| alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1.jpg | 104.21.21.148 | 200 OK | 16 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1.jpg IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJPEG image data, progressive, precision 8, 300x300, components 3 Hashd77ae81926cdcc9a21bd458aab456e22 6768856c654fc415ad5fd7cc91a592441c18e26f f5dab0c2e2ccb02a9de061cbbb95ea834bcb18b87da4a69f5ad16557cc849feb
GET /wp-content/uploads/2024/02/alight-motion-1-300x300-1.jpg HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/jpeg
content-length: 16262
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Tue, 20 Feb 2024 18:54:00 GMT
cf-cache-status: HIT
age: 131067
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mvVedm%2Bl7SV0M2EEBYSKwK0y19bz15GJRFu6mm9tAWOf80ksXGKN2OIO0UakuCCBY6ReDhnRCEbb20oE%2F7M2NkQOeAN2DC8uS2mcnAVayV80hRSNd2q0NbXmZ1ritoBq%2FCqvFx4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc123cad56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/uploads/2024/02/logo-header.png | 104.21.21.148 | 200 OK | 12 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/02/logo-header.png IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typePNG image data, 458 x 70, 8-bit/color RGBA, non-interlaced Hashd90b819e011aff3efa3b7650fad58769 88abad3666db3b80b89f804d7bffb35db1874056 79697534ab7813e666d3e2f107d6d29b0053c063d6b40ebc758a09051a06cd95
GET /wp-content/uploads/2024/02/logo-header.png HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/png
content-length: 12371
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:02 GMT
last-modified: Mon, 19 Feb 2024 11:57:04 GMT
cf-cache-status: HIT
age: 510767
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1hjRAK8kIvYm7Yg4wmJkY3ubEkK%2B8LU9Fikc79RF%2FR0Gf0%2BKzZy058aDGVuTyjGxgeKp0eBXMC99E48V3dK00cy7qbeBN5wfIkPgSgFLatZNGo0tkrZDYFXgxjsgnVF9XZ6HmIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc123cb256af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=6.5.2 | 104.17.24.14 | 200 OK | 10 kB |
URL GET HTTP/2cdnjs.cloudflare.com/ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=6.5.2 IP104.17.24.14:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File typeASCII text, with very long lines (58749) Hash84d8ad2b4fcdc0f0c58247e778133b3a 6f33eae92d42fe209167139940a0ad6a3c6c167e 14cbd9b866a9b092e3a2e03a93b128da5baca005fd8b44a1956146eaab7b48b7
GET /ajax/libs/font-awesome/5.14.0/css/all.min.css?ver=6.5.2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/css; charset=utf-8
content-length: 10391
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f0f47d3-e637"
last-modified: Wed, 15 Jul 2020 18:15:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 800097
expires: Mon, 14 Apr 2025 23:04:50 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nK7DQPSRj%2BYx%2BlDP1my9HVANEeEEmJjj6ylsnkVAJxM0VEgbDgvCQKuV1l6KIgOwnQpPYvZyIUnqmRVHkcmakIBbPlC6FHLEQbmF1xQ%2B%2Fex8d%2B1vvM3%2BgIRcEUYsrpeHPODZZPHs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8799bc126c35569a-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-X0MVFETP3Q | 142.250.74.168 | 200 OK | 101 kB |
URL GET HTTP/2www.googletagmanager.com/gtag/js?id=G-X0MVFETP3Q IP142.250.74.168:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT
File typeJavaScript source, ASCII text, with very long lines (5945) Size101 kB (100587 bytes) Hash374a0b39d15a9173e95b3076d288fd20 c62da17e60fece3c354b628adc8a9cf57a6eab8e 38db9d0c33c2fa01f834f649e574fd59e878963eba8be55b7aee073818bf3360
GET /gtag/js?id=G-X0MVFETP3Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 24 Apr 2024 23:04:50 GMT
expires: Wed, 24 Apr 2024 23:04:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 100587
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/fonts/poppins-400.woff2 | 104.21.21.148 | 200 OK | 7.9 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/fonts/poppins-400.woff2 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7884, version 1.0 Hash9212f6f9860f9fc6c69b02fedf6db8c3 ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /wp-content/themes/AsapTheme/assets/fonts/poppins-400.woff2 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: font/woff2
content-length: 7884
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:23 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
cf-cache-status: HIT
age: 131067
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0lSMV0Sc4SIXwHEzeqNKKSwlEWfZzLRLbOrqo9HmmSQ%2Bs242jQSH4Lz%2BG2pOnSwEO%2FSSJLyuR%2FMM0ZTsoelpoYutpYlWOifACwqqXE9uca1rjNFUuqYVHFyE0LoY9AkgBAt8POU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc145d9856af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/menu-responsive.min.js?ver=07190523 | 104.21.21.148 | 200 OK | 8.1 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/menu-responsive.min.js?ver=07190523 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (799), with no line terminators Hash05e616b440aa9da3326d61cf1541ca4a 7346dccc2749bdcfb3d82d2e3d42a8e9ebe609d2 e21ecd63b65423bccdade0af2eb407aa874bcbdc5825b928c02dda48d25dd799
GET /wp-content/themes/AsapTheme/assets/js/menu-responsive.min.js?ver=07190523 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7y98k6GC13z9cY6k3nA18wUmbDVtunOT%2BbZ%2Fhehe5ELna5s01QFBdsJU77aBBRIQGaTwdiFY8qD3cRREUraP%2FZ1%2FbbmwMR5cBUqQFYvtUDAVXUidvsmvnCmeRfNRJQrigoiAejA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc124cbf56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/uploads/2024/02/AlightmotionPC3.jpg | 104.21.21.148 | 200 OK | 24 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/02/AlightmotionPC3.jpg IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1100x600, components 3 Hash96e638818e054289424485e356dddc40 ae826bbef4c572ae66c771aef3b15f0bbc76ad6d 0ce81fcd7273871cde1b23e105d779807eb88ea59bca7fc13bae3bdcc6a02021
GET /wp-content/uploads/2024/02/AlightmotionPC3.jpg HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/jpeg
content-length: 23964
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:25 GMT
last-modified: Mon, 19 Feb 2024 15:35:31 GMT
cf-cache-status: HIT
age: 131064
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HpLwplTPlMaG3p8oWpi%2BRKFQE7UuKzBi%2FbxYEYKjKhAMDrNz%2BHgrBJLDVHwOJluEKSPL6dxBYEz0kmM5QN4WFK1edDHz%2B%2F9cXXTZA%2FTHtd8516e5z%2FtVl%2Fg1qHOA8bYLMGS9L68%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc14bdc756af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 | 104.21.21.148 | 200 OK | 5.5 kB |
URL GET HTTP/3alightmotionpc.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (13479) Hash9ffeb32e2d9efbf8f70caabded242267 3ad0c10e501ac2a9bfa18f9cd7e700219b378738 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 23:04:50 GMT
last-modified: Fri, 09 Jun 2023 15:19:24 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t8ob5Po7gZ4r%2BMaJZYL%2FJiDsztAA1aXvthgPxsB3Lth3qaDg6SqYmAouFsXZhSGTuKMbVZ5Tx2ErwGPXbUfUzCcDYRGcSfK5DCuBCbArVGyPcIYEjKwl7SpP36%2FKkRgwmQkXW3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc122cab56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/uploads/2024/04/BAIXAR.jpg | 104.21.21.148 | 200 OK | 6.2 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/04/BAIXAR.jpg IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJPEG image data, progressive, precision 8, 350x68, components 3 Hashf016cf19c58eec60f89520d9d864c470 3f53a8f0d362e7d0ef8bc0038cf6b23b8741be1d 28a10f2a9b3d81c682f342701c2779d00795d6dc405e82ca73fdeb950952a7ca
GET /wp-content/uploads/2024/04/BAIXAR.jpg HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/jpeg
content-length: 6161
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 23:04:50 GMT
last-modified: Wed, 24 Apr 2024 10:53:41 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cspgrJJt7P%2FAaDP8m5pmKR8j1oFE5jSMN4mki43IRUM36vp1exPP%2FN%2B634AneVM5UAjuPl2Ye6YS8VGs%2BZkiW3srwSFqAwoYdGh81fIQ67ym%2BK%2F9Nskn%2FAHdgrf%2Fgvi8aUi4GR4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc14bdc556af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| my.rtmark.net/gid.js | 139.45.195.8 | 200 OK | 65 B |
IP139.45.195.8:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectrtmark.net FingerprintDB:C0:8B:64:1C:E3:2A:9C:B9:04:0D:F3:6F:5A:E0:35:F4:C7:75:CC ValiditySat, 02 Mar 2024 21:53:43 GMT - Fri, 31 May 2024 21:53:42 GMT
Hash402a195d06c0d80178c50f82e7e8e574 c2756787966d441b3ce6a3389c3b103817a6cc2a 0b812c9ccbb2e426bfd7828814acb1e6b774632ba05974c5d02c06b60bc684a9
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=080048aca31d4c3eec4cedd92f4a6305; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.7 | 104.21.21.148 | 200 OK | 10 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.7 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeASCII text, with very long lines (2181) Hash533af03c49baedabf2e6a0badf1269cf 5837bb0d22601bc1e4fd6b610c090b7280a644be 1cd6396792d7bfdd898dcb9f2ee195387179b30fb4cc2cdc0c57575fab655230
GET /wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.7 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:02 GMT
last-modified: Thu, 22 Feb 2024 19:09:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTRqyWwRt02L6I1Bi7JTOpvUj8OTdzz1b1EfR2mhhoT%2BsdPGkIo9%2BU9vasY4eNHANo2i2kV7Nx0sMs17fbtB%2B8SplkZKMngS58FA%2BoCrKxLguinRXnq%2BTs1qSGDWjoIB9lA5ARM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc122ca556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/embed.js | 216.58.211.14 | 200 OK | 18 kB |
URL GET HTTP/3www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/embed.js IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (3391) Hashb8a3c4fd7c1fb6f69956d1bea9121dd2 57de75008387d06257afd0f49dd6be0604d86152 e37861096c74b59c925c2effffcda0d899e4ec45dbee22b9546e9f511a7dcede
GET /s/player/652ba3a2/player_ias.vflset/en_US/embed.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18315
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 55998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/s/player/652ba3a2/www-player.css | 216.58.211.14 | 200 OK | 48 kB |
URL GET HTTP/3www.youtube.com/s/player/652ba3a2/www-player.css IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeASCII text, with very long lines (65536), with no line terminators Hashc0aca454c0a9b539d3af1213a20c6625 9893a760290f6d8a9fed3a9f3129e7285b702430 13a3fa279a6816ddd952f42fd82f5bc170ac2ff89410d14d43954b342ad40040
GET /s/player/652ba3a2/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 48109
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/css
vary: Accept-Encoding, Origin
age: 55998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| thubanoa.com/1?z=7387483&oo=1&oaid=080048aca31d4c3eec4cedd92f4a6305 | 139.45.197.242 | 200 OK | 967 B |
URL GET HTTP/2thubanoa.com/1?z=7387483&oo=1&oaid=080048aca31d4c3eec4cedd92f4a6305 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
Hash6facedb392acd8422a1ff550c6b4836b 03f90c3bb182552ab96a6d3f20334b51ccf8ade4 fe2e5a61689842bd5cecb8c92a60b970f2e61e33fa544d1006c09ede536380f5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1?z=7387483&oo=1&oaid=080048aca31d4c3eec4cedd92f4a6305 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Cookie: scm=1; OAID=040048914e274be2f376c7ab4d90296b; oaidts=1713999890
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/json
content-length: 967
access-control-allow-credentials: true
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 13cb1482a52f92524c7934061b2f6d9b
access-control-expose-headers: X-Sc
set-cookie: OAID=080048aca31d4c3eec4cedd92f4a6305; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
oaidts=1713999890; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js | 216.58.211.14 | 200 OK | 97 kB |
URL GET HTTP/3www.youtube.com/s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (829) Hash41348652979d359653fe6322a97908b4 8d8ff77af710d82f82b98bc4502f2ffc3f370f08 948bc1d531b416dc2a97f59988fcd3e17dd0d65822d742f4cec0708611efc443
GET /s/player/652ba3a2/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 97332
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 55998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 142.250.74.67 | 200 OK | 15 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP142.250.74.67:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0 Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 02:43:03 GMT
expires: Fri, 18 Apr 2025 02:43:03 GMT
cache-control: public, max-age=31536000
age: 591708
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/base.js | 216.58.211.14 | 200 OK | 810 kB |
URL GET HTTP/3www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/base.js IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (555) Size810 kB (809632 bytes) Hash99d94118b126f0e6fa930656e9aeec5f fde794b877a215638b07225c393d23d93d090169 d23c0ec3c06e663c17df265a07da5a6a5d0ced529cbf10c842df6cc9934867d7
GET /s/player/652ba3a2/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-encoding: gzip
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 809632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:31:32 GMT
expires: Thu, 24 Apr 2025 07:31:32 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 55998
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 142.250.74.67 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP142.250.74.67:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74 ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0 Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 17:25:07 GMT
expires: Fri, 18 Apr 2025 17:25:07 GMT
cache-control: public, max-age=31536000
age: 538784
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a | 139.45.197.242 | 200 OK | 131 kB |
URL GET HTTP/2thubanoa.com/27/7552beb94fc0bdff7bbb33cad3d1ab0a IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
File typegzip compressed data, max speed, from Unix Size131 kB (131052 bytes) Hashdc72641db3a33981482e1de9e5e07ecc ec111457efff60972009a6ecb3cd28e811c420a1 558f25f3b41e82dac698dd6b2bbd7020305b854260fbeb20bb0f7285a2c47031
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /27/7552beb94fc0bdff7bbb33cad3d1ab0a HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Cookie: scm=1; OAID=080048aca31d4c3eec4cedd92f4a6305; oaidts=1713999890
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: bf35dfcbab3e52c9a31e9cac9598a7d9
cache-control: max-age:290304000, public
last-modified: Tue, 09 Apr 2024 03:16:58 GMT
expires: Tue, 09 May 2084 03:16:58 GMT
access-control-expose-headers: X-Sc
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1.png | 104.21.21.148 | 200 OK | 24 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1.png IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typePNG image data, 300 x 300, 8-bit/color RGBA, non-interlaced Hashce81d6a10607cfd9b7b6ce51d5421348 da3fd0c2d869e21b18b011948eec4d942511eff3 87aac0b171300d609264fa3fe608a2ee080ce3b09b931f261ff493cc4f69b058
GET /wp-content/uploads/2024/02/alight-motion-1-300x300-1.png HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Cookie: pll_language=pt; _ga_X0MVFETP3Q=GS1.1.1713999890.1.0.1713999890.0.0.0; _ga=GA1.1.997216083.1713999891
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:51 GMT
content-type: image/png
content-length: 23560
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 23:04:50 GMT
last-modified: Wed, 21 Feb 2024 17:46:32 GMT
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=exojFiQDs8X0ZMZxRiLenH%2FhxyDyfTROeCthGqy41NEzna84Ne5iFhtOEcykzdJRAZots1H9zhn9Pej%2BlXYLF6aD04J7YfgEGPEFRwLh5gloqy0%2FRjW1UUUu6MtW7Rcy9F3PTwY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc168eab56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| thubanoa.com/9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 | 139.45.197.242 | 204 No Content | 0 B |
URL OPTIONS HTTP/2thubanoa.com/9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
OPTIONS /9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://alightmotionpc.net/
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/plugins/adapta-rgpd/assets/css/cookies-banner-classic.css?ver=1.3.9 | 104.21.21.148 | 200 OK | 7.5 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/adapta-rgpd/assets/css/cookies-banner-classic.css?ver=1.3.9 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
Hashf6e61236956632d6fe8e221cd4e43cb4 6306626e33e4fbde2ad280db50a5a531bd9bd8f4 39a300c3e8fa7fdd508dc8ac8d2bbf98170916d2ab6c937e1df4ff5c40b365ce
GET /wp-content/plugins/adapta-rgpd/assets/css/cookies-banner-classic.css?ver=1.3.9 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Mon, 22 Apr 2024 06:32:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5WchgEVbxI%2F4uIfoD8gn9OYybaqkgk01sw0yR6UdAj4Y%2BFO15RaGTMPdnsWRlBUGHpWPj9v2L1PFjWKyuUgGK%2FHnvsitiBpifWeWgkR3iy3Nfm4gOKZd5ZocjICpV26%2BpyBUY%2F8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc122ca356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.7 | 104.21.21.148 | 200 OK | 4.8 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.7 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (1278) Hashf5e63bd61d061e63482b1d4df3768ee4 91df0bce4537e6b65fe380f4f6db9ed9dbe95a41 acdebf935ded5cb063dcca7c46be5bbc503af5e76e295f6d0b7093c4514ed256
GET /wp-content/plugins/kk-star-ratings/src/core/public/js/kk-star-ratings.min.js?ver=5.4.7 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:03 GMT
last-modified: Thu, 22 Feb 2024 19:09:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UODI3t91nyq5f%2B3fKNB3nJZsaTj7IrMl9F8yaoUrE%2FQAmaCb9W3a%2FSkyDykQakV%2BqK46MQwhpjoCGoLfUYgT8AbTW4ypijBjZ%2BimEL%2F%2FNd6CaTzdt22VP%2F8Tw3m8CWqwj7%2B%2FILc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc124cba56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| thubanoa.com/11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=472 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2thubanoa.com/11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=472 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=1&rcvdbc=1&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ot=472 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Cookie: scm=1; OAID=080048aca31d4c3eec4cedd92f4a6305; oaidts=1713999890
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: fab6d16afc3aec8f4235c68c7317ce32
access-control-expose-headers: X-Sc
set-cookie: OAID=080048aca31d4c3eec4cedd92f4a6305; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
oaidts=1713999890; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| thubanoa.com/121?rnd=2989201411&z=7387483&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D807136652452438016&cln={CELL_NUMBER}&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&bag=Ri-FpTwkC8-cP5rDTbQDOhVQSwyXuOYw&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016 | 139.45.197.242 | 302 Found | 0 B |
URL GET HTTP/2thubanoa.com/121?rnd=2989201411&z=7387483&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D807136652452438016&cln={CELL_NUMBER}&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&bag=Ri-FpTwkC8-cP5rDTbQDOhVQSwyXuOYw&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /121?rnd=2989201411&z=7387483&b=15540606&c=6274858&var=&varid=0&d=https%3A%2F%2Fb6f71hwqomrafu683pz507uj2g.hop.clickbank.net%2F%3Ftid%3Dgo1%26clickid%3D807136652452438016&cln={CELL_NUMBER}&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&bag=Ri-FpTwkC8-cP5rDTbQDOhVQSwyXuOYw&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: scm=1; OAID=080048aca31d4c3eec4cedd92f4a6305; oaidts=1713999890
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
content-length: 0
location: https://b6f71hwqomrafu683pz507uj2g.hop.clickbank.net/?tid=go1&clickid=807136652452438016
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 976aa2a88f630b48deb15a68bc36ccf9
access-control-expose-headers: X-Sc
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| thubanoa.com/11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 | 139.45.197.242 | 200 OK | 0 B |
URL GET HTTP/2thubanoa.com/11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /11?rnd=2674806326&z=7387483&b=15540606&var=&varid=0&rqtdbc=0&rcvdbc=0&btp=7&rb=OLT3Y8TVqJnK0CVJZk2Q96wSETNxpTORluC_2itYil1gAQ6um1qKd0V-yjPot3j0T510M8AQJwn6WHW27N6cUjUC81MkN8FZZlIOqUC33aq2SmriU3f2oawQFgVhXkwrmGnSbFcm3oUVFRk53FXjOs4ebGbNSRztAHg296tr3aR4Gh4Kr_Eqe0mKVJSPaWWEXsxiE7VLv_soI5089FbwV5vKsjOSUVnDpBEY4czoSyJmMSCoZv2HUcPQWCAehfXLrJhJA4TVX6bOSyt65rfTqhWA4zaI8jwnkVglUklWORuXYrHhyvGVRrU0LTdJJ4EoBwYLaUSzXI0VfA3ZzkKDsEbW_dZHb5RKeSZrNB1Tq6IEnquoqp4FsmiIh-DZTtjx5yY6UaOmc--7NWRQmmKym496K_BIgP6L9aoj1s7KZesxQI33rwVLOZks8JIKm7cRUcTK-a6WCV0KNN4WqXiQ0MJ4DD92_i-9EeDft7d37BhJPB6UnfXFsFPVqGvCPw1UmdlY63gzGXo93HItNjHijoYdoJOZeyocxnpuz_JO0kaQyI6mFjy2dFN7BVJWFpigvBU5OMDBgvvttZjRQHD2HM6Pb4tKAA7F39ko-PSnF-uLYCb_Zwv7j0JIp2LTJQ_rblv41jDiqm3xRU9J-gGpXYKBTdZD88VXi4EhLa7QXfLOlNQbQkUPoFTGYSU5gFgIOOVR3EhmkNywef0ET4NgaZML5xcu1u_FnWJOhLIdn1-xN2MLxwryTBMwQ4I=&ruid=22f090e0-6e88-44b4-bd3e-4c4755c20da0&subid=807136652452438016&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Cookie: scm=1; OAID=080048aca31d4c3eec4cedd92f4a6305; oaidts=1713999890
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 13f5565a27ed9419794d369a7d39b77a
access-control-expose-headers: X-Sc
set-cookie: OAID=080048aca31d4c3eec4cedd92f4a6305; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
oaidts=1713999890; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
oaidvc=1; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
CNT=1_v1_fiHtAAEAAAB9TQAA; expires=Thu, 25 Apr 2024 00:04:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.170 | 200 OK | 0 B |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.170:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 24 Apr 2024 23:04:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.170 | 200 OK | 41 kB |
URL POST HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.170:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashb6e067d12aad06557072dcec5c080f38 f5b69d87bc4081b52380fd0683bb16729174e8a8 5475c47814a4fe6c05ab553d49dc8580d3851c8da1532596091020f8d28021f1
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 23:04:52 GMT
server: ESF
cache-control: private
content-length: 41333
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| i.ytimg.com/vi_webp/zym6cRtpS68/maxresdefault.webp | 142.250.74.118 | 200 OK | 58 kB |
URL GET HTTP/2i.ytimg.com/vi_webp/zym6cRtpS68/maxresdefault.webp IP142.250.74.118:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectedgestatic.com FingerprintF5:71:D6:56:B9:45:4B:F5:FD:12:4B:A7:FF:5F:1D:C9:74:FE:B0:C8 ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp Hashf09e4e7caf92ab6b3a943929548c7742 41b20ec94d1eb025163fa7d8c71e1d768057be4b cddce867e99b1095eaab9e0e7efea40c0776c992643905ac44535acfa2371a53
GET /vi_webp/zym6cRtpS68/maxresdefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 58414
date: Wed, 24 Apr 2024 23:04:52 GMT
expires: Thu, 25 Apr 2024 01:04:52 GMT
cache-control: public, max-age=7200
etag: "1616697505"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/remote.js | 216.58.211.14 | 200 OK | 34 kB |
URL GET HTTP/3www.youtube.com/s/player/652ba3a2/player_ias.vflset/en_US/remote.js IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeJavaScript source, ASCII text, with very long lines (543) Hash9d668a132668a3b12a1f63de79652558 62d5348005c50483fd8ae0ff7d27d4a0f52782d3 44c5b908d7442943299bb35bc2710932ccd07263d0b96226c6c9d02958387a5f
GET /s/player/652ba3a2/player_ias.vflset/en_US/remote.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 33657
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 24 Apr 2024 07:33:05 GMT
expires: Thu, 24 Apr 2025 07:33:05 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 24 Apr 2024 04:20:05 GMT
content-type: text/javascript
vary: Accept-Encoding, Origin
age: 55907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.google.com/js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js | 142.250.74.164 | 200 OK | 20 kB |
URL GET HTTP/2www.google.com/js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js IP142.250.74.164:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectwww.google.com FingerprintCD:48:2A:0C:60:1D:37:5A:D4:D5:A9:F7:DE:A0:2B:5E:2F:29:76:73 ValidityMon, 18 Mar 2024 20:38:49 GMT - Mon, 10 Jun 2024 20:38:48 GMT
File typeJavaScript source, ASCII text, with very long lines (51575) Hash75aaf723d5862a8eb3eb263cef614157 c62cf17173a0c4155902b80f13f360936de119f9 f0c097534008ae8dbfd3fae61abc109220a293170c9817d192307a9af4ba4db6
GET /js/th/8MCXU0AIro2_0_rmGrwQkiCikxcMmBfRkjB6mvS6TbY.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 20286
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 19 Apr 2024 11:06:15 GMT
expires: Sat, 19 Apr 2025 11:06:15 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 16 Apr 2024 13:30:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 475117
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.170 | 200 OK | 0 B |
URL POST HTTP/3jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.170:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 24 Apr 2024 23:04:52 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.170 | 200 OK | 114 B |
URL POST HTTP/3jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.170:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2 ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT
Hash3c9a4561df1a5cb076385d94e9e99b9f 48de7028b8add6ee157eccfad2e8cce4cd0d757b d2a22ccbf4206cf5af46205f6cb89dde97429fa1094d2e79054e41962798bcf2
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 926
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 24 Apr 2024 23:04:52 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| yt3.ggpht.com/xIZdiwGiFbQb58JvmSIJdU2-Z2VxBmosdqzEraUd6zKxJJslNo9xei0nFkBTBdfwfdIhShF6Aw=s68-c-k-c0x00ffffff-no-rj | 142.250.74.161 | 200 OK | 3.7 kB |
URL GET HTTP/2yt3.ggpht.com/xIZdiwGiFbQb58JvmSIJdU2-Z2VxBmosdqzEraUd6zKxJJslNo9xei0nFkBTBdfwfdIhShF6Aw=s68-c-k-c0x00ffffff-no-rj IP142.250.74.161:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.googleusercontent.com Fingerprint6E:66:E1:45:85:5C:3A:EB:60:4A:8E:EF:62:B8:7C:E3:C7:1B:FA:47 ValidityMon, 18 Mar 2024 20:34:07 GMT - Mon, 10 Jun 2024 20:34:06 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3 Hash0493ea70c6439d8ac5b0646a8f233494 d7ceb8630ddce893385cfe3518209a3feb6e5616 52e27c9819e0ae943b1a4253b91f6e652652e108538e2a6f0b25f9b6b082f996
GET /xIZdiwGiFbQb58JvmSIJdU2-Z2VxBmosdqzEraUd6zKxJJslNo9xei0nFkBTBdfwfdIhShF6Aw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v1"
expires: Thu, 25 Apr 2024 23:04:52 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="channels4_profile.jpg"
x-content-type-options: nosniff
date: Wed, 24 Apr 2024 23:04:52 GMT
server: fife
content-length: 3651
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/generate_204?Q06NKw | 216.58.211.14 | 204 No Content | 0 B |
URL GET HTTP/3www.youtube.com/generate_204?Q06NKw IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /generate_204?Q06NKw HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 204 No Content
content-length: 0
cross-origin-resource-policy: cross-origin
date: Wed, 24 Apr 2024 23:04:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 | 216.58.211.14 | 200 OK | 38 kB |
URL GET HTTP/2www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 IP216.58.211.14:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
File typeHTML document, Unicode text, UTF-8 text, with very long lines (58081) Hash25932f74958da36874684550d0cde3b7 6e2bee1c25ce209597e2dda79d4cd0884b4dc6ae ac19970c20ae3334f172fce52e91f90617758ad1f6bbbdfc57b826e2d290e54c
GET /embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 24 Apr 2024 23:04:50 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=9H-UovgkEDQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=IHN_9MFkvXQ; Domain=.youtube.com; Expires=Mon, 21-Oct-2024 23:04:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_PRIVACY_METADATA=CgJOTxIIEgQSAgsMIGA%3D; Domain=.youtube.com; Expires=Mon, 21-Oct-2024 23:04:50 GMT; Path=/; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 216.58.211.14 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713999894084
Content-Type: application/json
X-Goog-Visitor-Id: CgtJSE5fOU1Ga3ZYUSiSoKaxBjIOCgJOTxIIEgQSAgsMIGA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240422.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713999891160&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C948%2C450&vis=1&wgl=true&ca_type=image
Content-Length: 11199
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 24 Apr 2024 23:04:54 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| thubanoa.com/9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 | 139.45.197.242 | 204 No Content | 10 kB |
URL OPTIONS HTTP/2thubanoa.com/9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
File typegzip compressed data, max speed, from Unix Hash2e1140dc7acc9df8dbae0c0a04ff28d8 10efdf867dd94451a7b1c4e3ccb6091351e7afc2 9688f778c4bde9d53568483cb25c8bfc4d867ac2e4c6eff9e4a83664b67b303e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /9?z=7387483&ng=0&ix=0&pt=0&np=0&gp=5&bp=4&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Falightmotionpc.net%2Fpt%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=1024&wfc=1&sah=1024&drf=&hil=1&ist=0&oaid=080048aca31d4c3eec4cedd92f4a6305 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 283
Origin: https://alightmotionpc.net
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Cookie: scm=1; OAID=080048aca31d4c3eec4cedd92f4a6305; oaidts=1713999890
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:51 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://alightmotionpc.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 0ef2bfc8e1704147b3e60e9c8ca0f0e7
access-control-expose-headers: X-Sc
set-cookie: OAID=080048aca31d4c3eec4cedd92f4a6305; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
oaidts=1713999890; expires=Thu, 24 Apr 2025 23:04:51 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/asap.min.js?ver=01271223 | 104.21.21.148 | 200 OK | 7.1 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/asap.min.js?ver=01271223 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (3903) Hashb8fad5c155958924a0199c0fa479e9f0 3bf0eb0c9524ee1ded3fb0e8b183ea75d2b1e5b8 adba44f6513ab318a877fe9001494e40f41b9c24b3e253655c4543329cd1979b
GET /wp-content/themes/AsapTheme/assets/js/asap.min.js?ver=01271223 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nFKkceK1tl2tKh3POY1m2%2FtObADfkbNw530tZcW1bo83VHt%2FTMUVfl2R4IKXwuW9RVrusj8VEjHIO88AH5lDgDy2FsiVWctBClCRP0ysCQKjVbW6%2FwChDQrl09fRLHHCtKOvMCU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc124cbb56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/menu.min.js?ver=02270623 | 104.21.21.148 | 200 OK | 8.0 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/js/menu.min.js?ver=02270623 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (407), with no line terminators Hashf8f8cc022443bb1069e0241855810bbf f848d7cb3ccfb8b2f308011f41323b6e9f046c45 b5ce527fa41f6d5cb7521e43c60c2364ab9fea0727dedf4ea87bf614c7bf9fde
GET /wp-content/themes/AsapTheme/assets/js/menu.min.js?ver=02270623 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oAHQ51mRnp8pdY4vcMEOiIhgdqo1ldbUTUL6XIilHCv7Z6fb9bXdbRelQWpYmGqrKzO1K19c7e%2Bzliesq1K6YWUfEh3bAAjKIsP3kvlmG%2FtWumpnLN0qjYdp9lMrXF9Vr1CGjXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc124cbd56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 | 216.58.211.14 | 200 OK | 31 B |
URL POST HTTP/3www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 IP216.58.211.14:443
Requested byhttps://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82 CertificateIssuerGoogle Trust Services LLC Subject*.google.com Fingerprint70:CC:1A:8A:58:6C:1F:6D:43:AE:66:75:89:F7:99:7B:BC:7A:74:2D ValidityMon, 18 Mar 2024 19:37:19 GMT - Mon, 10 Jun 2024 19:37:18 GMT
Hash5e1fa6fd9abd549a576f3f24b1d3c8d4 d5335d7f7d33be6a0b663f03b2df4df2521c4a87 d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
POST /youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Request-Time: 1713999916077
Content-Type: application/json
X-Goog-Visitor-Id: CgtJSE5fOU1Ga3ZYUSiSoKaxBjIOCgJOTxIIEgQSAgsMIGA%3D
X-YouTube-Client-Name: 56
X-YouTube-Client-Version: 1.20240422.01.00
X-YouTube-Utc-Offset: 0
X-YouTube-Time-Zone: UTC
X-YouTube-Ad-Signals: dt=1713999891160&flash=0&frm=2&u_tz&u_his=2&u_h=1024&u_w=1280&u_ah=1024&u_aw=1280&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C1024%2C948%2C450&vis=1&wgl=true&ca_type=image
Content-Length: 983
Origin: https://www.youtube.com
DNT: 1
Connection: keep-alive
Referer: https://www.youtube.com/embed/zym6cRtpS68?si=WZSW75K-YsCKz37v&start=82
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: br
date: Wed, 24 Apr 2024 23:05:16 GMT
server: scaffolding on HTTPServer2
content-length: 31
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
|
|
| alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg | 104.21.21.148 | 200 OK | 238 B |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeSVG Scalable Vector Graphics image Hash8d3ea5899d53de31e622499f631f1892 14b847a5a6a1c1b3efb731df145e4bae7b556ee6 e2be6bc5e55bdc6ebdb5ae6040c20cc5fd9c79d0a9f83b1d0e5f04a2263a1448
GET /wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:03 GMT
last-modified: Thu, 22 Feb 2024 19:09:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oOS5k%2FY1e5kadUksrQ2910oBkOneX%2FMG0%2B3IiW5CWvp4jgE5yrELhdLInFSU5JBWvhLW4a%2BWrq5Tl4b4FVejR29DqgQBkP98p4Ms5rvLCT4IZa94F0miMAwXk7tdLd%2FqgN36G8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc144d9356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| thubanoa.com/1?z=7387483 | 139.45.197.242 | 200 OK | 42 kB |
IP139.45.197.242:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectthubanoa.com FingerprintBE:0B:5D:E0:42:7E:07:23:0E:F0:48:66:B2:B6:34:A3:E5:89:F8:68 ValidityThu, 18 Apr 2024 23:34:42 GMT - Wed, 17 Jul 2024 23:34:41 GMT
File typeJavaScript source, ASCII text, with very long lines (42427) Hash03728b5a44abd5f26a3c1cb8fb145620 384ff5a487b8c47ad6cae069af9b7bc904fd9e9b 789f2ee1159ab3b3060197a175538fae117cc28b031c5906f7ff17563c9ce823
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /1?z=7387483 HTTP/1.1
Host: thubanoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION, X-Ancestor-Origins, X-Zone-ID, baggage, sentry-trace
x-trace-id: 47c7d6c16355d8d811c48fe8f41d7c85
access-control-expose-headers: X-Sc
x-sc: lieefAUoqNw8gaQcKDnjI99zlVH523YfkRq5FAkFjouhiQnrCLMOvPxlE1_CT2uD-X_VVgZ0t8t_vhbQnzL5MaivxSA=
set-cookie: scm=1; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
OAID=040048914e274be2f376c7ab4d90296b; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
oaidts=1713999890; expires=Thu, 24 Apr 2025 23:04:50 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=7.1.4 | 104.21.21.148 | 200 OK | 45 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=7.1.4 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeASCII text, with very long lines (45247), with no line terminators Hashdb7009310a85da4afa7b273d820bf5fe d38de61d3acfba0b920bb7b03cc9d17d41750be5 76bbb197dd7895884e9e80018bf5ea5b01ba896b3527be7de3447341e2a3e276
GET /wp-content/plugins/shortcodes-ultimate/includes/css/shortcodes.css?ver=7.1.4 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 23:04:50 GMT
last-modified: Wed, 24 Apr 2024 10:08:23 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jczHxOu%2Fw0Cdajc96dzTXqIDev71KQShIolU16D1HKgxBLnGaEe%2Bk0Z%2FYGfE8B7VrYR7vkk26ktPuLpS5IK168TiQMMQW5bh3bz%2BM%2FPBzLxJxBQSLGdsXUvyZmh%2Fxou8WOvv7ss%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc123cb356af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/plugins/adapta-rgpd/assets/js/cookies-eu-banner.js?ver=1.3.9 | 104.21.21.148 | 200 OK | 6.9 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/adapta-rgpd/assets/js/cookies-eu-banner.js?ver=1.3.9 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (7152), with no line terminators Hash7db026e02b6c3068b6039a1ae9d50559 baafaa21e70ed6708736c7eb5f998db11d37703d 6768664d566611999fc757551ded8a444d625ccca91d2a1f5f0deb247b3c2fd7
GET /wp-content/plugins/adapta-rgpd/assets/js/cookies-eu-banner.js?ver=1.3.9 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Mon, 22 Apr 2024 06:32:32 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a88v%2FjYUZjwjZskBAgYcZ2tt%2FAMtBykN%2F9gti%2FbtyEgDaS%2F5lzQ0%2FTERbL2%2BLZbLTIdVVyoYwEYs8d7gmr%2BdErHP3AYBmCEbISBNVTdVIIrYNQkEtFexIBE%2FKPqTq5T7L%2FSJxE0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc123cac56af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1-150x150.png | 104.21.21.148 | 200 OK | 9.9 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/uploads/2024/02/alight-motion-1-300x300-1-150x150.png IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typePNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced Hash08ed26e56cfa29a4bbab0c3084af5659 cb73d88bf3ab6087a6fa4d39c27d9d313baf34a2 3862626621acf8c25eb8c80755fb158783ec09526d542fa9477369197f1779fe
GET /wp-content/uploads/2024/02/alight-motion-1-300x300-1-150x150.png HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Cookie: pll_language=pt; _ga_X0MVFETP3Q=GS1.1.1713999890.1.0.1713999890.0.0.0; _ga=GA1.1.997216083.1713999891
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/png
content-length: 9948
cache-control: public, max-age=604800
expires: Wed, 01 May 2024 05:27:36 GMT
last-modified: Wed, 21 Feb 2024 17:46:32 GMT
cf-cache-status: HIT
age: 63434
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rp59idfweZJ4XfLcBOgqBjRx52Kjc26ctuRWQ1bgNnM2IZjijpKc9NKHgxitS7PFYasPdVcURdmKogB5E7Eh2QET34PzY0s1xV%2BUPsXovEwIsSgDxygXZB71VpH3G%2BqTPipS1XU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc168eac56af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 | 104.21.21.148 | 200 OK | 88 kB |
URL GET HTTP/3alightmotionpc.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:02 GMT
last-modified: Tue, 29 Aug 2023 02:44:24 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HAPiIG3TLejgpS8Z1Vq9dW5qPHAMBR1UC%2FhZ6rhGNXV2AAaG2B9vT4HhUgVVZgHB2phGeMF1IhUimAd14G3l1FWw7w%2BmqiO8GBMnN9WrP8VaRWL1rshky0YJWnhcOTDqCHlz7TY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc122ca956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-includes/js/comment-reply.min.js?ver=6.5.2 | 104.21.21.148 | 200 OK | 3.0 kB |
URL GET HTTP/3alightmotionpc.net/wp-includes/js/comment-reply.min.js?ver=6.5.2 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeASCII text, with very long lines (3056), with no line terminators Hashdc7f90d513295c29acc441fe114a2cab ca9e5069d9afc4aa13ab2e152313dfb476e842ef f87915c58d8c25473c726646b58d2fe0ba9a136987571e6c810aba3c67b4f74c
GET /wp-includes/js/comment-reply.min.js?ver=6.5.2 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HNXiP%2BqEQYyCLSUp0GqU22J7zDm4nPJr8yka%2FqMeFPZ%2Fg6H1cheY58K%2FOE1SE6x6P6%2FZDHxSAMjoN92rcvotJzeQBSCUDC6cJytTyfdOINpATRMpYacIzF8Oq2OwjsbYUkCsJTU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc124cb956af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/css/main.min.css?ver=01261223 | 104.21.21.148 | 200 OK | 51 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/css/main.min.css?ver=01261223 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/AsapTheme/assets/css/main.min.css?ver=01261223 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:22 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 131067
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HBZnneUMNDYn%2BhDKNx6F6jonRiYeES7nC220xtvdJXRTW6kuabvHF%2F1piV228cSZQV0SxRIsx4mMMIbS8JCzKkbLdNvWHHHp2uUzdozMgY54ys2ndtNx8oLdW%2BUbm4%2B1wdRwkYM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc122ca656af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| alightmotionpc.net/wp-content/themes/AsapTheme/assets/fonts/poppins-700.woff2 | 104.21.21.148 | 200 OK | 7.8 kB |
URL GET HTTP/3alightmotionpc.net/wp-content/themes/AsapTheme/assets/fonts/poppins-700.woff2 IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 7816, version 1.0 Hash25b0e113ca7cce3770d542736db26368 cb726212d5d525021752a1d8470a0fb593e0c49e 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /wp-content/themes/AsapTheme/assets/fonts/poppins-700.woff2 HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/pt/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: font/woff2
content-length: 7816
cache-control: public, max-age=604800
expires: Tue, 30 Apr 2024 10:40:23 GMT
last-modified: Sat, 17 Feb 2024 11:37:38 GMT
cf-cache-status: HIT
age: 131067
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwLK1BcOuXkBwsm0w2Vhf1esAVW6VNonSLi0qj20u%2FafD747PH4ep3RlNbeMk21nw3c2OTOPIRDJb4dE%2BQOfpAwlf3uKeugquZV8uUpgKebZpClRtYul795%2B2RLYV2S3ukTAmR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799bc146da356af-OSL
alt-svc: h3=":443"; ma=86400
|
|
| b6f71hwqomrafu683pz507uj2g.hop.clickbank.net/?tid=go1&clickid=807136652452438016 | 44.229.7.140 | 307 Temporary Redirect | 0 B |
URL GET HTTP/2b6f71hwqomrafu683pz507uj2g.hop.clickbank.net/?tid=go1&clickid=807136652452438016 IP44.229.7.140:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerAmazon Subject*.clickbank.net FingerprintF6:83:80:57:29:2F:05:CA:22:F9:4C:9D:38:00:09:58:06:FC:7F:99 ValiditySat, 27 Jan 2024 00:00:00 GMT - Mon, 24 Feb 2025 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?tid=go1&clickid=807136652452438016 HTTP/1.1
Host: b6f71hwqomrafu683pz507uj2g.hop.clickbank.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 307 Temporary Redirect
date: Wed, 24 Apr 2024 23:04:52 GMT
content-length: 0
location: http://futmillionaire.com?hopId=98f22375-c9ff-4ffb-b8d0-9b3e38dd72b2&clickid=807136652452438016
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Arch, Sec-Ch-Ua-Bitness, Sec-Ch-Ua-Platform-Version, Sec-Ch-Ua-Full-Version-List
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-frame-options: DENY
x-xss-protection: 1 ; mode=block
referrer-policy: no-referrer
set-cookie: q=01.53E4FC37968972D8BA0E414E8EF67654DB2B30EBE4AC0CE71E07728248BB96CA370415AA3D4733124238167A18D39C697DDD7F5F; Path=/; Domain=.clickbank.net; Max-Age=31536000; Expires=Thu, 24 Apr 2025 23:04:52 GMT
server-timing: traceparent;desc="00-86ccafaf972bbd7e7b35c7003e644504-97bf00826268299d-01"
access-control-expose-headers: Server-Timing
X-Firefox-Spdy: h2
|
|
| | 104.21.21.148 | 200 OK | 97 kB |
URL User Request GET HTTP/2IP104.21.21.148:443
CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pt/ HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: text/html; charset=UTF-8
link: <https://alightmotionpc.net/>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hLuY5dZkFOVQmml24BYDPsdThpERyocGfyIoJ8U78HGT%2FxZBl2ZSK6NT1AW%2F6hw7e7BP0dX8USfDC8Mu%2BjxeDIbDSQIeNDwlLyj0J2otRbDjQrxlTMh0YEpJcJojgFj9vIsy6yE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc0f09f60b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg | 104.21.21.148 | 200 OK | 246 B |
URL GET HTTP/3alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg IP104.21.21.148:443
Requested byhttps://alightmotionpc.net/pt/ CertificateIssuerLet's Encrypt Subjectalightmotionpc.net FingerprintB1:A2:04:42:47:56:2A:74:12:36:31:87:BF:26:91:F3:BF:A7:E4:71 ValidityThu, 18 Apr 2024 07:16:30 GMT - Wed, 17 Jul 2024 07:16:29 GMT
File typeSVG Scalable Vector Graphics image Hash88b6dd072662ac27a52dba27192f4f77 edd5f7e55c2164d22e554230b67a4fca27655ddb 8e7775620e2fd44668cc63d08caee3686d5c25dc16e74a17d3b880391df3ef9d
GET /wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg HTTP/1.1
Host: alightmotionpc.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://alightmotionpc.net/wp-content/plugins/kk-star-ratings/src/core/public/css/kk-star-ratings.min.css?ver=5.4.7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Wed, 24 Apr 2024 23:04:50 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 26 Apr 2024 01:12:03 GMT
last-modified: Thu, 22 Feb 2024 19:09:21 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 510766
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DlYh4Oc8oBObJqhSnphsE2O8BZe8c7x4YB8rgi1GBiwqEZo0q796hECYIZXxtgDZViFRH6hMC6f4kyggzVK4XUcX14F4%2BHFFxDP72cmuxazCIco3wnpAzAQtZCUvPosJnEHuEQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8799bc144d9556af-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|