391f62","sha256":"e3442a0ea1d9596000bbbdedcef16335b7db116b6543c1fa40d9c309606dc077","sha512":"d0a0a50b55234012776c054bcd36eb4b382e4cf77f13e45c24bcd3210b418e1acb004cafac71c734cc4232a536452f115182ad14586b5921c99f5d25ef48541e","ssdeep":"","tlshash":"58217c30151e2b4ffe0ab2081c584be8163f0444bb1a0e4ceb7e29e8e6475dc13bac0d","first_seen":"2023-05-21T21:48:04Z","last_seen":"2026-04-25T05:25:37.462538Z","times_seen":194,"resource_available":false,"data":null}},"time_used":915,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":915,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/cache/themes/theme1/css3.css?t=1663152267","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /cache/themes/theme1/css3.css?t=1663152267 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: text/css\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:27 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3114,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"926db993b5ce157d2f8dc0a3ebbb198b","sha1":"7b31fcb7d12af07bb714c01c03e13857a98a2bc3","sha256":"ca63f43eff03f479ba21b135c7164d4ff0eef2d0cf3cea4767c1c52c14833f6e","sha512":"b4123c9f2322e53f026cb79d2a1d6974fe865847e765a4dbb26df9dc00885f2e02ec727132c2e192dd3718adc49dd846a5448a410cdafcf9d90273518e688a04","ssdeep":"","tlshash":"ad5152bf341c06986326e94aba19dee3718f03136576aca5f1d0fc3c1202dbe5e558ad","first_seen":"2023-05-11T01:58:08Z","last_seen":"2026-04-28T07:38:14.623673Z","times_seen":330,"resource_available":false,"data":null}},"time_used":1880,"timings":{"blocked":909,"dns":0,"connect":0,"send":0,"wait":971,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/css.php?stylesheet%5B0%5D=19","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.508Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /css.php?stylesheet%5B0%5D=19 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: text/css;charset=UTF-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":596,"size_decoded":0,"mime_type":"text/css; charset=UTF-8","magic":"ASCII text","md5":"3c79fe138942405a860be4ea01ffa5c6","sha1":"6255110e6f918f2624127f959df20bda7ca37c04","sha256":"b937b2c1aefe5d071f9194825da0652673581d0de19596fc942fb0cfe2cba974","sha512":"9c8f82830fae0a542afd25ad9d3dedd833f6389c935e66efce5b63ade891aad993d54d043b4d45046783cffff74bfd337ae84362fd0cc482a245c26acef7d6ee","ssdeep":"","tlshash":"12f0a231b58918447332c5f93442fbd532a6c201f48bd672daf92464a9874f515f6349","first_seen":"2023-11-03T22:19:43Z","last_seen":"2026-01-25T17:35:58.942402Z","times_seen":20,"resource_available":false,"data":null}},"time_used":1916,"timings":{"blocked":962,"dns":0,"connect":0,"send":0,"wait":954,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/thread.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:27.509Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/thread.js?ver=1827 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:29 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:14 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13964,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"540bea37310b2cc8978d6b85bd1053c9","sha1":"ec6ff587bf02e9c82b0224366bd9431bd6e351ae","sha256":"27d9988c04b4a3e56b18ac08125032f4d99314bfd330e88c369a5689afcc692e","sha512":"d75e9690001353fde77a8e177ec9fc4ee56ee5cf067c31e6027a2a29b9c6021c743f0c3a68c588bf598a788e1962d62aefbca723756b8b93df8dfc65d3d9313c","ssdeep":"384:K8T0O0Mp4hcpdBDRMb2HGkJp6pfAVDIb4Zv+qkLx3sp:7TcMp4ap+2Fp6popxW3I","tlshash":"91522181ff3c0b5e44ba21ad942e04f88d3d983749548db6fd3866a1b7c4a0e176d93a","first_seen":"2023-03-07T21:24:09Z","last_seen":"2026-04-12T19:10:50.47372Z","times_seen":115,"resource_available":true,"data":null}},"time_used":2073,"timings":{"blocked":1143,"dns":0,"connect":0,"send":0,"wait":930,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/nav_bit.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.589Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/nav_bit.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/showthread.php?tid=545\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:30 GMT\r\nContent-Type: image/png\r\nContent-Length: 86\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:40 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":86,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 15 x 15, 8-bit/color RGBA, non-interlaced","md5":"918839ed4dd4400570446568b618d34a","sha1":"b5e3d9cc407bf5b777d184e17cda2d1962abdb26","sha256":"59d3751e6d307cdf95243f8d969e93de7a67f631e173b7d7d9faf3086d2afc9e","sha512":"2f0a2ccc18d73389c4788ab3879fce3bc3f3052afd35afda5776978e33f2e0ad62ca9a0fe2837f1c0170ede081e29c7d81e37191c0b4b49ed775fc0f44415229","ssdeep":"","tlshash":"16a011e223a00e38e20a0323a008222aecf0020c2a30280808a88aa8220888882c02cf","first_seen":"2023-05-22T04:58:41Z","last_seen":"2026-04-19T06:50:43.946242Z","times_seen":260,"resource_available":false,"data":null}},"time_used":798,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":798,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/tcat.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.601Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/tcat.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 131\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:41 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 2 x 60, 8-bit/color RGB, non-interlaced","md5":"10b96a318e186e39860a5945a9071b92","sha1":"daa068efc07bb97ff0a2af218aedebbb28c9f1bb","sha256":"91697e7d6cc941b2bff9f05520c0c22b95d460a655e65b480452ce60da209cdf","sha512":"7b1f7e9ee0a9157cf0edebfd597a9f1a7bf42bb1062c63b420a86234799b2db8bc707d4d570d4b5dab3c192347543f35c15767528eb3b390e3b03150e843c33c","ssdeep":"","tlshash":"11c02bf277614836ec150f770fd50124f9b0464072f52620004f80313c71104d4441c2","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.623144Z","times_seen":463,"resource_available":false,"data":null}},"time_used":1660,"timings":{"blocked":745,"dns":0,"connect":0,"send":0,"wait":915,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/get/22.386.1758041955.120725911142?res=800","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:30.109Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /get/22.386.1758041955.120725911142?res=800 HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://wgirlss.vc/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=7ClkOXKSAMxkbuMy; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg10_=1759396710; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:30 GMT\n__ddg1_=4hwTqraC2a6b79SbqaqL; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:30 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:30 GMT\r\ncache-control: no-cache, must-revalidate\r\npragma: no-cache\r\nexpires: Sat, 26 Jul 1997 05:00:00 GMT\r\naccess-control-allow-origin: *\r\naccess-control-allow-headers: tus-resumable, upload-length, upload-metadata, authorization, content-type, range\r\ncontent-type: image/jpg\r\nage: 2\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":74148,"size_decoded":0,"mime_type":"image/jpeg","magic":"JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: \"CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), default quality\", baseline, precision 8, 800x354, components 3","md5":"e89d4c2a557e9f85c442c625bebae369","sha1":"cb7558e6298542f8eb5be4db6fc3d654c0c0a5ba","sha256":"aef1caa6c1137e6261cc0bc96fb0c9e142cf5ff5dd894b105e518b7c2cc9deaf","sha512":"2b856c8e104a6e77f9013bbae5536df3cf41ecc9f343ff6bfed0411c93971b50c1a80a33063eb09adfa740e11c0ccabdb87a61edbd351ea1ff962151dc0bac4d","ssdeep":"1536:Eb3T+tzBf/AhnKNxtxbQ8FxgPRFwVtKxVEMEbSRhoOo9G:mTGMstxEOG9fEMUS/o4","tlshash":"16730244af11528edf6d217844e4b95b1b2de283ef6591273fe1fe242684eb1ed028c3","first_seen":"2025-10-02T09:18:41.115759Z","last_seen":"2025-10-02T09:18:41.115759Z","times_seen":1,"resource_available":false,"data":null}},"time_used":1495,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1495,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/jscripts/general.js?ver=1827","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:19.594Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /jscripts/general.js?ver=1827 HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/forumdisplay.php?fid=6\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:20 GMT\r\nContent-Type: text/javascript\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:46:11 GMT\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15709,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text, with very long lines (322)","md5":"373ad0e5af45e8cd17b064aaa7c2d465","sha1":"9e83f3daac4c6387937fa2a3e98dbe9cc1c9169e","sha256":"491afa838f1b1eef0454c529c8f6fcdcec59ea31110dda7430f85cc53fb82898","sha512":"0014001020da5ef12874c5727ce95d1163834414dbe201ea72f60423bde91e8e7d2d671fa18ec190d0573e3b76093a496f7662d5b81e0f804d42834dddffd98a","ssdeep":"384:7HrwCLFwqbPl88aLqh8cOrT6CIJ6X5jO1/zD:oqbPltaLqUXCJ0jOx","tlshash":"bb6262c8ff2c152b81be3069949f58c96c3c803188945cf7bc6855d4bae8a1e536fe78","first_seen":"2023-03-07T01:02:26Z","last_seen":"2026-04-26T22:20:10.753121Z","times_seen":1148,"resource_available":true,"data":null}},"time_used":1148,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":1148,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/thead.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/forumdisplay.php?fid=6","date":"2025-10-02T09:18:21.505Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/thead.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396698; sid=6cda27b98d80baadfced1c05420b7f42\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:23 GMT\r\nContent-Type: image/png\r\nContent-Length: 115\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:42 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":115,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1 x 40, 8-bit/color RGB, non-interlaced","md5":"96dfa0b7296d710946b220639f5a9d1c","sha1":"40838eabc4f6384d72ec9adca7a773fc4db21c44","sha256":"d2d9d86e65050d0197318b4478cff3931f3e7a071bdee4f12364c2c47d4d576f","sha512":"7d2df3e6522d5253eabf321574f9b319f2f5504a2fc469d4d4c49c5a8bdb68e13273ce62c88d8926163ac5a754d211d228765be73b8826cd8aef23211e39000c","ssdeep":"","tlshash":"e0b022c2ba02ac28e8e2a23382080302ac30022c0fa022000008c0088ab2388c088383","first_seen":"2023-05-10T14:20:13Z","last_seen":"2026-04-28T07:38:14.617053Z","times_seen":413,"resource_available":false,"data":null}},"time_used":1797,"timings":{"blocked":895,"dns":0,"connect":0,"send":0,"wait":902,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"wgirlss.vc/images/buttons_sprite.png","fqdn":"wgirlss.vc","domain":"wgirlss.vc","tld":"vc"},"ip":{"addr":"171.244.33.80","port":443,"asn":38731,"as":"CHT Compamy Ltd","country":"Vietnam","country_code":"VN"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.602Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"wgirlss.vc","organization":""},"issuer":{"commonName":"ZeroSSL RSA Domain Secure Site CA","organization":"ZeroSSL"},"validity":{"start":"Fri, 05 Sep 2025 00:00:00 GMT","end":"Thu, 04 Dec 2025 23:59:59 GMT"},"fingerprint":{"sha1":"7F:19:AE:B7:BD:61:B7:BB:B3:C8:49:F4:3F:F5:57:F8:8F:12:A2:55","sha256":"A6:E0:1E:DA:12:DA:48:9B:C5:38:1D:10:B0:C5:F7:51:15:77:A7:E5:CB:83:4C:FF:6C:4A:3C:41:B8:93:48:52"}}},"request":{"raw":"GET /images/buttons_sprite.png HTTP/1.1\r\nHost: wgirlss.vc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/cache/themes/theme1/global.css?t=1663152268\r\nCookie: mybb[lastvisit]=1759396693; mybb[lastactive]=1759396706; sid=6cda27b98d80baadfced1c05420b7f42; mybb[threadread]=a%3A1%3A%7Bi%3A545%3Bi%3A1759396706%3B%7D\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.20.1\r\nDate: Thu, 02 Oct 2025 09:18:31 GMT\r\nContent-Type: image/png\r\nContent-Length: 3619\r\nConnection: keep-alive\r\nLast-Modified: Wed, 14 Sep 2022 10:44:37 GMT\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.20.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3619,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 16 x 560, 8-bit colormap, non-interlaced","md5":"b8a4c656cc2ceba54ede9c8bee504fb6","sha1":"a9654bf22982a3504046c1dbe39ae38d4d5f28b6","sha256":"3b7c43de6503c71fc08e7f6453ebf99190442210cef102ef1d5d5f8ef6cb9b79","sha512":"27d6b9146f0c19269939322a83177eb05b2fa8d50370c576d321efe890c61c74a648e3d4c2a1bf0e38ed88aa52dd03e7b425d3551e18ac53afa80532409271a3","ssdeep":"","tlshash":"f5715b21869271d1413018274f6ae85675721c9eac046fa8ac4976e4b6f3865a0bcfc9","first_seen":"2023-05-22T04:59:32Z","last_seen":"2026-04-19T06:50:43.961255Z","times_seen":221,"resource_available":false,"data":null}},"time_used":1699,"timings":{"blocked":785,"dns":0,"connect":0,"send":0,"wait":914,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2025-10-02","alert":"Content Category / Application Block","trigger":"wgirlss.vc","verdict":"suspicious","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns0","sensor_type":"DNS","title":"DNS0 Zero","description":"DNS0 Zero","scan_date":"2025-10-02","alert":"Sinkholed","trigger":"wgirlss.vc","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS (SOA: negative-caching.dns0.eu)","link":"https://www.dns0.eu/zero","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/t/800/M9Qgy6WR5a.jpg","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.610Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /t/800/M9Qgy6WR5a.jpg HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=QqxDNEpJ3VgYntFX; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg10_=1759396709; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg1_=tlIYx4cAsjY4aKcQSSxY; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:29 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nlocation: https://www.imgbur.cc/get/22.386.1758041955.120725911142?res=800\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":74148,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":609,"timings":{"blocked":112,"dns":42,"connect":20,"send":0,"wait":385,"receive":0,"ssl":48},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.imgbur.cc/t/800/V3QRRZYzQm.jpg","fqdn":"www.imgbur.cc","domain":"imgbur.cc","tld":"cc"},"ip":{"addr":"185.178.208.164","port":443,"asn":57724,"as":"Ddos-guard Ltd","country":"Russia","country_code":"RU"},"is_navigation_request":false,"resource_type":"lazy-img","requested_by":"https://wgirlss.vc/showthread.php?tid=545","date":"2025-10-02T09:18:29.612Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"philadelphia.imgbur.cc","organization":""},"issuer":{"commonName":"R13","organization":"Let's Encrypt"},"validity":{"start":"Fri, 22 Aug 2025 12:13:28 GMT","end":"Thu, 20 Nov 2025 12:13:27 GMT"},"fingerprint":{"sha1":"30:F0:25:48:06:79:73:8B:A7:9B:4A:8E:65:41:D9:9D:DF:57:E7:5A","sha256":"04:AF:8C:32:1C:BB:1B:D8:0A:3B:5C:EA:F1:4F:29:63:EC:A1:2D:E8:C8:40:6B:94:D7:A7:03:28:93:F0:5D:C4"}}},"request":{"raw":"GET /t/800/V3QRRZYzQm.jpg HTTP/1.1\r\nHost: www.imgbur.cc\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://wgirlss.vc/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\nserver: ddos-guard\r\nset-cookie: __ddg8_=z1Lm6au9PL79TiBb; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg10_=1759396709; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg9_=82.148.169.64; Domain=.imgbur.cc; Path=/; Expires=Thu, 02-Oct-2025 09:38:29 GMT\n__ddg1_=sFaP3JlcKYEGCww4v2DO; Domain=.imgbur.cc; HttpOnly; Path=/; Expires=Fri, 02-Oct-2026 09:18:29 GMT\r\ncontent-security-policy: upgrade-insecure-requests;\r\ndate: Thu, 02 Oct 2025 09:18:29 GMT\r\nlocation: https://www.imgbur.cc/get/22.386.1758041958.677818100460?res=800\r\ncontent-type: text/html; charset=UTF-8\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\nage: 3\r\nddg-cache-status: MISS,MISS\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"DDoS-Guard","description":"DDoS-Guard is a Russian Internet infrastructure company which provides DDoS protection, content delivery network services, and web hosting services.","website":"https://ddos-guard.net","common_platform_enumeration":"","icon":"DDoS-Guard.svg","categories":["Security"]}],"data":{"size":78602,"size_decoded":0,"mime_type":"image/jpeg","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-28T16:24:19.191442Z","times_seen":14333662,"resource_available":true,"data":null}},"time_used":486,"timings":{"blocked":95,"dns":0,"connect":0,"send":0,"wait":391,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}