r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2270
Expires: Mon, 28 Nov 2022 02:19:31 GMT
Date: Mon, 28 Nov 2022 01:41:41 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3938
Cache-Control: max-age=122110
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:41 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:36:51 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5464
Expires: Mon, 28 Nov 2022 03:12:45 GMT
Date: Mon, 28 Nov 2022 01:41:41 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 01:19:29 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1332
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tZrSNm9gELAjXGTUAhB8PjHwxMPCg29m2x52coIWa3ZKnc8eXL598M3a1bKo7KvbpNDHNMQo+VE=
x-amz-request-id: 956DZ543G76VA0YZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 00:41:51 GMT
age: 3590
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:41 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
200 OK 770 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8ae1afcd44a2a3ea3c8f86bc74702b05
4f605e49a1ce94999619beef3f92dd923ca63b6d
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
GET /wp-content/plugins/wp-postratings/images/loading.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: image/gif
content-length: 770
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 304980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cGb8ISsOppxbJ6%2Fu2avXsmsikLdkOBPpNbRjTNuq%2FZdl3hfkEHbJZ2YsIfqQ3%2BaSVY898vo%2FqVhSjd3kXg8KJE7u2dzXKhs%2BCz2Ge%2Bhvtecr%2B4PnhmYGmk14XgzUVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f6719d857b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
200 OK 523 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
IP
File type GIF image data, version 89a, 12 x 12\012- data
Hash cf853fb872bf743ae8556423ec0259ee
646fdebf47dfd354ece7ad18f6ff041059e4cd58
cbd3ada90ee6d7f06fc267fd393252b2e4e56e4d7a106ed8fcf3de8c294db136
GET /wp-content/plugins/wp-postratings/images/stars/rating_on.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: image/gif
content-length: 523
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 304980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpzuCXoEv9fL8QQt6lVsELI8rbfZ%2FCaWQ9vyvejXlsCM1I5fclQD%2By%2BajGwT%2F26g1eRYRQOseMaj8nUvp8Oa39F7JEDQJDZy47CHFIwEzt4%2BD14jXgs3LJTB7ln9rw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f6719d859b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
200 OK 4.7 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
IP
File type PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: image/png
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 323846
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y6gWLWJFeoAu1wCuOhGOENGjDrsGXkhpBn%2BX1SprvPYeDOrmNPCHT9reTj00Kh0w2a%2F5KRSjrOmcU4nv%2Bor12FnxdqItZJPSayZ36pYJqjHDzeT4K7g%2B4J8qEpsnJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f6719d858b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_half.gif
200 OK 523 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_half.gif
IP
File type GIF image data, version 89a, 12 x 12\012- data
Hash 5305588cc2da4696e5e55a9ebf859f9b
29f5d6c7bf662aeabefc1cf83b87d7be574e59e3
5c0958f0c447694da87ec8accb060eafaf8175b2a792b558ae375bd375eb2398
GET /wp-content/plugins/wp-postratings/images/stars/rating_half.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: image/gif
content-length: 523
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 304980
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gIbuQrc%2BTRx985KF7BdajNvRm53LTS3am%2BxpZ7x%2B9%2FRYYoMYXZpWz3VaW4lFggyPaQdr7wCxvxNgyx0XKBuC283XOqMe%2BoNdqxh42W54Y5qOtqtv6EJuL7WZ0cpbjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f6719e85bb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/peliculas-online/harry-potter-y-la-orden-del-fenix/
200 OK 17 kB URL HTTP/1.1 cuevana3.nu/peliculas-online/harry-potter-y-la-orden-del-fenix/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 5e364e1947b614428b190c2f2837057e
91e78e54c68c9fda8d5e25ad8bae1be30a6960ae
b0e23f36ff11e03978692fc01ed979c4ceacd1563817b942efe67c8f7a5259f9
GET /peliculas-online/harry-potter-y-la-orden-del-fenix/ HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:41:41 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-dns-prefetch-control: on
x-pingback: https://cuevana3.nu/xmlrpc.php
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/", <https://cuevana3.nu/?p=77587>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUJ5RuNBgCsHJm0n24ZImMMMboj9sPuK8HfxpJsEr0VBkVHXVeSekbq1wpLFi5FLfIYvz2U9v0dDNtNLA4GF%2F7PyzIF%2Bp6uUMh5mgcejqoW1e68%2FfMr32E%2BoW8dB2w%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 770f67163be3b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
IP
File type ASCII text, with very long lines (32030)
Hash f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669599702.dop009.sk1.t,1669599702.cds232.sk1.hn,1669599702.cds010.sk1.c
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3bb771e9cb3c14f046ab80235cd56b9e
0d0a20d7b7957e91e434ed0ca0fab855dc843b63
44d0bc2d1f8a705a294d408ad2111ae050054721984f7edd8c5ac7a9639c9493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "44D0BC2D1F8A705A294D408AD2111AE050054721984F7EDD8C5AC7A9639C9493"
Last-Modified: Sat, 26 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17356
Expires: Mon, 28 Nov 2022 06:30:58 GMT
Date: Mon, 28 Nov 2022 01:41:42 GMT
Connection: keep-alive
cuevana3.nu/wp-content/uploads/2022/03/got.png
200 OK 133 kB URL HTTP/1.1 cuevana3.nu/wp-content/uploads/2022/03/got.png
IP
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133044 bytes)
Hash 6d6e76818f4b8c2dee0705158aaa6085
e681d2bdc33948723ea64828dee68941dbdda191
4ad36073c73561428856b74ae6eb08ce5a845bab365e4a1602edecaa2bb6ab23
GET /wp-content/uploads/2022/03/got.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/peliculas-online/harry-potter-y-la-orden-del-fenix/
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:41:42 GMT
Content-Type: image/png
Content-Length: 133044
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
CF-Cache-Status: HIT
Age: 323846
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9kfQOF91SUFksQOvrLdpkcB1%2FGkvgi45WGKA%2FbezCbbY4IikFjG7tfINtRgNfi4h9unefJKaky2xnxDWLayLMz61zVbnNZvcijjw3PBypDQnY9LOiYDxiIqzGVWMDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770f671a3dd1b509-OSL
alt-svc: h2=":443"; ma=60
whairtoa.com/5/4907445
200 OK 24 kB IP
File type ASCII text, with very long lines (63288), with no line terminators
Hash 4d51707d792684274c967b15acf5747c
cdb38095d70090af6866967e45a21a1db3f596c4
dc831ced45506e7c92b487c6630d7a0b634a90fe4012a96034fda024b6f7bc52
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4907445 HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 01:41:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 3bc9aeec8409f598b8807b9f7b13c6b1
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:42 GMT; path=/
oaidts=1669599702; expires=Tue, 28 Nov 2023 01:41:42 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash eac2806a2ce57230950c8c1c35c40485
f1ad6514d65db767f19a7c10e72cbab8f8577992
7d084fbd604d48785a6801a7016b119837fb1ad095688c607a0e2e889e598403
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7D084FBD604D48785A6801A7016B119837FB1AD095688C607A0E2E889E598403"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4956
Expires: Mon, 28 Nov 2022 03:04:18 GMT
Date: Mon, 28 Nov 2022 01:41:42 GMT
Connection: keep-alive
image.tmdb.org/t/p/w342/z5bL1z1ZOAKBkvbOhVQp6GfBv4u.jpg
200 OK 40 kB URL HTTP/2 image.tmdb.org/t/p/w342/z5bL1z1ZOAKBkvbOhVQp6GfBv4u.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3\012- data
Hash c11bb1fce5aa588bacc2a6aac3c110fc
641df7722e0f22e837b396b48a4833d7e4ff5c82
0058e5f8ff950ab70c52ac9f8b5e078aa1ebca3ab8c67c480473694e750046d1
GET /t/p/w342/z5bL1z1ZOAKBkvbOhVQp6GfBv4u.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: image/jpeg
content-length: 40163
server: BunnyCDN-DE1-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272d606-9ce3"
last-modified: Wed, 04 May 2022 19:37:42 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 268
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/15/2022 10:41:46
cdn-edgestorageid: 755
cdn-status: 200
cdn-requestid: df764889114f80d62fee3a3c3c644db8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
200 OK 628 B URL HTTP/2 cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
IP
Hash 1803247bc1941f735f25681016c604d4
5fc92c752fc8856c97c5ef210b1add1c4f677f26
f8de74b8f11d9b4be5ef227b24ed2ea31ca00274536da9427336b74c48071abe
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Sun, 13 Nov 2022 01:43:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 323846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2HGR09elMr05lEAW3wVTo2f3yCHIfR1sdsvY7QCViyfo1i7QD0fVni3n1v5dtASuP3JUHxzigxiTDGT%2Fl6cZ%2BV4eJ%2B7MaLgVwFZKtq5RaBOLYt%2FxucAXACOFtr7Pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770f6719d852b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash eac2806a2ce57230950c8c1c35c40485
f1ad6514d65db767f19a7c10e72cbab8f8577992
7d084fbd604d48785a6801a7016b119837fb1ad095688c607a0e2e889e598403
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "7D084FBD604D48785A6801A7016B119837FB1AD095688C607A0E2E889E598403"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4956
Expires: Mon, 28 Nov 2022 03:04:18 GMT
Date: Mon, 28 Nov 2022 01:41:42 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-209818749-2
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209818749-2
IP
File type ASCII text, with very long lines (1921)
Hash 6d4f80430f102d4a8f61e6700f7ffae2
42ae7cb4988e7f94123101ec16f77338379a0c05
aa22f549d245f2bbb8f3c11249c0b7d4dc33937bb94b55926b43235544a9408d
GET /gtag/js?id=UA-209818749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 01:41:42 GMT
expires: Mon, 28 Nov 2022 01:41:42 GMT
cache-control: private, max-age=900
last-modified: Mon, 28 Nov 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43684
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cuevana3.plus/perversas.jpg
301 Moved Permanently 472 B URL HTTP/2 cuevana3.plus/perversas.jpg
IP
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
GET /perversas.jpg HTTP/1.1
Host: cuevana3.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Mon, 28 Nov 2022 01:41:42 GMT
location: https://cuevana3.nu/perversas.jpg
cache-control: max-age=3600
expires: Mon, 28 Nov 2022 02:41:42 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2j%2BIJxNnnMb538xywWt8YPaiiYazx7z8cNnr3i7GZy3X4DBKZ7w44%2FGVYD6m%2FE9785uK7nw%2FZW21YPZwLEM7ypeHWUN2B%2B405QhhNCi%2BGKpghRywskve48EunmdnRHNH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f671aaecfb505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 01:08:54 GMT
cache-control: public,max-age=3600
age: 1968
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2894
Cache-Control: max-age=116004
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 09:55:06 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7207a5076b63fb5f39b9436ced9fb18f
cdd84ecfe85882601e81f11783d9f63b30084de3
6d4543402df8135d5860ecd47dd52d96d66d2e1ac6feec11accb5f43f2da7d0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 279 B IP
Hash 263fd6d40218c2b0a2945fa12db8b4e5
db616a4c91fea68c1badef3644d17c033a467dd1
9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Etag: "638352db-117"
Last-Modified: Mon, 28 Nov 2022 01:08:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5932
Cache-Control: max-age=116167
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Etag: "63831d71-117"
Expires: Tue, 29 Nov 2022 09:57:49 GMT
Last-Modified: Sun, 27 Nov 2022 08:18:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4eb6b35d/www-player.css
200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/4eb6b35d/www-player.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7a4f3bc144a58504dd2185dae5f909bb
8f3e87d706fb3687047486cbe1b0abed9a06d811
a0b1b06622d124308fce2daa3ab851e057ff08126ba85cef596d279ffc2de6a5
GET /s/player/4eb6b35d/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/zqMjQXcpacg?autoplay=0&autohide=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49788
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 15:52:58 GMT
expires: Tue, 21 Nov 2023 15:52:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
content-type: text/css
age: 553724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
nanouwho.com/1?z=5014433
200 OK 6.8 kB IP
File type ASCII text, with very long lines (16471)
Hash f55078dcc0ca23a8d1eb6a90de8009a1
48a91e30d0c59f5fc862bf99924b96b555821858
b98b3dd023c6873b66eb892d52ccc0f9c5cf4732e34377219a695c1bb6f77bf6
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5014433 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 01:41:42 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: 54251a0789bda69ed2590d72a89edd12
Access-Control-Expose-Headers: X-Sc
X-Sc: 9FaB5NkdWKYdXRlX7C1_HXWQ4EtzKKs97OoXqgQPeGdUpDi73p-Fezx9U7PJg-bIe_UyDTVjR1oa1Q3jNc2xF0tK0uQ=
Set-Cookie: scm=1; expires=Tue, 28 Nov 2023 01:41:42 GMT; secure; SameSite=None
OAID=bbba8eff5baf414d82ba4b8280caa354; expires=Tue, 28 Nov 2023 01:41:42 GMT; secure; SameSite=None
oaidts=1669599702; expires=Tue, 28 Nov 2023 01:41:42 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
200 OK 80 kB URL HTTP/2 use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
IP
Hash e0f15c4fa1d3a15ff7bfdb0e1916d5db
bb0735efa393e240387fb296c08ab7594f112678
b0a51f28d596aa742fa7549fb2fa16d8dba2e35553bbca7388f5e148b9361f46
GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: font/woff2
content-length: 79100
x-amz-id-2: TYa8ZmfQftmsVu0dxjoAv8BOCpgyPgmv/qToRztMW6Dt4pQBWN9SJ4YokkyXAbn03ZE0Z8CQyVA=
x-amz-request-id: 5EA3KSZ1M1A8NSHY
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 31895
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRbK%2B5yROs5A9s%2BwScTjNydNjmI4hFU%2BcP28yi5twgU2FVXtSw8LIjsieSMtIs8OlBf9e1UunhlfnXE056e8db8HyfxU2gNhwbCVBUPOrkOastLVkpbeohBJVUpJpLCfS%2BbVWgwT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770f671efc7f74fd-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e413346bdf4cea48847886fc7871e4d8
5d89ec3ae90ebf5069321bfc6fb0abeff77db028
85398a907af9d7c7041b28ec00595c5056ee3ecb51d9f09e4e75b6bfa0859d84
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "85398A907AF9D7C7041B28EC00595C5056EE3ECB51D9F09E4E75B6BFA0859D84"
Last-Modified: Sat, 26 Nov 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20776
Expires: Mon, 28 Nov 2022 07:27:58 GMT
Date: Mon, 28 Nov 2022 01:41:42 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 279 B IP
Hash 8620cb50c13aa6595039feb6a940c719
87697510b8823d7312df41eaca3fd042a12bf96d
eda65270df7fee2cb4c1dcd7d5116c6e58918b7685ff2b2ef5e791c5b787a618
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5932
Cache-Control: max-age=116167
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Etag: "63831d71-117"
Expires: Tue, 29 Nov 2022 09:57:49 GMT
Last-Modified: Sun, 27 Nov 2022 08:18:57 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
200 OK 279 B IP
Hash 263fd6d40218c2b0a2945fa12db8b4e5
db616a4c91fea68c1badef3644d17c033a467dd1
9a5d043d20760ae47a125e8585da97dcaf49405321e810c12e93336f55c95a97
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1989
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:42 GMT
Etag: "638352db-117"
Last-Modified: Mon, 28 Nov 2022 01:08:34 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N48YvWyvXAfCqancbpxgow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7v09FpAReuogwFSiS9GoFYk7b4Q=
my.rtmark.net/gid.js?userId=999d1443192c4e3ea2db7873f5f39f09
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=999d1443192c4e3ea2db7873f5f39f09
IP
File type JSON data\012- , ASCII text
Hash 0ce4898fd3b92d23dae752e9eb105769
61fd392f0c077714e98919cc2e25f8e39dac8791
563964c17c8b39b1072ca54e697619af614abb0fcc1d651ab1352ff0d4cbd772
GET /gid.js?userId=999d1443192c4e3ea2db7873f5f39f09 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:43 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
onvictinitor.com/apu.php?zoneid=5487080
200 OK 29 kB URL HTTP/1.1 onvictinitor.com/apu.php?zoneid=5487080
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8f1ef8b51b075e667232fca0f04c86d1
9d4469d99df611d0d1f2ef754eb3d6e05d875183
5f562f51ffdb5e72ec1159fb5d6717c2fe0dc7377f5e4e3395f055421c9b1d77
GET /apu.php?zoneid=5487080 HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 01:41:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c8862fbe28600ab58815d70e649a87c0
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=ada4055595734b118e26a39ba22b24de; expires=Tue, 28 Nov 2023 01:41:42 GMT; path=/
oaidts=1669599702; expires=Tue, 28 Nov 2023 01:41:42 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b55db84ff1e49ec685b1a55ebec72d3b
80a80d414ac7b8f97812f3912cddb6d6b2d95f43
9303fefdbcf6378dbf06668422bdb647768837a24669901c7e35ea8ed29d04d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9303FEFDBCF6378DBF06668422BDB647768837A24669901C7E35EA8ED29D04D3"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16573
Expires: Mon, 28 Nov 2022 06:17:56 GMT
Date: Mon, 28 Nov 2022 01:41:43 GMT
Connection: keep-alive
image.tmdb.org/t/p/w1280//sO2VWeJ8qagNtYoznyLRL8TeSkw.jpg
200 OK 150 kB URL HTTP/2 image.tmdb.org/t/p/w1280//sO2VWeJ8qagNtYoznyLRL8TeSkw.jpg
IP
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size 150 kB (149809 bytes)
Hash 175e75e95d0af58399c9e11a10e5c760
9c11c0c30de81422cc26e4b1ce45f21771e4e2fc
89e2a2b2b19c6f7f9efa11e55a37b513f954c2a34099156171f059958f095a80
GET /t/p/w1280//sO2VWeJ8qagNtYoznyLRL8TeSkw.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: image/jpeg
content-length: 149809
server: BunnyCDN-DE1-755
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6272be90-24931"
last-modified: Wed, 04 May 2022 17:57:36 GMT
cdn-storageserver: DE-198
cdn-requestpullsuccess: True
cdn-fileserver: 127
perma-cache: HIT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-cachedat: 09/02/2022 09:36:37
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: d03e58db8314fd763194022f0d318c64
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
onvictinitor.com/?rb=HZWBSTv1aAf-RzKS3jg6AtNPJQp3CdNBTqVcrSKHs8cs8jWr6U8ygTB7_UzHjS_640p1JQ8skowWq2Yy2mXEI64OExxLSVmsbE11KvPlh2tK-JxoR6tr6dvQOXy2l1O5Pupxj__1QT1Iwin2ABsJZp6svmwDZKAODY6QJ56E8kOGVcLa1GBirOqJkuCeyjTKiTNKAiqV-EvA8PTiV1y30lE-7CRu2jX2jmdbs3qStGU%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=365f477c-3349-4467-b0e7-bb6bf0e0ed9b&userId=999d1443192c4e3ea2db7873f5f39f09&m=link
200 OK 1.9 kB URL HTTP/1.1 onvictinitor.com/?rb=HZWBSTv1aAf-RzKS3jg6AtNPJQp3CdNBTqVcrSKHs8cs8jWr6U8ygTB7_UzHjS_640p1JQ8skowWq2Yy2mXEI64OExxLSVmsbE11KvPlh2tK-JxoR6tr6dvQOXy2l1O5Pupxj__1QT1Iwin2ABsJZp6svmwDZKAODY6QJ56E8kOGVcLa1GBirOqJkuCeyjTKiTNKAiqV-EvA8PTiV1y30lE-7CRu2jX2jmdbs3qStGU%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=365f477c-3349-4467-b0e7-bb6bf0e0ed9b&userId=999d1443192c4e3ea2db7873f5f39f09&m=link
IP
File type JSON data\012- , ASCII text, with very long lines (2381), with no line terminators
Hash 90e2f7ae9c37d05fa6c5cbbac839dcd5
3841676589767a480870a6e962ad8d1718c57290
ae3f27c9ab9d7b3b517664ba622d6eaf7a32a164a4a326db02df3202f5ff9c60
GET /?rb=HZWBSTv1aAf-RzKS3jg6AtNPJQp3CdNBTqVcrSKHs8cs8jWr6U8ygTB7_UzHjS_640p1JQ8skowWq2Yy2mXEI64OExxLSVmsbE11KvPlh2tK-JxoR6tr6dvQOXy2l1O5Pupxj__1QT1Iwin2ABsJZp6svmwDZKAODY6QJ56E8kOGVcLa1GBirOqJkuCeyjTKiTNKAiqV-EvA8PTiV1y30lE-7CRu2jX2jmdbs3qStGU%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=365f477c-3349-4467-b0e7-bb6bf0e0ed9b&userId=999d1443192c4e3ea2db7873f5f39f09&m=link HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 01:41:43 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: b6ba46a83e7bbcda4f9dae245ff97c5a
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:43 GMT; path=/
oaidts=1669599703; expires=Tue, 28 Nov 2023 01:41:43 GMT; path=/
syncedCookie=true; expires=Mon, 05 Dec 2022 01:41:43 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
whairtoa.com/?rb=3nLmYD4jakuXqNKgxZofMUResUklAsegroIvBi3weGi8_OhY7Tl-Nh9I06uy2qey4dEM60fxjTnbuLwSY6U6fM804ywQv0eg7g-kNnpKe9AsOsLEJPzGyw1ePhxwJQlbXE70b2dyqZ9OzMOZDxEf5xx1MHKUXWOkOTpgPoGPxT_uac_M88-kJTUJW75zhHsjpEDy9g_mYrbt9Kb9avhsX5n9LoLeGHxBhjUZeQUJS_Y%3D&request_ab2=96003&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=b0e827c5-1347-462d-bdd6-aa29a62e1d53&userId=999d1443192c4e3ea2db7873f5f39f09&m=link
200 OK 1.7 kB URL HTTP/1.1 whairtoa.com/?rb=3nLmYD4jakuXqNKgxZofMUResUklAsegroIvBi3weGi8_OhY7Tl-Nh9I06uy2qey4dEM60fxjTnbuLwSY6U6fM804ywQv0eg7g-kNnpKe9AsOsLEJPzGyw1ePhxwJQlbXE70b2dyqZ9OzMOZDxEf5xx1MHKUXWOkOTpgPoGPxT_uac_M88-kJTUJW75zhHsjpEDy9g_mYrbt9Kb9avhsX5n9LoLeGHxBhjUZeQUJS_Y%3D&request_ab2=96003&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=b0e827c5-1347-462d-bdd6-aa29a62e1d53&userId=999d1443192c4e3ea2db7873f5f39f09&m=link
IP
File type JSON data\012- , ASCII text, with very long lines (2253), with no line terminators
Hash 49502bfd4f9ff4c105c8dc160d1553df
823c24baefadbfb1c2939cd693410c5171bc5bc0
299edcaa5d4e1b3e7e73cfabb2957ef0d087e5d5db34205888e7ab20ec25e158
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=3nLmYD4jakuXqNKgxZofMUResUklAsegroIvBi3weGi8_OhY7Tl-Nh9I06uy2qey4dEM60fxjTnbuLwSY6U6fM804ywQv0eg7g-kNnpKe9AsOsLEJPzGyw1ePhxwJQlbXE70b2dyqZ9OzMOZDxEf5xx1MHKUXWOkOTpgPoGPxT_uac_M88-kJTUJW75zhHsjpEDy9g_mYrbt9Kb9avhsX5n9LoLeGHxBhjUZeQUJS_Y%3D&request_ab2=96003&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=b0e827c5-1347-462d-bdd6-aa29a62e1d53&userId=999d1443192c4e3ea2db7873f5f39f09&m=link HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 01:41:43 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1bb51765ddb3b0b4ebd02a640970a0ac
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:43 GMT; path=/
oaidts=1669599703; expires=Tue, 28 Nov 2023 01:41:43 GMT; path=/
syncedCookie=true; expires=Mon, 05 Dec 2022 01:41:43 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP
Hash a1ba0fab7dad09ca47ea0ed398985f3b
8f13a025da47fddfe49924d08edde9a672596dd3
a69d775a462b5f2ff33cd052990f51b5e959657caf3a4c5613ebfd2d1ea290a6
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/4eb6b35d/player_ias.vflset/en_US/base.js
200 OK 446 B URL HTTP/2 www.youtube.com/s/player/4eb6b35d/player_ias.vflset/en_US/base.js
IP
Hash 27397d164f97fd1f9cd6041685215c13
48ed20b62b167500c24f2b4bcf8502ec75281aaa
add6b9912157e6b20873ef50061680a03b3cd0a0a497e169b9067662f101ebfb
GET /s/player/4eb6b35d/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/zqMjQXcpacg?autoplay=0&autohide=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 592489
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 15:55:44 GMT
expires: Tue, 21 Nov 2023 15:55:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
content-type: text/javascript
age: 553558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://1fichier.com/?s0rks2zgpqhfaiba8gzb
301 Moved Permanently 356 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://1fichier.com/?s0rks2zgpqhfaiba8gzb
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 49d23f50b90338708b96805269ce6562
f4f782aabd1739aed718db1e2d4320d9fc965b78
686eddf9badf010b5e3e94d8d2ffb442387f7065060de1c1209222b5b04d98e8
GET /s2/favicons?domain=https://1fichier.com/?s0rks2zgpqhfaiba8gzb HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?s0rks2zgpqhfaiba8gzb&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/h0zgj4uh0719
301 Moved Permanently 345 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/h0zgj4uh0719
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 40aeb7916cbe281b932ab57696d3ab4b
896dc20602a409a3a9e2b7588634bfef40b61c4d
9b0c0048b788ee50b77e82a21d924fa8a1cc7dcbee5800ea17085fa7514e2bcc
GET /s2/favicons?domain=https://uptobox.com/h0zgj4uh0719 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/h0zgj4uh0719&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt
301 Moved Permanently 442 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ea7a8b700e1e4353f53e667841cf1616
871c2aa065d007291a57b201ce598dcb8869512a
696c9ebb8db3e9346a3528bfedc218ec2f148def4fa965058d20642f4047ea26
GET /s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/embed/zqMjQXcpacg?autoplay=0&autohide=1
200 OK 28 kB URL HTTP/2 www.youtube.com/embed/zqMjQXcpacg?autoplay=0&autohide=1
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58638)
Hash 634a24ecd502124f4ee96baf67b13c1a
e3930225e379e28b0cf509aab57efbb37fbfa894
f979274397613a9df61f59f11b1361d473355e947d11eb9dd1cbb94c941293e2
GET /embed/zqMjQXcpacg?autoplay=0&autohide=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 28 Nov 2022 01:41:42 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=yJyDvZ3yQkk; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=A0sBeGQKaOo; Domain=.youtube.com; Expires=Sat, 27-May-2023 01:41:42 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+171; expires=Wed, 27-Nov-2024 01:41:42 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/eSoH3IZA
301 Moved Permanently 342 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/eSoH3IZA
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d11c5806562cd1bc5b008e9d2d07c2ac
d26812e3c6176ef17d94a1f1db3afc3bcf534bad
55126c5e260aca016184ee07b2e5e76c5c5f4e963f5e091bde93678aba90dea1
GET /s2/favicons?domain=https://mega.nz/file/eSoH3IZA HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/eSoH3IZA&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&o=77587
301 Moved Permanently 394 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&o=77587
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 8b681f9ce31e020dd6cd2c564007969d
0a6440eff53cb3d1a9d70249a67c4e6a2b0a9114
f990d4dd2f2a1a483f9dffbf9f9bda8bb37979534dc8dd599be52d2d05bae3db
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&o=77587 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&o=77587
301 Moved Permanently 414 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&o=77587
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash eb0eaf69046faed172648001623beb42
57f05e87b62bb890e9c7606277cc5fbc9b89e8f2
478e3566a0c9bb49d463b64a375c271157e8b8b7142e3144c8255ba88a1293f3
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&o=77587 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
301 Moved Permanently 446 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c35ecb3b100676145aa70b2a1c61bb5a
83e403c069d85d537b9fc7b5a78ea0b8f8fa6e91
72917356f8307fafe1700e6835a5971e23b48dae84a5ae1c6a101324826c3781
GET /s2/favicons?domain=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt
301 Moved Permanently 4.1 kB URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt
IP
Hash e541b0e69e0a6ecfa5023716c8203382
0c79ae3bdf144b12a4b2a6b7689667988dfd0b4d
feb70196cb09370b9630585e8f759cc219dac1be7b3057de0956567e5481a74b
GET /s2/favicons?domain=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 441
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587
301 Moved Permanently 514 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (337), with CRLF, LF line terminators
Hash 69d9c9e87851939d7ece4c23b5afa1c3
24e30acc729e528cf4d4ff40c5cce263455616a7
62348e25333bfe38b1dd394fd85d939de91d1c802fcc46c7dbf5a8857f271f05
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587
301 Moved Permanently 514 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (337), with CRLF, LF line terminators
Hash 1cbbc9fc52532c696af8590c4773e441
7555e3629f30e225dd90ce052201cc88c78bfab0
982d52e96f85293294b89304430ef73ea8ae44eb88522af654d64c2ce1834350
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&o=77587 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 514
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
200 OK 5.6 kB IP
File type ASCII text, with very long lines (12966), with no line terminators
Hash 9ddb1e94bb50bb1e504259559955cb6b
74c9dd3dd414dd9e1a530fad8f7eeb3b86c6157a
98b78e71c1be3da5eb79a8ce572cfeb47d649194668a2e58a0de402337d5aaa3
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5143
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AtLs8yKZstWTW4v1EHKIGiZT1%2FRaChVbJ4SbH43AXCSdIhcOWb%2FR11eiogh5FwRcuBCbIioexpNfhSiX%2FiGwn2Q91goqeLXbL1mXOX6MhDpSnw4%2F%2FQ2xip%2BRFe5xBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f671f1a650b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&o=77587
301 Moved Permanently 414 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&o=77587
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5567e6feec6e600244d0563c19418468
fb7ad1559d8831c029325e7d91c0625e109666a4
d04e3f47f13c71fc00aea44fee7d2c91cc05f3fdeae3a6ca809806c9a0523857
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&o=77587 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 28 Nov 2022 02:11:43 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 9cff2c2ad4207e09e07c017987177850
833082ded91a1983a1367c48c8076949e079ce95
82b03e92d004f116875ba023a7e8782d3c124a1c499a6328f29cff70f397a6cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 8835f987270c3a6655732a8b9f79019d
b526a02966f50407fd20c881616a505ca6693ce3
349663442998cf63d2ff77fdfee46ac572703750f977b4f60e9082307309f7c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 01:30:21 GMT
expires: Mon, 28 Nov 2022 01:45:21 GMT
cache-control: public, max-age=900
age: 682
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 28 Nov 2022 01:41:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b3b2c7f77d21f4f3c942fb3357e9fa83
d82fbb7c5ecaed601c4c6c927150531d6bb4e793
4a9731627b28cc01d199f0362ad58487eb7391f26d348c0454ec96f32004f78e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09
204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 01:41:43 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 471 B IP
Hash c910a44bf58b708c25d146fd52adb8e9
374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5
3cf34029e6a112320130d154ac1291e49bcb4a80f0caaf84309456986f0adc77
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 01:41:43 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 25 Nov 2022 13:33:17 GMT
Expires: Fri, 02 Dec 2022 13:33:16 GMT
Etag: "374a72c3026ea1fa5defd1e8eb7be2ca7184dfd5"
Cache-Control: max-age=387692,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 770f6721e8bab51d-OSL
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=68515&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
200 OK 240 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=68515&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com
IP
File type ASCII text, with very long lines (315), with no line terminators
Hash ee3b4f4820266c48551fbe82ad3bf2ff
01099745f1ca80fbf1eb27f98133c89b08c7d30b
07bce97235844cfeef44889b07c685a9337ac005bdd2b6c17381c2e0342991f8
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odeak=1&odepv=1&osfc=1&alr=yes&id=68515&cmo=sensitive_content=yes&sc=yes&cmo=td=c.youtube.com HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 240
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
200 OK 1.7 kB URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP
ASN #60781 LeaseWeb Netherlands B.V.
Hash f0c174210664c3e7e3483809548a3708
a688b105c1a28c07a62b697e71f63af874d194cb
32b556e221b4789e4fafa86fff197e751755a3cdc96481b5652a3ff41a781d30
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 933
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Mon, 28 Nov 2022 01:41:43 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09
200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09
IP
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fharry-potter-y-la-orden-del-fenix%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=999d1443192c4e3ea2db7873f5f39f09 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 289
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 14bf54c896e6b5b3ced1b40f621e6a06
access-control-expose-headers: X-Sc
x-sc: u11unNAq7gAtk6hWYYnK4ttZlpHiHf-wIpqR3nCidD-mgBttrSKMRmIyXubYn1JVa5MF_1k1k-0ig4L927d6BjZAJLs=
set-cookie: scm=1; expires=Tue, 28 Nov 2023 01:41:43 GMT; secure; SameSite=None
OAID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:43 GMT; secure; SameSite=None
oaidts=1669599703; expires=Tue, 28 Nov 2023 01:41:43 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 175849d269d48db49602d981ae8c51e6
885c2fe33fe337edeb3b47d456127b5b453cc6ee
ef68d2fb4c0e31bf9f1c29ffd85c100a507a1849d9476cf6bb1bfe4815d43892
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 28 Nov 2022 01:41:43 GMT
server: ESF
cache-control: private
content-length: 30574
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&size=16
404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt&size=16
200 OK 365 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7da320179b2003b0240a8f641a1d2506
3a29169b79e09493d772c3a79b2d11324d92fffa
8d0f7e0912f8a522472d038b8133aa7c6ae5befe831145bbce12a95c767b6a38
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p..SUB-LATINO.cinecalidad.lol_.srt&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cinecalidad.lol/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 365
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Mon, 17 May 2021 11:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYWw2TURObWFSdDFJaFo=&size=16
200 OK 270 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYWw2TURObWFSdDFJaFo=&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYWw2TURObWFSdDFJaFo=&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&size=16
404 Not Found 726 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=alZJbUR3dTUwQUJlYjAwQ202aEF1aGYzMjNqUkhQbWtneUMxRXlNdnBrQ3lMYnV4b3k5QWZEY2tYb3l4WHhiWg&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Mon, 28 Nov 2022 01:41:43 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
200 OK 852 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash faf64e32ce748dabf3d57c6daa6a00f7
46317741e4d001feb10442fb300ac4876ac14bd9
0de27c32ce9d9a34eb1c3f57169cb4cc44869cb143a3a5c56b4ef491cd6be4d2
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 00:30:49 GMT
expires: Thu, 01 Dec 2022 00:30:49 GMT
cache-control: public, max-age=604800
last-modified: Fri, 23 Jul 2021 13:14:38 GMT
content-type: image/png
age: 349854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/eSoH3IZA&size=16
200 OK 454 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/eSoH3IZA&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b47dc0281a58eb5dcbefb21f7d9f2f8b
9ca10c8524a596da424cfe4ad62902b6c3107172
3bb219a803b2aafd036cd2c0133a3b41c9e97d6f22c48c5884aad12b9a8b4c89
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/eSoH3IZA&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://mega.nz/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 454
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/h0zgj4uh0719&size=16
200 OK 628 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/h0zgj4uh0719&size=16
IP
File type PNG image data, 16 x 14, 8-bit colormap, non-interlaced\012- data
Hash a025a7d0ad9c9dcb11225d8ff891e2ab
7e31fbedf07c440553337ef9ccede378ff1723c3
1475fd2e3e237b87f41c35f27cb33d944b63b847c34909129eec1d7a9bf99f6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/h0zgj4uh0719&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://uptobox.com/assets/images/utb.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 628
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Wed, 27 Jun 2018 16:00:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
200 OK 270 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1pxUFdMeXowYThpcWVWTC9IYXJyeV9Qb3R0ZXJfeV9sYV9vcmRlbl9kZWxfRiVDMyVBOW5peF8lMjgyMDA3JTI5LjEwODBwLlNVQi1FTkcuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&size=16
200 OK 270 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9TV05FV2pkbGNYSlRhV0ZsWWxKcVQwa3hNRVo2VVQwOQ==&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&size=16
200 OK 270 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcElKWHJ3bmVEclJicFE=&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt&size=16
200 OK 365 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 7da320179b2003b0240a8f641a1d2506
3a29169b79e09493d772c3a79b2d11324d92fffa
8d0f7e0912f8a522472d038b8133aa7c6ae5befe831145bbce12a95c767b6a38
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cinecalidad.lol/wp-content/uploads/2021/12/Harry-Potter-y-la-orden-del-Fenix-2007.1080p.SUB-FORZADOS.cinecalidad.lol_.srt&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cinecalidad.lol/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 365
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Mon, 17 May 2021 11:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
200 OK 270 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL2psQktWQWdHd3BJRzNCL0hhcnJ5X1BvdHRlcl95X2xhX29yZGVuX2RlbF9GJUMzJUE5bml4XyUyODIwMDclMjkuMTA4MHAuZHVhbC1sYXQuY2luZWNhbGlkYWQubG9sLm1wNA==&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?s0rks2zgpqhfaiba8gzb&size=16
200 OK 777 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?s0rks2zgpqhfaiba8gzb&size=16
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ea70b34ee38dc7e303778a47d2b46a13
58ae85c0048f4e0580992b0b8f5e5c3aa73fa499
62d589b58a50dbcc9fb91095fdddcde6a20574f085e60492b1fbbd2be693682a
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?s0rks2zgpqhfaiba8gzb&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://1fichier.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 777
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&size=16
200 OK 270 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&size=16
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9VVWRtWlV4SWNuWkVOSE5GVVZoYVNUTmtXV3hxUVQwOQ==&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Mon, 28 Nov 2022 01:41:43 GMT
expires: Mon, 05 Dec 2022 01:41:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Mon, 28 Nov 2022 02:21:21 GMT
Date: Mon, 28 Nov 2022 01:41:44 GMT
Connection: keep-alive
code.jquery.com/jquery-3.6.0.slim.min.js
200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.slim.min.js
IP
File type ASCII text, with very long lines (65241)
Hash ae3ffbb71d763d2a1ca869e4866b23ae
22723a163afd77efe96e92eaca712583612b3e73
29dda737fcaf96a8a4ea6d0dd66c6e379a4c98cf3374647388650ee6e48a462c
GET /jquery-3.6.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:44 GMT
content-encoding: gzip
content-length: 24587
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11ab4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669599704.dop009.sk1.t,1669599704.cds232.sk1.hn,1669599704.cds258.sk1.c
X-Firefox-Spdy: h2
playercine.cinestart.net/play_white.png
200 OK 2.2 kB URL HTTP/2 playercine.cinestart.net/play_white.png
IP
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 586c4a0da292bad6d6303d86f9170a49
782ccb8658663e83b265c1a3d469e16682d5b2ee
a5fae08174aebfda56f78b7913082f4a72d52282faef978478ad943cd1db6329
GET /play_white.png HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:44 GMT
content-type: image/png
content-length: 2209
cache-control: public, max-age=604800
expires: Wed, 30 Nov 2022 08:20:59 GMT
last-modified: Sun, 14 Aug 2022 23:11:47 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 408045
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VueLj%2FCe6wb%2BzJ4D%2BqEotz9j6YPqHT1LvFLWe4bKgoYG3TM%2Bd1SmTix5f3dfWpwYAFqojxzds4jgoIKlZ2%2F1rZ2FkvLABjKl5wxdrqvE%2BYRPiSleGxr5Ns1dEMr6Edyxz52JTssQwKyXJEY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770f67260c5a0b3d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Mon, 28 Nov 2022 02:21:21 GMT
Date: Mon, 28 Nov 2022 01:41:44 GMT
Connection: keep-alive
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c5e8b65d876e091e38bc6500088b5ae6
c0f51082ef91cf92386380f96b3be61a8b6c0051
2954c8778370caecb206fc920474446c1332db68acae953a736cccf35f7df017
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1247
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 28 Nov 2022 01:41:44 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:15:53 GMT
age: 55551
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Mon, 28 Nov 2022 02:21:21 GMT
Date: Mon, 28 Nov 2022 01:41:44 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2377
Expires: Mon, 28 Nov 2022 02:21:21 GMT
Date: Mon, 28 Nov 2022 01:41:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa848cb85e85df184b078fe7aa95ae52
21aa6418f3a0d2b64925b66d5fb9079b7e84a11c
37d299c166e3350dee6dee647e98a86f8bd916d186bae12c42764ed0a3177085
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcd94c980-e701-4603-9381-0bd47116d31d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5989
x-amzn-requestid: db10fcc5-80ab-4650-af49-d5afe36706f3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78LHQqIAMF9_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-4cbd19e3227894844807742c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: A5n6y1-hpgr4vynnRXkEZNvCvjlNGH6brl7eYMsdN1MST7YoD2BPgA==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:13 GMT
age: 13831
etag: "21aa6418f3a0d2b64925b66d5fb9079b7e84a11c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:46 GMT
age: 13198
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AhbL-wXc_eYsgxdjf0DIEJD7Z3XfXMjXwDC52Bz_SnvmmWAhl3g99A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:38 GMT
age: 13806
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a8935783026c10470f60033d3a860f7b
65941dd34eb1063a3f7fe2b6790a11a484a06b9a
e88c706458faf5b5512212692392c7c1a0d8e60af62962267166f5cb60ee9c89
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56dccc9-321b-431e-8a92-49471e788b4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11165
x-amzn-requestid: 9e35d865-adea-4d2a-b20f-beb014cdd42f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JE2VIAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-7cf4db38152cdfa1448cba3d;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SFO5-C3, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4YRocKXYUOkfho0bEHNX0xMxhhKNH2Cm3XtQDtQK7x2dFOsipPjfCw==
via: 1.1 dec8fa38a453902521b941c7cd70d33c.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:26:45 GMT
age: 11699
etag: "65941dd34eb1063a3f7fe2b6790a11a484a06b9a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13f4c2b3410532b6c756990f1759da46
16096289cd354fada56dbb3f2d75d406ae8ab62f
9894d998a884f2b5637bd12b0cd3df556835ea7a3134eb0f516fc03e3d31c26c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f14adca-9ca8-4ff4-8a3e-4620f8c1e8f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8568
x-amzn-requestid: da2726a2-20ad-4201-b4e9-3de9be88a485
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7-BHcUIAMFieA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9f3-370921803a9de7e627682c94;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: MPWvdL-woEL21aHiMtzg--1Z1p2w9y0XTGxb445LyuMVlWTp4nsMQw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:16:30 GMT
age: 12314
etag: "16096289cd354fada56dbb3f2d75d406ae8ab62f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e66ca0bf23f0412ff602cc6e2534818
79eadf45a5b5d3f4f73ab60222470490e30cf1cc
de12eb8291a1fc21245738dfe640e6ca43d3b7faec0d1745a9959096c9eea17b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE12EB8291A1FC21245738DFE640E6CA43D3B7FAEC0D1745A9959096C9EEA17B"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12386
Expires: Mon, 28 Nov 2022 05:08:10 GMT
Date: Mon, 28 Nov 2022 01:41:44 GMT
Connection: keep-alive
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP
Hash a1ba0fab7dad09ca47ea0ed398985f3b
8f13a025da47fddfe49924d08edde9a672596dd3
a69d775a462b5f2ff33cd052990f51b5e959657caf3a4c5613ebfd2d1ea290a6
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:44 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=1e89d76350534440aef764a8b224c277
200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=1e89d76350534440aef764a8b224c277
IP
File type JSON data\012- , ASCII text
Hash 0ce4898fd3b92d23dae752e9eb105769
61fd392f0c077714e98919cc2e25f8e39dac8791
563964c17c8b39b1072ca54e697619af614abb0fcc1d651ab1352ff0d4cbd772
GET /gid.js?userId=1e89d76350534440aef764a8b224c277 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playercine.cinestart.net
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Cookie: ID=999d1443192c4e3ea2db7873f5f39f09
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:44 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://playercine.cinestart.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=999d1443192c4e3ea2db7873f5f39f09; expires=Tue, 28 Nov 2023 01:41:44 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 03ad9fc0b00b5df3165dc2fb1e3b0a3e
f8243335a8bc24d989bddd346048a055e1d0bdeb
366b28d491f7fd632e31c1ce97f939555f7dcee14bb6875737ed2d3e96fa32ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 01:41:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
200 OK 14 kB URL HTTP/2 www.google.com/js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js
IP
File type ASCII text, with very long lines (35786)
Hash ab1d51e6cf1d842260dab25a4332649c
0c814f9168dff9647a797787c2109a568904fedb
4b4e6a92912d486accd192aec1f4ba5ffee3658019c01e98199976a192941f09
GET /js/th/ayf-ZXn06Q-bf2kvL7HvZn-6GmgIdMcaNWCzb_-s5mI.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14218
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:40:04 GMT
expires: Wed, 22 Nov 2023 18:40:04 GMT
cache-control: public, max-age=31536000
age: 457300
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
waisheph.com/5/5508024
200 OK 24 kB IP
File type ASCII text, with very long lines (63231), with no line terminators
Hash 39dcaa8bbe2f9ca4c8dd7c362d85f9c6
d32ce90956330d2c276533348e5cd65f34a4e8af
8e069607d187e60e4efde381ceaf47bbcafc9cc5af2b42dabfb154d7d0850373
GET /5/5508024 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:44 GMT
content-type: application/javascript
x-trace-id: a517ce415888b82fc19641eb4772dde6
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=1e89d76350534440aef764a8b224c277; expires=Tue, 28 Nov 2023 01:41:44 GMT; path=/; secure; SameSite=None
oaidts=1669599704; expires=Tue, 28 Nov 2023 01:41:44 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X6t2ucU4VTXi5XIRLVpmTMxEW3MtinOQs3mIHIhgeW6aK6kN53dWEQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:18 GMT
age: 13832
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
200 OK 0 B URL HTTP/2 playercine.cinestart.net/player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP
GET /player.php?id=enMvTkNiOHpDclUwelh3N21aVzN1Y0hGVzNvL3hnM1BXUzlnVkF1Z1FSVEIrb2dwd3lLRjkzdlVsY1RCc3ZCeQ&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ewLrcW9zCLyKqJHLT6xM%2B2XcHyRzsXyd%2BqTV2nvAS3NyRlav75B%2BZ6sQ%2FfOYeZqOUbMOwPQ%2BwqBgb0QmjFftkH9CxSV9y%2BDXSPFYLRKqW4AjAlpSnbUKCCGHIov5%2BsHKx8vSWI2sQMLmFEE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770f6722ab860b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
IP
GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 323846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGmaHUi9rLYhsrHYncz%2BrffoMCVkKxRGublLHI9zifrPeZtDJRY22MfTyWxr2qo5OgPN6jaF2f0EXAuy2qULCN6yWhLVHRAQrYZ969OwEYRhrokF6LtDwm9ioN9%2F1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770f6719e860b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
200 OK 0 B URL HTTP/2 nanouwho.com/27/22b0ff6d446d45dfe24f0ae457b1c7db
IP
Analyzer Verdict Alert quad9 Sinkholed
GET /27/22b0ff6d446d45dfe24f0ae457b1c7db HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 01:41:43 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Fri, 25 Nov 2022 08:14:39 GMT
expires: Fri, 25 Dec 2082 08:14:39 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js
200 OK 0 B URL HTTP/2 www.youtube.com/s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js
IP
GET /s/player/4eb6b35d/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/zqMjQXcpacg?autoplay=0&autohide=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99035
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 15:52:58 GMT
expires: Tue, 21 Nov 2023 15:52:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 01:17:16 GMT
content-type: text/javascript
age: 553724
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.69051500%201669599551
200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.69051500%201669599551
IP
GET /wp-content/themes/cuevana/style.css?ver=0.69051500%201669599551 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 01:41:42 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 04 Dec 2022 07:13:13 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ltf%2FcUKMzVfudMF%2BS1HksVAGrQZ2ba8TXVFxCmCoaKWWT0h3lKm82Ty83xG3CNN%2FhW5quR2n%2FFKbqJm4WTdLVniPLZ%2FR6DRD61sto1T5hHeVpw6arvL1d25sSadHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770f6719e868b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
172.67.204.56
93.184.220.29
104.21.93.38
89.187.169.39
37.48.68.71
23.36.76.226