www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
44.208.76.17301 Moved Permanently 162 B URL HTTP/1.1 www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 17:27:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 17:05:19 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yBIe61vWFp6N1jY7YheN0stZNKQZPdJiz0QwkD9-1oBGUgiO0yWIow==
Age: 1336
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2586
Expires: Thu, 08 Sep 2022 18:10:41 GMT
Date: Thu, 08 Sep 2022 17:27:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: jbY5aZezOQ1olMm-LyPASddWQ54uVcxR0mM0xP8mUJ55xC9qEqxxHw==
age: 49261
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 08 Sep 2022 16:38:18 GMT
Expires: Thu, 08 Sep 2022 17:23:05 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hYwjc3s_iauJ6rJGryMsfOAPlZPw14HQFpMWS1DYuDaBCyL9XO_jEQ==
Age: 2958
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5056
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:36 GMT
Last-Modified: Thu, 08 Sep 2022 16:03:20 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.88.220.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.88.220.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CpRbK60+Uzb8MMD6uV9ArA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yS6+rQgYFZXpqPuc6NvkoNKQdsY=
www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
44.208.76.17200 OK 29 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22671), with CRLF line terminators
Hash a9238d679fcf07f576078a5155538a6b
9192637b7ce34e34310c9a22cacb57454090d23a
03e996e3985559ac05f79d33be0c588914eafafa85c2d2193d147764f93d4987
GET /qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:36 GMT
content-type: text/html; charset=UTF-8
content-length: 28729
set-cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 27b5823bc31cac832587eedec9e719ce
cf5664fc2a45c798d91e471805baa58d4b2acd91
76fd002deeaed40bf467686a3fced74953f42b995f8cf27894c3a61b31a3792c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76FD002DEEAED40BF467686A3FCED74953F42B995F8CF27894C3A61B31A3792C"
Last-Modified: Thu, 08 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Thu, 08 Sep 2022 19:37:37 GMT
Date: Thu, 08 Sep 2022 17:27:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 54f9e2ed11c19f565afc5d45d2f1e499
5c933cf89e4be594a152d7b1aa7bed6ab42169df
1deae88857366dba09c5e498d9067529377741b3c51b711b4adb88d861f58718
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d41d8cd98f00b204e9800998ecf8427e&rt=click&p=&a=&cmp=&rf=
35.190.72.161200 OK 2.7 kB URL HTTP/2 fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d41d8cd98f00b204e9800998ecf8427e&rt=click&p=&a=&cmp=&rf=
IP 35.190.72.161:0
File type ASCII text, with very long lines (2652), with no line terminators
Hash a1577ce63984f95425d615f9e2938b61
e8da3b6fce7c6989268a058891ead7c77bc790b3
0ae5106f13643b3a0a9adb1dbd837df2608bd0775d8064af7bd273b8cb268e2b
GET /js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d41d8cd98f00b204e9800998ecf8427e&rt=click&p=&a=&cmp=&rf= HTTP/1.1
Host: fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Thu, 08 Sep 2022 17:27:37 GMT
access-control-allow-origin: *
content-type: application/javascript
content-length: 2652
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-133277878-80
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-133277878-80
IP 142.250.74.72:0
File type ASCII text, with very long lines (1615)
Hash 62160962161257fa74b8122ca54d93d8
622d67f7dce130ca00077bd670d498061cf42e4a
3fc5bd37cf1480e613a57fe08903baad732e137832806321bf1c7d3aad2a2f47
GET /gtag/js?id=UA-133277878-80 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 08 Sep 2022 17:27:37 GMT
expires: Thu, 08 Sep 2022 17:27:37 GMT
cache-control: private, max-age=900
last-modified: Thu, 08 Sep 2022 16:52:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41846
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b63f97bc3dce37e8ee6a0c9fcae468fe
cc70326582c0016d7434d0553486734266e57e71
6b3b365123beead4021532b8f2578b3761bbd47af45ed2a461a0476d53aa637d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 27b5823bc31cac832587eedec9e719ce
cf5664fc2a45c798d91e471805baa58d4b2acd91
76fd002deeaed40bf467686a3fced74953f42b995f8cf27894c3a61b31a3792c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "76FD002DEEAED40BF467686A3FCED74953F42B995F8CF27894C3A61B31A3792C"
Last-Modified: Thu, 08 Sep 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7800
Expires: Thu, 08 Sep 2022 19:37:37 GMT
Date: Thu, 08 Sep 2022 17:27:37 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 652bdaaaca09a66fc9a260163eee7aeb
f59f82dd2c189cdff5c641ff7c53c5f257e1f2d2
bbaf18a14748bb922b9bd19125c78310a564b1aebb7de8f30af0be6fa390e7da
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestukrainiangirl.com/qa/register01/images/kiss.png
44.208.76.17200 OK 18 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/kiss.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 037850482d89101d0264b5c2a51cbaf3
c4442a41d1d0e4636c8a74148addcd56cb75481a
19999e0045128216c252678c74b4665a22df1c8bf2d28c4327fc754552df41a5
GET /qa/register01/images/kiss.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 18006
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "4656-5e3050f3d537c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hand-over.png
44.208.76.17200 OK 6.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hand-over.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 6aee23bc1b43706192ce1201a49d9332
ec823936f540d613872d1e357ece45090b8525d0
3061a325961a761690be7ad3d93eb014eeaafeef26f2444e60c83e69e7ce998b
GET /qa/register01/images/hand-over.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 6400
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "1900-5e3050f314974"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hugging.png
44.208.76.17200 OK 7.1 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hugging.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash cafaf8a226ac7acff1c63c868a09d3ab
b9f3b25f2cd777ff131b68f4ee8764606fe18431
70cf55594627c61fa3e87944b193de1e17407080cd51603d2f0f204f9004dafd
GET /qa/register01/images/hugging.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 7083
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "1bab-5e3050f38429c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
44.208.76.17200 OK 6.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e01b80cb5cfa195d670204261013c05e
9c857c7142dcff223625099b59adf780d06685d2
e2544c89ce253853e2a8bb9aeba8a576a303e43104438e485a3b92428197833a
GET /qa/register01/images/thinking-face.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 6450
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "1932-5e3050fcc7034"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/loading.gif
44.208.76.17200 OK 49 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/loading.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 107 x 90\012- data
Hash 351e1e7e896617f7dae0f19f436fee41
b2c3a4a978b90a8e8f5b1dba12230d624752f4aa
573c8107d16f18962e3dbc4c61c0621abb11dda26f9fea6cea3c1855dddee66a
GET /qa/register01/images/loading.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/gif
content-length: 49082
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "bfba-5e3050fba8644"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/female.png
44.208.76.17200 OK 8.7 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/female.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 07fdb9ed61590d2777892f83ffd6ed9d
a5bd944f99e7157565bb9fb6549c470e13dc8fc5
c20f443c04ee371f3fcd1cd6683027bb9c7931f10a1b9ec8d7382ab38483e230
GET /qa/register01/images/female.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 8669
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "21dd-5e3050f2f49bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/male.png
44.208.76.17200 OK 6.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/male.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e2106577efb42fd2cb110b8e098ca175
f40221d394693958100e89f2101e89f4ddca64d9
eae7588fbcb76482b9d205d2bcb68db86b2876b8ffe5e186a47b1f1e44f8a6cc
GET /qa/register01/images/male.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/png
content-length: 6589
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "19bd-5e3050fc6c314"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
44.208.76.17200 OK 24 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 81f6a4ea8a56cf44bc1e14ef336daeeb
11f83ac03d35e86fce1193f04cfd688e3d9d1964
5b398b2553b46305d1394a4447dd1ae86f8d4f7ac4b0b19fde1a333e78d0df5f
GET /qa/register01/images/lady01.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 23902
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "5d5e-5e3050f6716e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 401f7a56a912ebb527b5021cdb755d1d
eb31fb11adf40403fa0ffa305375566db9ab33fb
77618413cacf9729ba63a65b312205b57321c3e68501563275ec0c8501de1bad
GET /qa/register01/images/lady02.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 25013
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "61b5-5e3050f8bb1fc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 5e7bd5777f4721fcde7893454128f85e
cdf30b7c9f9b54460bcb02974822a20e5878f1f2
23fc407e4d46c5e6d361d9b388b397237982ac37e83020219fb126c757fccc03
GET /qa/register01/images/lady03.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 26264
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6698-5e3050fa78ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 73a65ebbd26a1f14b638accb8eb22139
ebdba3afa2ff5835c9bc18efe0cfe2ded770f879
f71f42e93861c4831da5f03dcb728c0b1dc828e31b522a1665fd4b466a6de01e
GET /qa/register01/images/lady04.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 25763
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "64a3-5e3050faa55bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash ab95e189516a844fa011e3977e969c10
0a0bd7456713bba855d20bc9441fefbbcc71a9b6
c5b1e494f0fba445b2fda9555f3c00b7eaa5e016a03a45f564169d01bc708fee
GET /qa/register01/images/lady05.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 25428
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6354-5e3050facfd6c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
44.208.76.17200 OK 32 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 771ab354397841df3e9021586cbd4021
281334da3d5adafaaf4a527948e60c0c22415d6c
4947a3cb8fb7bc66ff25236500ef63e68ee2f7b676e1bda4aea191d64bb222ac
GET /qa/register01/images/lady06.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/jpeg
content-length: 32238
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "7dee-5e3050fafe39c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.gif
44.208.76.17200 OK 718 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 300 x 240\012- data
Size 718 kB (718441 bytes)
Hash 051f1406010ef328737da88e9049440f
15196dc7689e407c041af15fc888535ad2593955
c95dacca221f7f0aac7d59f3a9397c9672c1b33b6735afcb6641a2d4cd9b886c
GET /qa/register01/images/lady02.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/gif
content-length: 718441
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "af669-5e3050f884ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/main.min.css
44.208.76.17200 OK 3.9 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/main.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (16632), with CRLF line terminators
Hash 850d5db4ec0135777c1ecf1d54fd5646
5ecdf6b778856d6b02dbb8689694fae0357a0216
bfd0401830620cfb73b83daf5c767fa66f334c2a5c0d244cae36e6583083500e
GET /qa/register01/css/main.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: text/css
content-length: 3894
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "40fa-5e3050f18d7a4"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
44.208.76.17200 OK 3.2 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (19512), with CRLF line terminators
Hash 1f22e27f428e6d4d24d6aa917703b1c8
9d44b75150712e0f3cebca70087869a65fa4e1bc
49e9aaed89ca14e41b5da380090d3fbb10e173ec265c37bbc3d1b8baed469980
GET /qa/register01/css/swiper.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: text/css
content-length: 3249
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "4d49-5e3050f1e984c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators
Hash 2c6ae66330701466614da360562e59f2
b1f91e2993caf9434b8aadc2a3ce484c49fb81a5
ddc2263c9fd0c283d9d45fd55e90c1c8483a95c360e7e3d85c16ef432d4f5088
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/css/layout.css?v1.0 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: text/css
content-length: 4540
last-modified: Tue, 05 Jul 2022 01:49:10 GMT
etag: "421f-5e3050f13de34"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/my_validate_index2.js
44.208.76.17200 OK 2.9 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/my_validate_index2.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1e757f7e2374c7b7162906a20688af2
ca928406b98b3611e9f23ac3157c8a116eb332a6
4cc7f63506663396d396c9e81fdda9310abfe101cfa63e57411b1263c0d1f803
Analyzer Verdict Alert fortinet Phishing
GET /common/js/my_validate_index2.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 2851
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "2560-5b138acc60a3b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/logo.svg
44.208.76.17200 OK 5.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/logo.svg
IP 44.208.76.17:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (2439)
Hash 75534473b7cc351b43537cb62d0667a0
3b2adfec31ebccf863049d752675149cbcef3326
b83e143afb1973738d8c298f6985b0bca831a97ab43fd8dfabc29c559f6a95e1
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/images/logo.svg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/svg+xml
content-length: 5575
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "15c7-5e3050fbf3964"
accept-ranges: bytes
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.gif
44.208.76.17200 OK 944 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 460 x 275\012- data
Size 944 kB (944238 bytes)
Hash 1378661a79051ba4c99d6ffa6b4937ff
43f23e1d895fb4b5aaf3528856c12a695fac345a
50ad5be435107232d2145cac9ac72d0a1445f08bdbe78d75a03917315dcc31d8
GET /qa/register01/images/lady01.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/gif
content-length: 944238
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "e686e-5e3050f64a5e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.gif
44.208.76.17200 OK 423 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 250 x 187\012- data
Size 423 kB (422678 bytes)
Hash 8da23666859a0dd50c5f414a0afcb964
457c6e6572dd3af1f51aa40da02fae92614af8cc
d56bcb35ef49c519e093ed771ced5af6fd7ddcf02a6bbfd6c33425598070125b
GET /qa/register01/images/lady03.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: image/gif
content-length: 422678
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "67316-5e3050fa4c00c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.cookie.js
44.208.76.17200 OK 1.4 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.cookie.js
IP 44.208.76.17:0
Hash 00cfb5c8c7ec0b51b1dfb190279d570f
468f6fe01079afbcf53594f1065847f04165e249
0585e143aba785df6fb525229dd5e3466227cecc87e913459f0444e732fbf15c
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.cookie.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1378
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c31-5b138acc863cb"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
44.208.76.17200 OK 1.0 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d4b600f68461a491b71e88dc6f0173e1
7e20eb3d42dfec881deb87d3c2d6aad1c40aca0f
c5dc9fb6467bc20ff42141ea247397131baf1e1d6240d0dd66eb62f2cf87c74a
Analyzer Verdict Alert fortinet Phishing
GET /common/js/auto_email/jquery.autoComplete.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c56-5b138acbfdc33"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
44.208.76.17200 OK 5.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (17272), with CRLF line terminators
Hash d05c86f40c1021162f5eface92f32750
3bb8c13a8d0af38771996de06ce099308e8d1fad
a7f7d4d2cdc4a5f36a4ff11790a5c1b0f32ded52f196d7f42459b509e12fc624
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/parallax.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 5438
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "43a4-5e3050fd6575c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
44.208.76.17200 OK 376 B URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
IP 44.208.76.17:0
File type ASCII text, with CRLF line terminators
Hash fa161ac586a052c4476ed190ac1571e0
95bf7bc6541743739aa6d9f185d398e36dc9ce6c
f514e2d195768146c7b6453b788d6fdeb1df19ee6e5b017e0e9a1003a8e5c662
GET /common/js/auto_email/autoComplete.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: text/css
content-length: 376
last-modified: Fri, 09 Oct 2020 08:24:17 GMT
etag: "27d-5b138acba794b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.min.js
44.208.76.17200 OK 35 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.min.js
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 28ca33b476a0e86fa59725bdb38c7f2f
120531fc57923e78104a0aacee05c53cecbfd61f
ffbc181a3d82af401ee3645d08b10d739c12222da179cd5ec2dc67016d7c93a3
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 34763
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "17278-5b138accbfdab"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3564
Expires: Thu, 08 Sep 2022 18:27:02 GMT
Date: Thu, 08 Sep 2022 17:27:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3564
Expires: Thu, 08 Sep 2022 18:27:02 GMT
Date: Thu, 08 Sep 2022 17:27:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3564
Expires: Thu, 08 Sep 2022 18:27:02 GMT
Date: Thu, 08 Sep 2022 17:27:38 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3564
Expires: Thu, 08 Sep 2022 18:27:02 GMT
Date: Thu, 08 Sep 2022 17:27:38 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ca5b5d4ac26d97b5729a30ecdc688bc
3e633bc6c4ab9adfe84899e5209d73bef1d097eb
2c8275d1819d933f86df9685b76aea030842ba5a341c59ea88ffd2da99a5a3d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6069f6c-2029-46b3-9867-5eaeb96d65e7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7885
x-amzn-requestid: 305dc6b7-eb3d-40ad-af89-8b60be935637
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9ThE3DIAMFRtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f49-7c0b58644e26de7f27c5b388;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: MG4_YJuVqfSCQ80FTdo5XU8xIi74XtILVbIQAbByh54QNOoMJCyS-Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 5abfab33f248090bb0f31ca137ce9464.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 21:47:05 GMT
age: 70833
etag: "3e633bc6c4ab9adfe84899e5209d73bef1d097eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:17 GMT
age: 69021
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c316fd8a538a8c998ef49d399e9b0692
1fbcbd73de88723e5a42ec1ecb131b94deb1c88e
1a34abee1bf6b76733ba2ca97a5c053b67bd6cd48f6953fc53798c77385cd781
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ee600c8-d25e-4cb3-93cb-f1970d300d9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8643
x-amzn-requestid: 1a5d65d5-539f-469a-9ee5-f8bd4c8a76e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xw48zFHyoAMFWdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63103b84-5f2ddc616391630865a1b6d8;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 04:56:36 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aw6UXIQxU8WOcK2QBEWcjocyff0_JENMs4ag5YRPnSy0kFO9pb1hbQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 23:58:25 GMT
age: 62953
etag: "1fbcbd73de88723e5a42ec1ecb131b94deb1c88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 675756a44be6f9bbe341fa4c866c941b
6502050805e53baeb44d82e55d4b15b82e34d2eb
cd1d16b5feefddfd89ac4bfcff21e80c49f07b0428aa57e8de365974f813e755
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faea8d298-d4be-46a2-9c14-670bdae204cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8820
x-amzn-requestid: e2c909d0-f781-48e6-805e-a43940e67c4c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG_LpG1OIAMF_8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6319124a-37f3458a2905bd947cf01f93;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:51:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BEn2J8F8SsnyrLeWv5W6QDPn21ZjNXH3I0B2kUJYpgdMVp-88pb5rw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:17:34 GMT
age: 69004
etag: "6502050805e53baeb44d82e55d4b15b82e34d2eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
44.208.76.17200 OK 33 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (65263), with CRLF line terminators
Hash 9919d9d97c932c232298137ba2021d30
d8ce5b6985d28a7342e16274de07bf90d2b0591b
eceb9fc78096f2c0ded07f04804c83af4ec93d7e6eb14f4322cf592aa640ade3
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/swiper.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=a8766ee0b9cd4c3f89f2599cbb06a87e&qpid_subid=100304&source_tag=s007
Cookie: PHPSESSID=qrgarcni4m6p39s2qklaoee0v3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 17:27:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 33064
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "1d7b5-5e3050fdba6bc"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a07d553b6441514870ed7e9e989a29a7
98c145b9326d1e6036fa9089d87a25232dd45b0b
373a586b596016baeb8de98022207c25af24c099c06077edbdfd837cffc31a0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5314d83a-c7f9-468e-8b42-535c4fae5d85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7492
x-amzn-requestid: 2c5e9ff3-c7a4-4a8f-96bf-74f0ca5d9137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9dOHguIAMFjGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f87-70dbe6532b1a241e6dbe729e;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lbCmv9fV9iBGOQvxRzleYwC5dBYeu1kRgSSkC2hycDmavyXj-KlFSw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:24:59 GMT
age: 68559
etag: "98c145b9326d1e6036fa9089d87a25232dd45b0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhobt81rs5gqg8hcr1Su3J3MNFt4_gR2hLHkIl5xDDS1HF9g_3ecCg==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:40:35 GMT
age: 67623
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
flx808.lporirxe.com/flp/ncvp.js?c=808&i=1662658050
104.18.156.225200 OK 11 kB URL HTTP/2 flx808.lporirxe.com/flp/ncvp.js?c=808&i=1662658050
IP 104.18.156.225:0
Hash e6a30d4ef5eaccb5d35d0eb5dc740052
42740eec442f77afdb474126b88300330ef2473a
b962548be39783badbf3c462775ada9eddb95b9bc6e4e5c0c313c54fb6e524aa
GET /flp/ncvp.js?c=808&i=1662658050 HTTP/1.1
Host: flx808.lporirxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 08 Sep 2022 17:27:38 GMT
content-type: application/javascript
content-length: 11218
last-modified: Fri, 26 Aug 2022 17:37:34 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3752
expires: Fri, 09 Sep 2022 17:27:38 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 7479655f899fb4f9-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash db3d2d40f373a7ef445874e65d7f0397
087a4802f28647e830222fafc67bda30dec5fc31
4a7ff3bf120d9795d86e370be5fb2987edd4575e1ce0ab1f2f7a66ddf1e5b0d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:32:55 GMT
expires: Fri, 01 Sep 2023 20:32:55 GMT
cache-control: public, max-age=31536000
age: 593683
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Sep 2022 20:32:57 GMT
expires: Fri, 01 Sep 2023 20:32:57 GMT
cache-control: public, max-age=31536000
age: 593681
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/2 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvLyIfaTroKSK8VOHiCxD39slU4Uur56WBBU-Cjr0_IPB8-wZTOkFk6wmxV3qAbbyKc8YsyjKQbvbM7RoL5EhcYbw
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
content-language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
server: UploadServer
date: Thu, 08 Sep 2022 17:10:57 GMT
expires: Thu, 08 Sep 2022 18:10:57 GMT
cache-control: public, max-age=3600
age: 1001
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
etag: "e0eff30579598f76147c9ea12f490d21"
content-type: application/javascript
content-length: 89647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19004, version 1.0\012- data
Hash be2a14878eb61d7c95d5970ff1912539
237450c08a36de2b7d3e4d20b74a062ca2fce816
1e235540dffb208599faa7434fad4050331fcd6916bf44fad58a5d1d65b8d360
GET /s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Sep 2022 22:45:02 GMT
expires: Tue, 05 Sep 2023 22:45:02 GMT
cache-control: public, max-age=31536000
age: 240156
last-modified: Thu, 21 Apr 2022 16:57:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 61961ee76ab6c28f6e17eb7a1df4a3ea
ab4e8c9c284a0eed6b2fab77c9df432839158b3a
9e3bec23cc8ea49ab4e3a3a244a428c59e6c48c80359c473155584807ba0de41
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 17:27:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
142.250.74.10200 OK 5.0 kB URL HTTP/2 fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP 142.250.74.10:0
Hash 36edd91fcd07cc8c07643134b8335c95
226d9fbad4fec8a20a7095ac060d574a8f8839cc
3c7d374343dace594b706aae8dfc8eced2e3237ed170b1dea0d83fc2d751313a
GET /css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 08 Sep 2022 17:27:37 GMT
date: Thu, 08 Sep 2022 17:27:37 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Thu, 08 Sep 2022 16:41:12 GMT
expires: Thu, 08 Sep 2022 18:41:12 GMT
cache-control: public, max-age=7200
age: 2786
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j96&a=180874517&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3Da8766ee0b9cd4c3f89f2599cbb06a87e%26qpid_subid%3D100304%26source_tag%3Ds007&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=249584900&gjid=1972243470&cid=457758886.1662658051&tid=UA-133277878-80&_gid=1102643100.1662658051&_r=1>m=2ou8v0&z=1530063842
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&a=180874517&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3Da8766ee0b9cd4c3f89f2599cbb06a87e%26qpid_subid%3D100304%26source_tag%3Ds007&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=249584900&gjid=1972243470&cid=457758886.1662658051&tid=UA-133277878-80&_gid=1102643100.1662658051&_r=1>m=2ou8v0&z=1530063842
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&a=180874517&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3Da8766ee0b9cd4c3f89f2599cbb06a87e%26qpid_subid%3D100304%26source_tag%3Ds007&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=249584900&gjid=1972243470&cid=457758886.1662658051&tid=UA-133277878-80&_gid=1102643100.1662658051&_r=1>m=2ou8v0&z=1530063842 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.bestukrainiangirl.com
date: Thu, 08 Sep 2022 17:27:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aux.fqtag.com/aux/d
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/d HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 204
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 08 Sep 2022 17:27:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 243
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Thu, 08 Sep 2022 17:27:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2