| t.co/AUEW8KZfdV | 104.244.42.197 | | 216 B |
IP104.244.42.197:0
File typeHTML document, ASCII text, with very long lines (364), with no line terminators Hash2275e8a238c78962eb91ca08966262cf e50abe001a22ec067f7a195381891576d2d36e17 435de9a93f54dcd6496ce2ab2d4aa2db1e444dbb30605c8893bb0b24ec2987c2
GET /AUEW8KZfdV HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 14:09:15 GMT
perf: 7402827104
vary: Origin
server: tsa_o
expires: Fri, 19 Apr 2024 14:14:16 GMT
set-cookie: muc=07afd3c4-211e-4c23-9583-8b5d27917574; Max-Age=34214400; Expires=Tue, 20 May 2025 14:09:16 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 216
referrer-policy: unsafe-url
content-encoding: gzip
x-transaction-id: 374a5b10994a6d3a
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-response-time: 180
x-connection-hash: 35abc7e6800fafec76b00f19fb58a18d819353f3b8d1dd42307cc307dee2c776
X-Firefox-Spdy: h2
|
|
| t.co/favicon.ico | 104.244.42.197 | | 675 B |
IP104.244.42.197:0
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash864232b885e52799e6b0d1c37a4283a0 2c2500822c05b93cf169c338af2fdf7d04ea4260 2b56e0a792d9999e15f3ee39cabcba5cc3f88b4e640e71b3755c1424d8e12010
GET /favicon.ico HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.co/AUEW8KZfdV
DNT: 1
Connection: keep-alive
Cookie: muc=07afd3c4-211e-4c23-9583-8b5d27917574
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 19 Apr 2024 14:09:16 UTC
perf: 7402827104
server: tsa_o
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 675
x-transaction-id: 77bed69a5adb8f38
strict-transport-security: max-age=0
x-response-time: 100
x-connection-hash: 35abc7e6800fafec76b00f19fb58a18d819353f3b8d1dd42307cc307dee2c776
X-Firefox-Spdy: h2
|
|
| sdfdfdfgefrgefdd.blogspot.com/?zxccxadsqwdewdffdsas | 216.58.207.193 | | 16 kB |
URL sdfdfdfgefrgefdd.blogspot.com/?zxccxadsqwdewdffdsas IP216.58.207.193:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (7139) Hash5b3fa40522a2661db7594feb946d8417 e17c24de98bce022de6e2264c5d523ae4efbe73d 5639540928c58553ac7351d1712d52d7499beb8ac21e8987e7a81c64f0c783dd
GET /?zxccxadsqwdewdffdsas HTTP/1.1
Host: sdfdfdfgefrgefdd.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Fri, 19 Apr 2024 14:09:17 GMT
date: Fri, 19 Apr 2024 14:09:17 GMT
cache-control: private, max-age=0
last-modified: Mon, 15 Apr 2024 08:21:58 GMT
etag: W/"412beb6c98b9f1a176fc50897ea255cb1d4f6cf6f52379a5e1271bbd899a585c"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15566
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 188.225.56.13 | | 0 B |
IP188.225.56.13:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stvK8R HTTP/1.1
Host: 188.225.56.13
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Fri, 19 Apr 2024 14:09:17 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
Pragma: no-cache
Set-Cookie: _subid=376l60j138s7;Expires=Monday, 20-May-2024 14:09:17 GMT;Max-Age=2678400;Path=/
e1aca=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5XCI6MTcxMzUzNTc1N30sXCJjYW1wYWlnbnNcIjp7XCIxNlwiOjE3MTM1MzU3NTd9LFwidGltZVwiOjE3MTM1MzU3NTd9In0.pfGKWy9QwAbZ-SSG39Ly8mZOQ1-rbupJxLPBnr4Ifus;Expires=Monday, 08-Aug-2078 04:18:34 GMT;Max-Age=1713622157;Path=/
_token=uuid_376l60j138s7_376l60j138s766227b0df05157.67474488;Expires=Monday, 20-May-2024 14:09:17 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| code.jquery.com/jquery-3.3.1.min.js | 151.101.130.137 | 200 OK | 30 kB |
URL GET HTTP/2code.jquery.com/jquery-3.3.1.min.js IP151.101.130.137:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/
Origin: https://juicywomenxq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 19 Apr 2024 14:09:18 GMT
age: 18735155
x-served-by: cache-lga13622-LGA, cache-hel1410031-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 528836
x-timer: S1713535759.556327,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2
|
|
| juicywomenxq.com/lstatic/uuidv4.min.js | 188.114.96.1 | 200 OK | 1.0 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/uuidv4.min.js IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1105), with no line terminators Hashe64fbbb49c9b48c9fb15e778de8d86ad 9cfd1af4b694cc64b04026ce3f44a2eadce49065 4148ecf01076ad662618d0bd0551b7a24bfd0e77087a70d613f2ce4c2cef71c7
GET /lstatic/uuidv4.min.js HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTM4czdtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMa0JoWGtheUx4dmhH.zTJgTT5P-MdEC4pvrJv8UNpXb2r9BpztbXqbFMrBEbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Feb 2024 13:29:04 GMT
etag: W/"65d4a920-451"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LNRWaTwPi15L0dq9H4sAju%2Bja0IrQornRhNdcDwwwOKr9mQ1RJRUffpDpSkOboJPqbFYSiN9wtBYwB7K094M5ZWyU6Fx2uP2tW3uU8QwFKFrX%2B49XWo4PI1jNjSQ5WJjTpIQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d78ba6f08b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| fonts.googleapis.com/css?family=Montserrat&subset=latin-ext | 142.250.74.106 | 200 OK | 78 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat&subset=latin-ext IP142.250.74.106:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint47:5A:64:7D:9F:47:34:07:31:91:97:F7:04:42:7A:D5:EA:AD:07:4E ValidityMon, 04 Mar 2024 07:16:44 GMT - Mon, 27 May 2024 07:16:43 GMT
File typegzip compressed data, max compression Hashd725878344f02b5d3d79ea49b3a4a18f 5f97b11aa0e44f9279077fe7eb966b3f3044024d daacf21b68f38a7a8f44d7f7ee72e901c7dead9236d286077e1c5a91f2dfd721
GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 19 Apr 2024 14:09:18 GMT
date: Fri, 19 Apr 2024 14:09:18 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| juicywomenxq.com/lstatic/info.min.js | 188.114.96.1 | 200 OK | 68 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/info.min.js IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (37352) Hash38ea2c394a4abb159172f8d7b77f495e 8efd580a25c3d1be8533ed74de7bc5607cbc278d a6510d097802bc66cc5aae4485af48dd9d77053766be8dd671d974d21d363031
GET /lstatic/info.min.js HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTM4czdtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMa0JoWGtheUx4dmhH.zTJgTT5P-MdEC4pvrJv8UNpXb2r9BpztbXqbFMrBEbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Feb 2024 13:29:01 GMT
etag: W/"65d4a91d-280e9"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f3%2BVZIy%2B9fGau2rkQqicDaX%2F1JZRPEQFCwKuB%2F8CBQqJfWw7%2FSAgYvrRknSrDz6SHGEcz3NgjfEgV%2BjkeJCeao2CwmX7Oor8n2IipnJCSllfcVhEblrmRs0jj8iMNEN2HfKE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d78ba6f04b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/info-ws/ | 188.114.96.1 | | 0 B |
URL juicywomenxq.com/info-ws/ IP188.114.96.1:0
CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /info-ws/ HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://juicywomenxq.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sTszdYIEdA3x6x7dtBDYsg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxMzhzN20AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxrQmhYa2F5THh2aEc.wVtBmCNsXFQUJjc8SnKl-RbYmPTaExXLNlb6gv0dKhc
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 19 Apr 2024 14:09:18 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HQuqEBJW+4Y/gG+21JfNqNKQxJE=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxQGk4gyVDQlyJID0vtjLw5zP4v7%2BU%2BeVYRT6MUz7YjfiPO0xs%2FbBVbdUyCcGW1O8cjGe2Z%2BQBfxkgyAYIAlDzplKGgmFwtSPV2MP6JCLsmm575R0qz76fXUGDX6IvkmbxHB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876d78bc399356c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/favicon.ico | 188.114.96.1 | 200 OK | 68 kB |
URL GET HTTP/3juicywomenxq.com/favicon.ico IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash3884ed5841fe2acd59eb721784b1c2b1 1db0e2a04800a6e7c1ef810cd0ad6f7a51a93776 cc8312229dc401a45248a5125bab1af1beec64fc13d278036aa0219488a7da41
GET /favicon.ico HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxMzhzN20AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxrQmhYa2F5THh2aEc.wVtBmCNsXFQUJjc8SnKl-RbYmPTaExXLNlb6gv0dKhc
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: image/x-icon
cache-control: max-age=1800
cf-cache-status: EXPIRED
last-modified: Thu, 18 Apr 2024 15:39:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHoMr74VlXu%2BkSZAYkQ%2FS5JivyXhEpwkPzuCgQbq7km7BMDEYqNQfSXun9nydCiwhaPDJOwlkLpPxNVwaifh6OIZqSEMaGQdCAkgjDhi2jlG0%2BfN1qIWrgAsrQetohZ%2BQD2K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d78bcb8e8b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 | 188.114.96.1 | 200 OK | 14 kB |
URL User Request GET HTTP/2juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 IP188.114.96.1:443
CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (11329) Hasha5a1e8a95dc314e92e612ffb03b6879d f978e41a308f9a9571c1cd6cf63de530f46da4fd 9afe5988719639397d321c3c0d2a87f3b61c05921de88bc3cd1bf7536a98b2cd
GET /?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTM4czdtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMa0JoWGtheUx4dmhH.zTJgTT5P-MdEC4pvrJv8UNpXb2r9BpztbXqbFMrBEbk; path=/; expires=Sat, 19 Apr 2025 14:09:18 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90WQtH4q00QrpFt6Vtl7XxLYnM1nUapaawws8sDU5yg7g2f3P5FdvfWxqEvdCuu0RME1wxLzmC3Ej1FhMcQzQDEmwJhKvTPs95UymFYdcjH%2FIpAMrlsWvnjjEkAhQDZmV%2F3n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 876d78b80b2ab51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 IP216.58.207.227:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint8F:81:43:71:C4:F3:8C:FA:6D:EC:B4:5E:1F:58:71:AA:48:42:0E:E9 ValidityMon, 04 Mar 2024 07:16:39 GMT - Mon, 27 May 2024 07:16:38 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14940, version 1.0 Hasha46fb7aae99225fdfd9d64b2b8b1063f 1ee50bf5985c1956dde1c06d9b1cec4645ddb92b 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juicywomenxq.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 Apr 2024 21:46:04 GMT
expires: Tue, 15 Apr 2025 21:46:04 GMT
cache-control: public, max-age=31536000
age: 318194
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| juicywomenxq.com/info-ws/ | 188.114.96.1 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1juicywomenxq.com/info-ws/ IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /info-ws/ HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://juicywomenxq.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: sTszdYIEdA3x6x7dtBDYsg==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxMzhzN20AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxrQmhYa2F5THh2aEc.wVtBmCNsXFQUJjc8SnKl-RbYmPTaExXLNlb6gv0dKhc
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Fri, 19 Apr 2024 14:09:18 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HQuqEBJW+4Y/gG+21JfNqNKQxJE=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BxQGk4gyVDQlyJID0vtjLw5zP4v7%2BU%2BeVYRT6MUz7YjfiPO0xs%2FbBVbdUyCcGW1O8cjGe2Z%2BQBfxkgyAYIAlDzplKGgmFwtSPV2MP6JCLsmm575R0qz76fXUGDX6IvkmbxHB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 876d78bc399356c5-OSL
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/p.js?a=1069737&cr=66497&lid=17943&mh=UXlVenNFRVp3VU5WTU51V21XU3lPQWdkclZtQnZXenVnRWtJZHEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc4ZoteUys4WmdeVEhG&s2=376l60j138s7&t=notrack | 188.114.96.1 | 200 OK | 390 B |
URL GET HTTP/3juicywomenxq.com/p.js?a=1069737&cr=66497&lid=17943&mh=UXlVenNFRVp3VU5WTU51V21XU3lPQWdkclZtQnZXenVnRWtJZHEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc4ZoteUys4WmdeVEhG&s2=376l60j138s7&t=notrack IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (405), with no line terminators Hash13d8a89b28d1bd385f91f7dbc2aa3b47 3e38e7db5aad3895d04a5814145956b18f99a1fc 057c18bda976d2835907d86c21e8e501ebcbed93c80af9c844c3846da8afbc92
GET /p.js?a=1069737&cr=66497&lid=17943&mh=UXlVenNFRVp3VU5WTU51V21XU3lPQWdkclZtQnZXenVnRWtJZHEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc4ZoteUys4WmdeVEhG&s2=376l60j138s7&t=notrack HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTM4czdtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMa0JoWGtheUx4dmhH.zTJgTT5P-MdEC4pvrJv8UNpXb2r9BpztbXqbFMrBEbk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
cf-cache-status: BYPASS
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxMzhzN20AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAxrQmhYa2F5THh2aEc.wVtBmCNsXFQUJjc8SnKl-RbYmPTaExXLNlb6gv0dKhc; path=/; expires=Sat, 19 Apr 2025 14:09:18 GMT; max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n4ggE0WJggAEdpTWSvikE33H%2FedZvRpCX1r4S1VtyUylj%2FxT49jvMrFO0CU9AeCmZwVzuVz48CT1hba3QbXo8MJ%2BZkwr7QZR5ftPo5IqK8pXJ3D6fn%2FiT0OhP1rEfbljIEZh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d78ba6f09b52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/lstatic/93bfa6fbad9488afdb1f39a9bc237dfc/images/m1.jpg | 188.114.96.1 | 200 OK | 78 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/93bfa6fbad9488afdb1f39a9bc237dfc/images/m1.jpg IP188.114.96.1:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 853x1220, components 3 Hashd9f238f8f5d04712257d9952f1fd9547 05806b930da7d858b0ce8414cd17d65d53ba0960 241983e214ad3baec0e406fc8bb7d3527d7d6eb74cc5c5a9ab8dea6139da1553
GET /lstatic/93bfa6fbad9488afdb1f39a9bc237dfc/images/m1.jpg HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j138s7
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApLTUVibGVZV09LbQAAAANoaWRtAAAAJlF5VXpzRUVad1VOVk1OdVdtV1N5T0FnZHJWbUJ2V3p1Z0VrSWRxbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTM4czdtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMa0JoWGtheUx4dmhH.zTJgTT5P-MdEC4pvrJv8UNpXb2r9BpztbXqbFMrBEbk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 19 Apr 2024 14:09:18 GMT
content-type: image/jpeg
content-length: 77908
last-modified: Tue, 20 Feb 2024 13:29:01 GMT
etag: "65d4a91d-13054"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LesD6WsbGtLibDxSY11NVM9aVahwOKl676PtwBZ5Sob4%2FUgmiMTA4KnHatS9v2DRrCP9HXeJ17X2dhCnak1NmMZgD4TIy9mi6%2FIYuJnsyl4gtQ5cVD74oFUT5cAbQ2ge8y4U"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 876d78bb9fe6b52d-OSL
alt-svc: h3=":443"; ma=86400
|
|