httpslink.com/UA2
54.164.225.50302 Found 0 B IP 54.164.225.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UA2 HTTP/1.1
Host: httpslink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Date: Wed, 28 Sep 2022 19:56:41 GMT
Engine: clickmeter.redirect, version 2.0
Expires: -1
Location: https://trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=xferryx
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
X-Rate-Limit-Reset: 2022-09-28T19:57:02.0186720Z
Content-Length: 0
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 19:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: z45HHqjiX6oSwB0M3HwHYMQ2DpYibCUb7R428tvUgNuo3fFXhAGygg==
Age: 2463
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3466
Expires: Wed, 28 Sep 2022 20:54:28 GMT
Date: Wed, 28 Sep 2022 19:56:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _WPAUKclp-s7gv16WOyiG70YskQ3O4uLpbW2w6OgNxj8fRoReFuK4A==
age: 52096
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
IP 142.250.74.3:0
Hash dfdebc9aa9df9bb2042f915476776248
22a6fc23d1775714566bec60882712f7de95a595
e140210c4a7504e3b3a21efacd6196f18345e74d5ee73f0ae8ef7314ad806b8b
POST /s/gts1d4/qAXrUz2PjJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=xferryx
35.190.3.146302 Found 235 B URL HTTP/2 trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=xferryx
IP 35.190.3.146:0
File type HTML document, ASCII text
Hash a995d842af7fece14effddbe00b86bbc
9a57340f0a683223b49048a1f1d0be62f4af435f
d2dc0f90eed593c0ff09f5ad3f291eae8850f0866b55f7c2ffd5a678530f95df
Analyzer Verdict Alert fortinet Phishing
GET /6RLQHCJF/2H5PLQ78/?sub3=xferryx HTTP/1.1
Host: trck.chrysostrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 19:56:42 GMT
content-type: text/html; charset=utf-8
content-length: 235
location: https://www.BestUkrainianGirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
set-cookie: uniqueClick_2H5PLQ78=2a9089fd-1f50-46e1-a535-9dfbb302f297:1664395002; Path=/; Expires=Thu, 29 Sep 2022 19:56:42 GMT; Secure; SameSite=None
transaction_id=3459dffc637c4306acdd434623859df8; Path=/; Expires=Tue, 27 Dec 2022 19:56:42 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 5a4831bc-4db7-45ab-9c15-4ec9d55e5407
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
IP 142.250.74.3:0
Hash dfdebc9aa9df9bb2042f915476776248
22a6fc23d1775714566bec60882712f7de95a595
e140210c4a7504e3b3a21efacd6196f18345e74d5ee73f0ae8ef7314ad806b8b
POST /s/gts1d4/qAXrUz2PjJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:42 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 28 Sep 2022 19:29:33 GMT
Expires: Wed, 28 Sep 2022 20:26:30 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 80d21802b1b80c40e55ccf83433b8eac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y3U1QLB5oqSOv3CHtR7pRDC1SwY2TwPc_wWvvr_KD-edWIpVNRbIzA==
Age: 1629
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3526d5ce1381ba26cbc553db057e1915
fe01c920696448e8bf12e6fff877bce8281d34a2
09604aed7cbca7971bfcb5afcb53591600b944f28eff21aa65dc601e78cdda53
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3630
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:42 GMT
Last-Modified: Wed, 28 Sep 2022 18:56:12 GMT
Server: ECS (ska/F70A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.208.34.131101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.34.131:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: piufFVu8pii+VHTAFl+JzQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rOlgDGe+YfeDUgfEcoYJ5TFAfJs=
www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
44.208.76.17302 Found 20 B URL HTTP/2 www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
IP 44.208.76.17:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Wed, 28 Sep 2022 19:56:43 GMT
content-type: text/html; charset=UTF-8
content-length: 20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
set-cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; path=/
owner_id=CP283597; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
adv_id=2216; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
adv_type=1; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
subaffid=100304; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
source_id=xferryx; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
adv_ldp_id=CD387001; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
qpid_offer_id=BUG_830762TEEKE; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
website_id=192; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
adv_click_history_id=665046212; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
qpid_click_id=3459dffc637c4306acdd434623859df8; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D; expires=Tue, 27-Dec-2022 19:56:43 GMT; path=/
location: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:56:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4364fa358f76c1635458dab5d598f857
d15fc7359711b1651235fa1be66accc03fe26c1c
6449bf062dbb79683071f367ca142c175ef304485cb4d3711feb4763146e4fa7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6449BF062DBB79683071F367CA142C175EF304485CB4D3711FEB4763146E4FA7"
Last-Modified: Wed, 28 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15554
Expires: Thu, 29 Sep 2022 00:15:58 GMT
Date: Wed, 28 Sep 2022 19:56:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ad84ed0c5b2090df7996007514cf1984
651600f2ef18cecc2e38370069bbb5e1d86f68e0
a3d0729e1d43afeadd2dd8273c858b8839d9e476f773c8ec9d96b5969a9e0b4a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F693de74c-173e-4d9b-8317-35601f30ffd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13299
x-amzn-requestid: 926df8b6-beec-470d-b0b3-33be326cd379
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPF8YIAMF3Nw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-343e91e735af43d01fc83ddd;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KmVkKXoPqZmnwFtpKhuox1kJNDoSxMEmYE39_zVPyaeoU4sPqq-_wA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:23 GMT
age: 79941
etag: "651600f2ef18cecc2e38370069bbb5e1d86f68e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: af82c8d6-950c-4933-87e3-7bbb15cb1ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3HOaoAMFoPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-77e0ecc522de575e40f429b3;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: rD5LsVDLQkaomG1nCGZGihbdlWKMCjUYNC2kRyAjJesJEOEBSj8Q3A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:47:03 GMT
age: 79781
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 6627e07e-034b-432e-ab9e-afe035fa0b9a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e9HgIoAMFxUA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-7f34c3f6454379724a7ac413;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: J27vcANRhkMUuGwTZjXkO0EF0-UjN-MODVQRKgsc7hJI2S-UPF8Ctw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:40:53 GMT
age: 80151
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b794c6812cb546de0295e087ebe66a7
a54803cca7d3c509c195f65961e1110c8ec56f55
6a207f75eb3951f3dea5252bc8d185cd604d3d657f15b838774e8087e91f37f5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fad593ee0-d404-46e3-b129-229e09b263b0.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12016
x-amzn-requestid: ec1b3715-5d0f-4045-aa5b-b70a55c81d72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e3EtyIAMFdZg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5e-201dd1ef1426a09965c68dab;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: y3DefdcXJyoDHpJXwz460gfWcv2JUboOFExNQmTFgy30B4mn54Xvuw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:44:30 GMT
age: 79934
etag: "a54803cca7d3c509c195f65961e1110c8ec56f55"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: fe9ec409-2757-4910-8443-5b4d3be7efd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlATEp8oAMFd9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b9b-3230e97a4fe34413285eb578;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:37:31 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rV80hKsopWPf_A8hKw0kwTOjVN4Bq-5f8oXDP2wluyGwof5yXFe2Bw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:42:47 GMT
age: 80037
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ea3890e460356d6ecc3ba4e405ac2e9e
b383135e2ebc23fe80eb0d594b198cb8c89327a5
8fcff053ce6e5750136bf876bad5b2916935f13ea039912d977928b086f0a48b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb9a3b058-92c9-490e-9cbb-736f7e46510d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: e99c9f33-b72a-4070-80cf-06fb4a87d1df
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZG4S6EcAoAMFX1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6332a0df-04122b4a345dbc3f3918af98;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 07:06:07 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Di1kDUlYEc1rv31fHM-OquU_W_LggEzDCTVME5iFJ5KffZcQyN6i2A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 07:31:39 GMT
age: 44705
etag: "b383135e2ebc23fe80eb0d594b198cb8c89327a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
44.208.76.17200 OK 29 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22671), with CRLF line terminators
Hash f115fbe9c6b6d2fd774f6572d62fa7bf
e79cd50e36eddc5844598ed69eb485c77999b932
851a04c3fd652ffc68caf8bc0063666b5f6b0da8165068f0459f90a8b151fee0
GET /qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: text/html; charset=UTF-8
content-length: 28817
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8eb56ca84ce38713c2575c9d5506eabe
294a9ea859390bfe5d73cf810eefae10bf0f2f5e
6e7141f2c597344a55bf1d3a3ca0b9f0bf02f32a6046b3bfa03b64048a1d7002
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a487d776c8a99db017b5d9bfb41d207e
6b81e3048f008ad775498fdaf85bb607e2eb5340
042845e57e673a4bbb78588bfed17cf4343a1004a21d5b9d0a38768179b47669
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "042845E57E673A4BBB78588BFED17CF4343A1004A21D5B9D0A38768179B47669"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13498
Expires: Wed, 28 Sep 2022 23:41:42 GMT
Date: Wed, 28 Sep 2022 19:56:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 75eebff373cf84ae810a9e326f9e3d03
a5b22b0eee98dda385cb4e90d119205bc5f3a25f
f2089c63c7c2b3024972aba8cbc12dfcffc79dfc1ef9f7be801c79e7737b0d71
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d3f724022e4be4ef043641062403c929&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
35.190.72.161200 OK 2.7 kB URL HTTP/2 fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d3f724022e4be4ef043641062403c929&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
IP 35.190.72.161:0
File type ASCII text, with very long lines (2681), with no line terminators
Hash 9ea11899844d0c3f0ab8dbf3343df303
796a5b6de02721f620e4ca72c84e470bedd6271c
cd9c57d12d222e721a193dfdfdb53a187648c6ee04e207a06f2e3964da240f50
GET /js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=d3f724022e4be4ef043641062403c929&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf= HTTP/1.1
Host: fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Wed, 28 Sep 2022 19:56:44 GMT
access-control-allow-origin: *
content-type: application/javascript
content-length: 2681
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-133277878-80
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-133277878-80
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash c1b9acd4c2ea0bc275a9dbd9e4f81df5
cdd0f6e43f59105939fb97578b2625285e3989df
715cbe544434acd24b63e23524ae2b7a797678b57180d371af9ea7bd0cbac0a9
GET /gtag/js?id=UA-133277878-80 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 28 Sep 2022 19:56:44 GMT
expires: Wed, 28 Sep 2022 19:56:44 GMT
cache-control: private, max-age=900
last-modified: Wed, 28 Sep 2022 18:50:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42424
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash e2875a9e06f892f0d4fa46c0f98a1c49
9c0e332f55a592367b602494642ee2127699b543
74692ca89ddc427d0c55f56aedb738b107a9761c44ed5201f932f54950a6f406
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a487d776c8a99db017b5d9bfb41d207e
6b81e3048f008ad775498fdaf85bb607e2eb5340
042845e57e673a4bbb78588bfed17cf4343a1004a21d5b9d0a38768179b47669
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "042845E57E673A4BBB78588BFED17CF4343A1004A21D5B9D0A38768179B47669"
Last-Modified: Wed, 28 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13498
Expires: Wed, 28 Sep 2022 23:41:42 GMT
Date: Wed, 28 Sep 2022 19:56:44 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestukrainiangirl.com/qa/register01/images/kiss.png
44.208.76.17200 OK 18 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/kiss.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 037850482d89101d0264b5c2a51cbaf3
c4442a41d1d0e4636c8a74148addcd56cb75481a
19999e0045128216c252678c74b4665a22df1c8bf2d28c4327fc754552df41a5
GET /qa/register01/images/kiss.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 18006
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "4656-5e3050f3d537c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hand-over.png
44.208.76.17200 OK 6.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hand-over.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 6aee23bc1b43706192ce1201a49d9332
ec823936f540d613872d1e357ece45090b8525d0
3061a325961a761690be7ad3d93eb014eeaafeef26f2444e60c83e69e7ce998b
GET /qa/register01/images/hand-over.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 6400
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "1900-5e3050f314974"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hugging.png
44.208.76.17200 OK 7.1 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hugging.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash cafaf8a226ac7acff1c63c868a09d3ab
b9f3b25f2cd777ff131b68f4ee8764606fe18431
70cf55594627c61fa3e87944b193de1e17407080cd51603d2f0f204f9004dafd
GET /qa/register01/images/hugging.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 7083
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "1bab-5e3050f38429c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
44.208.76.17200 OK 6.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e01b80cb5cfa195d670204261013c05e
9c857c7142dcff223625099b59adf780d06685d2
e2544c89ce253853e2a8bb9aeba8a576a303e43104438e485a3b92428197833a
GET /qa/register01/images/thinking-face.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 6450
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "1932-5e3050fcc7034"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/loading.gif
44.208.76.17200 OK 49 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/loading.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 107 x 90\012- data
Hash 351e1e7e896617f7dae0f19f436fee41
b2c3a4a978b90a8e8f5b1dba12230d624752f4aa
573c8107d16f18962e3dbc4c61c0621abb11dda26f9fea6cea3c1855dddee66a
GET /qa/register01/images/loading.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/gif
content-length: 49082
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "bfba-5e3050fba8644"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/female.png
44.208.76.17200 OK 8.7 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/female.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 07fdb9ed61590d2777892f83ffd6ed9d
a5bd944f99e7157565bb9fb6549c470e13dc8fc5
c20f443c04ee371f3fcd1cd6683027bb9c7931f10a1b9ec8d7382ab38483e230
GET /qa/register01/images/female.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 8669
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "21dd-5e3050f2f49bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/male.png
44.208.76.17200 OK 6.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/male.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e2106577efb42fd2cb110b8e098ca175
f40221d394693958100e89f2101e89f4ddca64d9
eae7588fbcb76482b9d205d2bcb68db86b2876b8ffe5e186a47b1f1e44f8a6cc
GET /qa/register01/images/male.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/png
content-length: 6589
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "19bd-5e3050fc6c314"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
44.208.76.17200 OK 24 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 81f6a4ea8a56cf44bc1e14ef336daeeb
11f83ac03d35e86fce1193f04cfd688e3d9d1964
5b398b2553b46305d1394a4447dd1ae86f8d4f7ac4b0b19fde1a333e78d0df5f
GET /qa/register01/images/lady01.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 23902
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "5d5e-5e3050f6716e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 401f7a56a912ebb527b5021cdb755d1d
eb31fb11adf40403fa0ffa305375566db9ab33fb
77618413cacf9729ba63a65b312205b57321c3e68501563275ec0c8501de1bad
GET /qa/register01/images/lady02.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 25013
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "61b5-5e3050f8bb1fc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 5e7bd5777f4721fcde7893454128f85e
cdf30b7c9f9b54460bcb02974822a20e5878f1f2
23fc407e4d46c5e6d361d9b388b397237982ac37e83020219fb126c757fccc03
GET /qa/register01/images/lady03.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 26264
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6698-5e3050fa78ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 73a65ebbd26a1f14b638accb8eb22139
ebdba3afa2ff5835c9bc18efe0cfe2ded770f879
f71f42e93861c4831da5f03dcb728c0b1dc828e31b522a1665fd4b466a6de01e
GET /qa/register01/images/lady04.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 25763
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "64a3-5e3050faa55bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash ab95e189516a844fa011e3977e969c10
0a0bd7456713bba855d20bc9441fefbbcc71a9b6
c5b1e494f0fba445b2fda9555f3c00b7eaa5e016a03a45f564169d01bc708fee
GET /qa/register01/images/lady05.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 25428
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6354-5e3050facfd6c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
44.208.76.17200 OK 32 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 771ab354397841df3e9021586cbd4021
281334da3d5adafaaf4a527948e60c0c22415d6c
4947a3cb8fb7bc66ff25236500ef63e68ee2f7b676e1bda4aea191d64bb222ac
GET /qa/register01/images/lady06.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/jpeg
content-length: 32238
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "7dee-5e3050fafe39c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.gif
44.208.76.17200 OK 718 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 300 x 240\012- data
Size 718 kB (718441 bytes)
Hash 051f1406010ef328737da88e9049440f
15196dc7689e407c041af15fc888535ad2593955
c95dacca221f7f0aac7d59f3a9397c9672c1b33b6735afcb6641a2d4cd9b886c
GET /qa/register01/images/lady02.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/gif
content-length: 718441
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "af669-5e3050f884ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/main.min.css
44.208.76.17200 OK 3.9 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/main.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (16632), with CRLF line terminators
Hash 850d5db4ec0135777c1ecf1d54fd5646
5ecdf6b778856d6b02dbb8689694fae0357a0216
bfd0401830620cfb73b83daf5c767fa66f334c2a5c0d244cae36e6583083500e
GET /qa/register01/css/main.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: text/css
content-length: 3894
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "40fa-5e3050f18d7a4"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
44.208.76.17200 OK 3.2 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (19512), with CRLF line terminators
Hash 1f22e27f428e6d4d24d6aa917703b1c8
9d44b75150712e0f3cebca70087869a65fa4e1bc
49e9aaed89ca14e41b5da380090d3fbb10e173ec265c37bbc3d1b8baed469980
GET /qa/register01/css/swiper.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: text/css
content-length: 3249
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "4d49-5e3050f1e984c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/my_validate_index2.js
44.208.76.17200 OK 2.9 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/my_validate_index2.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1e757f7e2374c7b7162906a20688af2
ca928406b98b3611e9f23ac3157c8a116eb332a6
4cc7f63506663396d396c9e81fdda9310abfe101cfa63e57411b1263c0d1f803
Analyzer Verdict Alert fortinet Phishing
GET /common/js/my_validate_index2.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 2851
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "2560-5b138acc60a3b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators
Hash 2c6ae66330701466614da360562e59f2
b1f91e2993caf9434b8aadc2a3ce484c49fb81a5
ddc2263c9fd0c283d9d45fd55e90c1c8483a95c360e7e3d85c16ef432d4f5088
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/css/layout.css?v1.0 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: text/css
content-length: 4540
last-modified: Tue, 05 Jul 2022 01:49:10 GMT
etag: "421f-5e3050f13de34"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/logo.svg
44.208.76.17200 OK 5.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/logo.svg
IP 44.208.76.17:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (2439)
Hash 75534473b7cc351b43537cb62d0667a0
3b2adfec31ebccf863049d752675149cbcef3326
b83e143afb1973738d8c298f6985b0bca831a97ab43fd8dfabc29c559f6a95e1
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/images/logo.svg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: image/svg+xml
content-length: 5575
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "15c7-5e3050fbf3964"
accept-ranges: bytes
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.gif
44.208.76.17200 OK 944 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 460 x 275\012- data
Size 944 kB (944238 bytes)
Hash 1378661a79051ba4c99d6ffa6b4937ff
43f23e1d895fb4b5aaf3528856c12a695fac345a
50ad5be435107232d2145cac9ac72d0a1445f08bdbe78d75a03917315dcc31d8
GET /qa/register01/images/lady01.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/gif
content-length: 944238
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "e686e-5e3050f64a5e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.gif
44.208.76.17200 OK 423 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 250 x 187\012- data
Size 423 kB (422678 bytes)
Hash 8da23666859a0dd50c5f414a0afcb964
457c6e6572dd3af1f51aa40da02fae92614af8cc
d56bcb35ef49c519e093ed771ced5af6fd7ddcf02a6bbfd6c33425598070125b
GET /qa/register01/images/lady03.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:44 GMT
content-type: image/gif
content-length: 422678
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "67316-5e3050fa4c00c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
44.208.76.17200 OK 376 B URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
IP 44.208.76.17:0
File type ASCII text, with CRLF line terminators
Hash fa161ac586a052c4476ed190ac1571e0
95bf7bc6541743739aa6d9f185d398e36dc9ce6c
f514e2d195768146c7b6453b788d6fdeb1df19ee6e5b017e0e9a1003a8e5c662
GET /common/js/auto_email/autoComplete.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: text/css
content-length: 376
last-modified: Fri, 09 Oct 2020 08:24:17 GMT
etag: "27d-5b138acba794b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.cookie.js
44.208.76.17200 OK 1.4 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.cookie.js
IP 44.208.76.17:0
Hash 00cfb5c8c7ec0b51b1dfb190279d570f
468f6fe01079afbcf53594f1065847f04165e249
0585e143aba785df6fb525229dd5e3466227cecc87e913459f0444e732fbf15c
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.cookie.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 1378
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c31-5b138acc863cb"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
44.208.76.17200 OK 1.0 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d4b600f68461a491b71e88dc6f0173e1
7e20eb3d42dfec881deb87d3c2d6aad1c40aca0f
c5dc9fb6467bc20ff42141ea247397131baf1e1d6240d0dd66eb62f2cf87c74a
Analyzer Verdict Alert fortinet Phishing
GET /common/js/auto_email/jquery.autoComplete.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c56-5b138acbfdc33"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
44.208.76.17200 OK 5.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (17272), with CRLF line terminators
Hash d05c86f40c1021162f5eface92f32750
3bb8c13a8d0af38771996de06ce099308e8d1fad
a7f7d4d2cdc4a5f36a4ff11790a5c1b0f32ded52f196d7f42459b509e12fc624
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/parallax.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 5438
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "43a4-5e3050fd6575c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.min.js
44.208.76.17200 OK 35 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.min.js
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 28ca33b476a0e86fa59725bdb38c7f2f
120531fc57923e78104a0aacee05c53cecbfd61f
ffbc181a3d82af401ee3645d08b10d739c12222da179cd5ec2dc67016d7c93a3
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 34763
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "17278-5b138accbfdab"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
44.208.76.17200 OK 33 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (65263), with CRLF line terminators
Hash 9919d9d97c932c232298137ba2021d30
d8ce5b6985d28a7342e16274de07bf90d2b0591b
eceb9fc78096f2c0ded07f04804c83af4ec93d7e6eb14f4322cf592aa640ade3
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/swiper.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 33064
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "1d7b5-5e3050fdba6bc"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:33:01 GMT
expires: Fri, 22 Sep 2023 20:33:01 GMT
cache-control: public, max-age=31536000
age: 516224
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eb2f3cc13b8ab763c5f346d6fc23054d
1768cc61721a6a6624c1ccbf2c874342f53abd99
3faee940dd222a051862bc2a4e090ecd2cc1f2ead8b1a5c84e10241f31461c5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19004, version 1.0\012- data
Hash be2a14878eb61d7c95d5970ff1912539
237450c08a36de2b7d3e4d20b74a062ca2fce816
1e235540dffb208599faa7434fad4050331fcd6916bf44fad58a5d1d65b8d360
GET /s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 22:46:30 GMT
expires: Tue, 26 Sep 2023 22:46:30 GMT
cache-control: public, max-age=31536000
age: 162615
last-modified: Thu, 21 Apr 2022 16:57:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:33:04 GMT
expires: Fri, 22 Sep 2023 20:33:04 GMT
cache-control: public, max-age=31536000
age: 516221
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 19:56:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash e054c6792c76ebf20201b151ff7fd885
17cdf319215b23ef624362ad29bbac03fef950d0
48af55653f2c272448428de7083579334948afdc73e6aea9679db87c50ab26c5
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 28 Sep 2022 19:56:45 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 27 Sep 2022 22:19:00 GMT
Expires: Wed, 28 Sep 2022 22:19:00 GMT
ETag: "17cdf319215b23ef624362ad29bbac03fef950d0"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
flx808.lporirxe.com/flp/ncvp.js?c=808&i=1664395003
104.18.155.225200 OK 11 kB URL HTTP/2 flx808.lporirxe.com/flp/ncvp.js?c=808&i=1664395003
IP 104.18.155.225:0
Hash e6a30d4ef5eaccb5d35d0eb5dc740052
42740eec442f77afdb474126b88300330ef2473a
b962548be39783badbf3c462775ada9eddb95b9bc6e4e5c0c313c54fb6e524aa
GET /flp/ncvp.js?c=808&i=1664395003 HTTP/1.1
Host: flx808.lporirxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: application/javascript
content-length: 11218
last-modified: Fri, 26 Aug 2022 17:37:34 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 3189
expires: Thu, 29 Sep 2022 19:56:45 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 751f0b515acc0b51-OSL
X-Firefox-Spdy: h2
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/2 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtAc9XVOAR5EBVAd8wA6vZirBt0oS2ZlKo6D5QUhwV3fGdTCQLcxcTTYJB3-bNUnfYlJ-piU-dOYJONH_sRRylMCV-YxUOq
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
content-language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
server: UploadServer
date: Wed, 28 Sep 2022 19:05:54 GMT
expires: Wed, 28 Sep 2022 20:05:54 GMT
cache-control: public, max-age=3600
age: 3051
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
etag: "e0eff30579598f76147c9ea12f490d21"
content-type: application/javascript
content-length: 89647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/favicon.png
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/favicon.png
IP 44.208.76.17:0
File type PNG image data, 72 x 72, 8-bit colormap, interlaced\012- data
Hash ab3a78d3c6e73eece0baa64e3f106b98
6c2ba310202ac729b114b08a7e3cb3ff9294973a
2439de2640827cda6582ee71937879741cee8fcb73402559ac217477814d00ec
GET /qa/register01/images/favicon.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=3459dffc637c4306acdd434623859df8&qpid_subid=100304&source_tag=xferryx
Cookie: PHPSESSID=mo6fui1fpbqvf3kd199cbmcth5; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=xferryx; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=665046212; qpid_click_id=3459dffc637c4306acdd434623859df8; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%223459dffc637c4306acdd434623859df8%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A7%3A%22xferryx%22%3B%7D; flv=lD8DA3WwZZPwmg6OIHGN
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 19:56:45 GMT
content-type: image/png
content-length: 4538
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "11ba-5e3050f2ce85c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 18:41:09 GMT
expires: Wed, 28 Sep 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 4536
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j97&a=1189301329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3D3459dffc637c4306acdd434623859df8%26qpid_subid%3D100304%26source_tag%3Dxferryx&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=380229630&gjid=180161904&cid=127142735.1664395003&tid=UA-133277878-80&_gid=275752987.1664395003&_r=1>m=2ou9q0&z=587635604
142.250.74.174200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=1189301329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3D3459dffc637c4306acdd434623859df8%26qpid_subid%3D100304%26source_tag%3Dxferryx&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=380229630&gjid=180161904&cid=127142735.1664395003&tid=UA-133277878-80&_gid=275752987.1664395003&_r=1>m=2ou9q0&z=587635604
IP 142.250.74.174:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j97&a=1189301329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bestukrainiangirl.com%2Fqa%2Fregister01.php%3Faid%3D2216%26oid%3DCP283597%26qpid_offer_id%3DBUG_830762TEEKE%26qpid_clickid%3D3459dffc637c4306acdd434623859df8%26qpid_subid%3D100304%26source_tag%3Dxferryx&ul=en-us&de=UTF-8&dt=Ukrainian%20women%2C%20Ukrainian%20dating%2C%20Ukrainian%20singles%2C%20Ukrainian%20personals%2C%20Meet%20Ukrainian%20women%20for%20love!&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=YEBAAUABAAAAAC~&jid=380229630&gjid=180161904&cid=127142735.1664395003&tid=UA-133277878-80&_gid=275752987.1664395003&_r=1>m=2ou9q0&z=587635604 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.bestukrainiangirl.com
date: Wed, 28 Sep 2022 19:56:46 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aux.fqtag.com/aux/d
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/d HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 233
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 28 Sep 2022 19:56:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 272
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Wed, 28 Sep 2022 19:56:46 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 19:56:44 GMT
date: Wed, 28 Sep 2022 19:56:44 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2