| cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js | 151.101.193.229 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.jsdelivr.net/npm/console-ban@4.1.0/dist/console-ban.min.js IP151.101.193.229:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerGlobalSign nv-sa Subjectjsdelivr.net Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09 ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT
File typeJavaScript source, ASCII text, with very long lines (2290) Hashcf47acbe3349c00e89193b1ff852d043 c761584c511b50350c95c995fedac85bbd354a38 0a637e8d49894e4211bdf5d4f7326a3aaab7b8be4386575820159b8c67b8ffbf
GET /npm/console-ban@4.1.0/dist/console-ban.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.1.0
x-jsd-version-type: version
etag: W/"94a-x2FYTFEbUDUMlcmV/trIW701Sjg"
content-encoding: br
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:53:37 GMT
age: 3876325
x-served-by: cache-fra-etou8220103-FRA, cache-hel1410029-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1165
X-Firefox-Spdy: h2
|
|
| deportestvhd2.com/z-8058394 | 172.67.199.225 | 200 OK | 161 kB |
URL GET HTTP/3deportestvhd2.com/z-8058394 IP172.67.199.225:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerGoogle Trust Services LLC Subjectdeportestvhd2.com Fingerprint3A:C9:ED:9C:9E:79:49:6D:57:F2:D2:C7:53:C9:EF:EC:5F:56:CB:4C ValidityThu, 04 Apr 2024 17:42:01 GMT - Wed, 03 Jul 2024 17:42:00 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (40953), with NEL line terminators Size161 kB (161420 bytes) Hash5745c4e522597c5bff16aa84ac240d7d c752eff3187ca6949d665b1953f9ca7178abb44f e1f52c3824348e8a520a3724f0c98efbe7f8bade276ae98bf3cbae304605008f
GET /z-8058394 HTTP/1.1
Host: deportestvhd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:37 GMT
content-type: application/octet-stream
content-length: 161420
last-modified: Fri, 26 Apr 2024 23:17:01 GMT
etag: "662c35ed-2768c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RUrVPn9LWJmSkLufDVfFK6huws1bo583io%2BSUY%2BeK8kiDEghTfYxPg4o7ROkXhGjVS5jyAfg5fQyjBSfqZF6deaiTLH4YOkL5%2BP49e5XaNS%2FaBMo1CtE0BqV2b6xDMKS1xsV1g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e473d5a5696-OSL
alt-svc: h3=":443"; ma=86400
|
|
| tucanaldeportivo.com/dsports-cstream.php | 94.242.50.12 | 200 OK | 1.3 kB |
URL GET HTTP/2tucanaldeportivo.com/dsports-cstream.php IP94.242.50.12:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subject*.tucanaldeportivo.com Fingerprint84:AE:F2:F9:01:D0:26:0F:8B:F1:6B:1E:AE:F9:76:58:92:CC:45:12 ValiditySun, 31 Mar 2024 19:27:26 GMT - Sat, 29 Jun 2024 19:27:25 GMT
File typeHTML document, ASCII text Hash02b9b3f84cf827aac46b59b70bfdc61d b7622f708d78c2de22e0bec38bc1a55d70784e93 fb4640c0009dbbf4a9b3000607c1ea8270a8f49e7267df422ee95f3b0e30c169
GET /dsports-cstream.php HTTP/1.1
Host: tucanaldeportivo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1311
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:53:38 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
|
|
| www.displayvertising.com/ttimeme.min.css | 185.76.9.25 | 200 OK | 11 kB |
URL GET HTTP/2www.displayvertising.com/ttimeme.min.css IP185.76.9.25:443 ASN#60068 Datacamp Limited
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subject1503693843.rsc.cdn77.org FingerprintCA:57:18:18:A8:AF:C8:D7:D8:78:92:07:DC:03:A7:94:D5:87:A1:A7 ValidityTue, 20 Feb 2024 02:39:32 GMT - Mon, 20 May 2024 02:39:31 GMT
File typeJavaScript source, ASCII text, with very long lines (1568) Hash9dfa776d7e4b66532b4a91f88fdd460f 1467130a0daf45768b7a8d6adcdbde24a4996853 7f15de5371ca685414537256779efc24ebe8005c9dcb0e77facc66da1ceae471
GET /ttimeme.min.css HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: application/x-javascript
vary: Accept-Encoding, Origin
popads-node: wb10
expires: Sat, 27 Apr 2024 00:46:25 GMT
access-control-allow-origin: https://deportestvhd2.com
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-77-nzt: EwwBuUwJFAHXIekDAAwBuUwKCQH3tkoAAAwBisclwQH3SvoEAA
x-77-nzt-ray: af5856307b39929a823e2c6659ee3916
x-accel-expires: @1714178785
x-accel-date: 1713919329
x-77-cache: HIT
x-77-age: 256289
content-encoding: gzip
server: CDN77-Turbo
x-cache: HIT
x-age: 256289
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
|
|
| livehdplay.ru/embed.php?id=0qYasvSLd1 | 172.67.196.85 | 301 Moved Permanently | 167 B |
URL GET HTTP/2livehdplay.ru/embed.php?id=0qYasvSLd1 IP172.67.196.85:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectlivehdplay.ru Fingerprint8A:0A:51:FB:C7:3F:EF:5E:25:FB:27:B8:2F:C9:5A:7A:B4:F2:32:E2 ValidityWed, 06 Mar 2024 12:33:53 GMT - Tue, 04 Jun 2024 12:33:52 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hash0104c301c5e02bd6148b8703d19b3a73 7436e0b4b1f8c222c38069890b75fa2baf9ca620 446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f
GET /embed.php?id=0qYasvSLd1 HTTP/1.1
Host: livehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 301 Moved Permanently
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: text/html
content-length: 167
location: https://claplivehdplay.ru/embed.php?id=0qYasvSLd1
cache-control: max-age=3600
expires: Sat, 27 Apr 2024 00:53:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PxvXPc5ufidtBf%2FaOHWN5Vn2pS9D%2FJsN559S34%2BTGjjlAWxTglcolr3o%2FbidcjDwNyTtWlhCAd7lTN9CqYHvovqZQJb%2FtSvHqyB9rwRFqV%2Be1SJZSWhWgnpc1AXc8H01"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e510cdd5685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 1.bp.blogspot.com/-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png | 142.250.74.161 | 200 OK | 15 kB |
URL GET HTTP/21.bp.blogspot.com/-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png IP142.250.74.161:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectmisc-sni.blogspot.com Fingerprint08:43:CF:E7:9C:1F:30:EA:9B:AD:8A:4E:2D:73:57:EA:80:DC:5B:E0 ValidityMon, 08 Apr 2024 07:01:25 GMT - Mon, 01 Jul 2024 07:01:24 GMT
File typePNG image data, 620 x 350, 8-bit/color RGBA, non-interlaced Hash28bd7f38ee1a79947a16ed6cc6ec66fe 9ef99e3d003e570c34d7a1302b529fb53d7eef86 6f44082d58abe527e2f0254949847293191be174b4ccb6b266b15983c95915da
GET /-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="espere.png"
x-content-type-options: nosniff
server: fife
content-length: 15049
x-xss-protection: 0
date: Fri, 26 Apr 2024 20:50:15 GMT
expires: Sat, 27 Apr 2024 20:50:15 GMT
cache-control: public, max-age=86400, no-transform
age: 11003
etag: "v43b"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| code.jquery.com/jquery-3.6.0.min.js | 151.101.130.137 | 200 OK | 31 kB |
URL GET HTTP/2code.jquery.com/jquery-3.6.0.min.js IP151.101.130.137:443
Requested byhttps://claplivehdplay.ru/embed.php?id=0qYasvSLd1 CertificateIssuerSectigo Limited Subject*.jquery.com FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65447) Hash8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Fri, 26 Apr 2024 23:53:39 GMT
age: 31800
x-served-by: cache-lga21931-LGA, cache-hel1410029-HEL
x-cache: HIT, HIT
x-cache-hits: 3, 19668
x-timer: S1714175619.358384,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2
|
|
| pl14330559.profitablegatecpm.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js | 172.240.108.76 | 200 OK | 30 kB |
URL GET HTTP/1.1pl14330559.profitablegatecpm.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js IP172.240.108.76:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectprofitablegatecpm.com Fingerprint9D:FB:8C:AD:4D:64:98:6B:85:78:33:54:E7:A3:BB:10:ED:77:63:30 ValidityFri, 05 Apr 2024 18:10:33 GMT - Thu, 04 Jul 2024 18:10:32 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hashdf56a11db70b545ae41d4f6101912b06 20f3e823d26f19a67a3545e92059e1c10bbc936d 1fe2f58b32eef83f74092a949a46dec75aecae9ecc07a88f24985a91185f37f6
GET /ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js HTTP/1.1
Host: pl14330559.profitablegatecpm.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_layer=0; expires=Sun, 28 Apr 2024 23:53:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4fdf5e787186cff62795f5610a16e6cd
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://deportestvhd2.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e55e8e656c4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 6.adsco.re:2087/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:2087
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://deportestvhd2.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e55e980b4f3-OSL
alt-svc: h3=":2087"; ma=86400
X-Firefox-Spdy: h2
|
|
| proftrafficcounter.com/stats | 18.159.11.169 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.159.11.169:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash96bcde80e6cbff165245c356a1782eb0 c853fa5511319449b32352e689a5c8e292ecd5d3 1a2517b27cd300310f865ff168991a5837ee254e8e68570364eecd18c898c95a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tucanaldeportivo.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; expires=Mon, 24 Apr 2034 23:53:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| vrdxtned98xd.l4.adsco.re/ | 185.200.118.51 | 200 OK | 0 B |
URL POST HTTP/2vrdxtned98xd.l4.adsco.re/ IP185.200.118.51:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subject*.l4.adsco.re FingerprintB2:51:02:63:F4:E6:E7:3A:98:79:B7:C5:F8:81:EC:E8:79:B9:BC:22 ValidityFri, 19 Apr 2024 09:12:52 GMT - Thu, 18 Jul 2024 09:12:51 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrdxtned98xd.l4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 02 Jun 2023 14:03:32 GMT
etag: "6479f6b4-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| adsco.re/p | 162.252.214.5 | 200 OK | 811 B |
IP162.252.214.5:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with very long lines (1020), with no line terminators Hashaaf1411d6a0d9496be17eca7cefecba2 f66838c90d2109b03eafba5b6ace33cd0a5ca062 d78d820fb7105320a037877232b0463d2c5d31482125d734516b1c2ec70fa61b
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1435
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:53:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Access-Control-Allow-Origin: https://deportestvhd2.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| 6.adsco.re/ | 104.17.166.186 | 200 OK | 0 B |
IP104.17.166.186:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: *
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e5808ca5687-OSL
alt-svc: h3=":443"; ma=86400
|
|
| 4.adsco.re/ | 162.252.214.5 | | 62 B |
IP162.252.214.5:0
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash5b41cb22f84f645a103acc7bfbf084ff bac3967b26d5ec4a0d09a580714e8219796816bd 709f0a0dfab9f9e074f4a4a348dcb09150838284d21e75cfb9e5ceaeeb2054bc
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
DNT: 1
Connection: keep-alive
Referer: https://c.adsco.re/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 26 Apr 2024 23:53:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
|
|
| acscdn.com/script/aclib.js | 172.67.165.20 | 200 OK | 181 kB |
URL GET HTTP/2acscdn.com/script/aclib.js IP172.67.165.20:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65499), with no line terminators Size181 kB (181093 bytes) Hash568674986a03c881b039a4c1f0bc9095 f5c3f5536177f0b9600882eac8c7933ad1e27040 0e2c5783f9dc17118ae062cad33934dc24ea2a1466eff48826dbd47f3d237e57
GET /script/aclib.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPqJtZmUniH48HssiyZLK9ZGnzpsYTwZ_U9eYamNQUK4a8S82UQFT2iDd4DlZXbH9qmSSsM
x-goog-generation: 1714052847241658
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 125575
x-goog-hash: crc32c=WF34uA==, md5=VoZ0mGoDyIGwOaTB8LyQlQ==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:14:31 GMT
cache-control: public, max-age=3600
last-modified: Thu, 25 Apr 2024 13:47:27 GMT
etag: W/"568674986a03c881b039a4c1f0bc9095"
age: 2347
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGp9xc6pSltOHLQqEo1juc2LbwzqeBwFP8AULmbnD3sxRw5nvx%2BqgWFUOUQF399s65f2gMjj2LFcvKV1frNLDUdbU80%2F6l5Sl0AHnDkenkZ4iVC0q5QaxZvkdqHK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e510afa56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| vrdxtned98xd.n4.adsco.re/ | 38.132.109.115 | 200 OK | 0 B |
URL POST HTTP/2vrdxtned98xd.n4.adsco.re/ IP38.132.109.115:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subject*.n4.adsco.re Fingerprint45:6E:69:F7:75:1D:65:9E:20:3D:CF:CE:8B:F5:36:72:85:BD:76:EC ValidityFri, 19 Apr 2024 09:12:46 GMT - Thu, 18 Jul 2024 09:12:45 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrdxtned98xd.n4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: text/html
content-length: 0
last-modified: Fri, 16 Jun 2023 08:37:42 GMT
etag: "648c1f56-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js | 172.240.108.84 | 200 OK | 16 kB |
URL GET HTTP/1.1honeyreadinesscentral.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js IP172.240.108.84:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
File typeJavaScript source, ASCII text, with very long lines (44079), with no line terminators Hashd8dcd9eb7cdfb7786444cc84248c3937 f0e170904edb273e3e050b84533445c6363593eb f5b95f1f2e45f413bf41ff0fe526266ef52f57ce13a409a5e2e6168ebd7c53d5
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fb6ad90e153018af7dab2fce4f221e80
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| proftrafficcounter.com/stats | 18.159.11.169 | 200 OK | 40 B |
URL GET HTTP/2proftrafficcounter.com/stats IP18.159.11.169:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerAmazon Subjectproftrafficcounter.com FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6 ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash96bcde80e6cbff165245c356a1782eb0 c853fa5511319449b32352e689a5c8e292ecd5d3 1a2517b27cd300310f865ff168991a5837ee254e8e68570364eecd18c898c95a
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tucanaldeportivo.com
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/blast.js | 104.21.17.209 | 200 OK | 29 kB |
URL GET HTTP/3claplivehdplay.ru/blast.js IP104.21.17.209:443
Requested byhttps://claplivehdplay.ru/embed.php?id=0qYasvSLd1 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash091faec928970e76d37a3601c19fcf8a 6441e8eebe90eb8d4a40e7c25440ff99caba3520 eb06375118b1eb73f43b8f1851472008f84999a1b27359c075bf5da6feef9a12
GET /blast.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/embed.php?id=0qYasvSLd1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:46 GMT
etag: W/"65e479e2-13040"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opJdVaOvULSHFBuEt2T3AnNoj5DkSllIP%2BduaTH1aMKoS7XvzF4%2BFaNWHXsmKhGpSrsDjMim%2B2scznKkNNTC6fbEEBP2wbSVMrHjPnOkAoH1ghnrlz4nADV29ll6dwD78ZZWxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e54ae54b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| displayvertising.com/jhpptecmdztebu?lpwMQDbF=BQLyAAAAAAAACZUAAgiCLBAZhPGw6-ehIxPUTSUBD44WXaa7QDUnmOSmJLHfgKNopWMZbAZNVOZsqfz2o5edMY0GfOUW5VK7XS4CjhIK4UoSTkDP-Po5_wKkEAGXpCzxNrfii34ALzcv4rZHWXqzBKw3fdskA8VBO1u6o1oEk1aKLzPB_xJNXFRXTYuiiLSABHF9NqhLgZsyydQUKk1J6mMTDpYKjM9SkTajMKsDO1FqZ99xk298hiSeVi04x6SiEEMWl0UGfrXoncNYxzXMaJT9gGQkcwU6TUB0otTRakGxM3hvMn5QGAHeD50RJ_Wtcl9ECva5JrAleVEolHN33OC2Jjb0tDYkZ8ZaUVRxJGPSjkN7rGHZTcFkL3RYms0KW0j3sYiajlsTrCbsiYPSLZMD6YqKjz1VPEU9Wvp4xe7_tmAoXLFevbZqVZZoh0V_qChUbjUQXOveEfkGD9sSMZdFlvcnXYBy8uwD6muSXuh4ToINlW26BPl4SIOEYwqshq0RTdGoGuhdoq2n7cHuvqqFKVNy3f0yjabRXcgjnW1n1MCqUeOofMkLaWP0TRrr9MmhdgBTYEo8o3XiRcJD6O2d3eFNYNwmajEQ7QkMwQnmZZYRRiPXZ5AQhEtc2fFm1S3YKhCS-p_7HL7FrXTleBhaVAdffIRsPIzEvNUNV1DeTUxUOZiryx5I2vYrMyti9_aeAsUOmJMwxkvt5hBPc24n4mVuHM2Squ2QVlbXuvphvss2Ed_Je2inWZ5rLBipCCSb6JlIvvqosb_TuqtpcUrB3w0Ix_Xoi2anRjje1BvrqdkeIAnBT8fyg2xbDVE44j2jcflca1xRkY2n-JB94Wvn1jUIw_iNEleNbMOYgW-SSYeLEMoEKdbbVHxDb1D3toomULuKwMNLc0oHwFNlFG1RfNc2lxge_e_073OUTqBOmeYplztM4gTiLu1MUPAYVOEedgBySg8H3YZixmu-65RZPVPINJANRXbk_ntSlc-c_cP7qLzkMZmiZCth&WLHYjgXT=4&jwOgvlFf=5071221&BNJPwUgQ=&smqveadc=0,0&cIanBTvy=&IDHoMuzb=&s=1280,1024,1,1280,1024,0 | 216.59.56.9 | 200 OK | 981 B |
URL GET HTTP/2displayvertising.com/jhpptecmdztebu?lpwMQDbF=BQLyAAAAAAAACZUAAgiCLBAZhPGw6-ehIxPUTSUBD44WXaa7QDUnmOSmJLHfgKNopWMZbAZNVOZsqfz2o5edMY0GfOUW5VK7XS4CjhIK4UoSTkDP-Po5_wKkEAGXpCzxNrfii34ALzcv4rZHWXqzBKw3fdskA8VBO1u6o1oEk1aKLzPB_xJNXFRXTYuiiLSABHF9NqhLgZsyydQUKk1J6mMTDpYKjM9SkTajMKsDO1FqZ99xk298hiSeVi04x6SiEEMWl0UGfrXoncNYxzXMaJT9gGQkcwU6TUB0otTRakGxM3hvMn5QGAHeD50RJ_Wtcl9ECva5JrAleVEolHN33OC2Jjb0tDYkZ8ZaUVRxJGPSjkN7rGHZTcFkL3RYms0KW0j3sYiajlsTrCbsiYPSLZMD6YqKjz1VPEU9Wvp4xe7_tmAoXLFevbZqVZZoh0V_qChUbjUQXOveEfkGD9sSMZdFlvcnXYBy8uwD6muSXuh4ToINlW26BPl4SIOEYwqshq0RTdGoGuhdoq2n7cHuvqqFKVNy3f0yjabRXcgjnW1n1MCqUeOofMkLaWP0TRrr9MmhdgBTYEo8o3XiRcJD6O2d3eFNYNwmajEQ7QkMwQnmZZYRRiPXZ5AQhEtc2fFm1S3YKhCS-p_7HL7FrXTleBhaVAdffIRsPIzEvNUNV1DeTUxUOZiryx5I2vYrMyti9_aeAsUOmJMwxkvt5hBPc24n4mVuHM2Squ2QVlbXuvphvss2Ed_Je2inWZ5rLBipCCSb6JlIvvqosb_TuqtpcUrB3w0Ix_Xoi2anRjje1BvrqdkeIAnBT8fyg2xbDVE44j2jcflca1xRkY2n-JB94Wvn1jUIw_iNEleNbMOYgW-SSYeLEMoEKdbbVHxDb1D3toomULuKwMNLc0oHwFNlFG1RfNc2lxge_e_073OUTqBOmeYplztM4gTiLu1MUPAYVOEedgBySg8H3YZixmu-65RZPVPINJANRXbk_ntSlc-c_cP7qLzkMZmiZCth&WLHYjgXT=4&jwOgvlFf=5071221&BNJPwUgQ=&smqveadc=0,0&cIanBTvy=&IDHoMuzb=&s=1280,1024,1,1280,1024,0 IP216.59.56.9:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subjectdisplayvertising.com FingerprintAD:50:CF:4F:03:26:91:93:74:1B:D5:8A:D0:EB:44:0D:13:A6:DF:96 ValidityMon, 14 Aug 2023 00:00:00 GMT - Fri, 13 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1358), with no line terminators Hashaf388f571aede315ebccc3f9b90abed3 9cfef213c69a8cc6f401b04872447e6f5b3aad38 5443734e80c7b9eaa81fd40d2aab61960778469158fc114ed783e341e61a1fc5
GET /jhpptecmdztebu?lpwMQDbF=BQLyAAAAAAAACZUAAgiCLBAZhPGw6-ehIxPUTSUBD44WXaa7QDUnmOSmJLHfgKNopWMZbAZNVOZsqfz2o5edMY0GfOUW5VK7XS4CjhIK4UoSTkDP-Po5_wKkEAGXpCzxNrfii34ALzcv4rZHWXqzBKw3fdskA8VBO1u6o1oEk1aKLzPB_xJNXFRXTYuiiLSABHF9NqhLgZsyydQUKk1J6mMTDpYKjM9SkTajMKsDO1FqZ99xk298hiSeVi04x6SiEEMWl0UGfrXoncNYxzXMaJT9gGQkcwU6TUB0otTRakGxM3hvMn5QGAHeD50RJ_Wtcl9ECva5JrAleVEolHN33OC2Jjb0tDYkZ8ZaUVRxJGPSjkN7rGHZTcFkL3RYms0KW0j3sYiajlsTrCbsiYPSLZMD6YqKjz1VPEU9Wvp4xe7_tmAoXLFevbZqVZZoh0V_qChUbjUQXOveEfkGD9sSMZdFlvcnXYBy8uwD6muSXuh4ToINlW26BPl4SIOEYwqshq0RTdGoGuhdoq2n7cHuvqqFKVNy3f0yjabRXcgjnW1n1MCqUeOofMkLaWP0TRrr9MmhdgBTYEo8o3XiRcJD6O2d3eFNYNwmajEQ7QkMwQnmZZYRRiPXZ5AQhEtc2fFm1S3YKhCS-p_7HL7FrXTleBhaVAdffIRsPIzEvNUNV1DeTUxUOZiryx5I2vYrMyti9_aeAsUOmJMwxkvt5hBPc24n4mVuHM2Squ2QVlbXuvphvss2Ed_Je2inWZ5rLBipCCSb6JlIvvqosb_TuqtpcUrB3w0Ix_Xoi2anRjje1BvrqdkeIAnBT8fyg2xbDVE44j2jcflca1xRkY2n-JB94Wvn1jUIw_iNEleNbMOYgW-SSYeLEMoEKdbbVHxDb1D3toomULuKwMNLc0oHwFNlFG1RfNc2lxge_e_073OUTqBOmeYplztM4gTiLu1MUPAYVOEedgBySg8H3YZixmu-65RZPVPINJANRXbk_ntSlc-c_cP7qLzkMZmiZCth&WLHYjgXT=4&jwOgvlFf=5071221&BNJPwUgQ=&smqveadc=0,0&cIanBTvy=&IDHoMuzb=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
popads-node: wb4
access-control-allow-origin: *
asf: 6
cache-control: private, no-store, no-cache, must-revalidate, no-transform, max-age=0
pragma: no-cache
content-type: application/javascript; charset=utf-8
set-cookie: PP_CV=yes; expires=Sat, 27 Apr 2024 00:53:40 GMT; Max-Age=3600
fraudcheck=042c14a6928e4b4c5f8467908ef4887b; expires=Sun, 26 May 2024 23:53:40 GMT; Max-Age=2592000; path=/; domain=.popads.net
PopAds_CF_Pass=1; expires=Sat, 27 Apr 2024 05:53:40 GMT; Max-Age=21600
link: <https://onclickalgo.com>;rel=preconnect
content-length: 981
content-encoding: br
vary: Accept-Encoding
date: Fri, 26 Apr 2024 23:53:40 GMT
X-Firefox-Spdy: h2
|
|
| onclickalgo.com/favicon.ico | 172.67.220.206 | 200 OK | 0 B |
URL GET HTTP/2onclickalgo.com/favicon.ico IP172.67.220.206:443
Requested bymoz-nullprincipal:{227cd516-839a-4a76-aa34-a8939801da25}?https://deportestvhd2.com CertificateIssuerLet's Encrypt Subjectonclickalgo.com Fingerprint44:D9:2B:22:D1:A5:AB:CB:06:94:8D:69:1F:18:A7:24:9B:33:E1:56 ValiditySun, 31 Mar 2024 02:02:43 GMT - Sat, 29 Jun 2024 02:02:42 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: onclickalgo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: image/x-icon
content-length: 0
last-modified: Tue, 19 Jan 2021 07:24:26 GMT
etag: "6006892a-0"
via: 1.1 google
cache-control: max-age=14400
cf-cache-status: HIT
age: 3905
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qcuEn4lf6e5FZCQwJH3eX%2Bn1FhMV6IjAkAX34kTZE9OAczg3X%2BLxdY3MD2UW7TM9GjpPoZppH0sbw1UBqmCRuTcJS5btYYw1G7XG2uswr3MqsD0ddHZy5CLyBt%2FaYmjVbfc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e5d297c5697-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1&uuid=1f0b43e9-811c-4243-9742-45370c90ccc1%3A3%3A1 | 172.240.108.68 | 200 OK | 7.7 kB |
URL GET HTTP/1.1architecturecultivated.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1&uuid=1f0b43e9-811c-4243-9742-45370c90ccc1%3A3%3A1 IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hash443f503d0ed68d695dbb835b7f1ff2c6 c3275f6f5ed1c871c7940baa50f1c5c8afd9a0bc c1af9058102cd67e1680fb766a8e56a37c9e7b4e8c688843358dba7767862d9b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sbar.json?key=33a3af0c29be07a2460f507fcc8304c1&uuid=1f0b43e9-811c-4243-9742-45370c90ccc1%3A3%3A1 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://tucanaldeportivo.com
Access-Control-Allow-Origin: https://tucanaldeportivo.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15497083; expires=Sat, 27 Apr 2024 23:53:40 GMT; secure; SameSite=None
uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; expires=Fri, 03 May 2024 23:53:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 27 Apr 2024 23:53:41 GMT; secure; SameSite=None
uncs=1; expires=Sat, 27 Apr 2024 23:53:41 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 27 Apr 2024 23:53:41 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 27 Apr 2024 23:53:41 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1aba72fa07f6a9c7b9ce88a79a61d0d6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| vrdxtned98xd.s4.adsco.re/ | 185.200.116.51 | 200 OK | 0 B |
URL POST HTTP/2vrdxtned98xd.s4.adsco.re/ IP185.200.116.51:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subject*.s4.adsco.re Fingerprint6C:EA:F6:8F:57:34:25:F9:39:76:98:E0:61:B8:C8:86:AD:CC:68:0A ValidityFri, 19 Apr 2024 09:12:40 GMT - Thu, 18 Jul 2024 09:12:39 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: vrdxtned98xd.s4.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: text/html
content-length: 0
last-modified: Tue, 03 Oct 2023 13:29:59 GMT
etag: "651c1757-0"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-expose-headers: Content-Length,Content-Range
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzobf5QeCujdR5uBBZTPpj8l8uKC4xkjYuFl2FfUk1VXVkzLVXU1V1%2FQkXoKLssdhEbx2nkk2uLuIXvbmIp0FDwtCxlMO5i8QL%2BKeZcbg6Huo933e5y146n3qy313RkI4err6nt6VStHllabfeOWjILjc2JCZGzaG3fYn7dblhhm83ms3%2FVcb7wq2rZdDP%2FD9wA8aa9KIRA%2BXpyRk%2FqAXNHt%2BsxU2g5UWhua%2F2DoPlnrggzPyHCSfLD72LkKyGln63aqw24XOL72TOkULbTDgRx9k25kuM6TzMjEekuzofBranqw9gs4OZ3KhB%2F8MxnJCvJ8eIc6OzkUiHhzMdMYKIkPM%2F49yUEOoGpLWYPoWJD8hAOO4toksvXtNm5Lu%2FM3SKTshi0%2F%2FgCwnZPHXi8jSb68oOWzc1MoVUmcWw6SCHNaQ%2FRq5O0axuwBZHoMVn0Pyn8ny0w1k6cGmVRqSn74cJH7cikRvqRsEbKkVtqKlXqcVLrVWoo7Pej5jLJgtSMoaMqmhxAjUXoCzHpz04BIPLveQ8tMGC4Kg43NG%2FW6PsYh3RNzmfkA7SUADv92FY9M3jFDkIzA1AjN7yM0etuUIxv0Iu1XBcg%2B2IBjwCqUgKC1BSQlKSVAWBOWgOuTKhra6y5V1cXCew%2FMcVWNd9PfpoS76IiOgZgTDq%2F38jDw7W%2BBv5WfYFqeNKKIRTXwW9mLhd2jYavvJit9JGOtGfosFsLKCtAug1sPu1MyX1pDLCSF%2FPkRMj2HVMZh8HtS9CFpWoFsVdrP7Vis9ELrJdAquK%2BTFIoodb1%2BdkRdmAq5%2BfQ%2BCPSHnAWYq5KbCp%2FIxQV%2FdHt%2FQJTm4oUtLvt%2FMC5nKXTp192ZBC%2FG%2Fe1fFTqkNX1%2B1o2%2FeYlNiWj54X9hig2ZcZn1L7l%2BRnAuzpg0T5Id1%2B6GIrzu7dcWZzOUb199eW09zI6yVOqtB5cnHd8DkhDzzcGP2bV9r%2FA5pahhXIXVzpVLXYPkebD7vWU1g1BzHuYfSVWMTxvOmkgRKzDGNK9h%2F4Xhejw2d3qay2re30TcLoMUtZGmFgakwUBWoGsG6C%2BMiN0%2Fe%2FCWaBWK1MI6VWTiIlVF3ZkueHl%2FBytNGJ4p82u6tBJ0OFZ24FXaTdsDp1POw3aYRCjtJLr3xxV8AAAD%2F%2FwEAAP%2F%2FJlr%2Bn5AEAAA%3D | 172.240.108.68 | 200 OK | 7 B |
URL GET HTTP/1.1architecturecultivated.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzobf5QeCujdR5uBBZTPpj8l8uKC4xkjYuFl2FfUk1VXVkzLVXU1V1%2FQkXoKLssdhEbx2nkk2uLuIXvbmIp0FDwtCxlMO5i8QL%2BKeZcbg6Huo933e5y146n3qy313RkI4err6nt6VStHllabfeOWjILjc2JCZGzaG3fYn7dblhhm83ms3%2FVcb7wq2rZdDP%2FD9wA8aa9KIRA%2BXpyRk%2FqAXNHt%2BsxU2g5UWhua%2F2DoPlnrggzPyHCSfLD72LkKyGln63aqw24XOL72TOkULbTDgRx9k25kuM6TzMjEekuzofBranqw9gs4OZ3KhB%2F8MxnJCvJ8eIc6OzkUiHhzMdMYKIkPM%2F49yUEOoGpLWYPoWJD8hAOO4toksvXtNm5Lu%2FM3SKTshi0%2F%2FgCwnZPHXi8jSb68oOWzc1MoVUmcWw6SCHNaQ%2FRq5O0axuwBZHoMVn0Pyn8ny0w1k6cGmVRqSn74cJH7cikRvqRsEbKkVtqKlXqcVLrVWoo7Pej5jLJgtSMoaMqmhxAjUXoCzHpz04BIPLveQ8tMGC4Kg43NG%2FW6PsYh3RNzmfkA7SUADv92FY9M3jFDkIzA1AjN7yM0etuUIxv0Iu1XBcg%2B2IBjwCqUgKC1BSQlKSVAWBOWgOuTKhra6y5V1cXCew%2FMcVWNd9PfpoS76IiOgZgTDq%2F38jDw7W%2BBv5WfYFqeNKKIRTXwW9mLhd2jYavvJit9JGOtGfosFsLKCtAug1sPu1MyX1pDLCSF%2FPkRMj2HVMZh8HtS9CFpWoFsVdrP7Vis9ELrJdAquK%2BTFIoodb1%2BdkRdmAq5%2BfQ%2BCPSHnAWYq5KbCp%2FIxQV%2FdHt%2FQJTm4oUtLvt%2FMC5nKXTp192ZBC%2FG%2Fe1fFTqkNX1%2B1o2%2FeYlNiWj54X9hig2ZcZn1L7l%2BRnAuzpg0T5Id1%2B6GIrzu7dcWZzOUb199eW09zI6yVOqtB5cnHd8DkhDzzcGP2bV9r%2FA5pahhXIXVzpVLXYPkebD7vWU1g1BzHuYfSVWMTxvOmkgRKzDGNK9h%2F4Xhejw2d3qay2re30TcLoMUtZGmFgakwUBWoGsG6C%2BMiN0%2Fe%2FCWaBWK1MI6VWTiIlVF3ZkueHl%2FBytNGJ4p82u6tBJ0OFZ24FXaTdsDp1POw3aYRCjtJLr3xxV8AAAD%2F%2FwEAAP%2F%2FJlr%2Bn5AEAAA%3D IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzobf5QeCujdR5uBBZTPpj8l8uKC4xkjYuFl2FfUk1VXVkzLVXU1V1%2FQkXoKLssdhEbx2nkk2uLuIXvbmIp0FDwtCxlMO5i8QL%2BKeZcbg6Huo933e5y146n3qy313RkI4err6nt6VStHllabfeOWjILjc2JCZGzaG3fYn7dblhhm83ms3%2FVcb7wq2rZdDP%2FD9wA8aa9KIRA%2BXpyRk%2FqAXNHt%2BsxU2g5UWhua%2F2DoPlnrggzPyHCSfLD72LkKyGln63aqw24XOL72TOkULbTDgRx9k25kuM6TzMjEekuzofBranqw9gs4OZ3KhB%2F8MxnJCvJ8eIc6OzkUiHhzMdMYKIkPM%2F49yUEOoGpLWYPoWJD8hAOO4toksvXtNm5Lu%2FM3SKTshi0%2F%2FgCwnZPHXi8jSb68oOWzc1MoVUmcWw6SCHNaQ%2FRq5O0axuwBZHoMVn0Pyn8ny0w1k6cGmVRqSn74cJH7cikRvqRsEbKkVtqKlXqcVLrVWoo7Pej5jLJgtSMoaMqmhxAjUXoCzHpz04BIPLveQ8tMGC4Kg43NG%2FW6PsYh3RNzmfkA7SUADv92FY9M3jFDkIzA1AjN7yM0etuUIxv0Iu1XBcg%2B2IBjwCqUgKC1BSQlKSVAWBOWgOuTKhra6y5V1cXCew%2FMcVWNd9PfpoS76IiOgZgTDq%2F38jDw7W%2BBv5WfYFqeNKKIRTXwW9mLhd2jYavvJit9JGOtGfosFsLKCtAug1sPu1MyX1pDLCSF%2FPkRMj2HVMZh8HtS9CFpWoFsVdrP7Vis9ELrJdAquK%2BTFIoodb1%2BdkRdmAq5%2BfQ%2BCPSHnAWYq5KbCp%2FIxQV%2FdHt%2FQJTm4oUtLvt%2FMC5nKXTp192ZBC%2FG%2Fe1fFTqkNX1%2B1o2%2FeYlNiWj54X9hig2ZcZn1L7l%2BRnAuzpg0T5Id1%2B6GIrzu7dcWZzOUb199eW09zI6yVOqtB5cnHd8DkhDzzcGP2bV9r%2FA5pahhXIXVzpVLXYPkebD7vWU1g1BzHuYfSVWMTxvOmkgRKzDGNK9h%2F4Xhejw2d3qay2re30TcLoMUtZGmFgakwUBWoGsG6C%2BMiN0%2Fe%2FCWaBWK1MI6VWTiIlVF3ZkueHl%2FBytNGJ4p82u6tBJ0OFZ24FXaTdsDp1POw3aYRCjtJLr3xxV8AAAD%2F%2FwEAAP%2F%2FJlr%2Bn5AEAAA%3D HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ad72bd99eb590157742845966ebab77b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=70 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=70 IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Findex.html&l=1571&fd=70 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js IP188.114.96.1:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash5ca8c1679ba9453cfa512e01d6fec9c5 45628341eb20e4acee5e812d3b2dfc8f23962daf 520a0196a18cbe656f7382a02ec828125e68bdac511b9ebe2bf27f31e262d037
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:41 GMT
content-type: application/javascript
last-modified: Thu, 01 Feb 2024 14:55:49 GMT
etag: W/"65bbb0f5-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2296943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3e0iD%2FWWl9ht8aZV4fEPgUXl1v0LrazJXmOg0zC1y%2B7TuposaVzC6bVWwhcnPbSDx2vho%2Bm0gqajjJWrFixvHgcrqzupDJT0HkUsCdzlWMwq8vq%2B2geiB%2BT%2BgQoGtlhmrM2kUHysv8fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e614f39568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=83 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=83 IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fanimate.css&l=79245&fd=83 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=81 | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=81 IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fjs%2Fscript.js&l=386&fd=81 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15744, version 1.0 Hash15d9f621c3bd1599f0169dcf0bd5e63e 7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52 f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 06:02:10 GMT
expires: Sat, 26 Apr 2025 06:02:10 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 64291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL GET HTTP/2fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 IP216.58.207.227:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subject*.gstatic.com Fingerprint93:EC:35:60:8A:5B:23:EA:C0:36:D7:AE:03:0C:C3:77:17:5A:20:33 ValidityMon, 08 Apr 2024 07:31:57 GMT - Mon, 01 Jul 2024 07:31:56 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 15860, version 1.0 Hashe9f5aaf547f165386cd313b995dddd8e acdef5603c2387b0e5bffd744b679a24a8bc1968 f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 26 Apr 2024 05:55:49 GMT
expires: Sat, 26 Apr 2025 05:55:49 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 64672
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=89 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=89 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2F%2Fsb%2Fnotifications%2Futility%2Fdefault%2Fus%2Fblog%2Fecorious%2Fmessage_redcircle2%2Fjan24%2F4%2Fcss%2Fstyle.css&l=3630&fd=89 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html | 104.26.7.19 | 200 OK | 1.2 kB |
URL GET HTTP/2cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html IP104.26.7.19:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49 ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT
File typeHTML document, ASCII text Hash8c9101795aca3483089be55cf5b02499 f6831a6efed20f53cf5974bd24d364572f8cc677 578dd8de5a7a475eb4fde7d1bef95915af6e15ec6fe35166075b34b7ca874b5b
GET /sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:41 GMT
content-type: text/html
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 12409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Neh6A87u04m9JY7FMvtxgxIL%2Bn%2F7PxTyQvXZlH8QYW4a72eyuoItkngew1kGUjzXtm0IUCMRGJ7SBMeOVTDxeGPvfn5kzNLzs9Xn6CJLv1%2BeGvdH5REPg%2FFLl7w8dkZJlozQ2Ls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e609ecf56c6-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/pixel/sbs?c=1 | 192.243.59.12 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/pixel/sbs?c=1 IP192.243.59.12:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/sbs?c=1 HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| t.dtscout.com/pv/?_a=v&_h=tucanaldeportivo.com&_ss=4eii9orz6b&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1di9&_cb=_dtspv.c | 141.101.120.11 | 200 OK | 5.9 kB |
URL GET HTTP/2t.dtscout.com/pv/?_a=v&_h=tucanaldeportivo.com&_ss=4eii9orz6b&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1di9&_cb=_dtspv.c IP141.101.120.11:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectdtscout.com Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21 ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT
File typeASCII text, with no line terminators Hash518414fe00282d24546f7615f147ad8c 7bdab6133859dea4472d0609d03c9eb61f41bf55 6a9f250722f26ddc569e80b493cdc94482d703e877a0ca382bfa0e96935eee33
GET /pv/?_a=v&_h=tucanaldeportivo.com&_ss=4eii9orz6b&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=1di9&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: m=1; oa=1; df=1714175619
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: application/javascript
x-t: 0.153
x-c: 0
expires: Fri, 26 Apr 2024 23:53:39 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tU3jFqSZm1xfqIX0hMtFhkxiO%2Fv9dcq4qGYMVvLUIH5rdvW32QieF8BNsQ5vzxHzavJ3fqXK0hXYBzE5gUJqzFNY%2BBuuY6fwT4nrlPEAQnFJwBcUv8LjpWQ3C4NbRa4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e59bd528d69-HEL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/embed.php?id=0qYasvSLd1 | 104.21.17.209 | 200 OK | 171 kB |
URL GET HTTP/2claplivehdplay.ru/embed.php?id=0qYasvSLd1 IP104.21.17.209:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (40953), with CRLF, LF, NEL line terminators Size171 kB (170616 bytes) Hashf2ee2c87e9bd1c8203f91110363e3f26 d4e0b0bd806a1ae51586f2e2d4d163020de5a0d5 5fd5fc24bd4a1ba0328a481b50c45720b96e680da1faf0581c89060243c27243
GET /embed.php?id=0qYasvSLd1 HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tucanaldeportivo.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: text/html; charset=UTF-8
from: memcache
expires: Sat, 27 Apr 2024 13:46:58 GMT
cache-control: public, max-age=14400, immutable, no-transform
videocdn: EXPIRED
node: PHP
x-cache: EXPIRED
cf-cache-status: MISS
last-modified: Fri, 26 Apr 2024 23:53:38 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5aCEyoGhRuFb3qaqKIXfvU69I85a34x%2BQpMsTPsOIA5W4xKkKHjW%2FTA4T9ZKFjwHrAk2lb7TvBQCE4Tf7IGOSdktzg0SLSAs4efB9Rhpnq4e%2F%2FIY7YeNyxi29u3iDcYSB62nKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e51cf6bb4fd-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| waust.at/t.js | 104.26.4.7 | 200 OK | 29 kB |
IP104.26.4.7:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerCloudflare, Inc. Subjectsni.cloudflaressl.com FingerprintA4:3D:6E:A9:C7:6B:CD:4B:7B:04:51:4F:D1:D7:10:2D:12:92:F9:58 ValiditySun, 04 Jun 2023 00:00:00 GMT - Mon, 03 Jun 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (29322), with no line terminators Hash8fe8954e18b3eafdb2dcf03b218e88f3 17bd6b26816b4c9c7fb9b7552ccdca95c2443c9a ff4c07f1e5cbcfdcfeabb37e8c1dc21d3edc5e3e20edd2d3da16ab5aa22bc600
GET /t.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:17 GMT
etag: W/"63c04115-728a"
expires: Sat, 27 Apr 2024 23:31:51 GMT
cache-control: max-age=86400
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 1307
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qJxh9Cu3maoDkBG6BqOkVKnnUZukXTYFrq8pKv6J9P3GR1%2F6ZcUXtFKgVmDmmzjpQxsBRYt%2B6XDsja%2F4Z36KeWm1T4zBQHuAjRBjtIe9yglrjFh%2BqKZNYTvm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e510dac1bfa-OSL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/suv5.js | 172.67.165.20 | 200 OK | 74 kB |
URL GET HTTP/3acscdn.com/script/suv5.js IP172.67.165.20:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/suv5.js HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPqfJPOo5jhkWlBG7KVxlB20yaRg2iKxbjsKLBn5pJpByZR5OEt8LkOwbYEu35prJJOl1HI
x-goog-generation: 1714053256821370
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 74190
x-goog-hash: crc32c=zXltzg==, md5=U7qQ9IV4LncQhnkcPIEF9Q==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:16:34 GMT
cache-control: public, max-age=3600
age: 2225
last-modified: Thu, 25 Apr 2024 13:54:16 GMT
etag: W/"53ba90f485782e771086791c3c8105f5"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zjj%2B8xZszMstWAzTaFqSrLpNMR0st2V%2FJWILtcd4px3ZTf7x0k9MB0cPsus8b227Wc1XXlqny72BZCtMVqa7zyobbRJn7Bymau76S%2Bc%2FYisknexojsyte08ZgDQD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e569d22b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw | 172.67.199.225 | 200 OK | 4.7 kB |
URL User Request GET HTTP/2deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw IP172.67.199.225:443
CertificateIssuerGoogle Trust Services LLC Subjectdeportestvhd2.com Fingerprint3A:C9:ED:9C:9E:79:49:6D:57:F2:D2:C7:53:C9:EF:EC:5F:56:CB:4C ValidityThu, 04 Apr 2024 17:42:01 GMT - Wed, 03 Jul 2024 17:42:00 GMT
File typeHTML document, ASCII text, with very long lines (5110), with no line terminators Hash3d4083bb7b858a191bffa94220eb3236 020b0fdeb634f8d2dd953370b96304928aa368a0 93199f83e43ea12ef9284f595435ac847aa98cf3e73e6e8d59d09834757f6130
GET /repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw HTTP/1.1
Host: deportestvhd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:36 GMT
content-type: text/html
last-modified: Fri, 22 Mar 2024 18:41:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Iyu%2FMdeDHocGoBiM2UdQ12wEuz6AbNAR%2Bz7Luw3iPDNvuQ6E2nu1S86kFw72HiESxeq19%2F9wqupBHFKdttnF1BsY9rjnPBBWoB%2BaHytq%2FyrBTCQRCI9pAc7eWRdlu9lfbPDoCg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e41de0356c4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/3downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7523565607ef878ba9e6f09111450e15
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 26 Apr 2024 23:53:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4VzfgmwhV%2FdgrDHxa%2FiILsmwFuNmA0BbIgIxduNdhGF5gk6yQdMK4os6GZX3pDyNP1EcAZ9CLg01awJF%2BHSf6n8VNaORmqyE8LN68CtruyUo4DPPHGm81x0JNkQPOlh8kKhOw%2FdSuBXrwMOAf2jqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e5a0ff056ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| youradexchange.com/script/suurl5.php?r=8058394&cbur=0.0721009121594216&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2Frepro.html%3Fr%3DLy90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw&cbref=&cbdescription=&cbkeywords=&cbcdn=ameowli.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175618289&srs=9bbbabcc17ef2f4a3f0b783a9e2890f1&atv=48.0&abtg=1&adbv=3-swat3-swf2 | 172.67.177.214 | 200 OK | 1.1 kB |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=8058394&cbur=0.0721009121594216&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2Frepro.html%3Fr%3DLy90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw&cbref=&cbdescription=&cbkeywords=&cbcdn=ameowli.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175618289&srs=9bbbabcc17ef2f4a3f0b783a9e2890f1&atv=48.0&abtg=1&adbv=3-swat3-swf2 IP172.67.177.214:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1139), with no line terminators Hash42227658cb6cc4039f3fbc4d36b582f9 ad73557a613aae8282e505595f98fb5ae16cfd73 163fb6d214cec89cb593630ff8e983897ca8dfe317c714031458d3ff4c661fe3
GET /script/suurl5.php?r=8058394&cbur=0.0721009121594216&cbiframe=0&cbWidth=1280&cbHeight=1024&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2Frepro.html%3Fr%3DLy90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw&cbref=&cbdescription=&cbkeywords=&cbcdn=ameowli.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175618289&srs=9bbbabcc17ef2f4a3f0b783a9e2890f1&atv=48.0&abtg=1&adbv=3-swat3-swf2 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://deportestvhd2.com/
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kOoZkE8DdqRwMzrWZc80EuNc%2BK93QaeDcE2jnnVJEwQMdojfDsU2lZjXLLqt%2BV%2FvT4V0KETPlq60EOqqxTDpoTSboYXLSYb830QISdTwH8SJB9Fi%2B2gn8xTwalNLe3Kas8K1xNI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e4e6fc50b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| claplivehdplay.ru/clappr.min.js | 104.21.17.209 | 200 OK | 525 kB |
URL GET HTTP/3claplivehdplay.ru/clappr.min.js IP104.21.17.209:443
Requested byhttps://claplivehdplay.ru/embed.php?id=0qYasvSLd1 CertificateIssuerLet's Encrypt Subjectclaplivehdplay.ru Fingerprint37:8C:3F:7E:2F:FA:77:B9:0B:C9:55:E0:E5:4E:A3:31:FE:F9:F8:47 ValidityMon, 18 Mar 2024 08:20:21 GMT - Sun, 16 Jun 2024 08:20:20 GMT
Size525 kB (525081 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /clappr.min.js HTTP/1.1
Host: claplivehdplay.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://claplivehdplay.ru/embed.php?id=0qYasvSLd1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: application/javascript
last-modified: Sun, 03 Mar 2024 13:23:49 GMT
etag: W/"65e479e5-80319"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1640
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VDRF2bRrUDeH0eiFe%2FjAOBo%2BICpbiV%2FNumF8qJZj%2FhtmF6JeO%2Fi0Eir3sWvA2%2BzOHC3n3HV079a1%2BnlqhRV902LtXP3v6NeZbHdAJaDmDWwNun%2FlMs%2F5bK4WuHc1rHo9jI7TvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e54ae51b4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| ameowli.com/script/ut.js?cb=1714175618281 | 104.21.48.123 | 200 OK | 63 kB |
URL GET HTTP/2ameowli.com/script/ut.js?cb=1714175618281 IP104.21.48.123:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerLet's Encrypt Subjectameowli.com Fingerprint4C:6D:53:94:31:5F:C1:2A:21:FB:92:B6:B8:D4:5E:54:0B:E6:DB:6F ValidityWed, 24 Apr 2024 18:32:00 GMT - Tue, 23 Jul 2024 18:31:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1714175618281 HTTP/1.1
Host: ameowli.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrlAM4sROpD8qUDv9qV4-olcGQjqKDHqAfKI2box41i3PatLaWuBrkZzBkvc56CBcqyaPA
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:13:06 GMT
cache-control: public, max-age=14400
age: 2235
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Km0ZAocfmvoS%2Fz0mdZ0M%2FMyWfG4AMJpwxomTEEFvyntrBljLZ6Us130BDLHDHfG96M%2BS9uDaWmbycBzBofA5iG3r66Bxqx45GU1KdMaHu5NyXtUCOCruJSSozgwQ4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e4e7f31568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| honeyreadinesscentral.com/pixel/purst?dl=0&th=0&sc=0&rs=1070&rd=1070&fd=717&bv=24.4.6923&tmpl=70 | 172.240.108.84 | 200 OK | 0 B |
URL GET HTTP/1.1honeyreadinesscentral.com/pixel/purst?dl=0&th=0&sc=0&rs=1070&rd=1070&fd=717&bv=24.4.6923&tmpl=70 IP172.240.108.84:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjecthoneyreadinesscentral.com Fingerprint1A:99:28:0A:D4:17:17:83:DE:BC:79:4F:7A:13:0A:36:0F:71:64:CF ValidityTue, 23 Apr 2024 10:47:10 GMT - Mon, 22 Jul 2024 10:47:09 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /pixel/purst?dl=0&th=0&sc=0&rs=1070&rd=1070&fd=717&bv=24.4.6923&tmpl=70 HTTP/1.1
Host: honeyreadinesscentral.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:39 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| t.dtscout.com/i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdsports-cstream.php&j=https%3A%2F%2Fdeportestvhd2.com%2F | 141.101.120.11 | 200 OK | 2.1 kB |
URL GET HTTP/2t.dtscout.com/i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdsports-cstream.php&j=https%3A%2F%2Fdeportestvhd2.com%2F IP141.101.120.11:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectdtscout.com Fingerprint69:9E:FB:2A:E2:0B:6B:60:8A:15:AF:4F:5A:3D:94:5B:68:70:F4:21 ValiditySun, 17 Mar 2024 14:35:30 GMT - Sat, 15 Jun 2024 14:35:29 GMT
File typeASCII text, with very long lines (2163), with no line terminators Hash8811c1da7d7cd9a89cf1c9d88cf153c1 5dd7a95e6eee435a18d261757a4aa4aeea7ae472 0c72ec693d21a33e6c802f2648030af0433badc9a020325a82550115cf5044cc
GET /i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdsports-cstream.php&j=https%3A%2F%2Fdeportestvhd2.com%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: application/javascript
x-s: mtl1
set-cookie: m=1; Domain=dtscout.com; Expires=Sat, 27-Apr-2024 01:16:59 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Sat, 27-Apr-2024 03:53:39 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1714175619; Domain=dtscout.com; Expires=Sun, 04-Aug-2024 23:53:39 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 0.285
expires: Fri, 26 Apr 2024 23:53:38 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wdwZpQqy6ZE22AkcjNNvwxZghJYPiB5hqkY8Yvx89I0fcCdU2y2ZhAdjyUzC1aNJ%2Fbj2KU5Isz9QN%2Buez64p2bycuE42n9anmC8IT6xawZrhT8qUbpRjO3BFU%2BKNT2c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e577c828d69-HEL
content-encoding: br
X-Firefox-Spdy: h2
|
|
| youradexchange.com/script/suurl5.php?r=4681243&cbur=0.6318453133188371&cbiframe=1&cbWidth=1280&cbHeight=981&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175619687&srs=c6b63ee6a384634ff378c73978da461d&atv=48.0 | 172.67.177.214 | 200 OK | 1.0 kB |
URL GET HTTP/2youradexchange.com/script/suurl5.php?r=4681243&cbur=0.6318453133188371&cbiframe=1&cbWidth=1280&cbHeight=981&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175619687&srs=c6b63ee6a384634ff378c73978da461d&atv=48.0 IP172.67.177.214:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectyouradexchange.com FingerprintD5:0B:42:43:E8:69:FA:76:AA:C8:B3:28:9A:EB:33:C4:6F:62:7A:2B ValiditySun, 14 Apr 2024 01:48:20 GMT - Sat, 13 Jul 2024 01:48:19 GMT
File typetroff or preprocessor input, ASCII text, with very long lines (1043), with no line terminators Hashd553252b4347a76ac2f25e331e072f34 81b46c8816524409b72049de7a52a36e6658f927 c839d8862618e1a681b2b543fcc56772028f1b27855ef4c7c97f6f09d2704545
GET /script/suurl5.php?r=4681243&cbur=0.6318453133188371&cbiframe=1&cbWidth=1280&cbHeight=981&cbtitle=&cbpage=https%3A%2F%2Fdeportestvhd2.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acscdn.com&ufp=Linux%20x86_64%2FMozilla%2FNetscape%2Ftrue%2Ffalse1280x10240en-USunknown4824%20bits&ts=1714175619687&srs=c6b63ee6a384634ff378c73978da461d&atv=48.0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tucanaldeportivo.com/
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CymXgMBJHyUKJYmbEC%2BUDohqSpUFa%2Bh5Gbi72NRcRIQDEuma1Q0gvzeFqABe7jNtEnC1vo5YGuKYaGfr%2FYDW%2FGCgjMrx%2Fi1vVCBLo9RHjlPV403epptyDCYnJI21mns2eaClmgQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e571a100b55-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| 4.adsco.re:2087/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 4.adsco.re:2087
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| c.adsco.re/ | 104.17.166.186 | 200 OK | 82 kB |
IP104.17.166.186:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (689) Hasha0b475c65fed312aba8d7c43a0cbc928 3fdd052b41c37318e44084be4f92d42fba4ded61 2dfb2101b24f80be00b1baecce7eec815e61a13381f6983051b6261b8035468a
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 23:53:39 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 709062
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e563ffa5687-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| capaciousdrewreligion.com/advertisers.js | 192.243.59.20 | 200 OK | 0 B |
URL GET HTTP/1.1capaciousdrewreligion.com/advertisers.js IP192.243.59.20:443 ASN#39572 DataWeb Global Group B.V.
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectcapaciousdrewreligion.com Fingerprint53:B6:ED:C6:B5:B6:60:3E:6D:02:5A:92:2E:C3:12:74:64:A1:23:DC ValidityWed, 06 Mar 2024 11:57:32 GMT - Tue, 04 Jun 2024 11:57:31 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 26 Apr 2024 23:53:40 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8c4498bd813a9ff36e246c68a2fa4003
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css | 188.114.96.1 | 200 OK | 79 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css IP188.114.96.1:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
Hash80047eaa13ebd50c50e8a9753621e430 9c503e07d130572a0eaf51f7c02cbd4cf6213fe3 3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:41 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:44 GMT
etag: W/"65bbb0f0-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 12409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzYjveiy85Tnnl6TS3Q9XGmDSA%2BdIYrgX10Y4pj8YbVWfhRucP4JKLrUqdD2YUXw2XQIkbZTXciMHl3aFKlyTZGpQPtW0d4miCoMqGVixRT7iSqJ1Hd8Ga9EKq4p%2FjBDSJzq1mkd1Pd7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e614f32568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg | 188.114.96.1 | 200 OK | 22 kB |
URL GET HTTP/3cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg IP188.114.96.1:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 320x320, components 3 Hash7bcc800a4957dac955e91ce1ee3b73cd b1fae2cacecc790a22f91e2320077f89707473b1 760783cbcd04b3b7ef5f6b10a24878869d061709e4511ccada113b532833243d
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/img/1.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:41 GMT
content-type: image/jpeg
content-length: 21597
last-modified: Thu, 01 Feb 2024 14:55:47 GMT
etag: "65bbb0f3-545d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3193860
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FoxIcYhR1wzZD0v73%2FHu0lv0jXzzhi3On6N2%2FJH5jpOha%2BJRPzPc%2FDEOrj8bAewa%2FU2ObHgQ1yTL1nOjZq2hxkmiau9OmCmhj723cqNe22IwSHXK3tjI%2FVo2oguCIA9MM30oahq2AlGL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e61ef0c56c1-OSL
alt-svc: h3=":443"; ma=86400
|
|
| pubtrky.com/ut/hb.php?cb=0.4397800403101818&v=1 | 104.21.8.108 | 204 No Content | 0 B |
URL POST HTTP/2pubtrky.com/ut/hb.php?cb=0.4397800403101818&v=1 IP104.21.8.108:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerGoogle Trust Services LLC Subjectpubtrky.com Fingerprint1F:C3:3C:5C:C7:6F:56:DF:E4:18:22:98:6F:C2:B3:96:B2:B4:A6:30 ValidityMon, 18 Mar 2024 09:15:33 GMT - Sun, 16 Jun 2024 09:15:32 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.4397800403101818&v=1 HTTP/1.1
Host: pubtrky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 863
Origin: https://deportestvhd2.com
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Fri, 26 Apr 2024 23:53:38 GMT
access-control-allow-origin: *
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=soSaBdKTB6gm%2BVjf%2FQcE8OJyoQy3sevy4vZbu1UKsxSFSCiZkqAjmxggdAAH6V4IU8LOaqTXDNGvIjrNYdeDM8o4vO7SBi5XCgUiuwKQeR9GtKS8H2wEQz6%2FA1RyxA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 87aa7e4f183556be-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| deportestvhd2.com/favicon.ico | 172.67.199.225 | 404 Not Found | 146 B |
URL GET HTTP/3deportestvhd2.com/favicon.ico IP172.67.199.225:443
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerGoogle Trust Services LLC Subjectdeportestvhd2.com Fingerprint3A:C9:ED:9C:9E:79:49:6D:57:F2:D2:C7:53:C9:EF:EC:5F:56:CB:4C ValidityThu, 04 Apr 2024 17:42:01 GMT - Wed, 03 Jul 2024 17:42:00 GMT
File typeHTML document, ASCII text, with no line terminators Hash40b3fc14254227ec5012d996bf90c4e1 b0dd06eb5a779151151101337889ff09953f8ac0 740816c1b61e4a8443c26d30d3eecfea04815fca8cd605a142f9d8a35f86ceca
GET /favicon.ico HTTP/1.1
Host: deportestvhd2.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 404 Not Found
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/html
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ndYDT8rfJwl7q9Epxt0X62QkB4qd0DK2GMXggBIquQMVwoW6qADk8ehUYLKOnA%2F%2BWRp%2B%2FZiovLbYshVAYQfFnW2PCykGPpVlkuqNHSHUsgFX3qiLJ3q4T%2B32YBSmu9fyFWBNPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e4fba245696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| downstairsnegotiatebarren.com/sfp.js | 104.21.35.227 | 200 OK | 86 kB |
URL GET HTTP/2downstairsnegotiatebarren.com/sfp.js IP104.21.35.227:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectdownstairsnegotiatebarren.com Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44 ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: e076143a6a6522f6fc969c5004bef606
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 26 Apr 2024 23:53:39 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h4M%2BHO6ozAhbLrQr99ANT1vB2A%2B4l19%2B%2BZ7bH51HPL%2B4r8a0s1e1ILYmUEYWcM4B6hwGPKtRTmeyN6d4wESTtI%2Bx7cnKGo22WhCmST%2FaVY8wfy4SFZIZTAJ10EyG%2Bo0QmnU4VF%2F0cAeX5I6SYsMDGw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e56bcabb518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| acscdn.com/script/ut.js?cb=1714175619519 | 172.67.165.20 | 200 OK | 63 kB |
URL GET HTTP/3acscdn.com/script/ut.js?cb=1714175619519 IP172.67.165.20:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectacscdn.com FingerprintC2:6C:14:F0:34:12:76:91:EB:3A:02:AC:4F:41:CA:11:17:6F:F0:01 ValidityWed, 28 Feb 2024 11:34:54 GMT - Tue, 28 May 2024 11:34:53 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /script/ut.js?cb=1714175619519 HTTP/1.1
Host: acscdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 26 Apr 2024 23:53:39 GMT
content-type: text/javascript
x-guploader-uploadid: ABPtcPrEeL-ozC8xgpmn784CRHMjMJJOjX_oB35-9D6CmvTNNUdOb75shlaeeH3vPGqV6Ji8A9y5G_7Nig
x-goog-generation: 1714053300452258
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62975
x-goog-hash: crc32c=f8d0YQ==, md5=vEgeNFwEtFNOCk5UoPLBxg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Sat, 27 Apr 2024 00:13:06 GMT
cache-control: public, max-age=3600
last-modified: Thu, 25 Apr 2024 13:55:00 GMT
etag: W/"bc481e345c04b4534e0a4e54a0f2c1c6"
age: 2433
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q3mKfJHxzNhgztka4jjzY6MipsoEA%2FW6HAKXsRWsHKlLl95xAEvxxcXHWgsjIlCCyhe8fueUsBakRoptkUsxCQ1B7G7%2Fc4xbzzeTj2TWdfZghSOODQpxDLkbFJah"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e569d21b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| c.adsco.re/ | 0.0.0.0 | | 0 B |
IP0.0.0.0:0
Requested byhttps://deportestvhd2.com/repro.html?r=Ly90dWNhbmFsZGVwb3J0aXZvLmNvbS9kc3BvcnRzLWNzdHJlYW0ucGhw CertificateIssuerSectigo Limited Subject*.adsco.re Fingerprint40:64:05:9C:99:0A:1E:9F:A7:49:61:8E:86:4C:4B:06:9C:73:83:73 ValiditySat, 23 Sep 2023 00:00:00 GMT - Sun, 29 Sep 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://deportestvhd2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:38 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 27 May 2024 23:53:38 GMT
etag: W/"oLR1xl/tMSq6jXxDoMvJKA=="
cf-cache-status: HIT
age: 709061
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e4f39ce5696-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css | 188.114.96.1 | 200 OK | 3.6 kB |
URL GET HTTP/2cdn.creative-bars1.com//sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css IP188.114.96.1:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectcreative-bars1.com Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13 ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT
File typeASCII text, with very long lines (3854), with no line terminators Hash1ef6c40dc9237f64e46f930e4b26d112 7e94a725845a7101b17bfc0ff488e27c12060c1d e23167c1f14d771e6eb40f86085c2f04f52010a5e934cff3f9e214aab984f4b4
GET //sb/notifications/utility/default/us/blog/ecorious/message_redcircle2/jan24/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 26 Apr 2024 23:53:41 GMT
content-type: text/css
last-modified: Thu, 01 Feb 2024 14:55:46 GMT
etag: W/"65bbb0f2-e2e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2296943
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Id94AaAgDbZXf4nNoM0%2FgpUMsDncf1Gw%2FOQ0g8fUuqcnnFfD37PrxL6YpF88poRVyI079VkK9%2Fb6frVab8R4Gj5dZO6xy%2FxW19BIgu2mqZyER7lBMPUWvx3bZPtvpEiUUeWhoAcE1IY7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 87aa7e614f3b568b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap | 142.250.74.106 | 200 OK | 7.0 kB |
URL GET HTTP/2fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap IP142.250.74.106:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerGoogle Trust Services LLC Subjectupload.video.google.com Fingerprint5F:6D:48:87:16:89:1E:A5:57:29:92:8B:34:BD:F2:92:0C:7F:F2:50 ValidityMon, 08 Apr 2024 07:32:03 GMT - Mon, 01 Jul 2024 07:32:02 GMT
File typeASCII text, with very long lines (7193), with no line terminators Hash16b49a99486594c0b42d9bd7821deb2c 2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a 3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 26 Apr 2024 23:53:41 GMT
date: Fri, 26 Apr 2024 23:53:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| architecturecultivated.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzgYvgqDuTZQ5eFDZTLqne365oBhjJGzcLLuKepL61ZMy1V1NVff0JF6Ci7LHYRG8dr5JNri7iF725iKTBQ8LQsZTDuYvEC%2FinmXG4LjvUO9973sFX32vvt4vzkgDBT1d%2FcDsKq3pcrPu1177JAgu1zZUWgxqg07rs1Z0uWb7b3Zbdf%2F12vuSb5vlhh%2F4fuAHtTVlZWwGy1MSKrvfDepdvx416kEzwsA%2BjV3hwVEPon9GXoASk8VH3kUoPkaa%2FLAq3XZuskvvJYWmubHoi6OP0u3UlCmSeRlbD3F6dD4N407WHsKkhzO5MP3%2FBpmaEO%2BXh2Dp0blIsP7BTCfTkCmYeBZlfwypx1B0DG5uQokTAnCBq5tIkztXjS3pzr8snbITsvjkL6hyQhZ%2Fv4g0%2BX5Fq0HthtFFrkzqMIgrqMEYqjdGVhwj312AKo%2FB8y%2BhxK9k%2BckG0uRg02kDJU5fDWKfRaHsLnWCgC9FjShc6rajxlLUDNs%2B7%2Fqc82BmkFJjqHgMLYeg7gIK56FQHorYQ5F5SMRpjQdB0PYFp36ny3ko2pK1hB%2FQdhzQwG91UPDpG4bIsyG4HoLbPWR2D9tqCFv8DLdVwQkPLifoiwqlJCgdQUkJSkVQ5gRlvzoU2jVcdUdoV7DgPDfOc1iNTN7bp4cm78mUgNohrKj2szPy%2FMzAP8ovsC1Pa2FIQxr7vNFl0m%2FTRtTy46bfjjnvhH7EAzhVQbkFUOdhd7rMV9aQqQkhfz8Ao8dw%2BhhcvQhavAxaVqBbFXbTe85o05emzk0CYSpk%2BSLyHW9fn5GXZgKufHsXkj8m5wFuK2S2wufqEUFP3xpdNyU5uG5KR37czHKVqF063e6NnObymbtX5E5prFhfdcPv3uFTYlre%2F1C6fIOmQqU9R%2B6tKCGkXTOWS%2FLTuvtYsmuF21opbFpkG9feXVtPMiudUyYdg6qTT2%2BDqwl57sHG7Nu%2BUfsTyo5hiwpJMVeqzBg824PL5j1nCKyeY5Z5KItqZBts3tSKQMs5pqyC%2Bx9m83pk6fQ2VdW%2Bu4WeXQDNbyJNKvRthb6uQPUQrrgwyjP7%2BO3fwlmA6YUR03bhgGmrb89Mnh7fwKnTWuiLNpOxbDMZNaNYcsGaTebzmLNQdDocuZvEl9766h8AAAD%2F%2FwEAAP%2F%2Fpo4rd5AEAAA%3D | 172.240.108.68 | 200 OK | 0 B |
URL GET HTTP/1.1architecturecultivated.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzgYvgqDuTZQ5eFDZTLqne365oBhjJGzcLLuKepL61ZMy1V1NVff0JF6Ci7LHYRG8dr5JNri7iF725iKTBQ8LQsZTDuYvEC%2FinmXG4LjvUO9973sFX32vvt4vzkgDBT1d%2FcDsKq3pcrPu1177JAgu1zZUWgxqg07rs1Z0uWb7b3Zbdf%2F12vuSb5vlhh%2F4fuAHtTVlZWwGy1MSKrvfDepdvx416kEzwsA%2BjV3hwVEPon9GXoASk8VH3kUoPkaa%2FLAq3XZuskvvJYWmubHoi6OP0u3UlCmSeRlbD3F6dD4N407WHsKkhzO5MP3%2FBpmaEO%2BXh2Dp0blIsP7BTCfTkCmYeBZlfwypx1B0DG5uQokTAnCBq5tIkztXjS3pzr8snbITsvjkL6hyQhZ%2Fv4g0%2BX5Fq0HthtFFrkzqMIgrqMEYqjdGVhwj312AKo%2FB8y%2BhxK9k%2BckG0uRg02kDJU5fDWKfRaHsLnWCgC9FjShc6rajxlLUDNs%2B7%2Fqc82BmkFJjqHgMLYeg7gIK56FQHorYQ5F5SMRpjQdB0PYFp36ny3ko2pK1hB%2FQdhzQwG91UPDpG4bIsyG4HoLbPWR2D9tqCFv8DLdVwQkPLifoiwqlJCgdQUkJSkVQ5gRlvzoU2jVcdUdoV7DgPDfOc1iNTN7bp4cm78mUgNohrKj2szPy%2FMzAP8ovsC1Pa2FIQxr7vNFl0m%2FTRtTy46bfjjnvhH7EAzhVQbkFUOdhd7rMV9aQqQkhfz8Ao8dw%2BhhcvQhavAxaVqBbFXbTe85o05emzk0CYSpk%2BSLyHW9fn5GXZgKufHsXkj8m5wFuK2S2wufqEUFP3xpdNyU5uG5KR37czHKVqF063e6NnObymbtX5E5prFhfdcPv3uFTYlre%2F1C6fIOmQqU9R%2B6tKCGkXTOWS%2FLTuvtYsmuF21opbFpkG9feXVtPMiudUyYdg6qTT2%2BDqwl57sHG7Nu%2BUfsTyo5hiwpJMVeqzBg824PL5j1nCKyeY5Z5KItqZBts3tSKQMs5pqyC%2Bx9m83pk6fQ2VdW%2Bu4WeXQDNbyJNKvRthb6uQPUQrrgwyjP7%2BO3fwlmA6YUR03bhgGmrb89Mnh7fwKnTWuiLNpOxbDMZNaNYcsGaTebzmLNQdDocuZvEl9766h8AAAD%2F%2FwEAAP%2F%2Fpo4rd5AEAAA%3D IP172.240.108.68:443
Requested byhttps://tucanaldeportivo.com/dsports-cstream.php CertificateIssuerLet's Encrypt Subjectarchitecturecultivated.com Fingerprint15:CF:E9:0B:87:6A:2C:2A:1B:D3:AE:48:6A:51:12:FA:BD:87:77:92 ValidityWed, 24 Apr 2024 14:56:26 GMT - Tue, 23 Jul 2024 14:56:25 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzgYvgqDuTZQ5eFDZTLqne365oBhjJGzcLLuKepL61ZMy1V1NVff0JF6Ci7LHYRG8dr5JNri7iF725iKTBQ8LQsZTDuYvEC%2FinmXG4LjvUO9973sFX32vvt4vzkgDBT1d%2FcDsKq3pcrPu1177JAgu1zZUWgxqg07rs1Z0uWb7b3Zbdf%2F12vuSb5vlhh%2F4fuAHtTVlZWwGy1MSKrvfDepdvx416kEzwsA%2BjV3hwVEPon9GXoASk8VH3kUoPkaa%2FLAq3XZuskvvJYWmubHoi6OP0u3UlCmSeRlbD3F6dD4N407WHsKkhzO5MP3%2FBpmaEO%2BXh2Dp0blIsP7BTCfTkCmYeBZlfwypx1B0DG5uQokTAnCBq5tIkztXjS3pzr8snbITsvjkL6hyQhZ%2Fv4g0%2BX5Fq0HthtFFrkzqMIgrqMEYqjdGVhwj312AKo%2FB8y%2BhxK9k%2BckG0uRg02kDJU5fDWKfRaHsLnWCgC9FjShc6rajxlLUDNs%2B7%2Fqc82BmkFJjqHgMLYeg7gIK56FQHorYQ5F5SMRpjQdB0PYFp36ny3ko2pK1hB%2FQdhzQwG91UPDpG4bIsyG4HoLbPWR2D9tqCFv8DLdVwQkPLifoiwqlJCgdQUkJSkVQ5gRlvzoU2jVcdUdoV7DgPDfOc1iNTN7bp4cm78mUgNohrKj2szPy%2FMzAP8ovsC1Pa2FIQxr7vNFl0m%2FTRtTy46bfjjnvhH7EAzhVQbkFUOdhd7rMV9aQqQkhfz8Ao8dw%2BhhcvQhavAxaVqBbFXbTe85o05emzk0CYSpk%2BSLyHW9fn5GXZgKufHsXkj8m5wFuK2S2wufqEUFP3xpdNyU5uG5KR37czHKVqF063e6NnObymbtX5E5prFhfdcPv3uFTYlre%2F1C6fIOmQqU9R%2B6tKCGkXTOWS%2FLTuvtYsmuF21opbFpkG9feXVtPMiudUyYdg6qTT2%2BDqwl57sHG7Nu%2BUfsTyo5hiwpJMVeqzBg824PL5j1nCKyeY5Z5KItqZBts3tSKQMs5pqyC%2Bx9m83pk6fQ2VdW%2Bu4WeXQDNbyJNKvRthb6uQPUQrrgwyjP7%2BO3fwlmA6YUR03bhgGmrb89Mnh7fwKnTWuiLNpOxbDMZNaNYcsGaTebzmLNQdDocuZvEl9766h8AAAD%2F%2FwEAAP%2F%2Fpo4rd5AEAAA%3D HTTP/1.1
Host: architecturecultivated.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; uid_id2=1f0b43e9-811c-4243-9742-45370c90ccc1:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 26 Apr 2024 23:53:41 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8678b1314e1d1dabb60183e1806cc56b
Strict-Transport-Security: max-age=0; includeSubdomains
|
|