Report - nexu.playurbano.com/

Report Overview

Submitted URL
nexu.playurbano.com/
IP
172.67.166.234
ASN
#13335 CLOUDFLARENET
Submitted
2024-04-25 09:50:45
Access
public
Website Title
(1) New Message!
Final URL
nexu.playurbano.com/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
notix.io	14765	2020-08-20	2020-08-20	2024-04-22	901 B	45 kB	139.45.197.227
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-04-25	418 B	7.6 kB	142.250.74.74
maxcdn.bootstrapcdn.com	724	2012-05-25	2014-06-18	2024-04-24	548 B	68 kB	104.18.11.207
live.demand.supply	31265	2014-06-22	2018-03-13	2024-04-24	4.8 kB	103 kB	104.17.38.115
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-04-24	439 B	426 B	18.185.247.192
nexu.playurbano.com	unknown	unknown	No data	No data	476 B	243 kB	104.21.16.77
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-04-24	842 B	96 kB	188.114.97.1
constructbrought.com	unknown	unknown	No data	No data	7.9 kB	45 kB	172.240.127.234
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20	2024-04-24	432 B	788 B	142.250.74.130
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-04-24	442 B	15 kB	45.133.44.10
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-04-25	884 B	163 kB	142.250.74.168
www.playurbano.com	unknown	2015-09-01	2018-03-28	2023-11-08	6.8 kB	172 kB	188.114.96.1
youngestmildness.com	unknown	unknown	No data	No data	491 B	467 B	172.240.127.234
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-04-24	1.5 kB	846 B	192.243.61.227
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-04-24	2.2 kB	184 kB	188.114.96.1
quantcast.mgr.consensu.org	2151	2017-12-18	2018-05-26	2023-08-07	413 B	0 B	0.0.0.0
copyrightcontent.org	368575	2021-01-12	2019-11-20	2024-04-15	514 B	623 B	104.18.26.177
cdn.barscreative1.com	25648	2021-09-08	2021-09-16	2024-04-23	498 B	3.4 kB	45.133.44.3
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-04-25	3.2 kB	220 kB	216.58.207.227
finallytrained.com	unknown	2023-09-05	2023-09-12	2024-01-09	441 B	17 kB	172.240.127.234

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-04-24	medium	finallytrained.com	Sinkholed
2024-04-25	medium	unseenreport.com	Sinkholed
2024-04-25	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (32)

	URL	Size	First Seen	Last Seen
	live.demand.supply/p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8=	983 B	2024-04-25	2024-04-25
Pretty URL live.demand.supply/p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8= IP 104.17.38.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:51 Last Seen2024-04-25 11:50:52 Times Seen2 Hash 0759443107bfb01aeb4d412bc65a27fd 383b1f54af3776d60cb9858d34cb463509ca1fb7 24c4235b23fa7767be752258379a93faedc36eb8a41fadc129627ba1d846a261 Loading...

	nexu.playurbano.com/	154 B	2023-07-01	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-01 11:30:46 Last Seen2024-04-25 11:50:52 Times Seen19 Hash b68298f0b7482e081cad50f2d3ea273c 6c5cffe61f4696a5622fa5387594df48dff1c392 88ac781294ee6a061539e59b12b79691ca06522d86544420450c4a160c56498f Loading...

	nexu.playurbano.com/	501 B	2024-04-25	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen1 Hash 0d5234784033e98a9b4639b42b5e906a c4089402f4fa4746e308188b1cc173d1815d8848 26d605dd219107376d15a3bd52dc5c6ef5fd108cb6c1de667d6d6d3f22f7315b Loading...

	www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.2	953 B	2023-03-07	2024-04-25
Pretty URL www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:07 Last Seen2024-04-25 17:24:32 Times Seen168 Hash 5b19285ed04053d37c8ab9a897ee5863 db15a2b9bd3db207aa32026436a54386cf54c110 de4ffa402b49132f160a4b72cdf855677151597c0644d51830bb66a20ebd8fb9 Loading...

	nexu.playurbano.com/sandbox%20eval%20code	147 B	2023-04-11	2024-05-05
Pretty URL nexu.playurbano.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 05:17:12 Times Seen344860 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	nexu.playurbano.com/	821 B	2023-06-28	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-28 10:50:05 Last Seen2024-04-25 11:50:52 Times Seen26 Hash b7bba5504ab55bf2164f95c51b64db50 ab54a8cbcd3e33cd590a62f49e89e6fe50b74716 2c8f9ae6b392c3d57e7b77d164068c46f852159da0fbb572d075ce77625baa52 Loading...

	unknown	36 B	2023-04-11	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-04 19:30:08 Times Seen2021 Hash c6417364696009e1ecada40d12c97a2f dd602b8bbd3a3656463ec3f6868c74f3a937859d 5a59e842a79e328e171f1da23754526329095be86fe355574fd7622f04ed3854 Loading...

	securepubads.g.doubleclick.net/tag/js/gpt.js	13 kB	2023-04-05	2024-05-05
Pretty URL securepubads.g.doubleclick.net/tag/js/gpt.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-05 04:46:03 Last Seen2024-05-05 05:00:38 Times Seen31145 Hash 0c9ed134ae3d5ffe972da2a3e59dc428 620df222551395592e46e4c5f425cf23dcdad891 5f9efa604bfe2aee8c1a90376125a098306ba390530a6f9b2ecb0a67cdac178d Loading...

	notix.io/ent/current/enot.min.js	145 kB	2024-03-06	2024-05-05
Pretty URL notix.io/ent/current/enot.min.js IP 139.45.197.227 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-06 08:52:05 Last Seen2024-05-05 00:59:28 Times Seen135 Hash 9a3ae56c31a58c28e606e1e069a21059 ea3cdfcda002044373d2090e1745f83a15b82d17 6ccf4be26c7c79133eaf94c9c64a2ace27574e72d4c40c3c2011479cadca1f55 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-05
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-05 04:49:12 Times Seen2213 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	nexu.playurbano.com/	2.9 kB	2023-06-28	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-28 10:50:05 Last Seen2024-04-25 11:50:52 Times Seen26 Hash 45232a2c2d227082fabd0818f5d1be15 9156350802962569de2535ff3e7375517d38d467 e37388683fbdec0b1cb92e38a5f29f8463a90aa9ceccce8af23ce91ad5f757b3 Loading...

	live.demand.supply/impl.v17.31.0.js	90 kB	2024-04-17	2024-04-25
Pretty URL live.demand.supply/impl.v17.31.0.js IP 104.17.38.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 00:25:34 Last Seen2024-04-25 12:31:25 Times Seen26 Hash c94ffdc1be05cae52d5a7612ed64327d 5e20ffb0324f09f9debef02f65daa24beac0ba71 326d5117ba3f478610efab050524377c76af6ffd3fd2e8d079f894fdc3c0f073 Loading...

	nexu.playurbano.com/	290 B	2023-06-28	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-28 10:50:05 Last Seen2024-04-25 11:50:52 Times Seen26 Hash 1e1dae3a78a946cefcd6e06773082827 11282ca1bac6eae7c56471694ae4557c13327fea 271ae3f2b924937e12320d1c59abc4cf2096320afa572653ca3a1b7fc7dfd43e Loading...

	www.googletagmanager.com/gtag/js?id=UA-77858712-2	202 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=UA-77858712-2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen2 Hash d5dd7d504bdbdb67cb29bfdcde7c53cf 0a35c3879ab787678ccedf30613516e296358c17 fa842ef09952a5ded756df67d5e787fa2b21505314fb9e697acb842555c7fcfb Loading...

	nexu.playurbano.com/	97 kB	2023-06-28	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-28 10:50:05 Last Seen2024-04-25 11:50:52 Times Seen26 Hash b36c1bcc03d0ba4806e8c9d570da5ba0 88938b20de2d977ae3925760b98876d8715f72a1 1d529b74cfd605d88a6689db8ae728fea2eb18bd01de30c83e557c03af57f744 Loading...

	cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js	90 kB	2023-03-07	2024-05-05
Pretty URL cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:04:00 Last Seen2024-05-05 00:44:57 Times Seen3994 Hash 561acb3e541133bbdd2c0c19f8ee35a1 ffd1353cf3f77d25f801c84d8208613eb0d3d548 9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc Loading...

	www.googletagmanager.com/gtag/js?id=G-SQFXB0YJTT&l=dataLayer&cx=c	250 kB	2024-04-25	2024-04-25
Pretty URL www.googletagmanager.com/gtag/js?id=G-SQFXB0YJTT&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen2 Hash b46a3e150b8532e736134a7fc8bca192 1c3f832233b68b268115fac55f2fb010722da8e3 eb77912dc0b1d8a35cf87c52d49b557cdd77faf44125c8086f4f0f3a55a01cbc Loading...

	unknown	38 B	2023-04-11	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-04 19:30:07 Times Seen32569 Hash caf13b633ab4249aeadda1952a9038ae 1eb64473acd8bff2d081a66f128c611d079f6cbe 30d90270fd3125eb763b9958a72bd513c90cd6207b97dd0ef40c06aa22111ac7 Loading...

	nexu.playurbano.com/	287 B	2023-06-28	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-28 10:50:05 Last Seen2024-04-25 11:50:52 Times Seen26 Hash 13fddb654794a8ee9543d31e74ecc508 26831be4946b862670226a2c9cb126a00565c832 7e3269949a7db80e7babdeea96729b031c024838159d50e86e66854c7ce1eeba Loading...

	nexu.playurbano.com/	93 B	2023-03-07	2024-05-04
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:09 Last Seen2024-05-04 17:44:02 Times Seen390 Hash 38798e7e8bc5c07bbdfd5370b2507f22 2932a6b78f0434d9e211897685ca0c4b2decf61b a5acef2881fc7bd08395b14bdcebc4c71d78b7e3794ca77addc180d8f4ffa7fc Loading...

	www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.2	1.6 kB	2023-03-07	2024-05-04
Pretty URL www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:07 Last Seen2024-05-04 17:44:01 Times Seen957 Hash 3e6902b70ee52754121f017fd48175db 0a5d8a5716c7b249eb5e0b02d04aa74c5b9948cb 21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16 Loading...

	constructbrought.com/b8/d7/49/b8d74904f6b94ccf8e1a8085aa5d1820.js	84 kB	2024-04-25	2024-04-25
Pretty URL constructbrought.com/b8/d7/49/b8d74904f6b94ccf8e1a8085aa5d1820.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen2 Hash f8f2508d22e4f6b1dc5a182eceac6310 a0b9a24ff723b6635a04db72d74f9f0b02a00f3d 69d9116ec432cc4f539b8192decb509feb64e134edb6b60beaa306c8c102c564 Loading...

	unknown	564 B	2023-12-10	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-10 06:06:11 Last Seen2024-04-25 11:50:52 Times Seen2 Hash 7da51e1f2da4459164b63775b417ed06 ba96de1733a6df2a2e7a61985cdf1713b2101650 b91aeb02ab2e999c6d711732783ed8431a3658da7c7624e1d809ea00ca811231 Loading...

	live.demand.supply/up.js	5.5 kB	2024-04-25	2024-04-25
Pretty URL live.demand.supply/up.js IP 104.17.38.115 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen1 Hash d6275410d900de6b9b599e7e3204b8ed 55dbbe663b8b4e484682c703c7a5fc714fdd177d a608a4ebe19dc178bcea5f9115424474fed0e2e72ba10fb84ba45dc644e6e21d Loading...

	unknown	49 B	2023-04-11	2024-05-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-04 19:30:07 Times Seen2020 Hash efde3719ad2205f4e3b6504a9bf45646 83101bef8fc5445fd9dcf54dd04495fc490e939a d84287d2b4f27cb1c02d18a77c979f739a5107585cf81911fea18a14b204f9ba Loading...

	finallytrained.com/06/33/56/0633569b5e7b7ced877cf02d43663712.js	44 kB	2024-04-25	2024-04-25
Pretty URL finallytrained.com/06/33/56/0633569b5e7b7ced877cf02d43663712.js IP 172.240.127.234 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen2 Hash add04ea29d658a08c2b21651e7c6d9a5 aa92bd950ff5b5ebc71ed086249df98e8a6d2270 d9ef5fd6667bed9d9da4a19dd777716bf870dda75ba52e56c5c0d31d88c25156 Loading...

	www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.2	3.0 kB	2023-03-07	2024-05-04
Pretty URL www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.2 IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:27:07 Last Seen2024-05-04 17:44:01 Times Seen920 Hash 53e0fbdc5d79d07d6d955e523f8d2996 e830d0de78b481e31995d69bfda2e71f4cc1be56 2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949 Loading...

	www.playurbano.com/dectector.js	5.3 kB	2023-03-08	2024-04-25
Pretty URL www.playurbano.com/dectector.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:48:17 Last Seen2024-04-25 11:50:52 Times Seen23 Hash e95bcb3e826b3c6229ed828f176ed282 d2d9bc90d4ed48839a54743d4a707d524cb795f5 ab16b46ef192fd9b2e97b18af1751c050c868864f2982b0e6c5c57c81227b51e Loading...

	nexu.playurbano.com/sandbox%20eval%20code	136 B	2023-04-11	2024-05-05
Pretty URL nexu.playurbano.com/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23:25 Last Seen2024-05-05 05:00:38 Times Seen31712 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	nexu.playurbano.com/	111 B	2023-03-07	2024-05-04
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:09 Last Seen2024-05-04 17:44:02 Times Seen339 Hash c6f494191e9e5c281dbab8f8d0b3a418 0ece403656f730a041965d860ba4ad7067859a66 b1c27134592d1d1c85667216827d274186cf9861e0bc4be87439ece542c112d6 Loading...

	nexu.playurbano.com/	525 B	2024-04-25	2024-04-25
Pretty URL nexu.playurbano.com/ IP 104.21.16.77 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-25 11:50:52 Last Seen2024-04-25 11:50:52 Times Seen1 Hash 4fb10fc0c4b1a0f8d256273373a32e61 ac92be2d8d9e35ba83b36b9fa11464a5b2d3d563 d651faeb4e77bb835937fabab53c0cf38b516926110b6f97ef46d0025aca226d Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-05 05:17:12 Times Seen344354 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

HTTP Transactions (61)

URL IP Response Size

www.googletagmanager.com/gtag/js?id=UA-77858712-2

142.250.74.168

200 OK

73 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-77858712-2
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (4179)
Size
73 kB (73308 bytes)
Hash
d5dd7d504bdbdb67cb29bfdcde7c53cf
0a35c3879ab787678ccedf30613516e296358c17
fa842ef09952a5ded756df67d5e787fa2b21505314fb9e697acb842555c7fcfb

HTTP Headers

GET /gtag/js?id=UA-77858712-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 09:50:19 GMT
expires: Thu, 25 Apr 2024 09:50:19 GMT
cache-control: private, max-age=900
last-modified: Thu, 25 Apr 2024 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 73308
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-SQFXB0YJTT&l=dataLayer&cx=c

142.250.74.168

200 OK

89 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-SQFXB0YJTT&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint1E:33:2E:4B:C3:51:05:B7:73:DC:21:BF:3E:02:B3:16:D8:0B:AB:BB
ValidityMon, 18 Mar 2024 19:37:14 GMT - Mon, 10 Jun 2024 19:37:13 GMT

File type
JavaScript source, ASCII text, with very long lines (5945)
Size
89 kB (88709 bytes)
Hash
b46a3e150b8532e736134a7fc8bca192
1c3f832233b68b268115fac55f2fb010722da8e3
eb77912dc0b1d8a35cf87c52d49b557cdd77faf44125c8086f4f0f3a55a01cbc

HTTP Headers

GET /gtag/js?id=G-SQFXB0YJTT&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 25 Apr 2024 09:50:19 GMT
expires: Thu, 25 Apr 2024 09:50:19 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 88709
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2

216.58.207.227

200 OK

45 kB

URL GET HTTP/2
fonts.gstatic.com/s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45052, version 1.0
Size
45 kB (45052 bytes)
Hash
198d320b73bc44e4f0dd33d6b09c9511
32770201897de26b9c207215e4ec18c8eab82189
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1

HTTP Headers

GET /s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 02:14:34 GMT
expires: Wed, 23 Apr 2025 02:14:34 GMT
cache-control: public, max-age=31536000
age: 200145
last-modified: Wed, 11 Oct 2017 18:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

live.demand.supply/e/e.js?e=ll&d=421&cs=c&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?e=ll&d=421&cs=c&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?e=ll&d=421&cs=c&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
access-control-allow-origin: *
cache-status: "Netlify Edge"; hit
etag: "fbee6989874cef86694d7a2d31af072a-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HV98B5PP8EF5VX00MR1KCKGN
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=UAbD540b6KR8XyaKZMXTw0mOyIcazruvIR0bOgOsci8-1714038619-1.0.1.1-5hSafi45vCkexlekUeeuGzjBmXJEorOFSYatDZEIdTNQbYV7w3wYsyDBcNecKMfwmEuF8MR7FTGMaB8zrmugHg; path=/; expires=Thu, 25-Apr-24 10:20:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9c1878b509-OSL
alt-svc: h3=":443"; ma=86400

finallytrained.com/06/33/56/0633569b5e7b7ced877cf02d43663712.js

172.240.127.234

200 OK

16 kB

URL GET HTTP/1.1
finallytrained.com/06/33/56/0633569b5e7b7ced877cf02d43663712.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectfinallytrained.com
Fingerprint51:0C:3D:8A:D3:C9:0A:92:4D:23:A2:75:D2:95:75:02:2E:DE:39:CE
ValiditySun, 03 Mar 2024 06:48:00 GMT - Sat, 01 Jun 2024 06:47:59 GMT

File type
JavaScript source, ASCII text, with very long lines (44112), with no line terminators
Size
16 kB (15850 bytes)
Hash
add04ea29d658a08c2b21651e7c6d9a5
aa92bd950ff5b5ebc71ed086249df98e8a6d2270
d9ef5fd6667bed9d9da4a19dd777716bf870dda75ba52e56c5c0d31d88c25156

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /06/33/56/0633569b5e7b7ced877cf02d43663712.js HTTP/1.1
Host: finallytrained.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:19 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8299829d96a4f2a1197b622166dd56f1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

live.demand.supply/e/e.js?r=playurbano.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/e/e.js?r=playurbano.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /e/e.js?r=playurbano.com_auto_interstitial_desktop&sn=1&ific=true&e=iar2&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
access-control-allow-origin: *
cache-status: "Netlify Edge"; hit
etag: "fbee6989874cef86694d7a2d31af072a-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HV98B5PP8EF5VX00MR1KCKGN
cf-cache-status: HIT
age: 0
accept-ranges: bytes
set-cookie: __cf_bm=LmPVtFdLHLhGfjpTAPBhMP0fZUwx3vjnOu_6VB0L6j0-1714038619-1.0.1.1-XzSEfKz0p2NQM8twxpczRGqR.8eKEElOzmlsDoCouEke1fEZFNbfA2FcKfI7tPxcTrYQZHoWroCY9VTwLTiOMg; path=/; expires=Thu, 25-Apr-24 10:20:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9e2a3bb509-OSL
alt-svc: h3=":443"; ma=86400

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/css/loading.gif

188.114.96.1

200 OK

1.7 kB

URL GET HTTP/3
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/css/loading.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
GIF image data, version 89a, 32 x 32
Size
1.7 kB (1690 bytes)
Hash
265808cc54404f22de9785c713e0cb7e
bf3d1b71957caee1c6273061ad00c99c5d785a0f
b6e4dff920e21e3f436a014140d01d43c97177e007556ede69f772f08cb7a7ec

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/css/loading.gif HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.5.2
Cookie: _ga_SQFXB0YJTT=GS1.1.1714038619.1.0.1714038619.0.0.0; _ga=GA1.1.1647606046.1714038619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: image/gif
content-length: 1690
cache-control: public, max-age=31536000
expires: Sun, 19 May 2024 00:13:15 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 553024
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MypLGlzcNk9Ww9qXZO%2FBBS1FOy2xWLaiPDlW4guHuYcfadIAvESVYbC8C%2FTimTWZx66%2F5UqigNhBaX5VolAyBaOxUpot8w1qbv3yyryKxxc2Caqmv1gfNvQLRmO3y1UYrw%2BVAvs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9efb0fb509-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/3
fonts.gstatic.com/s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46620, version 1.0
Size
47 kB (46620 bytes)
Hash
f6d5807c5cbc7ff22671d30fbf09ae1a
f6573b244a01641be40c01ea0fe7a404b766ff86
080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df

HTTP Headers

GET /s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 18:12:46 GMT
expires: Fri, 18 Apr 2025 18:12:46 GMT
cache-control: public, max-age=31536000
age: 574654
last-modified: Wed, 11 Oct 2017 18:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif

188.114.96.1

200 OK

42 B

URL GET HTTP/3
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/images/lazy_placeholder.gif HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: _ga_SQFXB0YJTT=GS1.1.1714038619.1.0.1714038619.0.0.0; _ga=GA1.1.1647606046.1714038619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=31536000
expires: Sun, 19 May 2024 19:45:21 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 482698
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ihkAY%2Fd3Jx36zO5tHqJ4SM6CeE3EKU%2F4VeXJf%2B04TrS0YexWgAcKELf%2BrkYMr8Xjue8I3xSaljRI7h%2BWA56wILUOvVrg2YZhjxOFmoubcVp38EAGsAO7EOKYQ2R8KKHZmreeOM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9f6b6db509-OSL
alt-svc: h3=":443"; ma=86400

www.playurbano.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2

188.114.96.1

200 OK

82 kB

URL GET HTTP/2
www.playurbano.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
ASCII text, with very long lines (59701)
Size
82 kB (81869 bytes)
Hash
51a8390b47aa0582cf2d9c96c5addee2
b16a640874025d085c38119a1a02a3460f83f2de
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.5.2 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Sat, 25 May 2024 09:50:18 GMT
last-modified: Tue, 09 Apr 2024 01:18:36 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZA0HTwu7Vxjj9H2vhiJEuhWjwcMid2IYW9hX17f6ZUwkZUOUGDntv7cgF4Wi7u4wzPdfpfL1SsiYsL%2FeZc6NWtZ1wlfJaTFM6KfPSsfsbRumcwg6Pg3S8%2BwVWCvjBGAVoveIiUc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a08c4b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.185.247.192

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.247.192:443
ASN
#16509 AMAZON-02

Requested by
https://nexu.playurbano.com/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
ec954bce474fb8821832eff07792745b
5e81bda106b02d41b9049f142819eb8903e8123b
05a05bd0bef69889d0aa0574f94d135f95ba150a072619a95516c588f9420005

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://nexu.playurbano.com
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; expires=Sun, 23 Apr 2034 09:50:20 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

live.demand.supply/p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

496 B

URL GET HTTP/3
live.demand.supply/p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (983), with no line terminators
Size
496 B (496 bytes)
Hash
0759443107bfb01aeb4d412bc65a27fd
383b1f54af3776d60cb9858d34cb463509ca1fb7
24c4235b23fa7767be752258379a93faedc36eb8a41fadc129627ba1d846a261

HTTP Headers

GET /p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: __cf_bm=CQZpD4CauhptdW1ndQZQxs_5._50nmq5GuRSFUcO9S4-1714038619-1.0.1.1-X4sim.KQBJQPSOeUiHvIxPrQlul41R.oTy8Of2gvq3tGAUyJ4gPcxbaX0hfGvNR2XHj6Ue6vx7fvEY39Gicb6Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=3600, s-maxage=7200, stale-while-revalidate=3600, stale-if-error=84600
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9c1d3fb51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

live.demand.supply/x/e.js?ce=fs&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

0 B

URL HEAD HTTP/3
live.demand.supply/x/e.js?ce=fs&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /x/e.js?ce=fs&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: application/javascript; charset=UTF-8
content-length: 1
cache-control: s-maxage=2592000,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=2
access-control-allow-origin: *
cache-status: "Netlify Edge"; hit
etag: "bc98cbb290dc425f60a716554dcbca97-ssl"
strict-transport-security: max-age=31536000
x-nf-request-id: 01HVSM0VHPBA856WT1QD7Q2WMQ
cf-cache-status: HIT
accept-ranges: bytes
set-cookie: __cf_bm=s3dolNjM8JbXw0JNLhfH9drQgGBkXsRWHPyvjLFEFpE-1714038620-1.0.1.1-_6.pDkgyB9mpx2USlN8DcUIAWFarRHUaVnIlGJ_fNyMe0tvfhw5MUlz9hhSe2fSwlV9r.1WvQy9FzT4vurzVqA; path=/; expires=Thu, 25-Apr-24 10:20:20 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9f6b74b509-OSL
alt-svc: h3=":443"; ma=86400

notix.io/settings?appId=1004d5bcd6273f6638c17ffe69ed8c9&ver=0.16.4

139.45.197.227

200 OK

318 B

URL GET HTTP/2
notix.io/settings?appId=1004d5bcd6273f6638c17ffe69ed8c9&ver=0.16.4
IP
139.45.197.227:443
ASN
#9002 RETN Limited

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectnotix.io
Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B
ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT

File type
JSON text data
Size
318 B (318 bytes)
Hash
2aa6e23f41c8163ad6687f06a3362efd
d94bb528db571a75d9f9131a0a45249de485de8f
6e305047f5ac1bf8acd8614bd52fce1ab9ac03c5af3eeef71f18cacd724b3fb9

HTTP Headers

GET /settings?appId=1004d5bcd6273f6638c17ffe69ed8c9&ver=0.16.4 HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nexu.playurbano.com/
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: application/json; charset=utf-8
content-length: 318
access-control-allow-origin: https://nexu.playurbano.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/uploads/2024/04/Mc-Ceja-Alquimia-2024-150x150.jpg

188.114.96.1

200 OK

7.8 kB

URL GET HTTP/3
www.playurbano.com/wp-content/uploads/2024/04/Mc-Ceja-Alquimia-2024-150x150.jpg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, progressive, precision 8, 150x150, components 3
Size
7.8 kB (7761 bytes)
Hash
5f99234eedd482f9a7566d560afb31d8
a3bc6c3165bc12acfe8fd6fe19c1aa4b4cffc357
2222c7cbde6c06d8cbd1f46270640094c8424b19b2ac1370e4500b1856c305e6

HTTP Headers

GET /wp-content/uploads/2024/04/Mc-Ceja-Alquimia-2024-150x150.jpg HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: _ga_SQFXB0YJTT=GS1.1.1714038619.1.0.1714038619.0.0.0; _ga=GA1.1.1647606046.1714038619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: image/jpeg
content-length: 7761
cache-control: public, max-age=31536000
expires: Sat, 25 May 2024 09:50:19 GMT
last-modified: Thu, 25 Apr 2024 09:16:29 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AP2kYKwedaRD%2FoVE2aMgjWW46USyb5VtCI0gSFi%2FzONW94WYBPXsb6qYJ8bSdpTAxSnZ64B8ltECXwtpHrPXcu%2B4HajlM51iOi8yfgyKqt%2BXtmSyDqN%2B9eBpM%2BVnZHCUDj1jZ54%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da07cdeb509-OSL
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

67 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
67 kB (66778 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 54fd61fce4176820a4315771cf10f1eb
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 09:50:19 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeNV%2BaRJwU4qmJiv6rrner1remQeW4hKoAh%2BmWTfMAEfu%2FvwcQ8LIYGOPWBPRiQIGjin9NWw0Xi4haBxNXRuX50VbEUzwcuQOPEs83WY37mE1CJZQfTLWDxenUVQRDmqQdoFAwKWaIgkO2f9GEalnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9f19c656b4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2

216.58.207.227

200 OK

45 kB

URL GET HTTP/2
fonts.gstatic.com/s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45052, version 1.0
Size
45 kB (45052 bytes)
Hash
198d320b73bc44e4f0dd33d6b09c9511
32770201897de26b9c207215e4ec18c8eab82189
143c5c0124d14b936536af0c656e10aebbc2bb832563f00137f7e9c717195df1

HTTP Headers

GET /s/ptsans/v9/ATKpv8nLYAKUYexo8iqqrg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 45052
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 02:14:34 GMT
expires: Wed, 23 Apr 2025 02:14:34 GMT
cache-control: public, max-age=31536000
age: 200146
last-modified: Wed, 11 Oct 2017 18:24:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/3
fonts.gstatic.com/s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46620, version 1.0
Size
47 kB (46620 bytes)
Hash
f6d5807c5cbc7ff22671d30fbf09ae1a
f6573b244a01641be40c01ea0fe7a404b766ff86
080d87ea98497809417441c5267bcc92f38883b7023d125e7766b1f4ca8658df

HTTP Headers

GET /s/ptsans/v9/0XxGQsSc1g4rdRdjJKZrNPk_vArhqVIZ0nv9q090hN8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46620
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 Apr 2024 18:12:46 GMT
expires: Fri, 18 Apr 2025 18:12:46 GMT
cache-control: public, max-age=31536000
age: 574654
last-modified: Wed, 11 Oct 2017 18:24:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constructbrought.com/b8/d7/49/b8d74904f6b94ccf8e1a8085aa5d1820.js

172.240.127.234

200 OK

31 kB

URL GET HTTP/1.1
constructbrought.com/b8/d7/49/b8d74904f6b94ccf8e1a8085aa5d1820.js
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
31 kB (31073 bytes)
Hash
f8f2508d22e4f6b1dc5a182eceac6310
a0b9a24ff723b6635a04db72d74f9f0b02a00f3d
69d9116ec432cc4f539b8192decb509feb64e134edb6b60beaa306c8c102c564

HTTP Headers

GET /b8/d7/49/b8d74904f6b94ccf8e1a8085aa5d1820.js HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:20 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Set-Cookie: 4b4e7ab587d59b22ad7bcd2439afc363_CF-2931_new=0; expires=Sun, 28 Apr 2024 09:50:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 66d6d2136d9c7f93d8c10f6e08844b53
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

notix.io/ent/current/enot.min.js

139.45.197.227

200 OK

44 kB

URL GET HTTP/2
notix.io/ent/current/enot.min.js
IP
139.45.197.227:443
ASN
#9002 RETN Limited

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectnotix.io
Fingerprint3C:56:70:26:73:9D:43:E7:28:EF:40:FE:65:98:CD:7B:0A:56:D9:1B
ValiditySat, 17 Feb 2024 20:57:19 GMT - Fri, 17 May 2024 20:57:18 GMT

File type
gzip compressed data, max speed, from Unix
Size
44 kB (44021 bytes)
Hash
e7c31748babadc734cde79a5fe3c6a55
2c12acc333fec67c244afad74af2fa95e88cd2a3
94b48bafa429f96d3869fd110d9f6ce7f0a0e822e5a83b20156ab17931fb0b28

HTTP Headers

GET /ent/current/enot.min.js HTTP/1.1
Host: notix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: application/javascript
last-modified: Wed, 13 Mar 2024 11:17:39 GMT
etag: W/"65f18b53-2380d"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/themes/mp3/images/favicon.ico

188.114.96.1

1.5 kB

URL GET
www.playurbano.com/wp-content/themes/mp3/images/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
PNG image data, 16 x 16, 8-bit/color RGB, non-interlaced
Size
1.5 kB (1459 bytes)
Hash
9c7b52c73ddffd1f765bff73815cf2ed
57109f8d8e9bccb503ee817803368ecf09b0ffb1
c024656a2d084f884bbde70bff73b282a370f2e49407d3020411b24f8db919e6

HTTP Headers

GET /wp-content/themes/mp3/images/favicon.ico HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: _ga_SQFXB0YJTT=GS1.1.1714038619.1.0.1714038619.0.0.0; _ga=GA1.1.1647606046.1714038619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: image/x-icon
cache-control: public, max-age=31536000
expires: Thu, 02 May 2024 17:32:05 GMT
last-modified: Tue, 17 May 2016 04:14:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1959494
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AifXIIwfG3ctXDQOw42DhW2vybcAdQErMLIdCG8R99%2FawQfuwNHkNF7IB7e06yMfXSnpfqVcsbkiJKBE73Sy2ZE%2BmkFdRs5qw5L%2BPKAouAf1MAtCqGPUxYqKmTFhkipfX59I2Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6da23e85b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

constructbrought.com/sbar.json?key=0633569b5e7b7ced877cf02d43663712&uuid=44b0f327-4375-48d8-920f-ff9255a19530%3A3%3A1

172.240.127.234

200 OK

8.3 kB

URL GET HTTP/1.1
constructbrought.com/sbar.json?key=0633569b5e7b7ced877cf02d43663712&uuid=44b0f327-4375-48d8-920f-ff9255a19530%3A3%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type
JSON text data
Size
8.3 kB (8325 bytes)
Hash
e1e620c872f059ebc8d539d719d2cead
40bffcf2e246597ead4cbe6dba27be52cd4a4b11
75ac68cffb282dc2cbd30fed5128ff2f467b3d8152c7981729db10cdd3ed4484

HTTP Headers

GET /sbar.json?key=0633569b5e7b7ced877cf02d43663712&uuid=44b0f327-4375-48d8-920f-ff9255a19530%3A3%3A1 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:20 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://nexu.playurbano.com
Access-Control-Allow-Origin: https://nexu.playurbano.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=19408177; expires=Fri, 26 Apr 2024 09:50:20 GMT; secure; SameSite=None
uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; expires=Thu, 02 May 2024 09:50:20 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 26 Apr 2024 09:50:20 GMT; secure; SameSite=None
uncs=1; expires=Fri, 26 Apr 2024 09:50:20 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 26 Apr 2024 09:50:20 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 26 Apr 2024 09:50:20 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 30a82a686d5474cafca32ccf05899555
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

28 kB

URL GET HTTP/3
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint2C:6A:E1:8E:26:5B:1D:8B:86:CB:C1:72:4E:52:4B:8B:67:3A:D2:44
ValidityMon, 04 Mar 2024 21:53:07 GMT - Sun, 02 Jun 2024 21:53:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27468 bytes)
Hash
f4a2f8f9f99541c6f105bbd0a025bd40
1f8e3eff12168fdd9e719adfc098d24a45b6916a
b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 95dd4ab4651e9e8a405a71b70effe424
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 25 Apr 2024 09:50:20 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LpEOCUJk5Uo5tJSVML%2F3dg7cOYvdjfZy%2Bt1ORgvidXHw2PYlko9RwM2yT0lHhhoyiEInUHnorLnbBVf%2BMJ68Jf89IuYJA756vCaDMPejm2ixkl6eWvZkyaODrOH2mhONDd7o8URfGD3ge59SWG9tDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da24852b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

youngestmildness.com/pixel/purst?dl=0&th=0&sc=0&rs=2794&rd=2794&fd=542&bv=24.4.4887&tmpl=136

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
youngestmildness.com/pixel/purst?dl=0&th=0&sc=0&rs=2794&rd=2794&fd=542&bv=24.4.4887&tmpl=136
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectyoungestmildness.com
Fingerprint1E:8F:59:B7:29:6A:D7:3F:99:85:F2:A7:49:89:88:22:3E:23:16:C1
ValidityWed, 24 Apr 2024 15:17:25 GMT - Tue, 23 Jul 2024 15:17:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2794&rd=2794&fd=542&bv=24.4.4887&tmpl=136 HTTP/1.1
Host: youngestmildness.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.2

188.114.96.1

200 OK

7.5 kB

URL GET HTTP/2
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2976)
Size
7.5 kB (7547 bytes)
Hash
53e0fbdc5d79d07d6d955e523f8d2996
e830d0de78b481e31995d69bfda2e71f4cc1be56
2b3c6f1d3cea37b4d8cc609a141b421a88bcaf2f3646965f9f95f4d4a683c949

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extra.min.js?ver=2.7.2 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Thu, 02 May 2024 17:32:03 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1959495
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6PifxKgja7n5YissUCApb7o%2BxfU6AiHuBXmIVuNO0c0i12hktODlpPEZ6Gj%2Bqqg%2BnJurU4mzHG66z%2BdS0PfGHBarZmXHG%2FaZIdPBuIBUTLeRZCFRJBfmyM5bjYc%2FGYLROPLj3%2B0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a18ddb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=116

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=116
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F2f%2F33%2F17%2F2f3317da28d2a6ed09610d2d267aa136%2F1648542458.html&l=2977&fd=116 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.130

200 OK

0 B

URL HEAD HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.130:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint1B:FA:17:60:E2:34:D4:FA:D1:13:08:09:6E:8F:ED:E7:A8:8C:6E:7A
ValidityMon, 18 Mar 2024 19:37:13 GMT - Mon, 10 Jun 2024 19:37:12 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://nexu.playurbano.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
vary: Accept-Encoding
date: Thu, 25 Apr 2024 09:50:21 GMT
expires: Thu, 25 Apr 2024 09:50:21 GMT
cache-control: private, max-age=3600, stale-while-revalidate=3600
content-type: text/javascript; charset=UTF-8
etag: 6366573185877624609
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51379
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.2

188.114.96.1

200 OK

15 kB

URL GET HTTP/2
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
ASCII text, with very long lines (1533)
Size
15 kB (15251 bytes)
Hash
3e6902b70ee52754121f017fd48175db
0a5d8a5716c7b249eb5e0b02d04aa74c5b9948cb
21dc21cf1cc77b458d114634e3775e70f229dc0c215b0c8958920e2079cb5a16

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.srcset.min.js?ver=2.7.2 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
expires: Sun, 05 May 2024 16:03:46 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1705592
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yte18izvZHB5etl%2Fk5%2F8uR05bYyiexChZFJFOnYdDoGNFKHLMcpFwDNrPq31NetmxfvbgPTj2mnLSvz66WU%2BJqASPZs%2FC8EViWyR2dbdgaZc6mNUQnVVr1zbl0%2Fp%2BVrzya4q7vg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a08d8b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=394

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=394
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fanimate.css&l=79313&fd=394 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=409

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=409
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fcss%2Fstyle.css&l=4617&fd=409 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=293

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=293
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2F1%2Fjs%2Fscript.js&l=382&fd=293 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0633569b5e7b7ced877cf02d43663712&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0633569b5e7b7ced877cf02d43663712&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=0633569b5e7b7ced877cf02d43663712&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:22 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5b15b87476abc69786e42da727a0a661
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b8d74904f6b94ccf8e1a8085aa5d1820&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b8d74904f6b94ccf8e1a8085aa5d1820&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=44b0f327-4375-48d8-920f-ff9255a19530&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=b8d74904f6b94ccf8e1a8085aa5d1820&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=9 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:22 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e9e3a935eef531a4fbc5e629d66fb0e7
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 16:27:38 GMT
expires: Wed, 23 Apr 2025 16:27:38 GMT
cache-control: public, max-age=31536000
age: 148964
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintF5:5C:D9:68:C6:5F:A3:33:5A:73:C3:79:B6:83:FE:44:2E:A4:83:74
ValidityMon, 18 Mar 2024 20:34:25 GMT - Mon, 10 Jun 2024 20:34:24 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 23 Apr 2024 01:54:31 GMT
expires: Wed, 23 Apr 2025 01:54:31 GMT
cache-control: public, max-age=31536000
age: 201351
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

constructbrought.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNENTcojAHJVHc2e7pmekZcwjGuLK4ZkMS0YMg9asn5VZ3NVXd07NzWgxIjoN%2FQe83u1k0QZKrYJDZgIcFYcfTHtyL%2F4FCzjLj4Og71Huvvq%2Fgq%2B%2B9b%2FaLc9JAQc9ufGKGSmu63qr7tSufB8HV2pZKi0Ft0Gl%2F2W5erdn%2Be9123X%2B79pHkO2a94Qe%2BH%2FhBbUNZGZvB%2BgyEyh53g3rXrzcb9aDVxMD%2Bv3eFB0c9iP45eRVKTFefexeh%2BARp8uSGdDu5yd79MCk0zY1FXxx9mu6kpkyRLMvYeojTowUbxp1uPINJD%2BdyYfr%2FEpmaEu%2BXZ2Dp0UIkWP9grpNpyBRMvISyP4HUEyg6ATf3ocQpAbjAzW2kycObxpZ09x%2BUztApWX3xF1Q5Jau%2FX0Sa%2FHBdq0HtjtFFrkzqMIgrqMEEqjdBVhwjH65Alcfg%2BddQ4ley%2FmILaXKw7bSBEmdvNpvMj8NGtNYMo9ZasyM6a92GH6%2FFcbfRatGg2wr9uUFKTaDiCbQcgboLKJyHQnkoYg9F5iERZzUeBEHkC079TpfzUESStYUf0CgOaOC3Oyj47A8j5NkIXI%2FA7R4yu4cdNYItfoa7V8EJDy4n6IsKpSQoHUFJCUpFUOYEZb86FNo1XPVQaFewYJEbixxWY5P39umhyXsyJaB2BCuq%2FeycvDIz0LvyVoAdeVbz22HYandZS0Ys4lJ0oojHfkM0w3Y7jIIGnKqg3Aqo8zBUU3L59VVk6vS1FIwew%2BljcOWBFm%2BAlhXovQrD9BEdZlIrV%2BcmgTAVsnwV%2Ba63r8%2FJpfn8NrefQPKTa3%2BE8wC3FTJb4Sv1nKCnH4xvm5Ic3DalI0%2B3s1wlakhns72T01xe%2BP5juVsaKzZvuNF37%2FMZMCsf35Uu36KpUGnPkUfXlRDSbhjLJflp030m2a3C3bte2LTItm59sLGZZFY6p0w6AZ2t6Z8WXE3Jy5fuztf2yo%2FbUHYCW1RIihOyCCgzAc%2F24LKlfmcIrF5yWOahLKqxbbDlpVYEWi57yiq4%2F%2FRsWY8tnb2mqtp3D9CzK6D5faRJhb6t0NcVqB7BFRfGeWZPrv22kMH0yphpu3LAtNXfzm2eHU%2Fh1Fkt9EXEZCwjJputZiy5YK0W83nMWSg6HY7cTeN3Ln%2FxNwAAAP%2F%2FAQAA%2F%2F8g%2Fgk%2FkAQAAA%3D%3D

172.240.127.234

200 OK

7 B

URL GET HTTP/1.1
constructbrought.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNENTcojAHJVHc2e7pmekZcwjGuLK4ZkMS0YMg9asn5VZ3NVXd07NzWgxIjoN%2FQe83u1k0QZKrYJDZgIcFYcfTHtyL%2F4FCzjLj4Og71Huvvq%2Fgq%2B%2B9b%2FaLc9JAQc9ufGKGSmu63qr7tSufB8HV2pZKi0Ft0Gl%2F2W5erdn%2Be9123X%2B79pHkO2a94Qe%2BH%2FhBbUNZGZvB%2BgyEyh53g3rXrzcb9aDVxMD%2Bv3eFB0c9iP45eRVKTFefexeh%2BARp8uSGdDu5yd79MCk0zY1FXxx9mu6kpkyRLMvYeojTowUbxp1uPINJD%2BdyYfr%2FEpmaEu%2BXZ2Dp0UIkWP9grpNpyBRMvISyP4HUEyg6ATf3ocQpAbjAzW2kycObxpZ09x%2BUztApWX3xF1Q5Jau%2FX0Sa%2FHBdq0HtjtFFrkzqMIgrqMEEqjdBVhwjH65Alcfg%2BddQ4ley%2FmILaXKw7bSBEmdvNpvMj8NGtNYMo9ZasyM6a92GH6%2FFcbfRatGg2wr9uUFKTaDiCbQcgboLKJyHQnkoYg9F5iERZzUeBEHkC079TpfzUESStYUf0CgOaOC3Oyj47A8j5NkIXI%2FA7R4yu4cdNYItfoa7V8EJDy4n6IsKpSQoHUFJCUpFUOYEZb86FNo1XPVQaFewYJEbixxWY5P39umhyXsyJaB2BCuq%2FeycvDIz0LvyVoAdeVbz22HYandZS0Ys4lJ0oojHfkM0w3Y7jIIGnKqg3Aqo8zBUU3L59VVk6vS1FIwew%2BljcOWBFm%2BAlhXovQrD9BEdZlIrV%2BcmgTAVsnwV%2Ba63r8%2FJpfn8NrefQPKTa3%2BE8wC3FTJb4Sv1nKCnH4xvm5Ic3DalI0%2B3s1wlakhns72T01xe%2BP5juVsaKzZvuNF37%2FMZMCsf35Uu36KpUGnPkUfXlRDSbhjLJflp030m2a3C3bte2LTItm59sLGZZFY6p0w6AZ2t6Z8WXE3Jy5fuztf2yo%2FbUHYCW1RIihOyCCgzAc%2F24LKlfmcIrF5yWOahLKqxbbDlpVYEWi57yiq4%2F%2FRsWY8tnb2mqtp3D9CzK6D5faRJhb6t0NcVqB7BFRfGeWZPrv22kMH0yphpu3LAtNXfzm2eHU%2Fh1Fkt9EXEZCwjJputZiy5YK0W83nMWSg6HY7cTeN3Ln%2FxNwAAAP%2F%2FAQAA%2F%2F8g%2Fgk%2FkAQAAA%3D%3D
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz4scRRSu3uxNENTcojAHJVHc2e7pmekZcwjGuLK4ZkMS0YMg9asn5VZ3NVXd07NzWgxIjoN%2FQe83u1k0QZKrYJDZgIcFYcfTHtyL%2F4FCzjLj4Og71Huvvq%2Fgq%2B%2B9b%2FaLc9JAQc9ufGKGSmu63qr7tSufB8HV2pZKi0Ft0Gl%2F2W5erdn%2Be9123X%2B79pHkO2a94Qe%2BH%2FhBbUNZGZvB%2BgyEyh53g3rXrzcb9aDVxMD%2Bv3eFB0c9iP45eRVKTFefexeh%2BARp8uSGdDu5yd79MCk0zY1FXxx9mu6kpkyRLMvYeojTowUbxp1uPINJD%2BdyYfr%2FEpmaEu%2BXZ2Dp0UIkWP9grpNpyBRMvISyP4HUEyg6ATf3ocQpAbjAzW2kycObxpZ09x%2BUztApWX3xF1Q5Jau%2FX0Sa%2FHBdq0HtjtFFrkzqMIgrqMEEqjdBVhwjH65Alcfg%2BddQ4ley%2FmILaXKw7bSBEmdvNpvMj8NGtNYMo9ZasyM6a92GH6%2FFcbfRatGg2wr9uUFKTaDiCbQcgboLKJyHQnkoYg9F5iERZzUeBEHkC079TpfzUESStYUf0CgOaOC3Oyj47A8j5NkIXI%2FA7R4yu4cdNYItfoa7V8EJDy4n6IsKpSQoHUFJCUpFUOYEZb86FNo1XPVQaFewYJEbixxWY5P39umhyXsyJaB2BCuq%2FeycvDIz0LvyVoAdeVbz22HYandZS0Ys4lJ0oojHfkM0w3Y7jIIGnKqg3Aqo8zBUU3L59VVk6vS1FIwew%2BljcOWBFm%2BAlhXovQrD9BEdZlIrV%2BcmgTAVsnwV%2Ba63r8%2FJpfn8NrefQPKTa3%2BE8wC3FTJb4Sv1nKCnH4xvm5Ic3DalI0%2B3s1wlakhns72T01xe%2BP5juVsaKzZvuNF37%2FMZMCsf35Uu36KpUGnPkUfXlRDSbhjLJflp030m2a3C3bte2LTItm59sLGZZFY6p0w6AZ2t6Z8WXE3Jy5fuztf2yo%2FbUHYCW1RIihOyCCgzAc%2F24LKlfmcIrF5yWOahLKqxbbDlpVYEWi57yiq4%2F%2FRsWY8tnb2mqtp3D9CzK6D5faRJhb6t0NcVqB7BFRfGeWZPrv22kMH0yphpu3LAtNXfzm2eHU%2Fh1Fkt9EXEZCwjJputZiy5YK0W83nMWSg6HY7cTeN3Ln%2FxNwAAAP%2F%2FAQAA%2F%2F8g%2Fgk%2FkAQAAA%3D%3D HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:22 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ff928183d3ee51e84275e46372965feb
Strict-Transport-Security: max-age=0; includeSubdomains

constructbrought.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/pixel/sbs?c=1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 25 Apr 2024 09:50:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

constructbrought.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzuYmCOreVmEOykYxk%2F4x0z3jHhZjjATjZtld0YMg1V3VkzLVXU1V9%2FRkTsEF2ePgX9D5Jtmgu8juVXCRzoKHgJDxlIO5%2BB8o7FlmHBx9h3rv1fcVfPW9981hcUlcFPRi4xM1FFLStXbTbqx87jg3GtsiLQaNQcf%2F0m%2FdaOj%2Be12%2Fab%2Fd%2BIhHe2rNtR3bdmynsSk0j9VgbQpCZI%2B7TrNrN1tu02m3MND%2F701hwVALrH9JXoVgk%2BXn1lWIqEaaPNngZi9X2bsfJoWkudLos5NP071UlSmSRRlrC3F6MmdDmfPNZ1Dp8UwuVP9fYigmxPrlGcL0ZC4SYf9opjOU4ClC9hLKfg0uawhaI1L3Idg5ASKGWztIk4e3lC7p%2Fj8onaITsvziL4hyQpZ%2Fv4o0%2BWFdikHjrpJFLlRqMIgriEEN0auRFafIh0sQ5Smi%2FGsI9itZe7GNNDnaMVJBsIs3W63Qjj03WG15QXu11WGd1a5rx6tx3HXbbep02549M0iIGiKuIfkI1FxBYSwUwkIRWygyCwm7aESO4wQ2i6jd6UaRxwIe%2Bsx2aBA71LH9Dopo%2BocR8myESI4Q6QNk%2BgB7YgRd%2FAyzW8EwCyYn6LMKJScoDUFJCUpBUOYEZb86ZtK4pnrIpClCZ57defaqscp7h%2FRY5T2eElA9gmbVYXZJXpkaaK285WCPXzRs3%2FPafjds8yAMIs46QRDFtstanu97gePCiArCLIEaC0MxIddfX0Ymzl9LEdJTGHmKSFigxRugZQW6W2GYPqLDjEthmpFKwFSFLF9Gvm8dyktybTa%2FrZ0n4NHZzT%2B8WSDSFTJd4SvxnKAnH4zvqJIc3VGlIU93slwkYkins72b05xf%2Bf5jvl8qzbY2zOi796MpMC0f3%2BMm36YpE2nPkEfrgjGuN5WOOPlpy3zGw9uF2V0vdFpk27c%2F2NxKMs2NESqtQadr%2BqdGJCbk5Wv3Zmu78uMOhK6hiwpJcUbmAaFqRNkBTLbQbxSBlgtOmFkoi2qs3XBxKQWB5IuehhXMf%2FpwUY81nb6mojo0D9DTS6D5faRJhb6u0JcVqBzBFFfGeabPbv42lxHKpXEo9dJRKLX8dmbz9HgKIy4agefZ1O%2B2nSCgPAhbbif2HUap2%2FJd36cecjOJ37n%2Bxd8AAAD%2F%2FwEAAP%2F%2FoCrc15AEAAA%3D

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
constructbrought.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzuYmCOreVmEOykYxk%2F4x0z3jHhZjjATjZtld0YMg1V3VkzLVXU1V9%2FRkTsEF2ePgX9D5Jtmgu8juVXCRzoKHgJDxlIO5%2BB8o7FlmHBx9h3rv1fcVfPW9981hcUlcFPRi4xM1FFLStXbTbqx87jg3GtsiLQaNQcf%2F0m%2FdaOj%2Be12%2Fab%2Fd%2BIhHe2rNtR3bdmynsSk0j9VgbQpCZI%2B7TrNrN1tu02m3MND%2F701hwVALrH9JXoVgk%2BXn1lWIqEaaPNngZi9X2bsfJoWkudLos5NP071UlSmSRRlrC3F6MmdDmfPNZ1Dp8UwuVP9fYigmxPrlGcL0ZC4SYf9opjOU4ClC9hLKfg0uawhaI1L3Idg5ASKGWztIk4e3lC7p%2Fj8onaITsvziL4hyQpZ%2Fv4o0%2BWFdikHjrpJFLlRqMIgriEEN0auRFafIh0sQ5Smi%2FGsI9itZe7GNNDnaMVJBsIs3W63Qjj03WG15QXu11WGd1a5rx6tx3HXbbep02549M0iIGiKuIfkI1FxBYSwUwkIRWygyCwm7aESO4wQ2i6jd6UaRxwIe%2Bsx2aBA71LH9Dopo%2BocR8myESI4Q6QNk%2BgB7YgRd%2FAyzW8EwCyYn6LMKJScoDUFJCUpBUOYEZb86ZtK4pnrIpClCZ57defaqscp7h%2FRY5T2eElA9gmbVYXZJXpkaaK285WCPXzRs3%2FPafjds8yAMIs46QRDFtstanu97gePCiArCLIEaC0MxIddfX0Ymzl9LEdJTGHmKSFigxRugZQW6W2GYPqLDjEthmpFKwFSFLF9Gvm8dyktybTa%2FrZ0n4NHZzT%2B8WSDSFTJd4SvxnKAnH4zvqJIc3VGlIU93slwkYkins72b05xf%2Bf5jvl8qzbY2zOi796MpMC0f3%2BMm36YpE2nPkEfrgjGuN5WOOPlpy3zGw9uF2V0vdFpk27c%2F2NxKMs2NESqtQadr%2BqdGJCbk5Wv3Zmu78uMOhK6hiwpJcUbmAaFqRNkBTLbQbxSBlgtOmFkoi2qs3XBxKQWB5IuehhXMf%2FpwUY81nb6mojo0D9DTS6D5faRJhb6u0JcVqBzBFFfGeabPbv42lxHKpXEo9dJRKLX8dmbz9HgKIy4agefZ1O%2B2nSCgPAhbbif2HUap2%2FJd36cecjOJ37n%2Bxd8AAAD%2F%2FwEAAP%2F%2FoCrc15AEAAA%3D
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectconstructbrought.com
Fingerprint53:AF:08:11:E0:E0:18:FA:8A:82:83:16:B7:C2:3D:C1:13:AC:4B:5C
ValidityWed, 24 Apr 2024 15:05:23 GMT - Tue, 23 Jul 2024 15:05:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSuzuYmCOreVmEOykYxk%2F4x0z3jHhZjjATjZtld0YMg1V3VkzLVXU1V9%2FRkTsEF2ePgX9D5Jtmgu8juVXCRzoKHgJDxlIO5%2BB8o7FlmHBx9h3rv1fcVfPW9981hcUlcFPRi4xM1FFLStXbTbqx87jg3GtsiLQaNQcf%2F0m%2FdaOj%2Be12%2Fab%2Fd%2BIhHe2rNtR3bdmynsSk0j9VgbQpCZI%2B7TrNrN1tu02m3MND%2F701hwVALrH9JXoVgk%2BXn1lWIqEaaPNngZi9X2bsfJoWkudLos5NP071UlSmSRRlrC3F6MmdDmfPNZ1Dp8UwuVP9fYigmxPrlGcL0ZC4SYf9opjOU4ClC9hLKfg0uawhaI1L3Idg5ASKGWztIk4e3lC7p%2Fj8onaITsvziL4hyQpZ%2Fv4o0%2BWFdikHjrpJFLlRqMIgriEEN0auRFafIh0sQ5Smi%2FGsI9itZe7GNNDnaMVJBsIs3W63Qjj03WG15QXu11WGd1a5rx6tx3HXbbep02549M0iIGiKuIfkI1FxBYSwUwkIRWygyCwm7aESO4wQ2i6jd6UaRxwIe%2Bsx2aBA71LH9Dopo%2BocR8myESI4Q6QNk%2BgB7YgRd%2FAyzW8EwCyYn6LMKJScoDUFJCUpBUOYEZb86ZtK4pnrIpClCZ57defaqscp7h%2FRY5T2eElA9gmbVYXZJXpkaaK285WCPXzRs3%2FPafjds8yAMIs46QRDFtstanu97gePCiArCLIEaC0MxIddfX0Ymzl9LEdJTGHmKSFigxRugZQW6W2GYPqLDjEthmpFKwFSFLF9Gvm8dyktybTa%2FrZ0n4NHZzT%2B8WSDSFTJd4SvxnKAnH4zvqJIc3VGlIU93slwkYkins72b05xf%2Bf5jvl8qzbY2zOi796MpMC0f3%2BMm36YpE2nPkEfrgjGuN5WOOPlpy3zGw9uF2V0vdFpk27c%2F2NxKMs2NESqtQadr%2BqdGJCbk5Wv3Zmu78uMOhK6hiwpJcUbmAaFqRNkBTLbQbxSBlgtOmFkoi2qs3XBxKQWB5IuehhXMf%2FpwUY81nb6mojo0D9DTS6D5faRJhb6u0JcVqBzBFFfGeabPbv42lxHKpXEo9dJRKLX8dmbz9HgKIy4agefZ1O%2B2nSCgPAhbbif2HUap2%2FJd36cecjOJ37n%2Bxd8AAAD%2F%2FwEAAP%2F%2FoCrc15AEAAA%3D HTTP/1.1
Host: constructbrought.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: u_pl=19408177; uid_id2=44b0f327-4375-48d8-920f-ff9255a19530:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 25 Apr 2024 09:50:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 20bd00ea72ab8ac59b5525e4c0d73610
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css

188.114.96.1

200 OK

4.6 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (4886), with no line terminators
Size
4.6 kB (4617 bytes)
Hash
1230b98f01a549572edcd2bf3bdcb4ad
ac87a2a752ffb8b5167566183fddd531d7971be9
9a2954fc66ebbb9adf18c2ea4403d2a0a5dedf2928f9905e1fc656f5dc1b208d

HTTP Headers

GET /sb/chat/mob/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-1209"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A%2Fxud1QflnIqoHCeS3IWaxgXKLt3%2B938IX5PyeQvM0FiYnJ2YgEegxhAx%2Bj7cmDPA226XZ6H2ZvVwvjYC%2BsIGOYxJRab4VonMUmYKa3XlEkUU463tA5rwnYFbyIRQrNjEqhwR3aHJzBk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da6bb96568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

quantcast.mgr.consensu.org/cmp.js

0.0.0.0

0 B

URL GET
quantcast.mgr.consensu.org/cmp.js
IP
0.0.0.0:0
ASN
#0

Requested by
https://nexu.playurbano.com/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cmp.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.playurbano.com/wp-admin/admin-ajax.php

188.114.96.1

200 OK

0 B

URL POST HTTP/3
www.playurbano.com/wp-admin/admin-ajax.php
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /wp-admin/admin-ajax.php HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 34
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-robots-tag: noindex
x-content-type-options: nosniff
expires: Wed, 11 Jan 1984 05:00:00 GMT
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN
x-litespeed-cache-control: no-cache
cache-control: no-cache, no-store, must-revalidate, max-age=0
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PG9heIU4dZcQGDrpR6LT4ywpFcKQp3OimEKaCJPDRdkVs%2BPbk5Ca%2Fbo76GCKw3CEaCZYltwVVkphhxylnggQLQ2wU6OFjl1bmctZn8g7YXY7fP1xC85WFQ%2FkEc0OcC1qYcU9wB0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9f7b81b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.74

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint15:CB:F7:AC:18:3F:DC:1E:F9:4E:94:D1:98:40:40:61:53:17:28:F2
ValidityMon, 18 Mar 2024 20:35:28 GMT - Mon, 10 Jun 2024 20:35:27 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 25 Apr 2024 09:50:21 GMT
date: Thu, 25 Apr 2024 09:50:21 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

copyrightcontent.org/unblocker/ub/ub.js?ai=660f44adb53d4403148c09e5&pp=aHR0cHM6Ly9uZXh1LnBsYXl1cmJhbm8uY29tLw==&unblockerPaymentToken=

104.18.26.177

403 Forbidden

0 B

URL GET HTTP/2
copyrightcontent.org/unblocker/ub/ub.js?ai=660f44adb53d4403148c09e5&pp=aHR0cHM6Ly9uZXh1LnBsYXl1cmJhbm8uY29tLw==&unblockerPaymentToken=
IP
104.18.26.177:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectcopyrightcontent.org
Fingerprint29:E2:32:98:4C:68:6C:DA:2C:8D:FD:B1:F4:F1:00:17:15:1B:76:50
ValiditySun, 07 Apr 2024 03:24:31 GMT - Sat, 06 Jul 2024 03:24:30 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /unblocker/ub/ub.js?ai=660f44adb53d4403148c09e5&pp=aHR0cHM6Ly9uZXh1LnBsYXl1cmJhbm8uY29tLw==&unblockerPaymentToken= HTTP/1.1
Host: copyrightcontent.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Thu, 25 Apr 2024 09:50:35 GMT
set-cookie: __cf_bm=ozZtu4dm2PYL6OiGyTDS6CdW9zRCZ4MhVPPlNEHSAwQ-1714038620-1.0.1.1-28EOFHJKySEhO.mVKf31BJvb4oMb1rZhd.YABxc0zz8BRc8KxH07WIMzoaWcNXiIUwUHjV_MN0.Judfx7HCX3Q; path=/; expires=Thu, 25-Apr-24 10:20:20 GMT; domain=.copyrightcontent.org; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9fb8ba1c12-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png

188.114.96.1

200 OK

6.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/img/close.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced
Size
6.0 kB (5982 bytes)
Hash
c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd

HTTP Headers

GET /sb/chat/mob/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: image/png
content-length: 5982
last-modified: Mon, 21 Feb 2022 08:25:06 GMT
etag: "62134c62-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 6118625
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=33H53NZXv1VckeC4UNtBUt06vfU3FWKI0JqPBCHKS8W%2Ft0xKx8kZOk1V6pxBnG4w808d16gs%2BBON8OeAIxFevJIXUEsPr0lX4z7Z1YxuewtCO5EUJbD6rHEajyoa0TRMejzYyHjrFudL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da6ebb5568e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html

45.133.44.3

200 OK

3.0 kB

URL GET HTTP/2
cdn.barscreative1.com/sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html
IP
45.133.44.3:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintF6:54:F4:B9:EB:AD:1E:FA:8F:76:B9:75:20:9B:41:57:32:37:94:E3
ValiditySun, 10 Mar 2024 03:01:32 GMT - Sat, 08 Jun 2024 03:01:31 GMT

File type
HTML document, ASCII text, with very long lines (3229), with no line terminators
Size
3.0 kB (2977 bytes)
Hash
0b579b1f5697d55d3bc0856975d08243
e68a8e8bc08f86086744aba736df40ca7bea6d01
8ac4909eb5c0efc3278c66a43990535925fb271226f96261415df027fe40cb0c

HTTP Headers

GET /sb/au/2f/33/17/2f3317da28d2a6ed09610d2d267aa136/1648542458.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Tue, 29 Mar 2022 08:27:42 GMT
etag: W/"6242c2fe-ba1"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Thu, 25 Apr 2024 10:50:21 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

live.demand.supply/up.js

104.17.38.115

200 OK

5.5 kB

URL GET HTTP/2
live.demand.supply/up.js
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (5703), with no line terminators
Size
5.5 kB (5525 bytes)
Hash
c83324bd8ce21c1b233effb043ee6150
4fd86e9928190f0f02928ee9b1466e85b0f597c4
ba27407a2850965394c66767dd36e2740c9cd76e8403e2057277575c8d37944b

HTTP Headers

GET /up.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript; charset=UTF-8
cf-ray: 879d6d9a1b35b51d-OSL
cf-cache-status: HIT
age: 334
cache-control: max-age=1200,must-revalidate,stale-while-revalidate=3600
etag: W/"07eb91b0af55246475ad8048f6afc011-ssl-df"
link: <https://live.demand.supply/impl.v17.31.0.js>; rel=preload; as=script,<https://live.demand.supply/p4/v17-24-0/bmV4dS5wbGF5dXJiYW5vLmNvbS8=>; rel=preload; as=script
strict-transport-security: max-age=31536000
vary: Accept-Encoding
cache-status: "Netlify Edge"; fwd=stale
cf-bgj: minify
cf-polished: origSize=5343
timing-allow-origin: *
x-nf-request-id: 01HVM20DBXTMMP42H77AP1WWQ5
set-cookie: __cf_bm=CQZpD4CauhptdW1ndQZQxs_5._50nmq5GuRSFUcO9S4-1714038619-1.0.1.1-X4sim.KQBJQPSOeUiHvIxPrQlul41R.oTy8Of2gvq3tGAUyJ4gPcxbaX0hfGvNR2XHj6Ue6vx7fvEY39Gicb6Q; path=/; expires=Thu, 25-Apr-24 10:20:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

live.demand.supply/ds.2.html

104.17.38.115

200 OK

413 B

URL GET HTTP/3
live.demand.supply/ds.2.html
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (430), with no line terminators
Size
413 B (413 bytes)
Hash
68dce237203af5e16657b39e1f2e7b46
8084ece9e2500c1a0731aaf8f33290744b174b9c
8534d0076676e85517a298ded722e84bb64abf655fbc565588f76a7e26ad4680

HTTP Headers

GET /ds.2.html HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=2592000,immutable,stale-if-error=604800
cache-status: "Netlify Edge"; hit
strict-transport-security: max-age=31536000
timing-allow-origin: *
x-nf-request-id: 01HV9PY3ER0ZN2ZB6WEA673R0F
cf-cache-status: HIT
set-cookie: __cf_bm=O.GNCjknoOUt2uUTYCk0P2a7lKXiW6WNWeDAzrmGbys-1714038619-1.0.1.1-UMo8O8nsh9YRpt1WOKXHnoF.4TN6b59g09r7d4w_kp1bONKr93jVGeSiIyrK3RBkBopBTRhtRLeb9v56K3R_gA; path=/; expires=Thu, 25-Apr-24 10:20:19 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9c1d40b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

live.demand.supply/cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

21 B

URL GET HTTP/3
live.demand.supply/cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
b5ba67e581bc39edc7bfd644febc4cd6
d58a43d8abdb05d9c3bfa924a254b917719076fc
851b81e18ee3f1f208f67d5625d3954d8ffd1718b861b7426a26284f4ace9bdb

HTTP Headers

GET /cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: text/plain;charset=UTF-8
content-length: 21
access-control-allow-origin: *
cache-control: private,max-age=3600
set-cookie: __cf_bm=IvZ3bTIqdYtUsnW.s9XzN.im9SqgOT74UWRr4VtHBNo-1714038620-1.0.1.1-05uMI5MBgrgt0sG4ymCfX33D2z4VII9ow8gL711V5sjSKSJbyyns.hWkj9oYkKMVa.6lqvmFX1d1JBHz2DpFmw; path=/; expires=Thu, 25-Apr-24 10:20:20 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9e2a38b509-OSL
alt-svc: h3=":443"; ma=86400

live.demand.supply/cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=

104.17.38.115

200 OK

21 B

URL GET HTTP/3
live.demand.supply/cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8=
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
b5ba67e581bc39edc7bfd644febc4cd6
d58a43d8abdb05d9c3bfa924a254b917719076fc
851b81e18ee3f1f208f67d5625d3954d8ffd1718b861b7426a26284f4ace9bdb

HTTP Headers

GET /cp/playurbano.com_auto_728x90_sticky_display_bottom?mlcu=dc509277-f6cf-4fa5-a09f-ad37bfd0366a&mlos=li&mlbr=fi&mlla=en&dsReferer=bmV4dS5wbGF5dXJiYW5vLmNvbS8= HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: text/plain;charset=UTF-8
content-length: 21
access-control-allow-origin: *
cache-control: private,max-age=3600
set-cookie: __cf_bm=kGA3twt3JefenINBzRfIg9yVaDb1zx.frdRKMGiURw4-1714038620-1.0.1.1-55yBgKkKItdLiHHexbddIm8pxb.MnZC1rBY_DS16g1Vp_TlJfrgPg3P1g3bR4xgflkg6KCJhK6ySH_AAUzE7fQ; path=/; expires=Thu, 25-Apr-24 10:20:20 GMT; domain=.demand.supply; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da08ce7b509-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (79313 bytes)
Hash
fc638645a938f69e69360c75335ffd1a
143132fb8361c3ad0acf88cb70bf0b07c0ecc2d4
7ef76aab275d0221c68602d18f81b4285b280756f0f71d535ed8b5b889bc2f90

HTTP Headers

GET /sb/chat/mob/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: text/css
last-modified: Mon, 21 Feb 2022 08:25:04 GMT
etag: W/"62134c60-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7xc8odt6RJJBC1A8ZHeo275TPd%2FBUVPfo38LH%2BQvBaeC6LFUTpnIGgZ%2BM8v0PaGOi19Q%2Fzya2gNnM1uzUMhvB70Qkz1oN9vh1cTTm0c5cMO6QfJb5W3wSpxIuCJEV2OtMZzvfpV%2BY1mE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da6bb90568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.5.2

188.114.96.1

200 OK

276 B

URL GET HTTP/2
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.5.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
ASCII text, with no line terminators
Size
276 B (276 bytes)
Hash
4f3b7d52ca6ad3ce850aaef4cb7ce87c
4aae0892ba85f4a12a324bdae4cd3a79dceed680
e9e19b61ee5df173000dee8bb0e9d16821472745870f229d2b01770d0f2b6484

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/css/jquery.lazyloadxt.spinner.css?ver=6.5.2 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=311
cache-control: public, max-age=31536000
expires: Sat, 18 May 2024 08:47:47 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 608552
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qXW9HNPgknulCYfLHchla70z94oaZm5mf8Pui3xP1mgHqDZC22hysh58PrU9F3s2PYe6r%2BEHVx%2Bf3eIO2QOMVjYca74yPcgVODvuw6eONWkY7g3ZlUlBjF6R2IizDFNaW6lXl1I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a08dcb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js

188.114.96.1

200 OK

90 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/jquery.min.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89492 bytes)
Hash
561acb3e541133bbdd2c0c19f8ee35a1
ffd1353cf3f77d25f801c84d8208613eb0d3d548
9fde6da568db31801e29243a903bf24f342256b41e3c01e7d018ff7c566ce7fc

HTTP Headers

GET /sb/chat/mob/ssp/1/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:09 GMT
etag: W/"62134c65-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 4849277
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2s1r9ASXDkLWOssmGQsnut6rH2nBfi6Gf1r0QeNC%2FJcDswx6JkQFuzNubs8EDZrj3doCQ80iqyw2ug4oN137nvUpbH3W2SqGod3SVUgzewOKlAxPHTSTMsiLaNsRMhPikcteehVijJdd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da6ebbc568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.2

188.114.96.1

200 OK

953 B

URL GET HTTP/2
www.playurbano.com/wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
JavaScript source, ASCII text, with very long lines (954), with no line terminators
Size
953 B (953 bytes)
Hash
5f8acd177611bf552cd7c013e3c5438a
7a2e4d6938a916cb00b5fc65516eaabfcf14f5ad
ad4ef456c763bd0bd66b54869f9c7c9a35e968f0149606c4575cd8f633d8efea

HTTP Headers

GET /wp-content/plugins/a3-lazy-load/assets/js/jquery.lazyloadxt.extend.js?ver=2.7.2 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=1045
cache-control: public, max-age=31536000
expires: Thu, 02 May 2024 17:32:03 GMT
last-modified: Wed, 07 Feb 2024 05:05:35 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1959495
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52Eg5IzrNzrRgR5%2FpERdyiTZGvvkSXTaI6TZP6tNqAJvjjHfQlJgVa71czZanDpr2DRj6eBNcLgh6rZRhgwFP4glD2Gb2d2nKRg9Fm5HXaaNl2%2FKI0K4VOGe78CAHucb%2BVxdBRk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a08c5b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0

104.18.11.207

200 OK

67 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint57:B4:25:B9:9C:88:A1:A3:3D:F7:31:74:02:E4:D1:E0:0A:F5:11:63
ValidityWed, 27 Mar 2024 00:22:09 GMT - Tue, 25 Jun 2024 00:22:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 66624, version 4.262
Size
67 kB (66624 bytes)
Hash
db812d8a70a4e88e888744c1c9a27e89
638c652d623280a58144f93e7b552c66d1667a11
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

HTTP Headers

GET /font-awesome/4.5.0/fonts/fontawesome-webfont.woff2?v=4.5.0 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: font/woff2
content-length: 66624
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "db812d8a70a4e88e888744c1c9a27e89"
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 10/31/2023 18:48:08
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 418d0a2b10a29792162f0203dc421399
cdn-cache: HIT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 879d6d9f69660b59-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.playurbano.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1509416944

188.114.96.1

200 OK

127 B

URL GET HTTP/2
www.playurbano.com/wp-content/uploads/sass/a3_lazy_load.min.css?ver=1509416944
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
ASCII text, with no line terminators
Size
127 B (127 bytes)
Hash
c27b42550dfbec022904e63b23ede660
b007b7f59147d49fd46e2d3aa1b77a71129e1f34
a2f1b190e5d5a3063c35b75b1a00c039b13e171eb7b099299dcb67e9e4fe65cd

HTTP Headers

GET /wp-content/uploads/sass/a3_lazy_load.min.css?ver=1509416944 HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: text/css
cache-control: public, max-age=31536000
expires: Thu, 02 May 2024 17:32:03 GMT
last-modified: Tue, 31 Oct 2017 02:29:04 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 1959495
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BPEZwnM6KtFk%2Beid5Jf9EMvBIMPXduhimOVHXlZmyv2zZYzafiHnrIn5nfPYflS0wtXQxuyEFofm6HIenGnNjQnMFHa4P1fEAowiVfs%2F3fAFm4oLAY%2BnvpLEoAwqVBdJVzWFZkc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6d9a18edb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.playurbano.com/dectector.js

188.114.96.1

200 OK

5.3 kB

URL GET HTTP/2
www.playurbano.com/dectector.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
JavaScript source, ASCII text, with very long lines (5593), with no line terminators
Size
5.3 kB (5267 bytes)
Hash
cd4a68ee8a244502148b969527d9fbcc
0933956febcb9288958a0da54d08ac26a9f8df1c
d43c28aa8a2f591f7e8c23a85042a77c93e7b46a1d237bf969d675184248b81c

HTTP Headers

GET /dectector.js HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript
cf-bgj: minify
cf-polished: origSize=5831
cache-control: public, max-age=31536000
expires: Fri, 24 May 2024 09:07:39 GMT
last-modified: Thu, 08 Sep 2022 23:22:46 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 88959
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M2IwFCeDb%2BJIUwkdoEepp3GykXKnV2DBzcYwnbtp2%2FmnGULzOs%2BZ%2BLc5BE4IRmZZttH6ctMk6Ai5eq%2BO00C5po5SCZ2XiYmplRwGAlavNYwZy3hgOpm2AaXfGSRkNkJ92LDuf8U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d9a08cbb50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png

45.133.44.10

200 OK

14 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
14 kB (14496 bytes)
Hash
962ac416cce3fad636d4904386c8d3d4
811166fceb971353dc6a9ea3a153367f20b47592
ec6c8e1c030499a846897265d0c1f66dedc6ece17c1ea6006b700faf37e73555

HTTP Headers

GET /si/52/3a/8c/523a8ce104cfc3373cd17ab1c0e5131b/1701651901.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: image/png
content-length: 14496
server: nginx/1.21.6
last-modified: Mon, 04 Dec 2023 01:05:10 GMT
etag: "656d25c6-38a0"
expires: Sat, 27 Apr 2024 09:50:21 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

live.demand.supply/impl.v17.31.0.js

104.17.38.115

200 OK

90 kB

URL GET HTTP/3
live.demand.supply/impl.v17.31.0.js
IP
104.17.38.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerCloudflare, Inc.
Subjectdemand.supply
Fingerprint9D:70:F3:B0:56:FD:8A:02:18:FB:C1:32:C8:85:90:FF:98:3A:52:8E
ValiditySat, 20 Jan 2024 00:00:00 GMT - Tue, 31 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (23934)
Size
90 kB (90230 bytes)
Hash
c94ffdc1be05cae52d5a7612ed64327d
5e20ffb0324f09f9debef02f65daa24beac0ba71
326d5117ba3f478610efab050524377c76af6ffd3fd2e8d079f894fdc3c0f073

HTTP Headers

GET /impl.v17.31.0.js HTTP/1.1
Host: live.demand.supply
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: __cf_bm=CQZpD4CauhptdW1ndQZQxs_5._50nmq5GuRSFUcO9S4-1714038619-1.0.1.1-X4sim.KQBJQPSOeUiHvIxPrQlul41R.oTy8Of2gvq3tGAUyJ4gPcxbaX0hfGvNR2XHj6Ue6vx7fvEY39Gicb6Q
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:19 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000,immutable,stale-if-error=604800
cf-bgj: minify
cf-polished: origSize=90413
access-control-allow-origin: *
cache-status: "Netlify Edge"; fwd=miss
etag: W/"27b45d515425df96837a3ffc3e127ebc-ssl-df"
strict-transport-security: max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-nf-request-id: 01HVM205WKC5Z62XXQWTZT6NHF
cf-cache-status: HIT
age: 747217
server: cloudflare
cf-ray: 879d6d9c0d3db51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.playurbano.com/wp-content/uploads/2024/04/Dei-V-Martini-150x150.png

188.114.96.1

200 OK

39 kB

URL GET HTTP/3
www.playurbano.com/wp-content/uploads/2024/04/Dei-V-Martini-150x150.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type
PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced
Size
39 kB (39317 bytes)
Hash
27d3f5b9209ea9755b95f2a21d4d1c99
8ca1a0e3a99e679589549136ca08988828b934b2
094b01f010f636c888521d766fe6617c8bd3242194ff3ec4e30897105a315c2d

HTTP Headers

GET /wp-content/uploads/2024/04/Dei-V-Martini-150x150.png HTTP/1.1
Host: www.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Cookie: _ga_SQFXB0YJTT=GS1.1.1714038619.1.0.1714038619.0.0.0; _ga=GA1.1.1647606046.1714038619
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 25 Apr 2024 09:50:20 GMT
content-type: image/png
content-length: 39317
cache-control: public, max-age=31536000
expires: Sat, 25 May 2024 09:50:19 GMT
last-modified: Thu, 25 Apr 2024 09:49:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ehQlPgek5H6LaJAUjU7gwXc833oOYtomDIFPET%2FOE78GIxNv9TuGFl9x5EohShLi9XRQsFNnnZq%2FBbkEaaKiV0BWmQ0yMcxLcSU0xHdlKCCNKpj5g%2BOUitgVrkHYYxRy%2BKU3ILU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da07cdcb509-OSL
alt-svc: h3=":443"; ma=86400

nexu.playurbano.com/

104.21.16.77

200 OK

242 kB

URL User Request GET HTTP/2
nexu.playurbano.com/
IP
104.21.16.77:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectplayurbano.com
FingerprintCD:AE:9E:CA:48:75:44:24:71:E4:A3:FA:7D:D2:A5:3E:5F:2D:9B:56
ValidityWed, 24 Apr 2024 18:53:10 GMT - Tue, 23 Jul 2024 18:53:09 GMT

File type

Size
242 kB (242250 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: nexu.playurbano.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:18 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: f31_HTTP.200,f31_home,f31_URL.6666cd76f96956469e7be39d750cc7d9,f31_F,f31_
x-litespeed-cache: miss
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2qaHkrPdONGyzVjLuMvc%2F2hcbEgoAVtAs6Bc1Td%2FBaxEwGj1iGHArgRHPAdWke%2BZujVd0%2BsA2ZiaEHdCtWuKiFXcAfp2mQl9CUqif5B2KgUElm9f4jhRqeb42iGoB5s7rN9uvMeh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 879d6d912fec5694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js

188.114.96.1

200 OK

382 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/chat/mob/ssp/1/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://nexu.playurbano.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (411), with no line terminators
Size
382 B (382 bytes)
Hash
9ffae600059bf4e6adb35ebb274ae385
6130e466c04551baa2a5d650e6bd5a87daba73a7
a7d15e051fb3d3c31494683306bb7752478354894825b110d26d333cbeaaeb39

HTTP Headers

GET /sb/chat/mob/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://nexu.playurbano.com
DNT: 1
Connection: keep-alive
Referer: https://nexu.playurbano.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 25 Apr 2024 09:50:21 GMT
content-type: application/javascript
last-modified: Mon, 21 Feb 2022 08:25:08 GMT
etag: W/"62134c64-17e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzYBz8oH%2FKmX%2FWPsvLns4J%2BM%2Fc%2FQGuKKiWVSGjj6jNbktpZN13r5uG0QIjlSRpTYzpCACwVYrdBUlaFGP6RvznYOZD1Th0IE6OrGvYlVNYwdTPbPCJbMGMkM2ZQnc5zRj8ZS2BshICIr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 879d6da85d97568e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (32)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL