latina.girlsfuckdudes.com/lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1
104.26.1.193301 Moved Permanently 0 B URL HTTP/1.1 latina.girlsfuckdudes.com/lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1
IP 104.26.1.193:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1 HTTP/1.1
Host: latina.girlsfuckdudes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Mon, 26 Sep 2022 22:08:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Mon, 26 Sep 2022 23:08:08 GMT
Location: https://latina.girlsfuckdudes.com/lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8tLnZ55%2BSoS4qmCWoXqVoxCfLMmCDKVOEF5ixqNe%2FtQisn%2F0URyIWAj9EYJPDnBPPQaKDM0quLpLG8Cy2FbmGbXZkMmRHSp5LRVZLTlA5ng71oF4SQrM4fNAtvczD5ApbY63LrfToVrY2pM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 750f51049f350b39-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 21:15:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9dd61138197a68f8d69f12574aab6930.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WgNVPVSKne_tKbqWT1oSg3dT6YgqapWDovhjejtlIquHALKbES9ibQ==
Age: 3166
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2192
Expires: Mon, 26 Sep 2022 22:44:40 GMT
Date: Mon, 26 Sep 2022 22:08:08 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: bVf8-WwoErypfSCBVM8oSpHTiAK_Yj8BY1ZteKXWnpWI2IEq6EsiuQ==
age: 63173
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:08:08 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/bBEvAiIkglk
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/bBEvAiIkglk
IP 142.250.74.3:0
Hash a566d1e62dfd75b1a498eba2c0262b68
8d4806e25d4372915edd7e7aeea0c846773327ad
cac69feaeca64d00f6111691a6b230aa02b1c1de6daadb25e4888bed935a6485
POST /s/gts1p5/bBEvAiIkglk HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 21:10:46 GMT
Expires: Mon, 26 Sep 2022 21:35:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: a2pa62Wl2KTf3MUVZLJAhFP9ryvJPkySlWJKU3DtV1pGjTuHQUA7VQ==
Age: 3443
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4332
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Last-Modified: Mon, 26 Sep 2022 20:55:57 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.223.168.227101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.223.168.227:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: YQxnxX9uKw1UCDBlAVXmKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bvWzW3I8FjJKWXpMjmNNCpBkJUo=
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
104.17.25.14200 OK 4.2 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65348)
Hash eefc9abe5bc10d658a2393a70d052566
dd49deafcd3ebe1306cda0b843f2da265f8a90e1
6011c33e447455e96e1d4926b0e15ca399eb993163a8e5ee0c523947396d66c3
GET /ajax/libs/animate.css/4.1.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:09 GMT
content-type: text/css; charset=utf-8
content-length: 4216
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f5628a2-11846"
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2862300
expires: Sat, 16 Sep 2023 22:08:09 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXOsZm%2FZSROdS7%2BG22mS4%2BkZJ1goeIkreXXbGSKVFPz%2B67V%2Fyje6r5njy1ml1AY0IxfmL7DvJCD6dhoqC%2F5OGnuADBFfdYjh0QfqvISOdTOcSeqBAzMaKbYoir5tjQh8bd7fhE6x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 750f510d0cdb0b49-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.5.1.min.js
69.16.175.42200 OK 31 kB URL HTTP/2 code.jquery.com/jquery-3.5.1.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65451)
Hash 3700d0b271343804b9b9aa1c13efa521
3d6b03dbd74872ca3dfbb0529f6c80943788f918
fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://latina.girlsfuckdudes.com
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:09 GMT
content-encoding: gzip
content-length: 30879
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d84"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1664230089.dop231.sk1.t,1664230089.cds258.sk1.hn,1664230089.cds208.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b8b62e6e4347da3626e73c3f09be467
9ef03328db21519c159e6c1c923dbbd6aecfdd51
9e5f1b8f6e04ad09846c354de383705154d0e5ced97c916298c6fc6ead5a609d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Server: ECS (amb/6BC3)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b8b62e6e4347da3626e73c3f09be467
9ef03328db21519c159e6c1c923dbbd6aecfdd51
9e5f1b8f6e04ad09846c354de383705154d0e5ced97c916298c6fc6ead5a609d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Last-Modified: Mon, 26 Sep 2022 22:08:09 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b8b62e6e4347da3626e73c3f09be467
9ef03328db21519c159e6c1c923dbbd6aecfdd51
9e5f1b8f6e04ad09846c354de383705154d0e5ced97c916298c6fc6ead5a609d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Server: ECS (amb/6BAD)
Content-Length: 280
latina.girlsfuckdudes.com/lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1
104.26.0.193200 OK 21 kB URL HTTP/2 latina.girlsfuckdudes.com/lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1
IP 104.26.0.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1679)
Hash d6a9980f890a011d8a543480cbd400d2
7cfb2cc8822be12cab5f2a7b52d26c54accd77a8
7489951bf57061842899655fdec54696f5d09ca9523a86408a00b546ad0dd134
GET /lps/webchat/?p=531ns&l=English&s=dark&country=%3Ccountry_iso_2%3E&city=mountain%20view&token1=26667311244&token4=affise&tid=krmot633222be0004c9b9&lp=Ninel&token5=&token6=&pm=1 HTTP/1.1
Host: latina.girlsfuckdudes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:09 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fli2xh0zvOFhhz6fvxli0Y7VD4q8hD%2BDO%2FIz4FZWkLm7tJH9PYSsq%2FF1XqDcKchoO5V4EtuBSfXUxSvoR0t7iZikkXljicUg5A7wADWctXJyvzeS2cYZOFHh4nm4Z%2Fi%2BXJak5edX1F6ohWE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f5107e9fa1c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b8b62e6e4347da3626e73c3f09be467
9ef03328db21519c159e6c1c923dbbd6aecfdd51
9e5f1b8f6e04ad09846c354de383705154d0e5ced97c916298c6fc6ead5a609d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Server: ECS (amb/6B92)
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 7b8b62e6e4347da3626e73c3f09be467
9ef03328db21519c159e6c1c923dbbd6aecfdd51
9e5f1b8f6e04ad09846c354de383705154d0e5ced97c916298c6fc6ead5a609d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:09 GMT
Server: ECS (amb/6B75)
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8a31b8f85fc8ff1a1507cb0239934861
f54d7c457dccfd58f707ca9919cfeb5f5a3b627f
8222933229fdf8ca16f79288bfe7db76e84ef97e006b1d033308b202a76d8a7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8222933229FDF8CA16F79288BFE7DB76E84EF97E006B1D033308B202A76D8A7A"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2356
Expires: Mon, 26 Sep 2022 22:47:26 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
aj1867.online/2ad445f5.js
212.124.124.110200 14 kB URL HTTP/1.1 aj1867.online/2ad445f5.js
IP 212.124.124.110:0
ASN #47328 True Records Inc.
File type ASCII text, with very long lines (37258), with no line terminators
Hash 8b1d41d71a423e7043ae29369e1f5a93
5809993432e8ba92b2d0905f9e2182019d1dc319
ca0c053fb97d48bbce9b43fc2ea73a6bbbba89e5a97c1a3a39eec2b5f455a40e
Analyzer Verdict Alert fortinet Phishing
GET /2ad445f5.js HTTP/1.1
Host: aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
accept-ranges: bytes
etag: "080546ec0b52d75e997b155f1edfabd7b"
content-type: application/javascript
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:08:09 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:08:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aj1867.online/zUHpJyqufCNJ-2kGuSGfjWDuguPFYU5GFLv7W0jFCpm-BxWrTmfVEl34NSqOsvf-Gkl1SWOkolc1Gn_qjo24fUDuk2CKXT0sTHarmFHwTqiUhS9zjrgX725bwP3D7idSHrN5s1DqtKl6oqUKfSBN_2dI3qeRSP77RUtjiqvtX_G38_nTdREPADTTAcY2iQQmIr0oKnLaRPDg2ceo64FJBPj-K1aTvo7IZK8xR3RHYC1Yy89-aLWeccdg0WnBtRIhp2LkUx7_CT0ohVxdD14GIWeUO9eq16xMVPt7dRxfZgucVZQ_pmwiXK7r0YLUo2SR3Zc9RCU0MCp9pZJvMI_5beEzi6-Iwd37hDJaCthteT61bDfqLiSkdf4jh96Zk71lMkY94J9AwlF42RwEJ3KHU4v6M2PO7fskvfIHa0VFQif788bpDyNiT0yC7FOIXX-kb40H6G3VeN0v-DWx9NejMd4gf0eYocWz1ZEKRaNXcTxlZodHAs9OQwIsYVlsRWRmpr7JnkPuvIeOrKbxAvKIE0-wjJ2zeUjr2uoMidChyMLFhmdQmyIkSVZnLEQREn_dq6-6fDoRbMmVpb13EqlUnwREnm3OYKJQqSjb0St6RvBK_SKp7w05pegs2t04frWzlpMa-jNMvJO3ME1OSfWlUX5SBKTthwiVFWE2bEXJvl0pH9TMi4xztP9lggYoY5WgQhqwXps3kI17-x17qtaV30Q_DwKGaGlpAHhamF535ALWbCe9kV3ZKwfeYe7HWd5zVzKMtK2o9y7s6zg2pXJ2dWiuONnM0kuqN0sY0Sl9bt_s_HJg0GkkBQ9xnJqMSpHE8PvWLzYepjFhuXuTggbdrgu9UthBXdosJpRRaKkP2td3YSr0zODlwQIlIFtnC-XtYRqmyu-FwbKl5GVweFRvqIjZaPoOVoxJeLGFBMfyjSElR-j8CQzRLFM5ScX0aQfY02F_BpyyV5WJvkZFVxZc1dzyfipx4T2VGZxoDWuif43eax2L5sb0bd6D9yaUAOq_Sxr_phooLsQtSHLtKS0amkI8sNdIuAQpjKl3HMA?
212.124.124.110200 1.6 kB URL HTTP/1.1 aj1867.online/zUHpJyqufCNJ-2kGuSGfjWDuguPFYU5GFLv7W0jFCpm-BxWrTmfVEl34NSqOsvf-Gkl1SWOkolc1Gn_qjo24fUDuk2CKXT0sTHarmFHwTqiUhS9zjrgX725bwP3D7idSHrN5s1DqtKl6oqUKfSBN_2dI3qeRSP77RUtjiqvtX_G38_nTdREPADTTAcY2iQQmIr0oKnLaRPDg2ceo64FJBPj-K1aTvo7IZK8xR3RHYC1Yy89-aLWeccdg0WnBtRIhp2LkUx7_CT0ohVxdD14GIWeUO9eq16xMVPt7dRxfZgucVZQ_pmwiXK7r0YLUo2SR3Zc9RCU0MCp9pZJvMI_5beEzi6-Iwd37hDJaCthteT61bDfqLiSkdf4jh96Zk71lMkY94J9AwlF42RwEJ3KHU4v6M2PO7fskvfIHa0VFQif788bpDyNiT0yC7FOIXX-kb40H6G3VeN0v-DWx9NejMd4gf0eYocWz1ZEKRaNXcTxlZodHAs9OQwIsYVlsRWRmpr7JnkPuvIeOrKbxAvKIE0-wjJ2zeUjr2uoMidChyMLFhmdQmyIkSVZnLEQREn_dq6-6fDoRbMmVpb13EqlUnwREnm3OYKJQqSjb0St6RvBK_SKp7w05pegs2t04frWzlpMa-jNMvJO3ME1OSfWlUX5SBKTthwiVFWE2bEXJvl0pH9TMi4xztP9lggYoY5WgQhqwXps3kI17-x17qtaV30Q_DwKGaGlpAHhamF535ALWbCe9kV3ZKwfeYe7HWd5zVzKMtK2o9y7s6zg2pXJ2dWiuONnM0kuqN0sY0Sl9bt_s_HJg0GkkBQ9xnJqMSpHE8PvWLzYepjFhuXuTggbdrgu9UthBXdosJpRRaKkP2td3YSr0zODlwQIlIFtnC-XtYRqmyu-FwbKl5GVweFRvqIjZaPoOVoxJeLGFBMfyjSElR-j8CQzRLFM5ScX0aQfY02F_BpyyV5WJvkZFVxZc1dzyfipx4T2VGZxoDWuif43eax2L5sb0bd6D9yaUAOq_Sxr_phooLsQtSHLtKS0amkI8sNdIuAQpjKl3HMA?
IP 212.124.124.110:0
ASN #47328 True Records Inc.
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (2396), with no line terminators
Hash 9a2875197e32073d977f191552dfc39f
97983f29904e968f33ee3455cc31caece2867391
d23e5f9152ed9b3f1473f31daa975ff007931de925a67919cee61ac9925f742c
Analyzer Verdict Alert fortinet Phishing
POST /zUHpJyqufCNJ-2kGuSGfjWDuguPFYU5GFLv7W0jFCpm-BxWrTmfVEl34NSqOsvf-Gkl1SWOkolc1Gn_qjo24fUDuk2CKXT0sTHarmFHwTqiUhS9zjrgX725bwP3D7idSHrN5s1DqtKl6oqUKfSBN_2dI3qeRSP77RUtjiqvtX_G38_nTdREPADTTAcY2iQQmIr0oKnLaRPDg2ceo64FJBPj-K1aTvo7IZK8xR3RHYC1Yy89-aLWeccdg0WnBtRIhp2LkUx7_CT0ohVxdD14GIWeUO9eq16xMVPt7dRxfZgucVZQ_pmwiXK7r0YLUo2SR3Zc9RCU0MCp9pZJvMI_5beEzi6-Iwd37hDJaCthteT61bDfqLiSkdf4jh96Zk71lMkY94J9AwlF42RwEJ3KHU4v6M2PO7fskvfIHa0VFQif788bpDyNiT0yC7FOIXX-kb40H6G3VeN0v-DWx9NejMd4gf0eYocWz1ZEKRaNXcTxlZodHAs9OQwIsYVlsRWRmpr7JnkPuvIeOrKbxAvKIE0-wjJ2zeUjr2uoMidChyMLFhmdQmyIkSVZnLEQREn_dq6-6fDoRbMmVpb13EqlUnwREnm3OYKJQqSjb0St6RvBK_SKp7w05pegs2t04frWzlpMa-jNMvJO3ME1OSfWlUX5SBKTthwiVFWE2bEXJvl0pH9TMi4xztP9lggYoY5WgQhqwXps3kI17-x17qtaV30Q_DwKGaGlpAHhamF535ALWbCe9kV3ZKwfeYe7HWd5zVzKMtK2o9y7s6zg2pXJ2dWiuONnM0kuqN0sY0Sl9bt_s_HJg0GkkBQ9xnJqMSpHE8PvWLzYepjFhuXuTggbdrgu9UthBXdosJpRRaKkP2td3YSr0zODlwQIlIFtnC-XtYRqmyu-FwbKl5GVweFRvqIjZaPoOVoxJeLGFBMfyjSElR-j8CQzRLFM5ScX0aQfY02F_BpyyV5WJvkZFVxZc1dzyfipx4T2VGZxoDWuif43eax2L5sb0bd6D9yaUAOq_Sxr_phooLsQtSHLtKS0amkI8sNdIuAQpjKl3HMA? HTTP/1.1
Host: aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://latina.girlsfuckdudes.com
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://latina.girlsfuckdudes.com
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj1867.online; Expires=Wed, 25-Sep-2024 22:08:10 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:08:09 GMT
www.googletagmanager.com/gtag/js?id=G-XDQ4FPH3JJ&_=1664230088118
142.250.74.72200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-XDQ4FPH3JJ&_=1664230088118
IP 142.250.74.72:0
File type ASCII text, with very long lines (20189)
Hash 6bfe6fc2d5d1c5b5583e4753a05efa91
4ae7e967fff721fd8751bd2c1371b0a49c839cd0
087f61854f531a1ebe0ab47c8e4efa7c7edac0755113f10a2ebb33d51a2952bc
GET /gtag/js?id=G-XDQ4FPH3JJ&_=1664230088118 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:08:10 GMT
expires: Mon, 26 Sep 2022 22:08:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75327
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
latina.girlsfuckdudes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664222400
104.26.0.193200 OK 15 kB URL HTTP/2 latina.girlsfuckdudes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664222400
IP 104.26.0.193:0
File type ASCII text, with very long lines (40274), with no line terminators
Hash d2d30223f055e99d2e3210a8314491bd
c97dc56108b83bd6105d45c9b01a5af56a653dbd
ea242b8439ca12d13e4267118593679a8c98505d6bcca693b33fa56b25a85f7a
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1664222400 HTTP/1.1
Host: latina.girlsfuckdudes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:10 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
vary: accept-encoding
x-control-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fy5hyaE6iXrYPdRlX%2BLlBV%2BPTsueAyoNzf5DmBmwgBZm6W9nPQ9E3wttVzNqrszHWD0bvnDMTWa5JXis4Qmd6OSGWaMoRmx0wK9ApHsM5%2Fwh9EsruIrgm1nMIBueKNPht%2BTan6guLMfItKI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f510ff8041c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
aj1867.online/zpByPKwMp-k8rX1XpqvF3rbArXfeod8dHIxWHkqD8CjYBk9QVV702uuTiF9xJEJInTwSAVS3JYZp-3B432v8IT7ykL_otpwgrZowoVuO9lCxrRsn31Vh0zU2AvK33dYn9KhvMVWHY44Nt14IkvmdPyrRoZM_LAWHZ1bc_72Fy84T1wkP5RuXqJMsJxlzFOqsQs9WgjC_vawDBDIlaU53u9qqb8q0P5naG8h2IJihTrztl12LduB7OpeyAK0dNesliUeRGw0Ep828gHhmlyE_2gbWeuqchImMmtOqm-d8s4Lkobc_6821C9hLWeg9fako-cNXqYzsgrDBognM7geQyKdnn0pn-VCsrFzDeqE6X3iQ3RSclbBuSygJ5aZj64Ss8sL44PSf5yiVu7fwAa16QzxkqzMyGOj0tLuJjk414d3oGChN8Lw2ZZUTrlX8Ge-RVA-kKTdyGK7OyS8Ea64DvpT2ANTv7med_YBY3HA7M7eAaBlTz7wTPN7qY-SpUz13CTgy7IZWqK73oRabgx11eKIm7kphCOvYyVdTPYVdaVuKc67bL8jXeOUFwh4boqV_9KsemcgYS4EgxTERbhhKNqMcwmpLIeo_7yQo?DC=DO
212.124.124.110200 43 B URL HTTP/1.1 aj1867.online/zpByPKwMp-k8rX1XpqvF3rbArXfeod8dHIxWHkqD8CjYBk9QVV702uuTiF9xJEJInTwSAVS3JYZp-3B432v8IT7ykL_otpwgrZowoVuO9lCxrRsn31Vh0zU2AvK33dYn9KhvMVWHY44Nt14IkvmdPyrRoZM_LAWHZ1bc_72Fy84T1wkP5RuXqJMsJxlzFOqsQs9WgjC_vawDBDIlaU53u9qqb8q0P5naG8h2IJihTrztl12LduB7OpeyAK0dNesliUeRGw0Ep828gHhmlyE_2gbWeuqchImMmtOqm-d8s4Lkobc_6821C9hLWeg9fako-cNXqYzsgrDBognM7geQyKdnn0pn-VCsrFzDeqE6X3iQ3RSclbBuSygJ5aZj64Ss8sL44PSf5yiVu7fwAa16QzxkqzMyGOj0tLuJjk414d3oGChN8Lw2ZZUTrlX8Ge-RVA-kKTdyGK7OyS8Ea64DvpT2ANTv7med_YBY3HA7M7eAaBlTz7wTPN7qY-SpUz13CTgy7IZWqK73oRabgx11eKIm7kphCOvYyVdTPYVdaVuKc67bL8jXeOUFwh4boqV_9KsemcgYS4EgxTERbhhKNqMcwmpLIeo_7yQo?DC=DO
IP 212.124.124.110:0
ASN #47328 True Records Inc.
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /zpByPKwMp-k8rX1XpqvF3rbArXfeod8dHIxWHkqD8CjYBk9QVV702uuTiF9xJEJInTwSAVS3JYZp-3B432v8IT7ykL_otpwgrZowoVuO9lCxrRsn31Vh0zU2AvK33dYn9KhvMVWHY44Nt14IkvmdPyrRoZM_LAWHZ1bc_72Fy84T1wkP5RuXqJMsJxlzFOqsQs9WgjC_vawDBDIlaU53u9qqb8q0P5naG8h2IJihTrztl12LduB7OpeyAK0dNesliUeRGw0Ep828gHhmlyE_2gbWeuqchImMmtOqm-d8s4Lkobc_6821C9hLWeg9fako-cNXqYzsgrDBognM7geQyKdnn0pn-VCsrFzDeqE6X3iQ3RSclbBuSygJ5aZj64Ss8sL44PSf5yiVu7fwAa16QzxkqzMyGOj0tLuJjk414d3oGChN8Lw2ZZUTrlX8Ge-RVA-kKTdyGK7OyS8Ea64DvpT2ANTv7med_YBY3HA7M7eAaBlTz7wTPN7qY-SpUz13CTgy7IZWqK73oRabgx11eKIm7kphCOvYyVdTPYVdaVuKc67bL8jXeOUFwh4boqV_9KsemcgYS4EgxTERbhhKNqMcwmpLIeo_7yQo?DC=DO HTTP/1.1
Host: aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=4-NO-1664316490566-24--; Domain=.aj1867.online; Expires=Tue, 26-Sep-2023 22:08:10 GMT; Path=/; Secure; SameSite=None
ubv=MzIwfDQxODB8Tk98MnwyfDI2NjY3MzExMjQ0fGRHdHVNUSpNalkyTmpjek1URXlORFF-ZEd0dU1nKlpXMXdkSGt-ZEc5clpXNHoqWlcxd2RIa35iSEEqWlcxd2RIa35kR3R1TkEqWVdabWFYTmx-ZEd0dU5RKlpXMXdkSGt-ZEd0dU5nKlpXMXdkSGt8NGxwaWw3a2xyc3I3fGQ5YWQwOTZmLTY3NWItNTNjNC1hZTNmLTQ2YjcwYWVjYzJmYnx8fDE-1664230090566--; Domain=.aj1867.online; Expires=Tue, 26-Sep-2023 22:08:10 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1654593398000"
last-modified: Tue, 07 Jun 2022 09:16:38 GMT
content-type: image/gif
content-length: 43
date: Mon, 26 Sep 2022 22:08:09 GMT
aj1867.online/zhBQVTUePfqSccqbIsaTgt_x4vNx-vM0STvk5K1LbvfRMd3G-Erss2yJjtgoXAvprVN7RzTq476BXv4t_dWw_4IZZt4GcnbfzMallNzUHGqH89jBE7B-QdEpjNHpb8ewlflegMhJCZxxUwSeuP8lpC3GUiKM-FEfR-a4uGrn3gxP-oVrNC6yMr6EkHaldmy3ZW24exh9vwr9hkzOWjFkXuqAPa5MoG-1Nqhy3QxOa8e2RG0ouS6rSgZRvACpe26BNKdnykJAM1gHVI26lYm-9QcR8f4j9e050cnjlfBumARl8oLsqa2bTZMyrVCwsbNXNW8rMwCnLJTNxlXjtTFdFYewpCQEAG6KIT1KNlL2MEpxw7Hh27OZAdxK2Jy1vX27BiED62LoLYTZiYus6JUjJjib5wWDfF2RAWddAsE6COPgm0n_Zq8s8b1Ia8i3ZpACtohE5mz81jln-nXS8LgiFJW_40zyQ0dH49stOqQmFhhImrlO9HZGvb13kowodeSesg4NJ5IxsFPCON1bKfPz35cm0v3E98RW44pIivrxX_EcwDkSevmgiaYsnEmmZbCC6WQsL2ObkCpdQwGt15yQwgIyBQhpoQFn7t5shrjxtkxRUcP_vsO7D9_T2aO8UMxio6iCNVEXvzVpIWkdULDp9OH0B5TlTSk7iaHf0Y9c9sejOeBF42bde2J1tLuN_AKnTPRTLpEVxuD-lQUuwm2dZ0QaJzWXcK204klAsHXDMH6--xQsiHsseM7cRbrAAs1qYpgUZ3kZskoNnvGc93aP0A1Drrs_G_QF0wnjv0VFlMY0Tj7qwENjVkNx_Qnkye9RfnmFqZ4ODwiQVkppjXLZnpO8mYHjqGivS6kqtGU-noWj2E15dJer29W-QLyniFAfBoC4tbZSEw3g_aDMvfhW1H39ce1K-gNcgjZtgAHIW5UnDutNkJD4N_-WQ-SbUthQjSMnck4IKZ5nwUvJ8vbmf1cujheuluUuinMg_h-DVamqSvgmNfe6c1q6XEM-yY76krQ1wd1yOEaJFBzqiAsES_DTc_NxyVgo1fAnNYw?
212.124.124.110200 1.6 kB URL HTTP/1.1 aj1867.online/zhBQVTUePfqSccqbIsaTgt_x4vNx-vM0STvk5K1LbvfRMd3G-Erss2yJjtgoXAvprVN7RzTq476BXv4t_dWw_4IZZt4GcnbfzMallNzUHGqH89jBE7B-QdEpjNHpb8ewlflegMhJCZxxUwSeuP8lpC3GUiKM-FEfR-a4uGrn3gxP-oVrNC6yMr6EkHaldmy3ZW24exh9vwr9hkzOWjFkXuqAPa5MoG-1Nqhy3QxOa8e2RG0ouS6rSgZRvACpe26BNKdnykJAM1gHVI26lYm-9QcR8f4j9e050cnjlfBumARl8oLsqa2bTZMyrVCwsbNXNW8rMwCnLJTNxlXjtTFdFYewpCQEAG6KIT1KNlL2MEpxw7Hh27OZAdxK2Jy1vX27BiED62LoLYTZiYus6JUjJjib5wWDfF2RAWddAsE6COPgm0n_Zq8s8b1Ia8i3ZpACtohE5mz81jln-nXS8LgiFJW_40zyQ0dH49stOqQmFhhImrlO9HZGvb13kowodeSesg4NJ5IxsFPCON1bKfPz35cm0v3E98RW44pIivrxX_EcwDkSevmgiaYsnEmmZbCC6WQsL2ObkCpdQwGt15yQwgIyBQhpoQFn7t5shrjxtkxRUcP_vsO7D9_T2aO8UMxio6iCNVEXvzVpIWkdULDp9OH0B5TlTSk7iaHf0Y9c9sejOeBF42bde2J1tLuN_AKnTPRTLpEVxuD-lQUuwm2dZ0QaJzWXcK204klAsHXDMH6--xQsiHsseM7cRbrAAs1qYpgUZ3kZskoNnvGc93aP0A1Drrs_G_QF0wnjv0VFlMY0Tj7qwENjVkNx_Qnkye9RfnmFqZ4ODwiQVkppjXLZnpO8mYHjqGivS6kqtGU-noWj2E15dJer29W-QLyniFAfBoC4tbZSEw3g_aDMvfhW1H39ce1K-gNcgjZtgAHIW5UnDutNkJD4N_-WQ-SbUthQjSMnck4IKZ5nwUvJ8vbmf1cujheuluUuinMg_h-DVamqSvgmNfe6c1q6XEM-yY76krQ1wd1yOEaJFBzqiAsES_DTc_NxyVgo1fAnNYw?
IP 212.124.124.110:0
ASN #47328 True Records Inc.
File type JSON data\012- HTML document text\012- HTML document, ASCII text, with very long lines (2405), with no line terminators
Hash 7d4d8563cbc8909d6831c4145e9b7551
31c4e42ccfb936d1be457039ac5de674e7a589a0
8658b906414a4028a58ef2216378224525a9d1f1e1d014e890055a237d9b5ac1
Analyzer Verdict Alert fortinet Phishing
POST /zhBQVTUePfqSccqbIsaTgt_x4vNx-vM0STvk5K1LbvfRMd3G-Erss2yJjtgoXAvprVN7RzTq476BXv4t_dWw_4IZZt4GcnbfzMallNzUHGqH89jBE7B-QdEpjNHpb8ewlflegMhJCZxxUwSeuP8lpC3GUiKM-FEfR-a4uGrn3gxP-oVrNC6yMr6EkHaldmy3ZW24exh9vwr9hkzOWjFkXuqAPa5MoG-1Nqhy3QxOa8e2RG0ouS6rSgZRvACpe26BNKdnykJAM1gHVI26lYm-9QcR8f4j9e050cnjlfBumARl8oLsqa2bTZMyrVCwsbNXNW8rMwCnLJTNxlXjtTFdFYewpCQEAG6KIT1KNlL2MEpxw7Hh27OZAdxK2Jy1vX27BiED62LoLYTZiYus6JUjJjib5wWDfF2RAWddAsE6COPgm0n_Zq8s8b1Ia8i3ZpACtohE5mz81jln-nXS8LgiFJW_40zyQ0dH49stOqQmFhhImrlO9HZGvb13kowodeSesg4NJ5IxsFPCON1bKfPz35cm0v3E98RW44pIivrxX_EcwDkSevmgiaYsnEmmZbCC6WQsL2ObkCpdQwGt15yQwgIyBQhpoQFn7t5shrjxtkxRUcP_vsO7D9_T2aO8UMxio6iCNVEXvzVpIWkdULDp9OH0B5TlTSk7iaHf0Y9c9sejOeBF42bde2J1tLuN_AKnTPRTLpEVxuD-lQUuwm2dZ0QaJzWXcK204klAsHXDMH6--xQsiHsseM7cRbrAAs1qYpgUZ3kZskoNnvGc93aP0A1Drrs_G_QF0wnjv0VFlMY0Tj7qwENjVkNx_Qnkye9RfnmFqZ4ODwiQVkppjXLZnpO8mYHjqGivS6kqtGU-noWj2E15dJer29W-QLyniFAfBoC4tbZSEw3g_aDMvfhW1H39ce1K-gNcgjZtgAHIW5UnDutNkJD4N_-WQ-SbUthQjSMnck4IKZ5nwUvJ8vbmf1cujheuluUuinMg_h-DVamqSvgmNfe6c1q6XEM-yY76krQ1wd1yOEaJFBzqiAsES_DTc_NxyVgo1fAnNYw? HTTP/1.1
Host: aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://latina.girlsfuckdudes.com
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/1.1 200
cache-control: no-cache, no-store, must-revalidate
p3p: CP="CAO PSA OUR"
expires: 0
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://latina.girlsfuckdudes.com
set-cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; Domain=.aj1867.online; Expires=Wed, 25-Sep-2024 22:08:10 GMT; Path=/; Secure; SameSite=None
content-type: application/json;charset=UTF-8
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:08:09 GMT
aj1867.online/zAVbjJMB5Khh1eORlt6VuAfNJaqU-sImMbtt4JK4GfJJrp9GxhxX3jm01KdCX7yFyD__n2toAFioipAWFuaTRa4HQkyiqpKyfL8aphQ398Yidx_dT1HR_80jKib59Io-56rDyoIlr_Z69ay7ENC7CwsKuBPVWr1LJeT72WAYrCoEVV4X5VsUdivNA6LwMCYzq2aaUN8T0Z3XtlMsnwmx2XFi7oaGXTIo4mGkBi17J2rwoqoAPrbJ1BSw-7qCQqKSE0C9wIU5M99MdUQ1-mmrtDoP9Xrm1L9qycjpMhz37daXL_f0ATT8_5IrPITXenuU_NGufrXUyy1zgX1hoYavSvb23rG02APSiDLVbt8dM4jVBFVOSyXHq0uAVtvUju0cQ1hIMUK6bMTPfCJkj8iP-njL90MuVRWzcFi5mX6Qf0aJlHzsUtG3lIpw5SNht6TMNl2jL3fd8V_cLj8PbyreiDrYPUvgk_OlnUsbGIbTcOcocf2abztX0rSBPk0ltawBvOuMtv2Z0pbAwFU9-Hg275vALd-OJoEWwwSWYAjNb2BOIk_q0G6EvFy1AG7WjONSaQpGxkNMKob6xUqC32cTBzd-EkPry-P68WPQ?DC=DO
212.124.124.110200 43 B URL HTTP/1.1 aj1867.online/zAVbjJMB5Khh1eORlt6VuAfNJaqU-sImMbtt4JK4GfJJrp9GxhxX3jm01KdCX7yFyD__n2toAFioipAWFuaTRa4HQkyiqpKyfL8aphQ398Yidx_dT1HR_80jKib59Io-56rDyoIlr_Z69ay7ENC7CwsKuBPVWr1LJeT72WAYrCoEVV4X5VsUdivNA6LwMCYzq2aaUN8T0Z3XtlMsnwmx2XFi7oaGXTIo4mGkBi17J2rwoqoAPrbJ1BSw-7qCQqKSE0C9wIU5M99MdUQ1-mmrtDoP9Xrm1L9qycjpMhz37daXL_f0ATT8_5IrPITXenuU_NGufrXUyy1zgX1hoYavSvb23rG02APSiDLVbt8dM4jVBFVOSyXHq0uAVtvUju0cQ1hIMUK6bMTPfCJkj8iP-njL90MuVRWzcFi5mX6Qf0aJlHzsUtG3lIpw5SNht6TMNl2jL3fd8V_cLj8PbyreiDrYPUvgk_OlnUsbGIbTcOcocf2abztX0rSBPk0ltawBvOuMtv2Z0pbAwFU9-Hg275vALd-OJoEWwwSWYAjNb2BOIk_q0G6EvFy1AG7WjONSaQpGxkNMKob6xUqC32cTBzd-EkPry-P68WPQ?DC=DO
IP 212.124.124.110:0
ASN #47328 True Records Inc.
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /zAVbjJMB5Khh1eORlt6VuAfNJaqU-sImMbtt4JK4GfJJrp9GxhxX3jm01KdCX7yFyD__n2toAFioipAWFuaTRa4HQkyiqpKyfL8aphQ398Yidx_dT1HR_80jKib59Io-56rDyoIlr_Z69ay7ENC7CwsKuBPVWr1LJeT72WAYrCoEVV4X5VsUdivNA6LwMCYzq2aaUN8T0Z3XtlMsnwmx2XFi7oaGXTIo4mGkBi17J2rwoqoAPrbJ1BSw-7qCQqKSE0C9wIU5M99MdUQ1-mmrtDoP9Xrm1L9qycjpMhz37daXL_f0ATT8_5IrPITXenuU_NGufrXUyy1zgX1hoYavSvb23rG02APSiDLVbt8dM4jVBFVOSyXHq0uAVtvUju0cQ1hIMUK6bMTPfCJkj8iP-njL90MuVRWzcFi5mX6Qf0aJlHzsUtG3lIpw5SNht6TMNl2jL3fd8V_cLj8PbyreiDrYPUvgk_OlnUsbGIbTcOcocf2abztX0rSBPk0ltawBvOuMtv2Z0pbAwFU9-Hg275vALd-OJoEWwwSWYAjNb2BOIk_q0G6EvFy1AG7WjONSaQpGxkNMKob6xUqC32cTBzd-EkPry-P68WPQ?DC=DO HTTP/1.1
Host: aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; ucv=4-NO-1664316490566-24--; ubv=MzIwfDQxODB8Tk98MnwyfDI2NjY3MzExMjQ0fGRHdHVNUSpNalkyTmpjek1URXlORFF-ZEd0dU1nKlpXMXdkSGt-ZEc5clpXNHoqWlcxd2RIa35iSEEqWlcxd2RIa35kR3R1TkEqWVdabWFYTmx-ZEd0dU5RKlpXMXdkSGt-ZEd0dU5nKlpXMXdkSGt8NGxwaWw3a2xyc3I3fGQ5YWQwOTZmLTY3NWItNTNjNC1hZTNmLTQ2YjcwYWVjYzJmYnx8fDE-1664230090566--
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
cache-control: no-cache
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="CAO PSA OUR"
set-cookie: ucv=4-NO-1664316490566-24--; Domain=.aj1867.online; Expires=Tue, 26-Sep-2023 22:08:10 GMT; Path=/; Secure; SameSite=None
ubv=MzIxfDQxODZ8Tk98MnwyfDI2NjY3MzExMjQ0fGRHdHVNUSpNalkyTmpjek1URXlORFF-ZEd0dU1nKlpXMXdkSGt-ZEc5clpXNHoqWlcxd2RIa35iSEEqWlcxd2RIa35kR3R1TkEqWVdabWFYTmx-ZEd0dU5RKlpXMXdkSGt-ZEd0dU5nKlpXMXdkSGt8ZzRtc2RuY3o1NzllfGQ5YWQwOTZmLTY3NWItNTNjNC1hZTNmLTQ2YjcwYWVjYzJmYnx8fDE-1664230090761--; Domain=.aj1867.online; Expires=Tue, 26-Sep-2023 22:08:10 GMT; Path=/; Secure; SameSite=None
access-control-allow-origin: *
accept-ranges: bytes
etag: W/"43-1654593398000"
last-modified: Tue, 07 Jun 2022 09:16:38 GMT
content-type: image/gif
content-length: 43
date: Mon, 26 Sep 2022 22:08:09 GMT
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc65e19b7022517d3e515274968d8c3d
693b1e45a104540b48c1916dc64eb14afabcd88b
8b63bcc436885a0c5257b9b0606d3ee16cf438b81c588e21b15b6525c84b1109
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B63BCC436885A0C5257B9B0606D3EE16CF438B81C588E21B15B6525C84B1109"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21553
Expires: Tue, 27 Sep 2022 04:07:23 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bc65e19b7022517d3e515274968d8c3d
693b1e45a104540b48c1916dc64eb14afabcd88b
8b63bcc436885a0c5257b9b0606d3ee16cf438b81c588e21b15b6525c84b1109
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B63BCC436885A0C5257B9B0606D3EE16CF438B81C588E21B15B6525C84B1109"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21549
Expires: Tue, 27 Sep 2022 04:07:19 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8374dbe2ac5579e04ebc7d09a012544
5ecb3d08d801e8319396d21cbb97f3ff1570a158
92e9adffcb2d08c1e7c6376d2647af8084a2d773896067ed6ce1ec8e1804d65d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92E9ADFFCB2D08C1E7C6376D2647AF8084A2D773896067ED6CE1EC8E1804D65D"
Last-Modified: Sun, 25 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21556
Expires: Tue, 27 Sep 2022 04:07:26 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4992
Expires: Mon, 26 Sep 2022 23:31:22 GMT
Date: Mon, 26 Sep 2022 22:08:10 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2fe8c4f0c70fb6c1f4259eabedc7015e
85e378d0fff856832a8dd01743516b9476fed8c6
508a1c7d350fcf82d1ece0b99f8557b2f300c7c1148f28c3ae9fece20530e4b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd85aa2-fe15-49c2-aa3e-38b97cb99849.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5157
x-amzn-requestid: b5748f49-693f-4bc3-a850-cb68e770de24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG9GUHIAMF7pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-5d2aaa212cf1be2506593746;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4h9lb_7egxb2hBbxjcS_cpZ5lDq6Lx-c_WUZyRHdUA0YTwr6kgDuiQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:10:16 GMT
age: 86274
etag: "85e378d0fff856832a8dd01743516b9476fed8c6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 19:30:21 GMT
age: 9469
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ea5f06ad31f0cedd2cb5c6df82f35f4
60a83a1618ffae06e49ca3002bac1db9980dcfe8
5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10279
x-amzn-requestid: 0f361c26-1f12-421a-9752-7d4fcdf839ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4V65GTXIAMF9-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd045-25677a637307879044de8242;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:14:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: HfslSWhSAKRjZr-qqajVm6bKf9jGt2pXq8N8GlXgyTwRxWqw0y-CgA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 06:49:49 GMT
age: 55101
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef17205adb2b478d3bff54b048208d22
12aac1bd22e675f09a220de08b4656e801c2e647
620fe39cf421ed3a21e968570f7e863d69224113be867ec2457ed3850ea113f6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff3689ec8-63b4-42ae-b7d5-a9b4b63af788.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5980
x-amzn-requestid: fbf0c390-da24-49e2-8492-43e29e5d4bb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCTHCGJVoAMFgxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cbc6-1f9b1b7d63467c58702e6d7e;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:44:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Iy0oyFx_T6CEuOQckEzvUQOUo307Jm_OgJzomWlMz9BhgD3eOaysdA==
via: 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:50:01 GMT
age: 1089
etag: "12aac1bd22e675f09a220de08b4656e801c2e647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 968b9c138702fb5994d1d9eab1a697fa
9660bb2d38079182efbd11d7a687bfc7f9d30751
5ba74820ad451747c8ed25529f06b037bebf4c0616a1f2165c9197c1171db7a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7838a122-2b2e-4e4c-9bcc-7c6b46a93b1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11728
x-amzn-requestid: bf60e58f-c4f4-45c7-923b-0d1539f720f5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUCGGw7oAMF3wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd40-32043c1b1411544f5d00edc0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:50:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: ZRG0Axnhc5RY5rDbnnbauco9dpPeFdkP01UxkpNYI5pgSbfGKWcikw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 22:16:26 GMT
age: 85904
etag: "9660bb2d38079182efbd11d7a687bfc7f9d30751"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d02ede0c964f3346fd53ae2950bf2a62
e49306a3713cb724be024a4ddb5e90645718a718
c0e653d89656016c55aca9b198b9191620f1ae9a3c45742a90744bd74c4f9505
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9723d426-a6ee-4860-8067-0b8d98143233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8637
x-amzn-requestid: 07dc23e0-000f-4f6c-8d2b-0e65d88be270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSvvEenoAMFr0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cb31-520803124760abc216152d7b;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:42:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5o526KdLqw6zOzHIXOblele1f7_gwCE900s964tzIYUdz4Fz2LStdA==
via: 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:06:19 GMT
age: 111
etag: "e49306a3713cb724be024a4ddb5e90645718a718"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
stats.topsrc.com/tracking/segment?key=98b2c431-516f-49d3-8645-dc33500c58e3
74.117.182.36200 49 B URL HTTP/1.1 stats.topsrc.com/tracking/segment?key=98b2c431-516f-49d3-8645-dc33500c58e3
IP 74.117.182.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /tracking/segment?key=98b2c431-516f-49d3-8645-dc33500c58e3 HTTP/1.1
Host: stats.topsrc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
last-modified: Mon, 26 Sep 2022 22:08:10 GMT
etag: W/"ca05cc38fb9c831a762aecf0e775ffbb7463dbd5d4e16b6032eb461991579aba"
cache-control: no-cache, no-store, no-transform, must-revalidate
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-type: image/gif
content-length: 49
date: Mon, 26 Sep 2022 22:08:10 GMT
stats.topsrc.com/tracking/segment?key=75025220-350b-434d-97cd-24a7efcee1bd
74.117.182.36200 3.4 kB URL HTTP/1.1 stats.topsrc.com/tracking/segment?key=75025220-350b-434d-97cd-24a7efcee1bd
IP 74.117.182.36:0
Hash 6dec0847d5804ab6a10f1f61cca1fc5f
b069bde695e749cba5a9b7e5bdb2e90e1b8a9726
f6393666c61f4352c67b1a744ee09297a7c5bcf2f3198e449d8457c63d345981
GET /tracking/segment?key=75025220-350b-434d-97cd-24a7efcee1bd HTTP/1.1
Host: stats.topsrc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
last-modified: Mon, 26 Sep 2022 22:08:10 GMT
etag: W/"2130033e79ddcde36ac349b00595ef046df1f0c83254cef2d29256e53d2ab324"
cache-control: no-cache, no-store, no-transform, must-revalidate
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-type: image/gif
content-length: 49
date: Mon, 26 Sep 2022 22:08:10 GMT
stats.topsrc.com/tracking/segment?key=37ed61b3-beaa-4984-99a7-1b5dcb9cb1ed
74.117.182.36200 49 B URL HTTP/1.1 stats.topsrc.com/tracking/segment?key=37ed61b3-beaa-4984-99a7-1b5dcb9cb1ed
IP 74.117.182.36:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 56398e76be6355ad5999b262208a17c9
a1fdee122b95748d81cee426d717c05b5174fe96
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
GET /tracking/segment?key=37ed61b3-beaa-4984-99a7-1b5dcb9cb1ed HTTP/1.1
Host: stats.topsrc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
last-modified: Mon, 26 Sep 2022 22:08:10 GMT
etag: W/"1066ae5920310795995701e0af8b23f4d0580088006e072e5b832a562e80ebd5"
cache-control: no-cache, no-store, no-transform, must-revalidate
x-responded-by: cors-support-provider
access-control-expose-headers: set-cookie
access-control-allow-origin: *
access-control-request-headers: origin,accept,content-type,x-requested-with
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH
access-control-max-age: 86400
content-type: image/gif
content-length: 49
date: Mon, 26 Sep 2022 22:08:10 GMT
cdn77.aj1867.online/files1867/3/4/4186/1dc9267931718cf415af777a5e4be5da9c16f96e.jpeg
185.76.9.21200 OK 24 kB URL HTTP/2 cdn77.aj1867.online/files1867/3/4/4186/1dc9267931718cf415af777a5e4be5da9c16f96e.jpeg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 300x250, components 3\012- data
Hash 5cf8200a922f68e42267710a5f2e03e2
1dc9267931718cf415af777a5e4be5da9c16f96e
feb5322ba1ade4bdb0794bc4c90549df94d3eee5105beda0f1f6dd44c721d09e
Analyzer Verdict Alert fortinet Phishing
GET /files1867/3/4/4186/1dc9267931718cf415af777a5e4be5da9c16f96e.jpeg HTTP/1.1
Host: cdn77.aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb; ucv=4-NO-1664316490566-24--; ubv=MzIwfDQxODB8Tk98MnwyfDI2NjY3MzExMjQ0fGRHdHVNUSpNalkyTmpjek1URXlORFF-ZEd0dU1nKlpXMXdkSGt-ZEc5clpXNHoqWlcxd2RIa35iSEEqWlcxd2RIa35kR3R1TkEqWVdabWFYTmx-ZEd0dU5RKlpXMXdkSGt-ZEd0dU5nKlpXMXdkSGt8NGxwaWw3a2xyc3I3fGQ5YWQwOTZmLTY3NWItNTNjNC1hZTNmLTQ2YjcwYWVjYzJmYnx8fDE-1664230090566--
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:10 GMT
content-type: image/jpeg
content-length: 23910
access-control-allow-origin: *
last-modified: Thu, 21 Jul 2022 11:16:16 GMT
x-accel-expires: @1665266890
server: CDN77-Turbo
x-77-nzt: AblMCRTM0YGh
x-77-nzt-ray: et5QspK8wkw
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn77.aj1867.online/files1867/3/4/4180/f63c1fd5519b43728909411b5803e55d.gif
185.76.9.21200 OK 193 kB URL HTTP/2 cdn77.aj1867.online/files1867/3/4/4180/f63c1fd5519b43728909411b5803e55d.gif
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 300 x 250\012- data
Size 193 kB (192799 bytes)
Hash 262a6578f261b8037c18908926d73414
b49b49411175cf7c085b955b2cfdce1aeda415ed
be06677f2fb4bad2a2bc042decb3164f27aa62c80275131bcd0d9b68c49ce998
GET /files1867/3/4/4180/f63c1fd5519b43728909411b5803e55d.gif HTTP/1.1
Host: cdn77.aj1867.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Cookie: UUID=d9ad096f-675b-53c4-ae3f-46b70aecc2fb
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:10 GMT
content-type: image/gif
content-length: 192799
access-control-allow-origin: *
last-modified: Thu, 21 Jul 2022 11:13:06 GMT
x-accel-expires: @1665266890
server: CDN77-Turbo
x-77-nzt: AblMCRT9lR6h
x-77-nzt-ray: PMHy34bdsB4
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-XDQ4FPH3JJ>m=2oe9l0&_p=1135780295&cid=1650333201.1664230089&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664230088&sct=1&seg=0&dl=https%3A%2F%2Flatina.girlsfuckdudes.com%2Flps%2Fwebchat%2F%3Fp%3D531ns%26l%3DEnglish%26s%3Ddark%26country%3D%253Ccountry_iso_2%253E%26city%3Dmountain%2520view%26token1%3D26667311244%26token4%3Daffise%26tid%3Dkrmot633222be0004c9b9%26lp%3DNinel%26token5%3D%26token6%3D%26pm%3D1&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-XDQ4FPH3JJ>m=2oe9l0&_p=1135780295&cid=1650333201.1664230089&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664230088&sct=1&seg=0&dl=https%3A%2F%2Flatina.girlsfuckdudes.com%2Flps%2Fwebchat%2F%3Fp%3D531ns%26l%3DEnglish%26s%3Ddark%26country%3D%253Ccountry_iso_2%253E%26city%3Dmountain%2520view%26token1%3D26667311244%26token4%3Daffise%26tid%3Dkrmot633222be0004c9b9%26lp%3DNinel%26token5%3D%26token6%3D%26pm%3D1&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-XDQ4FPH3JJ>m=2oe9l0&_p=1135780295&cid=1650333201.1664230089&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664230088&sct=1&seg=0&dl=https%3A%2F%2Flatina.girlsfuckdudes.com%2Flps%2Fwebchat%2F%3Fp%3D531ns%26l%3DEnglish%26s%3Ddark%26country%3D%253Ccountry_iso_2%253E%26city%3Dmountain%2520view%26token1%3D26667311244%26token4%3Daffise%26tid%3Dkrmot633222be0004c9b9%26lp%3DNinel%26token5%3D%26token6%3D%26pm%3D1&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://latina.girlsfuckdudes.com
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://latina.girlsfuckdudes.com
date: Mon, 26 Sep 2022 22:08:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.topsrcs.com/js/script_webchat.js
104.26.8.43200 OK 0 B URL HTTP/2 assets.topsrcs.com/js/script_webchat.js
IP 104.26.8.43:0
GET /js/script_webchat.js HTTP/1.1
Host: assets.topsrcs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://latina.girlsfuckdudes.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 26 Sep 2022 22:08:09 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-bgj: minify
cf-polished: origSize=22095
access-control-allow-origin: *
etag: W/"630f6ba5-564f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 31 Aug 2022 14:09:41 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 650496
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rznFTG%2Fea3dwiFxd92Jjn0izdb6mUhuUXD6VqjQwIJj0PVSApKz%2BLbyLNneYof9Tsdt58PjJw7ZCg3zlrVK7nlBMMQJGwH1acOUNjLeUMbvYCckUmT82o0kGOt7vSY%2Bz4xd3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 750f510d8f7e0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2