www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
44.208.76.17301 Moved Permanently 162 B URL HTTP/1.1 www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 02 Dec 2022 06:16:44 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7966
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 06:16:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1479
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:44 GMT
Last-Modified: Fri, 02 Dec 2022 05:52:05 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 05:19:51 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3413
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 06:16:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 2ueBz1+LerjhxvggbYrke4VYQdgJ5CH8dzI7pUp6fSbR5O9DGuAsySLYpajDwG3qoKPy9yXNDHY=
x-amz-request-id: K2Q1KA16ZMNEZW0K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 05:46:35 GMT
age: 1809
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 330
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1482
Cache-Control: max-age=98086
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:45 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 09:31:31 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
44.208.76.17302 Found 20 B URL HTTP/2 www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
IP 44.208.76.17:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Fri, 02 Dec 2022 06:16:45 GMT
content-type: text/html; charset=UTF-8
content-length: 20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
set-cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; path=/
owner_id=CP283597; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
adv_id=2216; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
adv_type=1; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
subaffid=100304; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
source_id=xferryx; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
adv_ldp_id=CD387001; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
qpid_offer_id=BUG_830762TEEKE; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
website_id=192; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
adv_click_history_id=673494354; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
qpid_click_id=2be4d5cb49824736bbbb914706116576; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D; expires=Thu, 02-Mar-2023 06:16:45 GMT; path=/
location: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tCkF4+O7njwDXaf8Ap2I9w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: h/tK4DXA1gZN35Dq+hFH2OQkCAE=
www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
44.208.76.17200 OK 29 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22671), with CRLF line terminators
Hash 058b1ec80f4027947dbfd10df2e80a30
0a4520dc16dce50fed0d6a3f509504fb492a0782
7f8605c831b99c83655e021072eab727ee6bf15c73e5a48a66b38a27961da718
GET /qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: text/html; charset=UTF-8
content-length: 28819
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3492c575a150dda1a1f5e1009d4e21f
163171cf1b9f576eb4079c359541a26368ba6620
0db9d4aecc91335da8e7b0d67e37c5a1acbced952c085487492754ae207ff6f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DB9D4AECC91335DA8E7B0D67E37C5A1ACBCED952C085487492754AE207FF6F2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Fri, 02 Dec 2022 07:06:40 GMT
Date: Fri, 02 Dec 2022 06:16:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=7e5496c228a2663bfc11cd0e065719f2&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
35.190.72.161200 OK 2.7 kB URL HTTP/2 fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=7e5496c228a2663bfc11cd0e065719f2&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
IP 35.190.72.161:0
File type ASCII text, with very long lines (2714), with no line terminators
Hash 286cc6315692cb9ac60cfa6e5fd4a13e
da70607e0ef2130988bc39880150ba822886b1d5
c3dd491e90597b05571a88a7d0ac6c2fceb5dc778ac46cd1f29e65663a97b214
GET /js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=7e5496c228a2663bfc11cd0e065719f2&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf= HTTP/1.1
Host: fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Fri, 02 Dec 2022 06:16:46 GMT
access-control-allow-origin: *
content-type: application/javascript
content-length: 2714
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-133277878-80
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-133277878-80
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 0cc3516c4ebc9d0587990dc11f594f4d
8137caa208b7ac4f1a0bd4fa41653b4e2b02d3a2
e058c8f26e79931019f6779222f004fe69249ac88fe752d97b40b9d868c32c0e
GET /gtag/js?id=UA-133277878-80 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Dec 2022 06:16:46 GMT
expires: Fri, 02 Dec 2022 06:16:46 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Dec 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43564
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3492c575a150dda1a1f5e1009d4e21f
163171cf1b9f576eb4079c359541a26368ba6620
0db9d4aecc91335da8e7b0d67e37c5a1acbced952c085487492754ae207ff6f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0DB9D4AECC91335DA8E7B0D67E37C5A1ACBCED952C085487492754AE207FF6F2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2994
Expires: Fri, 02 Dec 2022 07:06:40 GMT
Date: Fri, 02 Dec 2022 06:16:46 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2583
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 06:16:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2583
Expires: Fri, 02 Dec 2022 06:59:49 GMT
Date: Fri, 02 Dec 2022 06:16:46 GMT
Connection: keep-alive
fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
142.250.74.106200 OK 991 B URL HTTP/2 fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP 142.250.74.106:0
Hash 0ad610ef83975d5b7095a243830e8d9d
e387cdee155e7fd84408db42a5905c2350c70763
f283a074e2e768cc071f8f1ad8b12d05880e9eeec27487fbe9cc071f927d4826
GET /css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 06:16:46 GMT
date: Fri, 02 Dec 2022 06:16:46 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 82597
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c80b8025242ddfcc816ec612456b99e
aa944d10fe4a44b790b01ef62edc0f85a6d558e3
a9f060bc15738a3fe257e0c81a29e4611a89c273bcbb2765ce856d4e854a5f1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6edb00ee-3888-4974-ae1a-52ef18e62d0d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11402
x-amzn-requestid: 20c2c359-1e43-40c0-885d-1c90e76ea12b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGzJHu-IAMFbYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e7a-1d89722e767daa014b174a39;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: OJBnbjJB_kvPuJcePGnno3zI0CTWAzV-Osb2L1hPZZhlNYhFHWmLsA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:51:33 GMT
age: 30313
etag: "aa944d10fe4a44b790b01ef62edc0f85a6d558e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 30410
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd8ad22c2eb1eb91c76970fa449f1bc4
0de97f3a4964038222bd751e043e413113e6db9d
668f805815aede3bc04f8564bd6aefd56029362bb0aa8a794673eb78ab2d4643
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5183c67-4568-43c8-a2e7-7b41f5ca064b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4834
x-amzn-requestid: 63a0b8b5-5cb3-4a1f-aa46-47c84abe726f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQrjEeAIAMF3sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7e3-0032799009f893ba79f314db;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02EF3QEVKmEB2ikbGk9gzQq7_VMi00ufHUNRFTL8MpwJKaXQwdT8HA==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 03:42:27 GMT
age: 9259
etag: "0de97f3a4964038222bd751e043e413113e6db9d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 58a28fc1cbcacdb07b3ca175281982b5
9bc47ee49fc070d0997e49a719bd9758685ad583
d3bfcf749c4652cb29f7c82a5d7ba940bd607f9060e49c1c40a112eb3e625bd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F40b76495-d9ea-430e-9b62-92b639b122e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6564
x-amzn-requestid: e2875cf3-3915-43a5-a724-4de2ca03de56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepHOiIAMFTFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-5f7e2a3f609d54a609a12670;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mwGAEu-gPXY5Opwd972VbBA6l33dNk7bPFSyZmciaplQKj2ZuTkQSg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:47 GMT
age: 31319
etag: "9bc47ee49fc070d0997e49a719bd9758685ad583"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 30475
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/kiss.png
44.208.76.17200 OK 18 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/kiss.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 037850482d89101d0264b5c2a51cbaf3
c4442a41d1d0e4636c8a74148addcd56cb75481a
19999e0045128216c252678c74b4665a22df1c8bf2d28c4327fc754552df41a5
GET /qa/register01/images/kiss.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 18006
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "4656-5e3050f3d537c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hand-over.png
44.208.76.17200 OK 6.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hand-over.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 6aee23bc1b43706192ce1201a49d9332
ec823936f540d613872d1e357ece45090b8525d0
3061a325961a761690be7ad3d93eb014eeaafeef26f2444e60c83e69e7ce998b
GET /qa/register01/images/hand-over.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 6400
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "1900-5e3050f314974"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hugging.png
44.208.76.17200 OK 7.1 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hugging.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash cafaf8a226ac7acff1c63c868a09d3ab
b9f3b25f2cd777ff131b68f4ee8764606fe18431
70cf55594627c61fa3e87944b193de1e17407080cd51603d2f0f204f9004dafd
GET /qa/register01/images/hugging.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 7083
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "1bab-5e3050f38429c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
44.208.76.17200 OK 6.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e01b80cb5cfa195d670204261013c05e
9c857c7142dcff223625099b59adf780d06685d2
e2544c89ce253853e2a8bb9aeba8a576a303e43104438e485a3b92428197833a
GET /qa/register01/images/thinking-face.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 6450
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "1932-5e3050fcc7034"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/loading.gif
44.208.76.17200 OK 49 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/loading.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 107 x 90\012- data
Hash 351e1e7e896617f7dae0f19f436fee41
b2c3a4a978b90a8e8f5b1dba12230d624752f4aa
573c8107d16f18962e3dbc4c61c0621abb11dda26f9fea6cea3c1855dddee66a
GET /qa/register01/images/loading.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/gif
content-length: 49082
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "bfba-5e3050fba8644"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/female.png
44.208.76.17200 OK 8.7 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/female.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 07fdb9ed61590d2777892f83ffd6ed9d
a5bd944f99e7157565bb9fb6549c470e13dc8fc5
c20f443c04ee371f3fcd1cd6683027bb9c7931f10a1b9ec8d7382ab38483e230
GET /qa/register01/images/female.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 8669
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "21dd-5e3050f2f49bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/male.png
44.208.76.17200 OK 6.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/male.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e2106577efb42fd2cb110b8e098ca175
f40221d394693958100e89f2101e89f4ddca64d9
eae7588fbcb76482b9d205d2bcb68db86b2876b8ffe5e186a47b1f1e44f8a6cc
GET /qa/register01/images/male.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/png
content-length: 6589
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "19bd-5e3050fc6c314"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
44.208.76.17200 OK 24 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 81f6a4ea8a56cf44bc1e14ef336daeeb
11f83ac03d35e86fce1193f04cfd688e3d9d1964
5b398b2553b46305d1394a4447dd1ae86f8d4f7ac4b0b19fde1a333e78d0df5f
GET /qa/register01/images/lady01.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 23902
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "5d5e-5e3050f6716e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 401f7a56a912ebb527b5021cdb755d1d
eb31fb11adf40403fa0ffa305375566db9ab33fb
77618413cacf9729ba63a65b312205b57321c3e68501563275ec0c8501de1bad
GET /qa/register01/images/lady02.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 25013
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "61b5-5e3050f8bb1fc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 5e7bd5777f4721fcde7893454128f85e
cdf30b7c9f9b54460bcb02974822a20e5878f1f2
23fc407e4d46c5e6d361d9b388b397237982ac37e83020219fb126c757fccc03
GET /qa/register01/images/lady03.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 26264
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6698-5e3050fa78ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 73a65ebbd26a1f14b638accb8eb22139
ebdba3afa2ff5835c9bc18efe0cfe2ded770f879
f71f42e93861c4831da5f03dcb728c0b1dc828e31b522a1665fd4b466a6de01e
GET /qa/register01/images/lady04.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 25763
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "64a3-5e3050faa55bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash ab95e189516a844fa011e3977e969c10
0a0bd7456713bba855d20bc9441fefbbcc71a9b6
c5b1e494f0fba445b2fda9555f3c00b7eaa5e016a03a45f564169d01bc708fee
GET /qa/register01/images/lady05.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 25428
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6354-5e3050facfd6c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
44.208.76.17200 OK 32 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 771ab354397841df3e9021586cbd4021
281334da3d5adafaaf4a527948e60c0c22415d6c
4947a3cb8fb7bc66ff25236500ef63e68ee2f7b676e1bda4aea191d64bb222ac
GET /qa/register01/images/lady06.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/jpeg
content-length: 32238
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "7dee-5e3050fafe39c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.gif
44.208.76.17200 OK 718 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 300 x 240\012- data
Size 718 kB (718441 bytes)
Hash 051f1406010ef328737da88e9049440f
15196dc7689e407c041af15fc888535ad2593955
c95dacca221f7f0aac7d59f3a9397c9672c1b33b6735afcb6641a2d4cd9b886c
GET /qa/register01/images/lady02.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/gif
content-length: 718441
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "af669-5e3050f884ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.gif
44.208.76.17200 OK 944 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 460 x 275\012- data
Size 944 kB (944238 bytes)
Hash 1378661a79051ba4c99d6ffa6b4937ff
43f23e1d895fb4b5aaf3528856c12a695fac345a
50ad5be435107232d2145cac9ac72d0a1445f08bdbe78d75a03917315dcc31d8
GET /qa/register01/images/lady01.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/gif
content-length: 944238
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "e686e-5e3050f64a5e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/main.min.css
44.208.76.17200 OK 3.9 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/main.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (16632), with CRLF line terminators
Hash 850d5db4ec0135777c1ecf1d54fd5646
5ecdf6b778856d6b02dbb8689694fae0357a0216
bfd0401830620cfb73b83daf5c767fa66f334c2a5c0d244cae36e6583083500e
GET /qa/register01/css/main.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: text/css
content-length: 3894
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "40fa-5e3050f18d7a4"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
44.208.76.17200 OK 3.2 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (19512), with CRLF line terminators
Hash 1f22e27f428e6d4d24d6aa917703b1c8
9d44b75150712e0f3cebca70087869a65fa4e1bc
49e9aaed89ca14e41b5da380090d3fbb10e173ec265c37bbc3d1b8baed469980
GET /qa/register01/css/swiper.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: text/css
content-length: 3249
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "4d49-5e3050f1e984c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators
Hash 2c6ae66330701466614da360562e59f2
b1f91e2993caf9434b8aadc2a3ce484c49fb81a5
ddc2263c9fd0c283d9d45fd55e90c1c8483a95c360e7e3d85c16ef432d4f5088
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/css/layout.css?v1.0 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: text/css
content-length: 4540
last-modified: Tue, 05 Jul 2022 01:49:10 GMT
etag: "421f-5e3050f13de34"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/my_validate_index2.js
44.208.76.17200 OK 2.9 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/my_validate_index2.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1e757f7e2374c7b7162906a20688af2
ca928406b98b3611e9f23ac3157c8a116eb332a6
4cc7f63506663396d396c9e81fdda9310abfe101cfa63e57411b1263c0d1f803
Analyzer Verdict Alert fortinet Phishing
GET /common/js/my_validate_index2.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 2851
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "2560-5b138acc60a3b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.cookie.js
44.208.76.17200 OK 1.4 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.cookie.js
IP 44.208.76.17:0
Hash 00cfb5c8c7ec0b51b1dfb190279d570f
468f6fe01079afbcf53594f1065847f04165e249
0585e143aba785df6fb525229dd5e3466227cecc87e913459f0444e732fbf15c
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.cookie.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1378
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c31-5b138acc863cb"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/logo.svg
44.208.76.17200 OK 5.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/logo.svg
IP 44.208.76.17:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (2439)
Hash 75534473b7cc351b43537cb62d0667a0
3b2adfec31ebccf863049d752675149cbcef3326
b83e143afb1973738d8c298f6985b0bca831a97ab43fd8dfabc29c559f6a95e1
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/images/logo.svg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/svg+xml
content-length: 5575
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "15c7-5e3050fbf3964"
accept-ranges: bytes
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.gif
44.208.76.17200 OK 423 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 250 x 187\012- data
Size 423 kB (422678 bytes)
Hash 8da23666859a0dd50c5f414a0afcb964
457c6e6572dd3af1f51aa40da02fae92614af8cc
d56bcb35ef49c519e093ed771ced5af6fd7ddcf02a6bbfd6c33425598070125b
GET /qa/register01/images/lady03.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:46 GMT
content-type: image/gif
content-length: 422678
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "67316-5e3050fa4c00c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
44.208.76.17200 OK 1.0 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d4b600f68461a491b71e88dc6f0173e1
7e20eb3d42dfec881deb87d3c2d6aad1c40aca0f
c5dc9fb6467bc20ff42141ea247397131baf1e1d6240d0dd66eb62f2cf87c74a
Analyzer Verdict Alert fortinet Phishing
GET /common/js/auto_email/jquery.autoComplete.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c56-5b138acbfdc33"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
44.208.76.17200 OK 5.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (17272), with CRLF line terminators
Hash d05c86f40c1021162f5eface92f32750
3bb8c13a8d0af38771996de06ce099308e8d1fad
a7f7d4d2cdc4a5f36a4ff11790a5c1b0f32ded52f196d7f42459b509e12fc624
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/parallax.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 5438
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "43a4-5e3050fd6575c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
44.208.76.17200 OK 376 B URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
IP 44.208.76.17:0
File type ASCII text, with CRLF line terminators
Hash fa161ac586a052c4476ed190ac1571e0
95bf7bc6541743739aa6d9f185d398e36dc9ce6c
f514e2d195768146c7b6453b788d6fdeb1df19ee6e5b017e0e9a1003a8e5c662
GET /common/js/auto_email/autoComplete.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: text/css
content-length: 376
last-modified: Fri, 09 Oct 2020 08:24:17 GMT
etag: "27d-5b138acba794b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.min.js
44.208.76.17200 OK 35 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.min.js
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 28ca33b476a0e86fa59725bdb38c7f2f
120531fc57923e78104a0aacee05c53cecbfd61f
ffbc181a3d82af401ee3645d08b10d739c12222da179cd5ec2dc67016d7c93a3
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 34763
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "17278-5b138accbfdab"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
44.208.76.17200 OK 33 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (65263), with CRLF line terminators
Hash 9919d9d97c932c232298137ba2021d30
d8ce5b6985d28a7342e16274de07bf90d2b0591b
eceb9fc78096f2c0ded07f04804c83af4ec93d7e6eb14f4322cf592aa640ade3
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/swiper.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 33064
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "1d7b5-5e3050fdba6bc"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:11:26 GMT
expires: Fri, 01 Dec 2023 22:11:26 GMT
cache-control: public, max-age=31536000
age: 29121
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
216.58.207.227200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 19004, version 1.0\012- data
Hash be2a14878eb61d7c95d5970ff1912539
237450c08a36de2b7d3e4d20b74a062ca2fce816
1e235540dffb208599faa7434fad4050331fcd6916bf44fad58a5d1d65b8d360
GET /s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:34:39 GMT
expires: Fri, 01 Dec 2023 22:34:39 GMT
cache-control: public, max-age=31536000
age: 27728
last-modified: Thu, 21 Apr 2022 16:57:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
216.58.207.227200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 22:11:50 GMT
expires: Fri, 01 Dec 2023 22:11:50 GMT
cache-control: public, max-age=31536000
age: 29097
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/2 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycds5OuNEv-JtB1ZdJ0StwmHkuK8-Ix4i18EFSlIefpCelFnJJ_tlHUKvpsSqtXPE5tZL3Uf3J94YcOvbgojWAg7XbA
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
content-language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
content-length: 89647
server: UploadServer
date: Fri, 02 Dec 2022 05:30:44 GMT
expires: Fri, 02 Dec 2022 06:30:44 GMT
cache-control: public, max-age=3600
age: 2763
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
etag: "e0eff30579598f76147c9ea12f490d21"
content-type: application/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 06:16:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash 5a506ad998b9c59e872f0fa269607791
d5f89a035aa627b7f98e2b9b97796c5ea9b12a32
25ec4a0dfafc38e8a7b8d428f0af4310e09707e35c0fd29fccf628d033ad2d10
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 02 Dec 2022 06:16:47 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 02 Dec 2022 03:52:09 GMT
Expires: Sat, 03 Dec 2022 03:52:09 GMT
ETag: "d5f89a035aa627b7f98e2b9b97796c5ea9b12a32"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
flx808.lporirxe.com/flp/ncvp.js?c=808&i=1669961806
104.18.156.225200 OK 11 kB URL HTTP/2 flx808.lporirxe.com/flp/ncvp.js?c=808&i=1669961806
IP 104.18.156.225:0
Hash e6a30d4ef5eaccb5d35d0eb5dc740052
42740eec442f77afdb474126b88300330ef2473a
b962548be39783badbf3c462775ada9eddb95b9bc6e4e5c0c313c54fb6e524aa
GET /flp/ncvp.js?c=808&i=1669961806 HTTP/1.1
Host: flx808.lporirxe.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: application/javascript
content-length: 11218
last-modified: Wed, 30 Nov 2022 23:31:48 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 5014
expires: Sat, 03 Dec 2022 06:16:47 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 7731ef91bbe31bfa-OSL
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 04:41:08 GMT
expires: Fri, 02 Dec 2022 06:41:08 GMT
cache-control: public, max-age=7200
age: 5739
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/favicon.png
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/favicon.png
IP 44.208.76.17:0
File type PNG image data, 72 x 72, 8-bit colormap, interlaced\012- data
Hash ab3a78d3c6e73eece0baa64e3f106b98
6c2ba310202ac729b114b08a7e3cb3ff9294973a
2439de2640827cda6582ee71937879741cee8fcb73402559ac217477814d00ec
GET /qa/register01/images/favicon.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=2be4d5cb49824736bbbb914706116576&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=ftcj05pn50i5n5hbhbg6bcilp3; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=673494354; qpid_click_id=2be4d5cb49824736bbbb914706116576; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%222be4d5cb49824736bbbb914706116576%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D; flv=xeN5c3aTrqGE0r9iLS3s
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 06:16:47 GMT
content-type: image/png
content-length: 4538
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "11ba-5e3050f2ce85c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
aux.fqtag.com/aux/d
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/d HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 233
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 02 Dec 2022 06:16:47 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 272
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Fri, 02 Dec 2022 06:16:48 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2