| t.co/4IMrA0lWgO | 104.244.42.197 | | 212 B |
IP104.244.42.197:0
File typeHTML document, ASCII text, with very long lines (349), with no line terminators Hash3600d36a054004fd2f4620778cfcfb2d 10caf630d4ff5657e71eeb37fade24e06f4ff9fa ee2654e146e0ddf097db1fd7f87129cff960e8ce670ad20192522ec9ba69ebeb
GET /4IMrA0lWgO HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:22:52 GMT
perf: 7402827104
vary: Origin
server: tsa_f
expires: Sun, 05 May 2024 13:27:52 GMT
set-cookie: muc=568af12e-3fa0-4ec5-94e3-e3a328dd1a83; Max-Age=34214400; Expires=Thu, 05 Jun 2025 13:22:52 GMT; Domain=t.co; Secure; SameSite=None
content-type: text/html; charset=utf-8
cache-control: private,max-age=300
content-length: 212
referrer-policy: unsafe-url
content-encoding: gzip
x-transaction-id: 5361745c80e19dd8
x-xss-protection: 0
content-security-policy: referrer always;
strict-transport-security: max-age=0
x-response-time: 120
x-connection-hash: fc103273d8cebfda8311366511aa4b3fd9e8d74ddb2451192f21ca9873ff3c7c
X-Firefox-Spdy: h2
|
|
| t.co/favicon.ico | 104.244.42.197 | | 675 B |
IP104.244.42.197:0
File typePNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced Hash864232b885e52799e6b0d1c37a4283a0 2c2500822c05b93cf169c338af2fdf7d04ea4260 2b56e0a792d9999e15f3ee39cabcba5cc3f88b4e640e71b3755c1424d8e12010
GET /favicon.ico HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://t.co/4IMrA0lWgO
DNT: 1
Connection: keep-alive
Cookie: muc=568af12e-3fa0-4ec5-94e3-e3a328dd1a83
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sun, 05 May 2024 13:22:53 UTC
perf: 7402827104
server: tsa_f
content-type: image/x-icon
cache-control: no-cache, no-store, max-age=0
content-length: 675
x-transaction-id: a6a3c6fc4c01806e
strict-transport-security: max-age=0
x-response-time: 110
x-connection-hash: fc103273d8cebfda8311366511aa4b3fd9e8d74ddb2451192f21ca9873ff3c7c
X-Firefox-Spdy: h2
|
|
| dsadsdaswwsdfgf.blogspot.com/?wqedsawsdadassad | 216.58.207.193 | | 16 kB |
URL dsadsdaswwsdfgf.blogspot.com/?wqedsawsdadassad IP216.58.207.193:0
File typeHTML document, Unicode text, UTF-8 text, with very long lines (7139) Hash8df59fc7b8dbc8ecf4fabe912e6a03e5 98f6b9dd5a75f37b1f48a99656a8e0f9c85b6e21 22a5d908aaf23b4c6096dfeb20369aaf771ad368bee5d33cecef91ed2ed50811
GET /?wqedsawsdadassad HTTP/1.1
Host: dsadsdaswwsdfgf.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
expires: Sun, 05 May 2024 13:22:53 GMT
date: Sun, 05 May 2024 13:22:53 GMT
cache-control: private, max-age=0
last-modified: Thu, 02 May 2024 01:12:40 GMT
etag: W/"cf0bf8a6666169e118803b91168246888543091706521fa974a6f99e1f4ed9f9"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 15567
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| | 188.225.56.13 | | 0 B |
IP188.225.56.13:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /stvK8R HTTP/1.1
Host: 188.225.56.13
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 05 May 2024 13:22:54 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate
Expires: 0
Location: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
Pragma: no-cache
Set-Cookie: _subid=376l60j14d76;Expires=Wednesday, 05-Jun-2024 13:22:54 GMT;Max-Age=2678400;Path=/
e1aca=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE5XCI6MTcxNDkxNTM3NH0sXCJjYW1wYWlnbnNcIjp7XCIxNlwiOjE3MTQ5MTUzNzR9LFwidGltZVwiOjE3MTQ5MTUzNzR9In0.4rSZQwavHeFzYCCtvSsa0kzpXQdMBtvj86sGpHP45uo;Expires=Friday, 09-Sep-2078 02:45:48 GMT;Max-Age=1715001774;Path=/
_token=uuid_376l60j14d76_376l60j14d766637882ea189f2.00200214;Expires=Wednesday, 05-Jun-2024 13:22:54 GMT;Max-Age=2678400;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
|
|
| juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 | 172.67.163.189 | 200 OK | 35 kB |
URL User Request GET HTTP/2juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 IP172.67.163.189:443
CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (10448) Hash05b72dc07c65c17fa915dd02a47b10a3 98cbd559b5b0b4272e14bb6e56bb97025fbc5f79 ba510280d6ba08ea121e7085696315f84bbb8bdfb6624966c94b82df30861159
GET /?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTRkNzZtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMeVBocXZtRGtsV0Nx.uQr0wtaCY5PLxK2s_ursGfCaTwwMtlRyjXZPr6z7Su0; path=/; expires=Mon, 05 May 2025 13:22:54 GMT; max-age=31536000
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aeZSuXIhHwdZn3IpDEx9g%2FyO3%2Bf0AIJHZwtWIfNXtomFK49%2BkxlievwssIiPqqVD2nCycE9j9fWYs3ut9Y4WujytskswAtJwuBf9G9bqgNua0QWUaH7Pph6yhfM70Lgb7Nf9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ac4af547130-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Montserrat&subset=latin-ext | 142.250.74.106 | 200 OK | 1.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Montserrat&subset=latin-ext IP142.250.74.106:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79 ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT
File typegzip compressed data, max compression Hashac55b94f9f1854b403aa38a00dd7c45a e1aee0c2883d2b25f751e5e0c25af16dd93bf706 02cd0e2c66fa7c32d06bb426375fb315edcd548dbc318ae6bc7a86da0a4939cb
GET /css?family=Montserrat&subset=latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 05 May 2024 13:22:55 GMT
date: Sun, 05 May 2024 13:22:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| juicywomenxq.com/p.js?a=1069737&cr=66789&lid=17943&mh=bWVVTXN3d0FqSGJLZW9DYVF6VE5aTmxyQkdSbGR4a1R2YXhGWFEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc40mtKUys4WmdeVEhG&s2=376l60j14d76&t=notrack | 172.67.163.189 | 200 OK | 15 kB |
URL GET HTTP/3juicywomenxq.com/p.js?a=1069737&cr=66789&lid=17943&mh=bWVVTXN3d0FqSGJLZW9DYVF6VE5aTmxyQkdSbGR4a1R2YXhGWFEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc40mtKUys4WmdeVEhG&s2=376l60j14d76&t=notrack IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text Hash4a76ac7b96f6ca393e97761a3765e893 e43d550e5e16f67939309bc4159c6ca42ab213a3 bac642de5654caca11622c73b11628fa47157b2a91b8662d9a4b2ee1fdca90f0
GET /p.js?a=1069737&cr=66789&lid=17943&mh=bWVVTXN3d0FqSGJLZW9DYVF6VE5aTmxyQkdSbGR4a1R2YXhGWFEtMzU4NzU%3D&mmid=2504&p=0&rf=uua&rn=zc40mtKUys4WmdeVEhG&s2=376l60j14d76&t=notrack HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTRkNzZtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMeVBocXZtRGtsV0Nx.uQr0wtaCY5PLxK2s_ursGfCaTwwMtlRyjXZPr6z7Su0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
cf-cache-status: BYPASS
set-cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxNGQ3Nm0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAx5UGhxdm1Ea2xXQ3E.YJWiinJKMohVWhhw3BoZWUs3JabNlKOIh3N8AWki3ys; path=/; expires=Mon, 05 May 2025 13:22:55 GMT; max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mlxmxgKHBL2TX9XhE4%2BpJnbXWkbLGt0%2F1u4ehl2kKAhoNPqoTRIQ7tzRqm9GlQx%2BtrNEZsUTXscSLnKGMtpKXBiFdmdVmqGWIoiKyZvGM7YRxY2a6dmv8yLF%2BJr6CSCQk9oQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ac6d8281c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/lstatic/c33752a7d51b0814da0fc0ab447d4cce/images/d1.jpg | 172.67.163.189 | 200 OK | 715 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/c33752a7d51b0814da0fc0ab447d4cce/images/d1.jpg IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2880x2828, components 3 Size715 kB (714611 bytes) Hashee9a5a9940da25adff6e3ad60cc0073f d600b446f733ff925bca8e31b3b7e3261b7c7f4a e67e98cd47b82c541dbc61da06e8efffdf482d8ea33314b5c95998383155f583
GET /lstatic/c33752a7d51b0814da0fc0ab447d4cce/images/d1.jpg HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxNGQ3Nm0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAx5UGhxdm1Ea2xXQ3E.YJWiinJKMohVWhhw3BoZWUs3JabNlKOIh3N8AWki3ys
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: image/jpeg
content-length: 714611
last-modified: Tue, 20 Feb 2024 13:28:58 GMT
etag: "65d4a91a-ae773"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: EXPIRED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1EpGtu5sCdfWI42DSz%2B79z%2B8cGtzNiakiP5PaJ1jmzGKiphmj3FjeUmyDLulHoVGffea5wFvln%2BYu8yEa9EpNhklhO1XHC0taS7sRRUiXy0I7oqvS9rdHxCLz80l5%2FfmMWcO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ac819001c0e-OSL
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/info-ws/ | 172.67.163.189 | | 0 B |
URL juicywomenxq.com/info-ws/ IP172.67.163.189:0
CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /info-ws/ HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://juicywomenxq.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dZPHV4Yi+hqLgpE2Jpw9NA==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxNGQ3Nm0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAx5UGhxdm1Ea2xXQ3E.YJWiinJKMohVWhhw3BoZWUs3JabNlKOIh3N8AWki3ys
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 05 May 2024 13:22:55 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Dlr7XFzkDk18lFDasj/xovzwS8=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeYv5vbNru4ZUUVdF70V%2FciiNPrcRUHeHIAL37lFpYGRfef1HKDV8g5ee51tVv2N7HjGMYGnHY87mCV%2Fc4XS85MVq65VTHRc78gdnsGuqNdXwiHWWC1srN8U7tIONURd7zOf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f10ac8ddd71c02-OSL
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/lstatic/info.min.js | 172.67.163.189 | 200 OK | 60 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/info.min.js IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (37352) Hash38ea2c394a4abb159172f8d7b77f495e 8efd580a25c3d1be8533ed74de7bc5607cbc278d a6510d097802bc66cc5aae4485af48dd9d77053766be8dd671d974d21d363031
GET /lstatic/info.min.js HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTRkNzZtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMeVBocXZtRGtsV0Nx.uQr0wtaCY5PLxK2s_ursGfCaTwwMtlRyjXZPr6z7Su0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Feb 2024 13:29:01 GMT
etag: W/"65d4a91d-280e9"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TRH3cwcHJnVbeaHJK%2Biwe4Vacb2NTEQJPqMNxb2liIwnrjOf2IgI9OP5bgDtJahdSpYOcgT4TNZCjlUyQ5Vw8Gcn2pj0ZlTEYemjTsEgf%2BMumZU9YSvfy6Uy25o5jQ1KYUyd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ac6c8221c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/favicon.ico | 172.67.163.189 | 200 OK | 68 kB |
URL GET HTTP/3juicywomenxq.com/favicon.ico IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeMS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel Hash947b02001608338b64bde348321cd148 1e877b3e4c4c01af4e2cdef1fdfa5805b4f861ff b9383fba3da87f4efd7c641e39252581114bebd1c066cdefc231cec1c0f65cad
GET /favicon.ico HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxNGQ3Nm0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAx5UGhxdm1Ea2xXQ3E.YJWiinJKMohVWhhw3BoZWUs3JabNlKOIh3N8AWki3ys
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: image/x-icon
cache-control: max-age=1800
cf-cache-status: EXPIRED
last-modified: Sun, 05 May 2024 10:44:58 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RG8x1oQb1iANp8XT0Q%2B5abBwFXPh5XL%2BSXHVHOskiwS1%2BIHxjPItsVRTw8g%2BfK6QdSH5cED7bvNdPxA%2FXj1tHBMdJywJbfrMkvN5H8x%2BKwdpXEb8SbeCmKJmIUU7pclw1%2FQg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87f10ac95a1a1c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| juicywomenxq.com/lstatic/uuidv4.min.js | 172.67.163.189 | 200 OK | 1.1 kB |
URL GET HTTP/3juicywomenxq.com/lstatic/uuidv4.min.js IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
File typeJavaScript source, ASCII text, with very long lines (1133), with no line terminators Hash9aa0ee0bba1540816efbcce21a79615f 11abf554322b4fac2583118f891a9439780d00fc d4824b1fa9ffb4a32dc5f470b26995866e0964bdafd67799b44b35734f5e729d
GET /lstatic/uuidv4.min.js HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76
DNT: 1
Connection: keep-alive
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGQAA25pbG0AAAAFc3ViXzFkAANuaWxtAAAABXN1Yl8ybQAAAAwzNzZsNjBqMTRkNzZtAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMeVBocXZtRGtsV0Nx.uQr0wtaCY5PLxK2s_ursGfCaTwwMtlRyjXZPr6z7Su0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sun, 05 May 2024 13:22:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Tue, 20 Feb 2024 13:29:03 GMT
etag: W/"65d4a91f-451"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
cache-control: max-age=1800
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OUVQHMzhnp39Z9T6OABoqtawK1nCFu8aTGXQQznfNm4H5CPRYntGtCoB6x5SIo%2Bh1vrT2Vr4KJd%2FacnNlQJVeomxaiEWpO7LFlTMUgDI28pDg1aRTQXkYdGG0kqHwbKBuIe%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87f10ac6d8271c0e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| code.jquery.com/jquery-3.3.1.min.js | 151.101.130.137 | 200 OK | 87 kB |
URL GET HTTP/2code.jquery.com/jquery-3.3.1.min.js IP151.101.130.137:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65451) Hasha09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /jquery-3.3.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://juicywomenxq.com/
Origin: https://juicywomenxq.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-1538f"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 05 May 2024 13:22:55 GMT
age: 20114771
x-served-by: cache-lga13622-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 36, 1157342
x-timer: S1714915375.217116,VS0,VE0
vary: Accept-Encoding
content-length: 30288
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 IP216.58.207.227:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 14940, version 1.0 Hasha46fb7aae99225fdfd9d64b2b8b1063f 1ee50bf5985c1956dde1c06d9b1cec4645ddb92b 4b5816bbfc52587979139951355fe4048da02ce60e40cef8e4a1efb6cd396281
GET /s/montserrat/v26/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://juicywomenxq.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14940
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:57:59 GMT
expires: Fri, 02 May 2025 01:57:59 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 22:46:07 GMT
content-type: font/woff2
age: 300296
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| juicywomenxq.com/info-ws/ | 172.67.163.189 | 101 Switching Protocols | 0 B |
URL GET HTTP/1.1juicywomenxq.com/info-ws/ IP172.67.163.189:443
Requested byhttps://juicywomenxq.com/?utm_source=OWCjnDs3p5h9&utm_content=376l60j14d76 CertificateIssuerGoogle Trust Services LLC Subjectjuicywomenxq.com FingerprintDE:08:B2:F7:EF:16:E2:87:1F:7D:AC:90:E0:01:47:D0:22:60:46:83 ValidityMon, 01 Apr 2024 12:04:50 GMT - Sun, 30 Jun 2024 12:04:49 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /info-ws/ HTTP/1.1
Host: juicywomenxq.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://juicywomenxq.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dZPHV4Yi+hqLgpE2Jpw9NA==
DNT: 1
Connection: keep-alive, Upgrade
Cookie: k=SFMyNTY.g3QAAAAHbQAAAARhdW5xdAAAAAFtAAAABTgyMDQ4bQAAAApwdkRxbmtYWWd3bQAAAANoaWRtAAAAJm1lVU1zd3dBakhiS2VvQ2FRelROWk5sckJHUmxkeGtUdmF4RlhRbQAAAAJobGEBbQAAAAVzdWJfMWQAA25pbG0AAAAFc3ViXzJtAAAADDM3Nmw2MGoxNGQ3Nm0AAAAHdHJhY2tlcm0AAAAHbm90cmFja20AAAADdW5xbQAAAAx5UGhxdm1Ea2xXQ3E.YJWiinJKMohVWhhw3BoZWUs3JabNlKOIh3N8AWki3ys
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 05 May 2024 13:22:55 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 6Dlr7XFzkDk18lFDasj/xovzwS8=
Sec-WebSocket-Extensions: permessage-deflate
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeYv5vbNru4ZUUVdF70V%2FciiNPrcRUHeHIAL37lFpYGRfef1HKDV8g5ee51tVv2N7HjGMYGnHY87mCV%2Fc4XS85MVq65VTHRc78gdnsGuqNdXwiHWWC1srN8U7tIONURd7zOf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 87f10ac8ddd71c02-OSL
alt-svc: h3=":443"; ma=86400
|
|