httpslink.com/UA2X
54.236.251.52302 Found 0 B IP 54.236.251.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UA2X HTTP/1.1
Host: httpslink.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Cache-Control: no-cache, no-store
Date: Tue, 27 Sep 2022 10:30:39 GMT
Engine: clickmeter.redirect, version 2.0
Expires: -1
Location: https://trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=X007
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
X-Rate-Limit-Reset: 2022-09-27T10:30:59.8139930Z
Content-Length: 0
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1b3053fa528e28810f8a2cc9284cc921
cca9eb471d941881a6b9a1793aecb6c281908f6a
a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 10:05:05 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aAxs_NPijg7zM5s3TJaV3lgKUydxRq7yrIsVeSFPcn-pwDMeq5OvrQ==
Age: 1534
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7131
Expires: Tue, 27 Sep 2022 12:29:30 GMT
Date: Tue, 27 Sep 2022 10:30:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3115
Expires: Tue, 27 Sep 2022 11:22:35 GMT
Date: Tue, 27 Sep 2022 10:30:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hCdlrnnlR34/0unq7OwAXc4BSH5urgl+nTmTVDcsUHto0trFok2ycIQkuJS9mnHvr1ky3IktvN8=
x-amz-request-id: DM9XYTBZTAPXP867
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 09:46:47 GMT
age: 2633
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
IP 142.250.74.3:0
Hash 2adecc4aae360f5b20bab2342abe2b25
3b13773700ba06d2b173dfdb91f2e482259d892e
51153df37f10b401645cc392b97daa6c11e016604b30a54831ea15f5d6282dbe
POST /s/gts1d4/qAXrUz2PjJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=X007
35.190.3.146302 Found 232 B URL HTTP/2 trck.chrysostrck.com/6RLQHCJF/2H5PLQ78/?sub3=X007
IP 35.190.3.146:0
File type HTML document, ASCII text
Hash ea3db180347356f18eae5a9ca66ec07b
e16279f8761a0f07632562efe041b616a5b8f515
294cc8d200254d0b142a7b8b15a068ee8ead5262d35e0e9a4bf40cdae6fc7ab9
Analyzer Verdict Alert fortinet Phishing
GET /6RLQHCJF/2H5PLQ78/?sub3=X007 HTTP/1.1
Host: trck.chrysostrck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 27 Sep 2022 10:30:40 GMT
content-type: text/html; charset=utf-8
content-length: 232
location: https://www.BestUkrainianGirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
set-cookie: uniqueClick_2H5PLQ78=b03218b3-dfa1-4f26-85e8-acd727a143f5:1664274640; Path=/; Expires=Wed, 28 Sep 2022 10:30:40 GMT; Secure; SameSite=None
transaction_id=e83f391ee1764c78b502c0e8b06d1879; Path=/; Expires=Mon, 26 Dec 2022 10:30:40 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 178c51ad-2088-4274-a705-d8aaefa6cef3
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
142.250.74.3200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/qAXrUz2PjJo
IP 142.250.74.3:0
Hash 2adecc4aae360f5b20bab2342abe2b25
3b13773700ba06d2b173dfdb91f2e482259d892e
51153df37f10b401645cc392b97daa6c11e016604b30a54831ea15f5d6282dbe
POST /s/gts1d4/qAXrUz2PjJo HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:40 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 10:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 11:02:07 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: SNcnA6XVEd3fwS9drDESOsTIMa1p19Ay1xiwuqH3eHutVN3-GWq_BA==
Age: 1194
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2272
Cache-Control: max-age=166438
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:40 GMT
Etag: "6332af16-1d7"
Expires: Thu, 29 Sep 2022 08:44:38 GMT
Last-Modified: Tue, 27 Sep 2022 08:06:46 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.239.70101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.239.70:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fyhdN8P8OSVzWl38L3TVZA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: um33kVRvUaJlxNUhkxIgoRxGdUQ=
www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
44.208.76.17302 Found 20 B URL HTTP/2 www.bestukrainiangirl.com/index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
IP 44.208.76.17:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /index.php/promote/click?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 27 Sep 2022 10:30:41 GMT
content-type: text/html; charset=UTF-8
content-length: 20
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
set-cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; path=/
owner_id=CP283597; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
adv_id=2216; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
adv_type=1; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
subaffid=100304; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
source_id=X007; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
adv_ldp_id=CD387001; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
qpid_offer_id=BUG_830762TEEKE; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
website_id=192; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
referer=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
adv_click_history_id=664948283; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D; expires=Mon, 26-Dec-2022 10:30:41 GMT; path=/
location: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13173
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13173
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
44.208.76.17200 OK 29 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (22671), with CRLF line terminators
Hash 6692ff22f19839afcb0d084e3d77e524
df416fb2d61a391c60c5021dbcd4133ce283fdf7
05af4c593e3df60a6742c12d08191181bfd6b22f9cb1c51e2b5c5d691cbf04c5
GET /qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:41 GMT
content-type: text/html; charset=UTF-8
content-length: 28818
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13173
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13173
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13173
Expires: Tue, 27 Sep 2022 14:10:15 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 45684
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 68483
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 48498
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d478b7bea64d1a5998967c0a665e6be
b078452d30703ea98ad4a7f7fd411b3e2a42ee71
24158d741732109ae2be7314205ac35f4c8b29785876f2785e8bb0ea906762b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: 1f0e95f2-d860-422f-80ad-96c6e7c941c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1vvHIaoAMFV4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296997-5746c99d78e025945cfdd238;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9-6jF5OoUb2I2HBasyNXBZC-L6rF1VINmgoBFZMuJ9eNelzkS-8BDQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:08:24 GMT
age: 44538
etag: "b078452d30703ea98ad4a7f7fd411b3e2a42ee71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 33887
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 46075
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae9f64a3f019a592a934e3ddb6e84fdd
3b941a1e984754f295c82a855549f07a93c3e7f6
d37f99c08dcd144079c82febad2e6866cf7d4078f343659ead05cdd661e580af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D37F99C08DCD144079C82FEBAD2E6866CF7D4078F343659EAD05CDD661E580AF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7242
Expires: Tue, 27 Sep 2022 12:31:24 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=38be4257abb9d7cc8955532a845f85be&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
35.190.72.161200 OK 2.7 kB URL HTTP/2 fqtag.com/js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=38be4257abb9d7cc8955532a845f85be&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf=
IP 35.190.72.161:0
File type ASCII text, with very long lines (2681), with no line terminators
Hash d5e9b1c1c7beaf892cfd6baf5d6bac7c
e499500726c5ce71dd603bbbf6e9526002b5155d
54b9be1785a288bc1e2c0dbae339107d8aedf704c1baf66c0bd1b8952743c83d
GET /js/implement-r.js?org=B30kwnm0BOePk19pEhOI&s=38be4257abb9d7cc8955532a845f85be&rt=click&p=CP283597&a=100304&cmp=BUG_830762TEEKE&rf= HTTP/1.1
Host: fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: 0
cache-control: no-cache, no-store, must-revalidate
x-xss-protection: 0
pragma: no-cache
date: Tue, 27 Sep 2022 10:30:42 GMT
access-control-allow-origin: *
content-type: application/javascript
content-length: 2681
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ae9f64a3f019a592a934e3ddb6e84fdd
3b941a1e984754f295c82a855549f07a93c3e7f6
d37f99c08dcd144079c82febad2e6866cf7d4078f343659ead05cdd661e580af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D37F99C08DCD144079C82FEBAD2E6866CF7D4078F343659EAD05CDD661E580AF"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7242
Expires: Tue, 27 Sep 2022 12:31:24 GMT
Date: Tue, 27 Sep 2022 10:30:42 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-133277878-80
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-133277878-80
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 215d3acb46e9967d6e6aa6e96104a80a
e4035360509b8166c726efb3f08394efb02b3292
f507d0907f9e6f229611e569e9b03debd6bb33cc696ca44a1d3c444648450a89
GET /gtag/js?id=UA-133277878-80 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 10:30:42 GMT
expires: Tue, 27 Sep 2022 10:30:42 GMT
cache-control: private, max-age=900
last-modified: Tue, 27 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42271
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bestukrainiangirl.com/qa/register01/images/kiss.png
44.208.76.17200 OK 18 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/kiss.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 037850482d89101d0264b5c2a51cbaf3
c4442a41d1d0e4636c8a74148addcd56cb75481a
19999e0045128216c252678c74b4665a22df1c8bf2d28c4327fc754552df41a5
GET /qa/register01/images/kiss.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 18006
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "4656-5e3050f3d537c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hand-over.png
44.208.76.17200 OK 6.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hand-over.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 6aee23bc1b43706192ce1201a49d9332
ec823936f540d613872d1e357ece45090b8525d0
3061a325961a761690be7ad3d93eb014eeaafeef26f2444e60c83e69e7ce998b
GET /qa/register01/images/hand-over.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 6400
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "1900-5e3050f314974"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/hugging.png
44.208.76.17200 OK 7.1 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/hugging.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash cafaf8a226ac7acff1c63c868a09d3ab
b9f3b25f2cd777ff131b68f4ee8764606fe18431
70cf55594627c61fa3e87944b193de1e17407080cd51603d2f0f204f9004dafd
GET /qa/register01/images/hugging.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 7083
last-modified: Tue, 05 Jul 2022 01:49:13 GMT
etag: "1bab-5e3050f38429c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
44.208.76.17200 OK 6.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/thinking-face.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e01b80cb5cfa195d670204261013c05e
9c857c7142dcff223625099b59adf780d06685d2
e2544c89ce253853e2a8bb9aeba8a576a303e43104438e485a3b92428197833a
GET /qa/register01/images/thinking-face.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 6450
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "1932-5e3050fcc7034"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/loading.gif
44.208.76.17200 OK 49 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/loading.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 107 x 90\012- data
Hash 351e1e7e896617f7dae0f19f436fee41
b2c3a4a978b90a8e8f5b1dba12230d624752f4aa
573c8107d16f18962e3dbc4c61c0621abb11dda26f9fea6cea3c1855dddee66a
GET /qa/register01/images/loading.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/gif
content-length: 49082
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "bfba-5e3050fba8644"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/female.png
44.208.76.17200 OK 8.7 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/female.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 07fdb9ed61590d2777892f83ffd6ed9d
a5bd944f99e7157565bb9fb6549c470e13dc8fc5
c20f443c04ee371f3fcd1cd6683027bb9c7931f10a1b9ec8d7382ab38483e230
GET /qa/register01/images/female.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 8669
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "21dd-5e3050f2f49bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/male.png
44.208.76.17200 OK 6.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/male.png
IP 44.208.76.17:0
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash e2106577efb42fd2cb110b8e098ca175
f40221d394693958100e89f2101e89f4ddca64d9
eae7588fbcb76482b9d205d2bcb68db86b2876b8ffe5e186a47b1f1e44f8a6cc
GET /qa/register01/images/male.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/png
content-length: 6589
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "19bd-5e3050fc6c314"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
44.208.76.17200 OK 24 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 81f6a4ea8a56cf44bc1e14ef336daeeb
11f83ac03d35e86fce1193f04cfd688e3d9d1964
5b398b2553b46305d1394a4447dd1ae86f8d4f7ac4b0b19fde1a333e78d0df5f
GET /qa/register01/images/lady01.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 23902
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "5d5e-5e3050f6716e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 401f7a56a912ebb527b5021cdb755d1d
eb31fb11adf40403fa0ffa305375566db9ab33fb
77618413cacf9729ba63a65b312205b57321c3e68501563275ec0c8501de1bad
GET /qa/register01/images/lady02.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 25013
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "61b5-5e3050f8bb1fc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 5e7bd5777f4721fcde7893454128f85e
cdf30b7c9f9b54460bcb02974822a20e5878f1f2
23fc407e4d46c5e6d361d9b388b397237982ac37e83020219fb126c757fccc03
GET /qa/register01/images/lady03.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 26264
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6698-5e3050fa78ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
44.208.76.17200 OK 26 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady04.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 73a65ebbd26a1f14b638accb8eb22139
ebdba3afa2ff5835c9bc18efe0cfe2ded770f879
f71f42e93861c4831da5f03dcb728c0b1dc828e31b522a1665fd4b466a6de01e
GET /qa/register01/images/lady04.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 25763
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "64a3-5e3050faa55bc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
44.208.76.17200 OK 25 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady05.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash ab95e189516a844fa011e3977e969c10
0a0bd7456713bba855d20bc9441fefbbcc71a9b6
c5b1e494f0fba445b2fda9555f3c00b7eaa5e016a03a45f564169d01bc708fee
GET /qa/register01/images/lady05.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 25428
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "6354-5e3050facfd6c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
44.208.76.17200 OK 32 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady06.jpg
IP 44.208.76.17:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 240x240, components 3\012- data
Hash 771ab354397841df3e9021586cbd4021
281334da3d5adafaaf4a527948e60c0c22415d6c
4947a3cb8fb7bc66ff25236500ef63e68ee2f7b676e1bda4aea191d64bb222ac
GET /qa/register01/images/lady06.jpg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/jpeg
content-length: 32238
last-modified: Tue, 05 Jul 2022 01:49:21 GMT
etag: "7dee-5e3050fafe39c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady02.gif
44.208.76.17200 OK 718 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady02.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 300 x 240\012- data
Size 718 kB (718441 bytes)
Hash 051f1406010ef328737da88e9049440f
15196dc7689e407c041af15fc888535ad2593955
c95dacca221f7f0aac7d59f3a9397c9672c1b33b6735afcb6641a2d4cd9b886c
GET /qa/register01/images/lady02.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/gif
content-length: 718441
last-modified: Tue, 05 Jul 2022 01:49:18 GMT
etag: "af669-5e3050f884ecc"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady01.gif
44.208.76.17200 OK 944 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady01.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 460 x 275\012- data
Size 944 kB (944238 bytes)
Hash 1378661a79051ba4c99d6ffa6b4937ff
43f23e1d895fb4b5aaf3528856c12a695fac345a
50ad5be435107232d2145cac9ac72d0a1445f08bdbe78d75a03917315dcc31d8
GET /qa/register01/images/lady01.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/gif
content-length: 944238
last-modified: Tue, 05 Jul 2022 01:49:16 GMT
etag: "e686e-5e3050f64a5e4"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/lady03.gif
44.208.76.17200 OK 423 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/lady03.gif
IP 44.208.76.17:0
File type GIF image data, version 89a, 250 x 187\012- data
Size 423 kB (422678 bytes)
Hash 8da23666859a0dd50c5f414a0afcb964
457c6e6572dd3af1f51aa40da02fae92614af8cc
d56bcb35ef49c519e093ed771ced5af6fd7ddcf02a6bbfd6c33425598070125b
GET /qa/register01/images/lady03.gif HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/gif
content-length: 422678
last-modified: Tue, 05 Jul 2022 01:49:20 GMT
etag: "67316-5e3050fa4c00c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/my_validate_index2.js
44.208.76.17200 OK 2.9 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/my_validate_index2.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash f1e757f7e2374c7b7162906a20688af2
ca928406b98b3611e9f23ac3157c8a116eb332a6
4cc7f63506663396d396c9e81fdda9310abfe101cfa63e57411b1263c0d1f803
Analyzer Verdict Alert fortinet Phishing
GET /common/js/my_validate_index2.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 2851
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "2560-5b138acc60a3b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/layout.css?v1.0
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with very long lines (331), with CRLF line terminators
Hash 2c6ae66330701466614da360562e59f2
b1f91e2993caf9434b8aadc2a3ce484c49fb81a5
ddc2263c9fd0c283d9d45fd55e90c1c8483a95c360e7e3d85c16ef432d4f5088
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/css/layout.css?v1.0 HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: text/css
content-length: 4540
last-modified: Tue, 05 Jul 2022 01:49:10 GMT
etag: "421f-5e3050f13de34"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/logo.svg
44.208.76.17200 OK 5.6 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/logo.svg
IP 44.208.76.17:0
File type SVG Scalable Vector Graphics image\012- HTML document, Unicode text, UTF-8 text, with very long lines (2439)
Hash 75534473b7cc351b43537cb62d0667a0
3b2adfec31ebccf863049d752675149cbcef3326
b83e143afb1973738d8c298f6985b0bca831a97ab43fd8dfabc29c559f6a95e1
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/images/logo.svg HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: image/svg+xml
content-length: 5575
last-modified: Tue, 05 Jul 2022 01:49:22 GMT
etag: "15c7-5e3050fbf3964"
accept-ranges: bytes
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/main.min.css
44.208.76.17200 OK 3.9 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/main.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (16632), with CRLF line terminators
Hash 850d5db4ec0135777c1ecf1d54fd5646
5ecdf6b778856d6b02dbb8689694fae0357a0216
bfd0401830620cfb73b83daf5c767fa66f334c2a5c0d244cae36e6583083500e
GET /qa/register01/css/main.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: text/css
content-length: 3894
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "40fa-5e3050f18d7a4"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
44.208.76.17200 OK 3.2 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/css/swiper.min.css
IP 44.208.76.17:0
File type ASCII text, with very long lines (19512), with CRLF line terminators
Hash 1f22e27f428e6d4d24d6aa917703b1c8
9d44b75150712e0f3cebca70087869a65fa4e1bc
49e9aaed89ca14e41b5da380090d3fbb10e173ec265c37bbc3d1b8baed469980
GET /qa/register01/css/swiper.min.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: text/css
content-length: 3249
last-modified: Tue, 05 Jul 2022 01:49:11 GMT
etag: "4d49-5e3050f1e984c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
44.208.76.17200 OK 376 B URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/autoComplete.css
IP 44.208.76.17:0
File type ASCII text, with CRLF line terminators
Hash fa161ac586a052c4476ed190ac1571e0
95bf7bc6541743739aa6d9f185d398e36dc9ce6c
f514e2d195768146c7b6453b788d6fdeb1df19ee6e5b017e0e9a1003a8e5c662
GET /common/js/auto_email/autoComplete.css HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: text/css
content-length: 376
last-modified: Fri, 09 Oct 2020 08:24:17 GMT
etag: "27d-5b138acba794b"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
44.208.76.17200 OK 1.0 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/auto_email/jquery.autoComplete.js
IP 44.208.76.17:0
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash d4b600f68461a491b71e88dc6f0173e1
7e20eb3d42dfec881deb87d3c2d6aad1c40aca0f
c5dc9fb6467bc20ff42141ea247397131baf1e1d6240d0dd66eb62f2cf87c74a
Analyzer Verdict Alert fortinet Phishing
GET /common/js/auto_email/jquery.autoComplete.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 1046
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c56-5b138acbfdc33"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.cookie.js
44.208.76.17200 OK 1.4 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.cookie.js
IP 44.208.76.17:0
Hash 00cfb5c8c7ec0b51b1dfb190279d570f
468f6fe01079afbcf53594f1065847f04165e249
0585e143aba785df6fb525229dd5e3466227cecc87e913459f0444e732fbf15c
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.cookie.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 1378
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "c31-5b138acc863cb"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/common/js/jquery.min.js
44.208.76.17200 OK 35 kB URL HTTP/2 www.bestukrainiangirl.com/common/js/jquery.min.js
IP 44.208.76.17:0
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 28ca33b476a0e86fa59725bdb38c7f2f
120531fc57923e78104a0aacee05c53cecbfd61f
ffbc181a3d82af401ee3645d08b10d739c12222da179cd5ec2dc67016d7c93a3
Analyzer Verdict Alert fortinet Phishing
GET /common/js/jquery.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 34763
last-modified: Fri, 09 Oct 2020 08:24:18 GMT
etag: "17278-5b138accbfdab"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
44.208.76.17200 OK 33 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/swiper.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (65263), with CRLF line terminators
Hash 9919d9d97c932c232298137ba2021d30
d8ce5b6985d28a7342e16274de07bf90d2b0591b
eceb9fc78096f2c0ded07f04804c83af4ec93d7e6eb14f4322cf592aa640ade3
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/swiper.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 33064
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "1d7b5-5e3050fdba6bc"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18096, version 1.0\012- data
Hash f29503a1895affee5ed85d0246238af8
f474c6e8a3e4e28fb68cf7fb29bd448cdfeb0278
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
GET /s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:33:01 GMT
expires: Fri, 22 Sep 2023 20:33:01 GMT
cache-control: public, max-age=31536000
age: 395862
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
142.250.74.163200 OK 19 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 19004, version 1.0\012- data
Hash be2a14878eb61d7c95d5970ff1912539
237450c08a36de2b7d3e4d20b74a062ca2fce816
1e235540dffb208599faa7434fad4050331fcd6916bf44fad58a5d1d65b8d360
GET /s/dmsans/v11/rP2Fp2ywxg089UriCZa4Hz-D.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19004
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 22:46:30 GMT
expires: Tue, 26 Sep 2023 22:46:30 GMT
cache-control: public, max-age=31536000
age: 42253
last-modified: Thu, 21 Apr 2022 16:57:37 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
142.250.74.163200 OK 18 kB URL HTTP/2 fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 18212, version 1.0\012- data
Hash ca72fb4e277e59be50b8850190822581
159b97b22006fe2a483da0a13d33cfb3cc5aa031
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
GET /s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18212
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Sep 2022 20:33:04 GMT
expires: Fri, 22 Sep 2023 20:33:04 GMT
cache-control: public, max-age=31536000
age: 395859
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 10:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
35.190.36.172200 OK 90 kB URL HTTP/2 cdn.fqtag.com/1.27.339-ccfb11a/pixel.js
IP 35.190.36.172:0
File type ASCII text, with very long lines (31986)
Hash e0eff30579598f76147c9ea12f490d21
f0bf2ef576db440b275bdae3d6abac35e59a33b2
e70a34c5f232fa80328a361630a994cf847c54deb926f13d40be4807291b657b
GET /1.27.339-ccfb11a/pixel.js HTTP/1.1
Host: cdn.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdu1f_8IvojRy4-g_TmhACnTGdL6LX1RoRzU8WHRZZkjtWp9QPXzVTiMARA6S5xbxwsy6lIkRACZ1TEUV4NNoUzsYg
x-goog-generation: 1611776924905378
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 89647
content-language: en
x-goog-hash: crc32c=YwE4YA==, md5=4O/zBXlZj3YUfJ6hL0kNIQ==
x-goog-expiration: Sun, 11 Nov 2294 19:48:44 GMT
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
server: UploadServer
date: Tue, 27 Sep 2022 10:04:35 GMT
expires: Tue, 27 Sep 2022 11:04:35 GMT
cache-control: public, max-age=3600
age: 1568
last-modified: Wed, 27 Jan 2021 19:48:44 GMT
etag: "e0eff30579598f76147c9ea12f490d21"
content-type: application/javascript
content-length: 89647
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash cb7ab427ca43dea6fbb659c65801a5ac
a7055205f8063503a34786654d5cb8753b3abb2b
559bd2a94c2a00b90ab94c977a9d8d1c4eaaa3e6b6dd21fee084ba5d0d1e0c54
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Tue, 27 Sep 2022 10:30:43 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Mon, 26 Sep 2022 22:16:57 GMT
Expires: Tue, 27 Sep 2022 22:16:57 GMT
ETag: "a7055205f8063503a34786654d5cb8753b3abb2b"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
flx808.lporirxe.com/flp/ncvp.js?c=808&i=1664274641
104.18.155.225200 OK 11 kB URL HTTP/2 flx808.lporirxe.com/flp/ncvp.js?c=808&i=1664274641
IP 104.18.155.225:0
Hash e6a30d4ef5eaccb5d35d0eb5dc740052
42740eec442f77afdb474126b88300330ef2473a
b962548be39783badbf3c462775ada9eddb95b9bc6e4e5c0c313c54fb6e524aa
GET /flp/ncvp.js?c=808&i=1664274641 HTTP/1.1
Host: flx808.lporirxe.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 10:30:43 GMT
content-type: application/javascript
content-length: 11218
last-modified: Fri, 26 Aug 2022 17:37:34 GMT
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 5630
expires: Wed, 28 Sep 2022 10:30:43 GMT
cache-control: public, max-age=86400
accept-ranges: bytes
server: cloudflare
cf-ray: 751390ca9847b4fd-OSL
X-Firefox-Spdy: h2
aux.fqtag.com/aux/d
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/d HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 233
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 27 Sep 2022 10:30:43 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
44.208.76.17200 OK 5.4 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/js/parallax.min.js
IP 44.208.76.17:0
File type ASCII text, with very long lines (17272), with CRLF line terminators
Hash d05c86f40c1021162f5eface92f32750
3bb8c13a8d0af38771996de06ce099308e8d1fad
a7f7d4d2cdc4a5f36a4ff11790a5c1b0f32ded52f196d7f42459b509e12fc624
Analyzer Verdict Alert fortinet Phishing
GET /qa/register01/js/parallax.min.js HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 5438
last-modified: Tue, 05 Jul 2022 01:49:23 GMT
etag: "43a4-5e3050fd6575c"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 08:41:09 GMT
expires: Tue, 27 Sep 2022 10:41:09 GMT
cache-control: public, max-age=7200
age: 6575
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.bestukrainiangirl.com/qa/register01/images/favicon.png
44.208.76.17200 OK 4.5 kB URL HTTP/2 www.bestukrainiangirl.com/qa/register01/images/favicon.png
IP 44.208.76.17:0
File type PNG image data, 72 x 72, 8-bit colormap, interlaced\012- data
Hash ab3a78d3c6e73eece0baa64e3f106b98
6c2ba310202ac729b114b08a7e3cb3ff9294973a
2439de2640827cda6582ee71937879741cee8fcb73402559ac217477814d00ec
GET /qa/register01/images/favicon.png HTTP/1.1
Host: www.bestukrainiangirl.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/qa/register01.php?aid=2216&oid=CP283597&qpid_offer_id=BUG_830762TEEKE&qpid_clickid=e83f391ee1764c78b502c0e8b06d1879&qpid_subid=100304&source_tag=X007
Cookie: PHPSESSID=cj8herdcerou8trv2kb44i5nk0; owner_id=CP283597; adv_id=2216; adv_type=1; subaffid=100304; source_id=X007; adv_ldp_id=CD387001; qpid_offer_id=BUG_830762TEEKE; website_id=192; adv_click_history_id=664948283; qpid_click_id=e83f391ee1764c78b502c0e8b06d1879; owner_argv=a%3A6%3A%7Bs%3A3%3A%22aid%22%3Bs%3A4%3A%222216%22%3Bs%3A3%3A%22oid%22%3Bs%3A8%3A%22CP283597%22%3Bs%3A13%3A%22qpid_offer_id%22%3Bs%3A15%3A%22BUG_830762TEEKE%22%3Bs%3A12%3A%22qpid_clickid%22%3Bs%3A32%3A%22e83f391ee1764c78b502c0e8b06d1879%22%3Bs%3A10%3A%22qpid_subid%22%3Bs%3A6%3A%22100304%22%3Bs%3A10%3A%22source_tag%22%3Bs%3A4%3A%22X007%22%3B%7D; flv=GF1CSIT0hTcdDq8QPDup
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 10:30:44 GMT
content-type: image/png
content-length: 4538
last-modified: Tue, 05 Jul 2022 01:49:12 GMT
etag: "11ba-5e3050f2ce85c"
strict-transport-security: max-age=17280000; includeSubDomains
x-frame-options: SAMEORIGIN
accept-ranges: bytes
X-Firefox-Spdy: h2
aux.fqtag.com/aux/p
35.190.13.203204 No Content 0 B IP 35.190.13.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /aux/p HTTP/1.1
Host: aux.fqtag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 272
Origin: https://www.bestukrainiangirl.com
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: *
date: Tue, 27 Sep 2022 10:30:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
IP 142.250.74.10:0
GET /css2?family=DM+Sans:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bestukrainiangirl.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 10:30:42 GMT
date: Tue, 27 Sep 2022 10:30:42 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2