firefox.settings.services.mozilla.com/v1/
18.165.201.83200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 02 Oct 2022 22:03:22 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 90927d233f1a615dc244e8b198aa1f04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: J_zbalrSMd2E1OhioxzMTgPhb4VLwJpAAJTjDPtcTQTh86rqdGSYZA==
Age: 2729
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15271
Expires: Mon, 03 Oct 2022 03:03:22 GMT
Date: Sun, 02 Oct 2022 22:48:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b8769801e8712cb7b401b5752da2c2
30d14bf20b20507a4fda3d7dbee9fbba7327139a
69d097718cac37cc6b77d417711c4356557f2b47c78026303bfe5f985b94a5a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69D097718CAC37CC6B77D417711C4356557F2B47C78026303BFE5F985B94A5A5"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14216
Expires: Mon, 03 Oct 2022 02:45:47 GMT
Date: Sun, 02 Oct 2022 22:48:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pgz2ctw0KVHC9q3IxUo6JaX+zXqE2u/WiBPDuzzOKMjGgB4a/wsq8j6VcWqY82FiiwtRvYgLb/JzaRAGBrO98g==
x-amz-request-id: AMT7HGKWBENBV2T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 02 Oct 2022 21:50:09 GMT
age: 3522
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 02 Oct 2022 22:48:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
villamaryah.com/
176.221.34.180200 OK 185 kB IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET / HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
maps.googleapis.com/maps/api/js?key=AIzaSyCUWXQSJ9DLJfSX_Jgxt4H0cbca-A8u1f0
216.58.211.10200 OK 54 kB URL HTTP/1.1 maps.googleapis.com/maps/api/js?key=AIzaSyCUWXQSJ9DLJfSX_Jgxt4H0cbca-A8u1f0
IP 216.58.211.10:0
File type ASCII text, with very long lines (2437)
Hash e135d182d463ee545fa90d7f1c0e65ee
089bf2ddf1b7d66a2ab5e3b45753a4449a643d88
abac85421e37ddf8b405a7daf28f52b6cc9733e8b04d03455ae15620ea4a70fb
GET /maps/api/js?key=AIzaSyCUWXQSJ9DLJfSX_Jgxt4H0cbca-A8u1f0 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=UTF-8
Date: Sun, 02 Oct 2022 22:48:51 GMT
Expires: Sun, 02 Oct 2022 23:18:51 GMT
Cache-Control: public, max-age=1800
Vary: Accept-Language
Cross-Origin-Resource-Policy: cross-origin
Timing-Allow-Origin: *
Content-Encoding: gzip
Server: mafe
Content-Length: 54034
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Server-Timing: gfet4t7; dur=25
cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.js
151.101.85.229200 OK 90 kB URL HTTP/2 cdn.jsdelivr.net/npm/vue@2.6.12/dist/vue.js
IP 151.101.85.229:0
Hash 9ce90d7ae2ad6e930615222d0970af34
0201862dd2f9167cded176168d9a3df9fca9ffd1
4a17434804bb82f8091d07bda26259db3c0b9c523133569402ab09fa731ffb01
GET /npm/vue@2.6.12/dist/vue.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.6.12
x-jsd-version-type: version
etag: W/"53883-XDnfw3/EJADktFV9uVbz8hipDKc"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 02 Oct 2022 22:48:51 GMT
age: 4743402
x-served-by: cache-fra19150-FRA, cache-bma1640-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 90119
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.20.226:0
Hash d7270d59b8522d7f61178ea7df54be81
881cba5bdce6a107e25476e8e2a59f724f14369d
90cebcb8320d66b16acfa0d4f385c300f960e1a6c1d53927019d0e902646c56e
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F4EE3AFB62C0F026E4E6F374747CA78BA112BB2C"
Expires: Mon, 03 Oct 2022 09:00:00 GMT
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3380
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540fcecff1cb518-OSL
www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
142.250.74.168200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (18966)
Hash 8a39c469c428712b52eb3f22e5981e1d
edbb3a13ba5444ad719d93c5f42e11bb5a6e7ae4
86ea08528b600ba46d5106a2cf53da041245c883fb9108ec8d701ba5fcb0b712
GET /gtag/js?id=G-90S8VN8L2N&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:51 GMT
expires: Sun, 02 Oct 2022 22:48:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 75008
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
platform.twitter.com/oct.js
93.184.220.66301 Moved Permanently 0 B URL HTTP/1.1 platform.twitter.com/oct.js
IP 93.184.220.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /oct.js HTTP/1.1
Host: platform.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 301 Moved Permanently
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Date: Sun, 02 Oct 2022 22:48:52 GMT
Location: https://static.ads-twitter.com/oct.js
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (ska/F718)
Server-Timing: x-cache;desc= ,x-tw-cdn;desc=,edge;dur=1
x-tw-cdn: VZ
Content-Length: 0
www.googletagmanager.com/gtag/js?id=AW-799010932
142.250.74.168200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-799010932
IP 142.250.74.168:0
File type ASCII text, with very long lines (2039)
Hash 113782f347565cb10017ad47607d2968
458e885ab259ffdd89ca399623a6f57b6e1184fb
7488452058dce12268d4310170cda1f5d1eecc98d1ece35a2932b628ac5277ca
GET /gtag/js?id=AW-799010932 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:52 GMT
expires: Sun, 02 Oct 2022 22:48:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46725
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer
142.250.74.168200 OK 75 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-90S8VN8L2N&l=dataLayer
IP 142.250.74.168:0
File type ASCII text, with very long lines (18966)
Hash a3e174828c0a4fee9bbbed60dfc04172
03614ac76e2ace4cdab0bb199490afa91f5f5b3a
546edc4a5e641a63b75cdd2e51aa26c09e7e42fca6c35ee6e77fb0215cfe77f4
GET /gtag/js?id=G-90S8VN8L2N&l=dataLayer HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:52 GMT
expires: Sun, 02 Oct 2022 22:48:52 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 74922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 14099180be4ed33ff6ca0a09e4960248
19c39ba1d02999a586af8d7d74f7cd954a14a41f
03ae9f14d2888fc83fa6ccd81056eb507e6a457b7f8c8d0b05712b52256da4ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03AE9F14D2888FC83FA6CCD81056EB507E6A457B7F8C8D0B05712B52256DA4FF"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13536
Expires: Mon, 03 Oct 2022 02:34:28 GMT
Date: Sun, 02 Oct 2022 22:48:52 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps-api-v3/api/js/50/6/intl/es_ALL/common.js
216.58.211.10200 OK 69 kB URL HTTP/2 maps.googleapis.com/maps-api-v3/api/js/50/6/intl/es_ALL/common.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (581)
Hash 14f7214673e2507d00ba68f1cb913c7c
745ab0830d587456680e40577fbbde4e4948ac6f
5a39e9c3c3b021d184e50749aef20c9e324a0baef59c7f54d8012697f57db18a
GET /maps-api-v3/api/js/50/6/intl/es_ALL/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 69395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 06:51:30 GMT
expires: Sun, 01 Oct 2023 06:51:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 19:19:39 GMT
content-type: text/javascript
age: 143842
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
villamaryah.com/inst/includes/jquery-1.12.4.min.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/jquery-1.12.4.min.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/jquery-1.12.4.min.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6abe76ca28fe176c44e7475b1d5c93fb
a4a87a771c6f081e5dae3499c090551c6dd31acb
451a8f3a3e654355467b434976022b84820c25b54f7b78472635c7dc3241423f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.googleapis.com/maps-api-v3/api/js/50/6/intl/es_ALL/util.js
216.58.211.10200 OK 60 kB URL HTTP/2 maps.googleapis.com/maps-api-v3/api/js/50/6/intl/es_ALL/util.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (548)
Hash 339c101d59ecf25066a60105ca64152d
9062560d5f745e0cb13f6c32eefa67fb3943cfc6
3557bb7bf87d7f2ed08839b44413ad706ce1fbd2c258ab5d7d4f82b82ebb478c
GET /maps-api-v3/api/js/50/6/intl/es_ALL/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 59538
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 17:25:33 GMT
expires: Mon, 02 Oct 2023 17:25:33 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 19 Sep 2022 19:19:39 GMT
content-type: text/javascript
age: 19399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.ads-twitter.com/oct.js
151.101.84.157200 OK 15 kB URL HTTP/2 static.ads-twitter.com/oct.js
IP 151.101.84.157:0
File type ASCII text, with very long lines (57443), with no line terminators
Hash 1e9c4d503a9e162d8b549dc3d9c040e2
1fa99d7d7e878cdd45567af4b0c3c65542036c1d
f936c0124c595fe5d0c7858277f3a5f3bd104de39d36ac92557501fa1dec8563
GET /oct.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://villamaryah.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 30 Aug 2022 20:19:10 GMT
cache-control: no-cache
content-type: application/javascript; charset=utf-8
content-encoding: gzip
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
accept-ranges: bytes
date: Sun, 02 Oct 2022 22:48:52 GMT
x-served-by: cache-iad-kjyo7100070-IAD, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding,Host
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
content-length: 15317
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 165b2dbf56e36edf32811cc7eea70f58
f9e101da2c4f0f6dcca9cb9d0b36a7b77ef3114e
fcd8956f2d96a85e696ee4ba5eb8d575ad3319bc84c543188f3997ea1079c4e1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash ce01469ffaea46a494e631a21346607f
29361cd27f69d7b9ca03c285981499b2380e25ee
081ce54f07fa31944be639e784737a2806e7f275b563b6f46925dc5c65eb26aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Last-Modified: Sun, 02 Oct 2022 21:15:27 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 314
konecta-widget.netlify.app/konecta-widget.js
34.141.28.239200 OK 1.1 kB URL HTTP/2 konecta-widget.netlify.app/konecta-widget.js
IP 34.141.28.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
Hash 559f9763ff15d9b7849ccd6a62693809
6758abe0c3ba05124d5e24fb9638ec23b5fdfe76
391d6e5e5b5aab1938b114a8bbe09d98f69808ba94918cd6102887a9e21cc4c7
GET /konecta-widget.js HTTP/1.1
Host: konecta-widget.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
age: 210770
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Fri, 30 Sep 2022 12:16:02 GMT
etag: "46b0896afa5677c336c4760f36d7dd8a-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GEDE6M73YH2TXY87S5HP1RCG
content-length: 1111
X-Firefox-Spdy: h2
konecta-widget.netlify.app/assets/vector.svg
34.141.28.239200 OK 277 B URL HTTP/2 konecta-widget.netlify.app/assets/vector.svg
IP 34.141.28.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 2b20f323aa8db2e351e5ac25918caace
819472630dfefec97b7b974b470ddaef20b6a6a5
a073e6c9c6e32f0f430135021227c7e2166ab49d9d4b48149a863d7b4d36efb9
GET /assets/vector.svg HTTP/1.1
Host: konecta-widget.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 201880
cache-control: public, max-age=0, must-revalidate
content-type: image/svg+xml
date: Fri, 30 Sep 2022 14:44:12 GMT
etag: "5a43daf2bc05007232f03dde7ace5a66-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GEDE6M741N3D5MQAJNRK7HB5
content-length: 277
X-Firefox-Spdy: h2
konecta-widget.netlify.app/assets/bubble_logo.svg
34.141.28.239200 OK 1.1 kB URL HTTP/2 konecta-widget.netlify.app/assets/bubble_logo.svg
IP 34.141.28.239:0
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2012)
Hash df681ec2a37e9bc47e90ef4ccd4c765d
c32ada3be3855f7c0e8826c08290cf07290c9046
c4edb228dbc3528f3109c594848ae96f1fc738921db7052e63fd4b6539b1fa6b
GET /assets/bubble_logo.svg HTTP/1.1
Host: konecta-widget.netlify.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 182067
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: image/svg+xml
date: Fri, 30 Sep 2022 20:14:25 GMT
etag: "1abc068cd74944c572fa177bd65e5e08-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GEDE6M73FS1XYQ4HBHHWGDD6
content-length: 1088
X-Firefox-Spdy: h2
konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
18.159.128.50200 OK 411 kB URL HTTP/2 konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
IP 18.159.128.50:0
File type Unicode text, UTF-8 text, with very long lines (21347)
Size 411 kB (410820 bytes)
Hash 081490ec808927f19fb308991d6c8ef0
13dbf8fbd7f7f9dca5a422ddb460a3387242c785
afb23e74766052475eba9b343e2c4454dc7d91d981d2ae7cfa815f4dcc1bc099
GET /widget/dist/vue-beautiful-chat.umd.min.js HTTP/1.1
Host: konecta-widget.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 93979
cache-control: public, max-age=0, must-revalidate
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
date: Sat, 01 Oct 2022 20:42:33 GMT
etag: "b2e58a93322e2e3c8db4c88db59e8566-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GEDE6M4C8SRBFYQENT3PMRVB
content-length: 410820
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.165.201.83200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.165.201.83:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 02 Oct 2022 22:32:56 GMT
Expires: Sun, 02 Oct 2022 22:46:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4ae6e5888b43b4133973ba1aadad8194.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: mixC_lvLrfBFm6-VzutFVZfisMlYahxRnkom5mF03_pqk0pjpy2VGQ==
Age: 956
villamaryah.com/inst/includes/bfp.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/bfp.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/bfp.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/includes/latinise.min.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/latinise.min.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/latinise.min.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/geoPosition.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/geoPosition.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/geoPosition.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/app.js?2020720
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/app.js?2020720
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/app.js?2020720 HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4eb30b4a4234809cf7d5f89fa1f6ceeb
797242aab2f13c820050aa9accd11b7b950cd177
ce9d833a0ac321a908184b655d6632c481f758a04a9c936a7c303bb253444146
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4039
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:52 GMT
Last-Modified: Sun, 02 Oct 2022 21:41:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
villamaryah.com/inst/includes/entorno.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/entorno.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/entorno.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/includes/nivo-slider/jquery.nivo.slider.pack.js
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/nivo-slider/jquery.nivo.slider.pack.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/nivo-slider/jquery.nivo.slider.pack.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/includes/smartCombo/jquery.smartCombo-2.0-min.js?20170531
176.221.34.180200 OK 185 kB URL HTTP/1.1 villamaryah.com/inst/includes/smartCombo/jquery.smartCombo-2.0-min.js?20170531
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (60160), with CRLF line terminators
Size 185 kB (185276 bytes)
Hash b3bf3d60fb7978929e7f620231a3e180
d10ccd543495e8f7ac960690eadab1a9101c89e5
2aca9fddd96964c9f5c10795d40d2479a526a50d26b3474d8cc76366fa1830e5
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/smartCombo/jquery.smartCombo-2.0-min.js?20170531 HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
www.itau.com.uy/inst/includes/nivo-slider/nivo-slider.css
200.40.133.70200 OK 1.9 kB URL HTTP/1.1 www.itau.com.uy/inst/includes/nivo-slider/nivo-slider.css
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
Hash d958a618b211c9391ef05499ad7f1eff
e4567914096e1d2111643d2e53e190349bb5e7be
1445a1c40e53d785721c7af9b6121eebff659c3cdbdd993284c89ab87c873d09
GET /inst/includes/nivo-slider/nivo-slider.css HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 1946
www.itau.com.uy/inst/includes/smartCombo/themes/pela/theme.css?20170531
200.40.133.70200 OK 2.4 kB URL HTTP/1.1 www.itau.com.uy/inst/includes/smartCombo/themes/pela/theme.css?20170531
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type troff or preprocessor input, ASCII text
Hash 11b1f4ffabf0545cb1030de8d92fe771
6c207dac970fbb4d51565615a4a5c7038d009ae3
8230f91702a02a696b78364492eca19fcd40b89d6cb2063d38dd5518f7ea22ad
GET /inst/includes/smartCombo/themes/pela/theme.css?20170531 HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 2400
www.itau.com.uy/inst/css.css?20190809
200.40.133.70200 OK 19 kB URL HTTP/1.1 www.itau.com.uy/inst/css.css?20190809
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type assembler source, Unicode text, UTF-8 text
Hash 4d373fde73ceb55203f7f1c219fa095e
41dd63291ea92c2ed3308865ba839a5954769dba
a5eac176f1ad816088e06a7db36e88a1b5604d8c535853dcd6986b5be60ca80a
GET /inst/css.css?20190809 HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 29 Sep 2022 16:39:13 GMT
Accept-Ranges: bytes
ETag: "804eb4122d4d81:0"
Vary: Accept-Encoding
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 19343
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4409
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:48:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4409
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:48:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6a90e53b55500427aed06efa3a9baa8c
43a66cd291d1413d7147a29b2a7b27277a443f0b
2cf5790e81140bc56b46163787f84c54a07f58e90001837624f426aafa8031c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5f7661f-9945-4971-aac6-d15570c4d954.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8277
x-amzn-requestid: a7d76241-7da1-4c84-9c73-2e3a71b81b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZTMfEGHiIAMFpmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63378df9-3727a65235e4dbc60cc11cf0;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 00:46:49 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 09iwZNlJ5pUQqongHTbgUlh_i1CyHZ6uGvHPV8SfbEGixTWM1A_BoQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 20:14:10 GMT
age: 9283
etag: "43a66cd291d1413d7147a29b2a7b27277a443f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a59b70f464b106c9e54579d8b2f967fa
f964cf69ae825bb32eef4b364df8227c5fb73fce
cf2c8c1d3ebbdb8fea6b90d81d240120749cfdceb525713ef153481cb15a438e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21b653ea-1faa-4101-b02e-44da6b46de9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9095
x-amzn-requestid: 9f6cbd35-adf6-4163-aaf0-a3534bfc25c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNes7G79oAMF2DQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544b8-306a82aa5f91bcdb3b349b87;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:44 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9pqwazWdgS9eR0U_HxtfgHvTUTnUyN0IRVZlQUzrimpv-9dMLHlcVg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:59:36 GMT
age: 2957
etag: "f964cf69ae825bb32eef4b364df8227c5fb73fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4409
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:48:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3dfda0e06e989942bf45f4c2bf18d7c
6d0cee63012a8f79aef1f1e751e2940582b981e1
a79d4015713255da4475ff9193ccfeed72737f5f03027a42fd86cc7b095ddf03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4b91592-bb2f-4b2e-9c62-80d06ad4b698.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3695
x-amzn-requestid: f1f35cb1-9fc2-4694-8bf4-9d9e41f9bd7f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabEM8oAMF0RQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-3140202b1a3b892702978a7e;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kxxeDkHccWmlQFBbBf-5gKzqY0utY15Czvx0Ms7QS1lJMXExRmbjjQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:48:46 GMT
age: 3607
etag: "6d0cee63012a8f79aef1f1e751e2940582b981e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NK23Q4K
142.250.74.168200 OK 503 B URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NK23Q4K
IP 142.250.74.168:0
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
GET /gtm.js?id=GTM-NK23Q4K HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:52 GMT
expires: Sun, 02 Oct 2022 22:48:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 02 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34ba42086104460665f7f4f579235592
58f10485c5273cbed8159c98b9065b192ba3d00b
79f1febc020ab611c5d9a8bc1af237a63420f8215963fd97f6c4b9bccfa17d24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d589035-4143-4e43-a45c-b842ae27b9a3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4522
x-amzn-requestid: cc836204-3c4f-48d0-9569-b1622e6d2178
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMVoRH9toAMFwig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334cfce-096ff90412945ca06335e987;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 22:50:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BzgI7sWS7fsSOANaDI0S4qrT_2iIkp2TOt3bPfm56T0m9jmxRFfSIA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 12:52:35 GMT
age: 35778
etag: "58f10485c5273cbed8159c98b9065b192ba3d00b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8d59ee7b197f347e30ac793231158927
3316937f84c08ad1857d2f663dca353e250815f0
c17a343ceb786a421f8c3abfffae350e12c92271a69fc88eb8e8bab568877d6b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C17A343CEB786A421F8C3ABFFFAE350E12C92271A69FC88EB8E8BAB568877D6B"
Last-Modified: Fri, 30 Sep 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4409
Expires: Mon, 03 Oct 2022 00:02:22 GMT
Date: Sun, 02 Oct 2022 22:48:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 04:41:00 GMT
age: 65273
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bb7613964aef696917cb85a6d0bcac4
89ce0e6d742144439a96ace034adae4e7e167311
24b100b10aa041effad83e9379447f4f62d95dcf6eb27a6b093a7caaa484f964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F943d6a55-696e-4fd8-901a-a9ab097959d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6321
x-amzn-requestid: 605adeca-4345-4481-999e-d50ebc123767
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZZWabGsgIAMFcSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a0442-68542d1b56697ab33dd63941;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 21:36:02 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: xZUu90wyCNVEexHxRRNQz0aDhNy_u0WC2v8TVxHkQvW-evaDwfKTtQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 02 Oct 2022 21:45:27 GMT
etag: "89ce0e6d742144439a96ace034adae4e7e167311"
content-type: image/jpeg
age: 3806
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.itau.com.uy/inst/aci/images/img_5861_botonautomotores.jpg
200.40.133.70200 OK 7.7 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_5861_botonautomotores.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 120x60, components 3\012- data
Hash b028073c1bc11bd097da8f445a8c2f4b
21d7789955049eb5f1f38893190f11e97d387793
c35b1cff8e776e2ee1a15163d30377cf43e863ba171d19299bd5716eb18176df
GET /inst/aci/images/img_5861_botonautomotores.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 08 Dec 2021 19:53:48 GMT
Accept-Ranges: bytes
ETag: "375bec506decd71:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 7740
www.itau.com.uy/inst//aci/images/img_2572943_botonseguro.jpg
200.40.133.70200 OK 8.0 kB URL HTTP/1.1 www.itau.com.uy/inst//aci/images/img_2572943_botonseguro.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 120x60, components 3\012- data
Hash 504784cc5d97d4c953db82b091cff75a
24f20abeae66f3dc370beed8981733de43f3cae9
643f2ad481f1ddf61a6b606af8c7a4d98921b97b522e140dbf439afe6603ab4c
GET /inst//aci/images/img_2572943_botonseguro.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 13 Sep 2021 16:04:28 GMT
Accept-Ranges: bytes
ETag: "a359178b9a8d71:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 7992
www.itau.com.uy/inst//aci/images/img_5842351_BOTONHOMETRANSFERENCIAMILLASVOLARJUL2022.jpg
200.40.133.70200 OK 8.5 kB URL HTTP/1.1 www.itau.com.uy/inst//aci/images/img_5842351_BOTONHOMETRANSFERENCIAMILLASVOLARJUL2022.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 120x60, components 3\012- data
Hash c3c0a044d95e795410e9be14a553dfe4
76dd2e571883f3381a47ca2c9bc022fc657f52e8
de4f69be532c447c155a25365a5f800c6d6ca6e7199b531090257e9314e5b42d
GET /inst//aci/images/img_5842351_BOTONHOMETRANSFERENCIAMILLASVOLARJUL2022.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 12 Jul 2022 20:14:38 GMT
Accept-Ranges: bytes
ETag: "6e292732c96d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 8477
konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
18.159.128.50304 Not Modified 0 B URL HTTP/2 konecta-widget.net/widget/dist/vue-beautiful-chat.umd.min.js
IP 18.159.128.50:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /widget/dist/vue-beautiful-chat.umd.min.js HTTP/1.1
Host: konecta-widget.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-None-Match: "b2e58a93322e2e3c8db4c88db59e8566-ssl-df"
TE: trailers
HTTP/2 304 Not Modified
cache-control: public, max-age=0, must-revalidate
date: Sun, 02 Oct 2022 22:48:54 GMT
etag: "b2e58a93322e2e3c8db4c88db59e8566-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GEDE6P3GKB1PZQQ7DESEXEPA
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fefc5f65fc26a0c4ca7d1d9a9aac317d
d97fe46aec9f3796596e61599c9ad2118fd99689
ceca41665b25defc6f29ed2ae4c5a940a68f43d6b01c01b9f299206963fc4cd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Last-Modified: Sun, 02 Oct 2022 21:33:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash fefc5f65fc26a0c4ca7d1d9a9aac317d
d97fe46aec9f3796596e61599c9ad2118fd99689
ceca41665b25defc6f29ed2ae4c5a940a68f43d6b01c01b9f299206963fc4cd6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4553
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Last-Modified: Sun, 02 Oct 2022 21:33:01 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 313
www.itau.com.uy/inst/imagenes/logo.png
200.40.133.70200 OK 599 B URL HTTP/1.1 www.itau.com.uy/inst/imagenes/logo.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 07fff90591c1666facb3bd9786c81d90
190d7ecbad4671db5fd217a6626cfb0fdc56b3e5
98bd60f54b72f536db8d1c6bffd50f8f73531f4e6791e8c457e9fe6d4465f966
GET /inst/imagenes/logo.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 599
www.itau.com.uy/inst/aci/images/img_5060643_PlacaHOMEItauCuentaPocketBanner120x60.jpg
200.40.133.70200 OK 23 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_5060643_PlacaHOMEItauCuentaPocketBanner120x60.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=61, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=121], progressive, precision 8, 120x60, components 3\012- data
Hash f421650cd1bd4b43a99c290f72c81467
a8fc9adeea392f3abf7be87bbcb64b6f7613d7c4
f6f3f04bbbc2cb802a86cdc9a1c0c85a1772caf8428cc7e43ecc8bd0c97f5cc2
GET /inst/aci/images/img_5060643_PlacaHOMEItauCuentaPocketBanner120x60.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 20 Jun 2022 19:38:27 GMT
Accept-Ranges: bytes
ETag: "2b8e2b50dd84d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 22737
t.co/i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:54 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=90efb172-63ed-4cf1-9369-9306cb110cf4; Max-Age=63072000; Expires=Tue, 01 Oct 2024 22:48:54 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 914c01956587f411
strict-transport-security: max-age=0
x-response-time: 103
x-connection-hash: 7d8203521d6fdad31b13ef489970f077481ca9b9240930fd63bff96e2513ba9a
X-Firefox-Spdy: h2
t.co/i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
104.244.42.197200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
IP 104.244.42.197:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:53 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=76a41147-a5e1-4ef9-9867-cf20b1914644; Max-Age=63072000; Expires=Tue, 01 Oct 2024 22:48:54 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 884050697107e51b
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: 7d8203521d6fdad31b13ef489970f077481ca9b9240930fd63bff96e2513ba9a
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://villamaryah.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 02 Oct 2022 01:31:40 GMT
expires: Mon, 02 Oct 2023 01:31:40 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 76634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
bid.g.doubleclick.net/xbbe/pixel?d=KAE
173.194.73.155200 OK 0 B URL HTTP/2 bid.g.doubleclick.net/xbbe/pixel?d=KAE
IP 173.194.73.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /xbbe/pixel?d=KAE HTTP/1.1
Host: bid.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 22:48:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 23:03:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 02 Oct 2022 22:48:54 GMT
cache-control: private
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 63ee7e605da25dbf1d62eea30a1ef246
c86b43b61afc5926ee7bc124cc30598d37ceb661
cb737283476421b6ce93b2909cf5277e82a7adbc3001f66946ff59ad6fabfdb2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 544d205b2f709e0bed39ebfc751d6187
71559b505f318323405eeb5ff59499c63e806559
692e14681ceb7536d5c09cf8700810a258b574e02e93c391e7551690111a5bc7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.itau.com.uy/inst/imagenes/icoLupa.jpg
200.40.133.70200 OK 4.7 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoLupa.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 16x16, components 3\012- data
Hash 261d961cf32a4d737857f81574ab38e2
3d6783e76f29c525f046575dae8146d8966a366f
c562450c9f7d295885ada46964bed09a30f0139466e7e4af34a030a9eaf65f11
GET /inst/imagenes/icoLupa.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 4732
www.itau.com.uy/inst/imagenes/24.png
200.40.133.70200 OK 4.3 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/24.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 127 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash eb834ad00fd91544623fb49addb51292
7be8e109a12ede2d42563f738c90201e2a0886fc
d471493677a3a16b3521d6edd1c2bd324e5bcc3a9642dc012a1ec7e3927ac2d2
GET /inst/imagenes/24.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 4275
www.itau.com.uy/inst/imagenes/arrow-down.png
200.40.133.70200 OK 994 B URL HTTP/1.1 www.itau.com.uy/inst/imagenes/arrow-down.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 61d6e5dd52bff27bae170ee5e53d47ed
849fb8228ee26d719dbe3a1419bde776d37627eb
00680c05e8c6c1e93f8a93fb1efa8fc457e3c808706aab1a6cac227a091031e8
GET /inst/imagenes/arrow-down.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 994
www.itau.com.uy/inst/aci/images/img_453973_BENEFICIOS.jpg
200.40.133.70200 OK 30 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_453973_BENEFICIOS.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop Elements 4.0 Windows, datetime=2015:08:05 15:40:06], baseline, precision 8, 120x60, components 3\012- data
Hash 8050f09cfd52677dc31cc3a13240fba9
d7bef90bdce2d75ba7c6f16169c599ac7395a02b
277149fa2519bb69ec75ce934498a786098dac020efbe40f944e90bcb62cb1ee
GET /inst/aci/images/img_453973_BENEFICIOS.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Wed, 01 Nov 2017 16:21:36 GMT
Accept-Ranges: bytes
ETag: "02857d2d53d31:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 30426
www.itau.com.uy/inst/imagenes/bgHeader.png
200.40.133.70200 OK 48 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/bgHeader.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 1 x 87, 8-bit/color RGBA, non-interlaced\012- data
Hash 91780702ae25e526e1a9c3c4187af7ea
b2b6fe438739fe5c6aecf293b9366d7551ed118c
687b612622a2e361ca298568b9eae54dbe4aa22ebd178761f880c24c37b8c2ca
GET /inst/imagenes/bgHeader.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 47626
www.itau.com.uy/inst/includes/smartCombo/themes/pela/arrow-down.png
200.40.133.70200 OK 994 B URL HTTP/1.1 www.itau.com.uy/inst/includes/smartCombo/themes/pela/arrow-down.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash 61d6e5dd52bff27bae170ee5e53d47ed
849fb8228ee26d719dbe3a1419bde776d37627eb
00680c05e8c6c1e93f8a93fb1efa8fc457e3c808706aab1a6cac227a091031e8
GET /inst/includes/smartCombo/themes/pela/arrow-down.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/includes/smartCombo/themes/pela/theme.css?20170531
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 994
www.itau.com.uy/inst/aci/images/img_443480_banner_home_itau_disfruta_beneficios.gif
200.40.133.70200 OK 96 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_443480_banner_home_itau_disfruta_beneficios.gif
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type GIF image data, version 89a, 1266 x 791\012- data
Hash 1a5c54fa431dd4b90ea401d7c68dca3e
c9ee548b1274e990d43313409e5fccdfd3bae742
01c159e71161cb6975161ad4081da1dacbc8d4388ff6344b8eba825acfb5d9ff
GET /inst/aci/images/img_443480_banner_home_itau_disfruta_beneficios.gif HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 14 Sep 2020 18:41:24 GMT
Accept-Ranges: bytes
ETag: "995ab8a5c68ad61:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:52 GMT
Content-Length: 96454
www.itau.com.uy/inst/imagenes/fondoBtnIngresar.jpg
200.40.133.70200 OK 4.1 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/fondoBtnIngresar.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 113x60, components 3\012- data
Hash 345fddd77b8f7c987ebec89bbc4d459f
0946ead6f4ec88be65485778a7bba748c74b02dc
37e47f16d8dd9fa1ef71c9920f26c6a7e841cd8dbcf275475a1d801f9cdcb9bf
GET /inst/imagenes/fondoBtnIngresar.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 4126
www.itau.com.uy/inst/imagenes/bgMenuBottom.png
200.40.133.70200 OK 198 B URL HTTP/1.1 www.itau.com.uy/inst/imagenes/bgMenuBottom.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 1 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash ef15f17b2caf6c44656ba5e6cdc8ae8b
fad21dbebed0b08d375d85d0778f97988c8c8593
638b1ca6aeede5e08a1bfbaac8bfca9a60b5475a5b6cf9d89340811750e48cc7
GET /inst/imagenes/bgMenuBottom.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 198
www.itau.com.uy/inst/imagenes/btnAccesoRapido.png
200.40.133.70200 OK 1.4 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/btnAccesoRapido.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 18 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c1b22aa46330bb9c9e37a1c31ed5fa4
e21c4e81e54e4fd70cbc99558573d9f1fbcaf6f0
b9e2fe53bbbd9456a270e1012b7a8937b27cb081f04b26f73efa5f5a73b4911b
GET /inst/imagenes/btnAccesoRapido.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itau.com.uy/inst/css.css?20190809
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 1369
www.itau.com.uy/inst/imagenes/flagFooterUruguai.png
200.40.133.70200 OK 2.5 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/flagFooterUruguai.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 57 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash b7d11c9faff4e2e414e82abebb75a17a
d08cf33184b830eb52127a002a4a95ee5742c740
1dd97e31b81b4af7a9f075192a1b0ab8b5146b5afb71ab7d9a45d89488e6fc7f
GET /inst/imagenes/flagFooterUruguai.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 2498
api.app.konecta.global/socket.io/?EIO=3&transport=websocket
172.66.40.66101 Switching Protocols 0 B URL HTTP/1.1 api.app.konecta.global/socket.io/?EIO=3&transport=websocket
IP 172.66.40.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /socket.io/?EIO=3&transport=websocket HTTP/1.1
Host: api.app.konecta.global
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: http://villamaryah.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ukBtW/CZ9mJDu8hSkuhi9A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Sun, 02 Oct 2022 22:48:54 GMT
Connection: upgrade
Upgrade: websocket
Sec-WebSocket-Accept: feJta1XD80oU3omKodexImWr4iM=
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nl7zViK7XSZ4suM2PyuD%2BmPzRzOFSTc5vH2gBKdpSKaGDR%2Blvktd7Tqv%2BLwZD8ArcL2Ds3lFpwPkB2TPLQxEdYjE5IeSXZLw7tih3r%2B6%2Byaq4ic6BYIFvTQlNAejpUhkKsmGDjCg7KY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Content-Type-Options: nosniff
Server: cloudflare
CF-RAY: 7540fcfe1de91bfe-OSL
www.itau.com.uy/inst/imagenes/icoCotiDolar.png
200.40.133.70200 OK 2.3 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoCotiDolar.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash d10843200e6de4fec7e7f66c014d1fbc
4674ac4a0320b5c3b1a34c87bc509e7b2a6bc34e
677fb3b6d3de5e29d0288581c4d8386864f6a9476a7e5d7a13d69731374071c3
GET /inst/imagenes/icoCotiDolar.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 2327
www.itau.com.uy/inst/imagenes/icoCotiReal.png
200.40.133.70200 OK 2.6 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoCotiReal.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b31531367bc69378d898d49e93156ac7
ce829cd7cbd94f6e54a7056353fa04fb61a9f134
c77254dcd4b7e0e407dc5bd18c53ded5405e7175be1ebc30b492b4eaef4c89de
GET /inst/imagenes/icoCotiReal.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 2621
www.itau.com.uy/inst/imagenes/icoCotiEuro.png
200.40.133.70200 OK 1.7 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoCotiEuro.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 45 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash 06dbe1093aa732509a06e1495b928df2
fcb69c56b0e74efd9686403932ce77b68cb1e238
51b8a0b4ea5af32cdfe046e66f408a8eac40c4e20d90a611a73708071c766fb1
GET /inst/imagenes/icoCotiEuro.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 1723
www.itau.com.uy/inst/imagenes/icoCotiArg.png
200.40.133.70200 OK 1.7 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoCotiArg.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 45 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 04b9c167e13138b47a20c7019f7633d9
cdf8f9dc21ec1cc83d12150fd00de32bac461e07
735bb58932aec53207cb3c2e92475fafa59f01a84e4dfa4507b09dec8a9d0a17
GET /inst/imagenes/icoCotiArg.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 1664
www.itau.com.uy/inst/aci/images/img_7986180_HomeautomotoresSET2022.jpg
200.40.133.70200 OK 229 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_7986180_HomeautomotoresSET2022.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1440x900, components 3\012- data
Size 229 kB (229018 bytes)
Hash cd22032ceedc0505a6ef7465cb9135cd
6554d98f700a6717215210cc5232796315059801
e400af6a95f9447c97bf339d446ac951961ed65a44a22a5ccacb8687ce2de047
GET /inst/aci/images/img_7986180_HomeautomotoresSET2022.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 20 Sep 2022 18:42:58 GMT
Accept-Ranges: bytes
ETag: "5066cdcd20cdd81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:53 GMT
Content-Length: 229018
www.itau.com.uy/inst/imagenes/flagFooterBrasil.png
200.40.133.70200 OK 4.4 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/flagFooterBrasil.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 57 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash ce918614dd218271db9c045026964f4e
f04c20009abd12fe4d6873e3f159b3018fb17fae
65551da0874706f64b6041a7ecd1fd905fa975791a83f913e381e51565358b08
GET /inst/imagenes/flagFooterBrasil.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 4356
www.itau.com.uy/inst/imagenes/flagFooterArgentina.png
200.40.133.70200 OK 2.8 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/flagFooterArgentina.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 59 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash cff042437ce116dbfb25f60de601cb97
c6c992feed3943003d4a39869c3031757f3b4dc0
a095fbae2c6212166121a7700aed15492b0fb2afe6b6fa8b0cb3a62bdb0ddabc
GET /inst/imagenes/flagFooterArgentina.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 2830
www.itau.com.uy/inst/imagenes/flagFooterParaguai.png
200.40.133.70200 OK 2.2 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/flagFooterParaguai.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 58 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash b193df1d87d1af9e80374915a9243633
ec7296b5d1f56e2d4b4699221623d7249af9ab17
5785c509a2717ba8917e07bc47f6fd3081f07ebdeba1aab2560b79aadaec31d8
GET /inst/imagenes/flagFooterParaguai.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 2223
www.itau.com.uy/inst/imagenes/flagFooterChile.png
200.40.133.70200 OK 1.8 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/flagFooterChile.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 56 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash d321cd9ab08302f0809f7b210a4010e9
fc490c58122a99c54902f536de00e0a5b5ffb0f6
f70bc2a065bf042635b5321364a02bf754089053a96fc8fe3dad7b30ac81d56c
GET /inst/imagenes/flagFooterChile.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 1792
www.itau.com.uy/inst/imagenes/icoMenuEmpresa.png
200.40.133.70200 OK 1.9 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoMenuEmpresa.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash f34adcbf02884f0e141d6917b3afdaa4
e404571e35cb0f62901d1347df0c3e6962fac18f
12d46cc0be2ebb415a72ea22abd0d96d4846b860b16d0aeb4d80e7b6944b5dad
GET /inst/imagenes/icoMenuEmpresa.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 1867
www.itau.com.uy/inst/imagenes/icoMenuProyectos.png
200.40.133.70200 OK 1.3 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoMenuProyectos.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 430d35c6d9183ef7a321ce0722e123fd
21e2ed220c123973cd8a7342eeaa381a93c671fd
f2c992d8587fc28127170b6c8b884c1b742d97664c25b55e1112c5aa49d7b9f4
GET /inst/imagenes/icoMenuProyectos.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 1282
www.itau.com.uy/inst/imagenes/icoMenuAuto.png
200.40.133.70200 OK 2.1 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoMenuAuto.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash c56a06d109160b2f2ae4ece26e7f17f5
607befb68075682421c2486aefe004834796749c
4a736fc16a3ab425682c90e43f5a5f9b3225e7617dcb16207ff172e4c54c41c1
GET /inst/imagenes/icoMenuAuto.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 2062
www.itau.com.uy/inst/imagenes/icoMenuCasa.png
200.40.133.70200 OK 2.0 kB URL HTTP/1.1 www.itau.com.uy/inst/imagenes/icoMenuCasa.png
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type PNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash f4e30d3b5eae5749671f94882736e6b8
1f9de1cffa00e84218d489737b4bd556f26e4bc2
24ef563c658562d6f367918e371b105d10858d28d70e50948181905dd3a74a2a
GET /inst/imagenes/icoMenuCasa.png HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 29 Sep 2022 15:00:34 GMT
Accept-Ranges: bytes
ETag: "095b43914d4d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 2006
www.itau.com.uy/inst/aci/images/img_5842352_HOMETRANSFERENCIAMILLASVOLARJUL2022.jpg
200.40.133.70200 OK 218 kB URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_5842352_HOMETRANSFERENCIAMILLASVOLARJUL2022.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1440x900, components 3\012- data
Size 218 kB (217653 bytes)
Hash 298dc4f2dfa0411a0042b14b686ed238
2f6b9b77026c81fb3e6a4d05cabffb2701a0fe95
7d74876c339ace3c1b82762baa06ff9002b19353fe78bd5cdd01ee88dcefb034
GET /inst/aci/images/img_5842352_HOMETRANSFERENCIAMILLASVOLARJUL2022.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 12 Jul 2022 20:14:38 GMT
Accept-Ranges: bytes
ETag: "bdc62432c96d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 217653
c1.rfihub.net/js/tc.min.js
143.204.68.124200 OK 6.2 kB URL HTTP/1.1 c1.rfihub.net/js/tc.min.js
IP 143.204.68.124:0
File type C source, ASCII text, with very long lines (19497)
Hash ab5a2e3f2414c0a2b622e48c0b6da2fd
1a894787bde6cbf9b58d47b8f4245607420112ad
a5ef19cf7ca85f760c462ed2f228430c8d0a6d9daf3aa34894a5c42113cfdb8f
GET /js/tc.min.js HTTP/1.1
Host: c1.rfihub.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Content-Length: 6162
Connection: keep-alive
Date: Sun, 02 Oct 2022 22:34:09 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=3600
Expires: Sun, 02 Oct 2022 23:34:09 GMT
Last-Modified: Sun, 02 Oct 2022 22:33:59 GMT
Content-Encoding: gzip
Server: Jetty(9.3.29.v20201019)
X-Cache: Hit from cloudfront
Via: 1.1 5bd7968904465df8c4b1f4631f2e6f04.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR61-P1
X-Amz-Cf-Id: 500DTlGVftjjqnBvrQ0p0aj8cCpvSp_Dt_iGNDYxvGxsH_sQraj9Tg==
Age: 886
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 3.1 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (7751)
Hash 57efbbeb3e1d23c82b677511c67c8b0e
f927ba115ef4be362694c22850ddbdd1c1b054d1
873b38d80c8ff1ffcac23ecdb7fb2d17413ae3c217236d8e1e24574b1c4707c6
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=64804
date: Sun, 02 Oct 2022 22:48:55 GMT
content-length: 3063
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5471
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:55 GMT
Last-Modified: Sun, 02 Oct 2022 21:17:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/ga.js
216.239.32.178200 OK 17 kB URL HTTP/1.1 www.google-analytics.com/ga.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 17168
Date: Sun, 02 Oct 2022 21:05:06 GMT
Expires: Sun, 02 Oct 2022 23:05:06 GMT
Cache-Control: public, max-age=7200
Age: 6229
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
216.58.211.10403 Forbidden 132 B URL HTTP/1.1 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 216.58.211.10:0
File type JSON data\012- , ASCII text
Hash 3c954b0fdf7d56714cf712d02e0bf056
5c5acb630475cc6198b7191ba1adf49d72dd82f9
effda9280db937a1b47807f746c2797cdd1d44ffc3af3e1eee40306d7a9fe632
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://villamaryah.com
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 403 Forbidden
Vary: Origin, X-Origin, Referer
Content-Type: application/json; charset=UTF-8
Content-Encoding: gzip
Date: Sun, 02 Oct 2022 22:48:56 GMT
Server: scaffolding on HTTPServer2
Cache-Control: private
Content-Length: 132
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://villamaryah.com
Access-Control-Expose-Headers: vary,vary,vary,content-encoding,date,server,content-length
googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1663974610600&cv=9&fst=1663974610600&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 1.0 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/784459739/?random=1663974610600&cv=9&fst=1663974610600&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
File type ASCII text, with very long lines (2290), with no line terminators
Hash 997b0e9028811023d7f48866de391bf5
29bf99f441c07fbd570839772e3ebba7291f2dd5
dfb34690e1bf788e32a956e612f49e5ad45f8c163556b70490e5760c04654ab2
GET /pagead/viewthroughconversion/784459739/?random=1663974610600&cv=9&fst=1663974610600&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1028
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 23:03:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5472
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 21:17:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 9T/bm8xIAilLDMvizysknju4li5dmaMmzPbfPm366nZz9UzZ9bQBmka1Yg634CEE5dM0i7QKnRsB13tN4ykGJA==
content-length: 26840
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:48:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Sun, 02 Oct 2022 22:41:09 GMT
expires: Mon, 03 Oct 2022 00:41:09 GMT
cache-control: public, max-age=7200
age: 467
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 196e3bd776f30cca25becda1c6f68f98
a2b35cc1afdcb5e69a1ca6209b1f42693b43f2d7
5ff31f1eb1cebb7cf522094e8b259b7c57134ecac5f51d4fb4943888cc4f65fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 53aa134dc3b33b709b6ccf39e549055f
2e85a28ef73d7c403ad693fc8602e95fe3d803f3
877de7cadd4fc848afaac488f89ed987929505b563a03eb79e4e9d8fa0b41a0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2697
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 22:03:59 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6f2c2de9226b34d9a4dc9b4d89ca204e
1e1f75f719935b22f49c4e03bdb0877c226ada7f
0ac7c5f26b81f876878131da4d0f8f0f185c02c545771783f4427fb3871c879a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1913
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 22:17:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 312
www.googleadservices.com/pagead/conversion_async.js
142.250.74.66200 OK 15 kB URL HTTP/2 www.googleadservices.com/pagead/conversion_async.js
IP 142.250.74.66:0
File type ASCII text, with very long lines (1654)
Hash 3f6af00987331c2127d76c53ad1e07cb
4cd4976eb4921e3bd9a96b6a2a29b17251de939b
4ea0a9748c3e5fe15fc2ae185f43e6928db62b8b2250c3b4df092737938168c1
GET /pagead/conversion_async.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:56 GMT
expires: Sun, 02 Oct 2022 22:48:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 699633608045481581
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15192
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sun, 02 Oct 2022 22:48:56 GMT
expires: Sun, 02 Oct 2022 22:48:56 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 72e8c21988f5ecd736fde162321f0984
4bb9f82a2f6114b344600d920f91f1cc9260bc42
326533b2b3a8b24f0b21dbe9b94e5d9086f862ad74a1d01942fb829dff0352f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5472
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 21:17:44 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504
193.0.160.128302 Found 0 B URL HTTP/1.1 20818439p.rfihub.com/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504 HTTP/1.1
Host: 20818439p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 22:48:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504
Content-Length: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b8bbcf8d1aa0bb18cc23dea324f56b77
6ed68a9b076fb1abd3c435ffc89a3ca8633e1a54
fe44bf96466d2c41c6c1efba56e6e2a29b98e1e33ebaabf18d95ef5901acfee2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8c665d81a8995febfec300bd9f554c90
aa3599f282cff5e07d5681ec4854b70a82590f6d
57cd30b987eb23f54208b51c04daefd3657fdd84325f4035817b32e4ad5b5461
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.itau.com.uy/inst/favicon.ico
200.40.133.70200 OK 15 kB URL HTTP/1.1 www.itau.com.uy/inst/favicon.ico
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 61a3747e03241053596714c1f6a610fa
748e7da56762827f8e423d811fb61ddf61ac6d4b
fa34b347f7a18a48e09798a43c8e003e000176a810a70d8b52d8de97d6f35b1a
GET /inst/favicon.ico HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Tue, 20 Sep 2022 18:28:11 GMT
Accept-Ranges: bytes
ETag: "802ff0bc1ecdd81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:55 GMT
Content-Length: 15406
analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=f208289c-edcc-419e-b5f3-6abc2ca40553&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=9aa9a8da-e6f2-4641-ae7f-ac56d994e139&tw_document_href=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:55 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_ip8rPgs5RYgITpx0q47eNg=="; Max-Age=63072000; Expires=Tue, 01 Oct 2024 22:48:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: fb725be1464a0cf8
strict-transport-security: max-age=631138519
x-response-time: 102
x-connection-hash: e1705bbda8ced8ab99474730ff606cdae374961c7f23a95b3b9f23a94421f8ec
X-Firefox-Spdy: h2
analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
104.244.42.195200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27
IP 104.244.42.195:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=1&eci=1&event_id=c5ab3b3d-a843-4653-a66e-cd51f1066088&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=cc184cd7-e1e9-4db0-8f04-79035bdca93c&tw_document_href=http%3A%2F%2Fvillamaryah.com%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw62x&type=javascript&version=2.3.27 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:55 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_/n+tBLIjG+KYImw1Wr5NEA=="; Max-Age=63072000; Expires=Tue, 01 Oct 2024 22:48:56 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 9b3618034e24442b
strict-transport-security: max-age=631138519
x-response-time: 109
x-connection-hash: e1705bbda8ced8ab99474730ff606cdae374961c7f23a95b3b9f23a94421f8ec
X-Firefox-Spdy: h2
www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1642988805&utmhn=villamaryah.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ita%C3%BA&utmhid=113347035&utmr=-&utmp=%2F&utmht=1664750935725&utmac=UA-64060276-1&utmcc=__utma%3D26431930.815860786.1664750936.1664750936.1664750936.1%3B%2B__utmz%3D26431930.1664750936.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1445186877&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
216.239.32.178302 Found 370 B URL HTTP/1.1 www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1642988805&utmhn=villamaryah.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ita%C3%BA&utmhid=113347035&utmr=-&utmp=%2F&utmht=1664750935725&utmac=UA-64060276-1&utmcc=__utma%3D26431930.815860786.1664750936.1664750936.1664750936.1%3B%2B__utmz%3D26431930.1664750936.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1445186877&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
IP 216.239.32.178:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 0ce1cb02623ada8c132f4f1b346e5693
49dd8e323238180a0d129cf3b14afe4b02878251
cb19a2d242f5e890e5caf4f470b81b7049ca716036656d3213e3909d19ec901e
GET /r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1642988805&utmhn=villamaryah.com&utmcs=UTF-8&utmsr=1280x1024&utmvp=1280x939&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Ita%C3%BA&utmhid=113347035&utmr=-&utmp=%2F&utmht=1664750935725&utmac=UA-64060276-1&utmcc=__utma%3D26431930.815860786.1664750936.1664750936.1664750936.1%3B%2B__utmz%3D26431930.1664750936.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1445186877&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 302 Found
Location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64060276-1&cid=815860786.1664750936&jid=1445186877&_v=5.7.2&z=1642988805
Access-Control-Allow-Origin: *
Date: Sun, 02 Oct 2022 22:48:56 GMT
Pragma: no-cache
Expires: Fri, 01 Jan 1990 00:00:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Last-Modified: Sun, 17 May 1998 03:00:00 GMT
Cross-Origin-Resource-Policy: cross-origin
Content-Type: text/html; charset=UTF-8
Server: Golfe2
Content-Length: 370
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64060276-1&cid=815860786.1664750936&jid=1445186877&_v=5.7.2&z=1642988805
74.125.131.155302 Found 368 B URL HTTP/2 stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64060276-1&cid=815860786.1664750936&jid=1445186877&_v=5.7.2&z=1642988805
IP 74.125.131.155:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d3015a169d2e43c814d55d6497bb6761
855afa7d4ca6dd1e952fd27a1d3c6b46df45fcb7
13423078b984d166b2838a3e42617db079b433edb2562edd972a2cdaeebd17a8
GET /r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-64060276-1&cid=815860786.1664750936&jid=1445186877&_v=5.7.2&z=1642988805 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://villamaryah.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-64060276-1&cid=815860786.1664750936&jid=1445186877&_v=5.7.2&z=1642988805
access-control-allow-origin: *
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: Golfe2
content-length: 368
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/784459739/?random=1663974610600&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=2548915296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/784459739/?random=1663974610600&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=2548915296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/784459739/?random=1663974610600&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2wg9l0&sendb=1&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=2548915296&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/799010932/?random=1663974610490&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=3337349329&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/799010932/?random=1663974610490&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=3337349329&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/799010932/?random=1663974610490&cv=9&fst=1663974000000&num=1&bg=ffffff&guid=ON&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&async=1&fmt=3&is_vtc=1&random=3337349329&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 9ed950cfc3e255546f019a5a55cf851d
e317cb74d8f9624ac0a12f98c20a3120c4bc2e7a
80b50ceffa69eaaf775e16db95932b184decd6253a776cd180dd3fafab65cbd2
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 14:15:45 GMT
Expires: Sat, 08 Oct 2022 14:15:44 GMT
Etag: "e317cb74d8f9624ac0a12f98c20a3120c4bc2e7a"
Cache-Control: max-age=487007,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7540fd078f9ffac4-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 50366815306618737b22afb3327c4db9
d362647235cb883e1a58b6d4d6e6144813667119
8b8aa0dbd637f517324351c700f038a94fc87f5444576c337f2e7c6d860e2c50
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504
193.0.160.128200 OK 2.6 kB URL HTTP/1.1 20818439p.rfihub.com/sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504
IP 193.0.160.128:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (2610), with no line terminators
Hash 004bf1cd8e8b1a544f69063112f9c198
346485557f33717acebc2bce5a0ed2d7fca43fd0
f00a5c504f65e90b21bdc254db80dba79dac2bb1d38339a851fdddfb6b9438b0
GET /sr/ca.html?ver=9&rb=39195&ca=20818439&_o=39195&_t=20818439&pe=http%3A%2F%2Fvillamaryah.com%2F&pf=&ra=3158849608365504 HTTP/1.1
Host: 20818439p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://villamaryah.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_5vFyGtoZmZibmpgaQykzFeh8U-h8V-h8X-h8ScxofJnofEXofFXofE3ofF3oatnQeXfQuNvYkXTz43mXjT-ImFU_iM0PgCBwK11IAEAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjI1NjU0MLU0shDiM9QN8nbJ9YjPzg81DnUFALIfSUclAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0NjY2sjQ1MjI1NjU0MLU0shDiM9QN8nbJ9YjPzg81DnUFALIfSUclAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2610
Server: Jetty(9.3.29.v20201019)
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3942529%26time%3D1664750935777%26url%3Dhttp%253A%252F%252Fvillamaryah.com%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKk48jigUa4cAAAAYOa42GC2097edZdgWYBeZ_P91TnvpZoBTBJRJluUDYhXHW9lq4I_lHO7q433A; Max-Age=2592000; Expires=Tue, 01 Nov 2022 22:48:56 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQIq1eTXDk0WfgAAAYOa42GC_Cs7cN0rkURd7RA3nslqeQMZKapXtHYCZri1ZgtuHa-r9k6Anq0D0NwNToBQVQ; Max-Age=2592000; Expires=Tue, 01 Nov 2022 22:48:56 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&f6e6417e-da3a-4940-874b-324c2f9bacc2"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 02-Oct-2023 22:48:56 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2400:u=1:x=1:i=1664750936:t=1664837336:v=2:sig=AQG9fCFEByCcEEXfgXGsr_jGlS9Vh5eA"; Expires=Mon, 03 Oct 2022 22:48:56 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqFQg0lVHRhRtr42En0g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 304C7399687E48908972EC12C9CEF5DC Ref B: OSL30EDGE0207 Ref C: 2022-10-02T22:48:56Z
date: Sun, 02 Oct 2022 22:48:56 GMT
content-length: 0
X-Firefox-Spdy: h2
live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522535105928&referrer=http%3A%2F%2Fvillamaryah.com%2F
143.204.55.109302 Found 661 B URL HTTP/2 live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522535105928&referrer=http%3A%2F%2Fvillamaryah.com%2F
IP 143.204.55.109:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (575)
Hash b86c403f4f25a56df9cb49e3e9821094
b0eab6a6591bb39a2b5f31d00cefca1cc977f9eb
5f3348a892df9f8acf36d850566f8283e8773cad1ab6315a69d17803115533e1
GET /pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5133329522535105928&referrer=http%3A%2F%2Fvillamaryah.com%2F HTTP/1.1
Host: live.rezync.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 661
location: https://p.rfihub.com/cm?pub=39342&in=0&userid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddb625dcb-165c-4b45-b57d-7a91b1f691c7%253A1664750936.6237917
date: Sun, 02 Oct 2022 22:48:56 GMT
set-cookie: zync-uuid=db625dcb-165c-4b45-b57d-7a91b1f691c7:1664750936.6237917; Domain=rezync.com; Expires=Fri, 31 Mar 2023 22:48:56 GMT; Path=/; SameSite=None; Secure
sd-session-id=.eJwNytsOgjAMANB_6TMzdF1bu58h7GKyKGgYvkj4d3k8yTlg-tRtmde67hD37VsHyK92qUM8oLffUp8QgZGIvLH3TIwjm7_DOUCvvbf3OrVynZLEc8nJoXB2IQV2ibU4nQ0TPsQwa0SRoDwayU08qaHC-Qe7DCXP.YzoVWA.UVI6Er-nYQO0GD_DEfPYMK5xFpA; Expires=Fri, 31 Mar 2023 22:48:56 GMT; HttpOnly; Path=/; SameSite=None; Secure
vary: Cookie
server: lighttpd/1.4.59
x-cache: Miss from cloudfront
via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EvDh-spW-EvcqCqxDD3gJS2BvkxWIPSPEWZknnC3c0BrOsdzyStqiA==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=197011027887515&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936243&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=197011027887515&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936243&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=197011027887515&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936243&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 22:48:56 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=299015114384284&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936209&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=299015114384284&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936209&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=299015114384284&ev=PageView&dl=http%3A%2F%2Fvillamaryah.com%2F&rl=&if=false&ts=1664750936209&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664750936199.1299172392&it=1664750935856&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Sun, 02 Oct 2022 22:48:56 GMT
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3942529%26time%3D1664750935777%26url%3Dhttp%253A%252F%252Fvillamaryah.com%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3942529%26time%3D1664750935777%26url%3Dhttp%253A%252F%252Fvillamaryah.com%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3942529%26time%3D1664750935777%26url%3Dhttp%253A%252F%252Fvillamaryah.com%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://villamaryah.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&50cae777-5bf4-4e51-8f9d-23eaedf0f55d"; Domain=.linkedin.com; Expires=Mon, 02-Oct-2023 22:48:56 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20221002224856fbc0a544-ed6a-4d63-868e-88cb1cd2bf01AQErtpfJ4w1_DmdgFWDczuoG-XRdApyD"; Domain=.www.linkedin.com; Expires=Mon, 02-Oct-2023 22:48:56 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NjQ3NTA5MzY7MjswMjFERJ1UlFrgCDUhmIIczK0SgCcJ2BuogTWn4VPRKhiSQQ==; Domain=.linkedin.com; Expires=Fri, 31 Mar 2023 22:48:56 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2400:u=1:x=1:i=1664750936:t=1664837336:v=2:sig=AQG9fCFEByCcEEXfgXGsr_jGlS9Vh5eA"; Expires=Mon, 03 Oct 2022 22:48:56 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqFQg5bxsUOR6vauC/cw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F4568F2CA16640769F39BE742A666DF4 Ref B: OSL30EDGE0207 Ref C: 2022-10-02T22:48:56Z
date: Sun, 02 Oct 2022 22:48:56 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 4974221144b7cd1b3f43f9b59ce774b1
2b94e653d4063411834e6c2eed0c74e1b96b48fc
3a788d72e02ab52537daabdcdb6e1c16a43fb19c88dadaa4573014fa7bdb58ee
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 21:33:50 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 cb9d66c261e91793be744f629d6e309e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: Bxkwf7WyyCNEKchG8EtyWr2qQktt7QMIkWRjug6I-DWNm4lRCNq2Tw==
Age: 4506
contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329522535105928
23.38.200.22200 OK 45 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5133329522535105928
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 99cceceaed4d575484b69ddaf9ed66a7
1e3a3b15296b585833a22d987a387aa58aa1642d
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
GET /cksync.php?cs=3&type=rkt&ovsid=5133329522535105928 HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 45
content-type: image/gif
set-cookie: visitor-id=3077525363580246000V10; Expires=Mon, 02 Oct 2023 22:48:56 GMT; domain=.media.net; Path=/;
data-rk=5133329522535105928~~3;Expires=Sun, 01 Oct 2023 22:48:56 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 02 Oct 2022 22:48:56 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 02 Oct 2022 22:48:56 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=
142.250.74.162302 Found 369 B URL HTTP/2 cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b62e3dda89850d4d31c968eb1b2cd12c
6fd21359679cb1bd9e188f90c3f5bb23a4afd340
7532d54f2e31fbc69d284a90c93a3cbfe95fe3b17ef9e2517a8ed7b8b1fe8ffc
GET /pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=&google_tc=
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 369
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 23:03:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=
104.18.18.126302 Found 0 B URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=
IP 104.18.18.126:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward= HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 02 Oct 2022 22:48:56 GMT
content-length: 0
location: /rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=&C=1
cf-ray: 7540fd0b6f63b4ed-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=YzoVWCpq1Uk2dyPGQyyK2wAA; Path=/; Domain=casalemedia.com; Expires=Mon, 02 Oct 2023 22:48:56 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=4527; Path=/; Domain=casalemedia.com; Expires=Sat, 31 Dec 2022 22:48:56 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=4527; Path=/; Domain=casalemedia.com; Expires=Sat, 31 Dec 2022 22:48:56 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZ5BSO%2ByQjFNIlJMmnJWykDyPfLpgEMaT2gMwMHc2L0z9snuhc6MpeBSpS9EoFo7zy5CLT5yG5QyILXyyUktMm1moHmRSHKH1bjEr1HF62C7aRubRKTc7Bp5GgOt9MbrP4Vwyc5rp4QrzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=&google_tc=
142.250.74.162302 Found 269 B URL HTTP/2 cm.g.doubleclick.net/pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=&google_tc=
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2ac1f21e70e438c7e2193d02ee7e9be0
f9a11bb626bad146751fc166f96b91f6aeae7eab
de4a04a623ca095cd229a54edeb3120d9dc94d227198b75cb9a0a69677ed7c85
GET /pixel?in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEzMzMyOTUyMjUzNTEwNTkyOA==&forward=&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 269
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d2b1ffe288705fefc52bd887f4935807
0aba2b7cfe37cd3b358b247cd23af706726ed9ba
85e52dbed0a35dec4e79bf5c605d81dee822b2a1103f7030b281fd8b5dd0a2be
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2376
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 22:09:20 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d0cccf4ce8253fd53286a85fef0716e8
12094e4f75e6d03415180d178cfc097ef2aeffd6
83f2b3c3564f374e97a8104b9d2dd8e731b17d886bdbe2d003f36179c0271890
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=528237,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7540fd0b7913fac4-OSL
dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=&C=1
104.18.18.126200 OK 43 B URL HTTP/2 dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=&C=1
IP 104.18.18.126:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=57&external_user_id=5133329522535105928&forward=&C=1 HTTP/1.1
Host: dsum-sec.casalemedia.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:56 GMT
content-type: image/gif
content-length: 43
cf-ray: 7540fd0bafafb4ed-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4tI8rvOelGmjTXsAR1g%2B0OiIYNQ2aLC8KbfJAxPLK8Z46U5mRU01M86fkb7dm%2FEp85YttYmBrLQyyCZOvqJYha%2FZFKN6ZOi6wfo8sDwdZJOkpVvDWItjFuNiRagPcO9frICT0rqwuKRDCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ib.adnxs.com/setuid?entity=18&code=5133329522535105928
37.252.173.22307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/setuid?entity=18&code=5133329522535105928
IP 37.252.173.22:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /setuid?entity=18&code=5133329522535105928 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 22:48:56 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522535105928
AN-X-Request-Uuid: 8e953b24-0327-487b-a1f1-6633c7b93849
Set-Cookie: uuid2=7806769761510196900; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 31-Dec-2022 22:48:56 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
p.rfihub.com/cm?pub=24472&in=1
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=24472&in=1
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=24472&in=1 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 22:48:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAA_7vFwmtoZmZibmpgaWxmaWwCAAbs2fAQAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwMhbiM9TNdXeNTPTNDAyL9AkBAK9vjXIlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwMhbiM9TNdXeNTPTNDAyL9AkBAK9vjXIlAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
Location: https://ps.eyeota.net/match?uid=5109685624467835823&bid=omt9pi0
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3942529&time=1664750935777&url=http%3A%2F%2Fvillamaryah.com%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://villamaryah.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&3b43e5b5-2d0c-4302-87c7-756f02f1c17e"; domain=.linkedin.com; Path=/; Secure; Expires=Mon, 02-Oct-2023 22:48:56 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2400:u=1:x=1:i=1664750936:t=1664837336:v=2:sig=AQG9fCFEByCcEEXfgXGsr_jGlS9Vh5eA"; Expires=Mon, 03 Oct 2022 22:48:56 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXqFQg7ktI5J3dmncswzA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 880002B0BD4B4ACD908C765C380D7CAE Ref B: OSL30EDGE0207 Ref C: 2022-10-02T22:48:56Z
date: Sun, 02 Oct 2022 22:48:56 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac3bd9203842561ff6c0efa66a4f0c53
6e4a2cfd9c78b8f74eaed22be5d3a97e0ef4d4e6
d12d2268c2e86892041bc3c4f3a6724afc1ddafcb442d4007f32fd13ec3b9aa9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2968
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 21:59:28 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
idsync.rlcdn.com/360947.gif?partner_uid=5133329522535105928
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/360947.gif?partner_uid=5133329522535105928
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /360947.gif?partner_uid=5133329522535105928 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: rlas3=GqiutjviFru9WDaIZ22DyPwHGxBSVyqK1D/TJ/hrKs4=; Path=/; Domain=rlcdn.com; Expires=Mon, 02 Oct 2023 22:48:56 GMT; Secure; SameSite=None
pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Thu, 01 Dec 2022 22:48:56 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 02 Oct 2022 22:48:56 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329522535105928&redir=
34.241.100.149302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=1121&dpuuid=5133329522535105928&redir=
IP 34.241.100.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=1121&dpuuid=5133329522535105928&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v044-0fd49f064.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522535105928&redir=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=05457359399211036371072320278691906931; Max-Age=15552000; Expires=Fri, 31 Mar 2023 22:48:56 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: YpyfaZ5DT3M=
Content-Length: 0
Connection: keep-alive
sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
151.101.86.49503 Service Unavailable 0 B URL HTTP/2 sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
IP 151.101.86.49:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP/1.1
Host: sync-tm.everesttech.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 503 Service Unavailable
server: Varnish
retry-after: 0
accept-ranges: bytes
date: Sun, 02 Oct 2022 22:48:56 GMT
via: 1.1 varnish
x-served-by: cache-bma1669-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664750937.983374,VS0,VE0
cache-control: no-cache
pragma: no-cache
content-length: 0
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 172 kB IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Size 172 kB (172150 bytes)
Hash 6a240736092124068b40e826ec7b866c
61b60e2d8d482ee09036ff9e3eebc6c9080be887
37a3ddfc105ea621d029d84d8c06dc1867386580372d8aeb4717b2c14fc79218
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4217
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:56 GMT
Last-Modified: Sun, 02 Oct 2022 21:38:39 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
p.rfihub.com/cm?pub=39342&in=0&userid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddb625dcb-165c-4b45-b57d-7a91b1f691c7%253A1664750936.6237917
193.0.160.128302 Found 0 B URL HTTP/1.1 p.rfihub.com/cm?pub=39342&in=0&userid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddb625dcb-165c-4b45-b57d-7a91b1f691c7%253A1664750936.6237917
IP 193.0.160.128:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm?pub=39342&in=0&userid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Ddb625dcb-165c-4b45-b57d-7a91b1f691c7%253A1664750936.6237917 HTTP/1.1
Host: p.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Date: Sun, 02 Oct 2022 22:48:56 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: euds=H4sIAAAAAAAA_wXBwQ2AQAgEwI_tYNw72A12IxALsXJnvkNTXDFdBkabl4dVaExPovAy0bpBuuLKzZNrK6Efc6VBUDoAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_0XIsRGAQAgEwAqMvg4c-Ye7wW4ExoIMrdbQDfcZ7MT0rhSFl1iaSzpbeIWm3ggtngoY_YiFHXMxlO_Y_gzaB-ZUQ8pKAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwNhLiM9StdE4MKTBKMXLWjdIFAKtnBNslAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwNhLiM9StdE4MKTBKMXLWjdIFAKtnBNslAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:56 GMT; Secure; SameSite=None
Location: https://idsync.rlcdn.com/501709.gif?partner_uid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917
Content-Length: 0
Server: Jetty(9.3.29.v20201019)
pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5133329522535105928&
213.19.162.80204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5133329522535105928&
IP 213.19.162.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=13490&nid=2596&put=5133329522535105928& HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 693f17ec94b6fd0c82d03268b1ba23d6
Content-Type: image/gif
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash e46cf4c2fade3608e8a7e63061381e4a
679427ebe88fabdc858d4dc37453b1419dfc4042
bc99b34b0b83042f861905c469d2eeaabd32634eb67d7a81f204273e63c9cb93
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6309
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:57 GMT
Last-Modified: Sun, 02 Oct 2022 21:03:48 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 727
bpi.rtactivate.com/tag/?id=11017&user_id=5133329522535105928
54.84.86.17200 OK 43 B URL HTTP/2 bpi.rtactivate.com/tag/?id=11017&user_id=5133329522535105928
IP 54.84.86.17:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tag/?id=11017&user_id=5133329522535105928 HTTP/1.1
Host: bpi.rtactivate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Sun, 02 Oct 2022 22:48:56 GMT
content-type: image/gif
content-length: 43
X-Firefox-Spdy: h2
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522535105928&img=1
185.94.180.126302 Found 0 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522535105928&img=1
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /partner?adv_id=7180&uid=5133329522535105928&img=1 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: text/plain
Content-Length: 0
Connection: keep-alive
Set-Cookie: audience=65e76f69-42a4-11ed-af19-1a7cb9e30206; expires=Sun, 30-Oct-2022 22:48:57 GMT; path=/; domain=.spotxchange.com; SameSite=none
Location: /partner?adv_id=7180&uid=5133329522535105928&img=1&__user_check__=1&sync_id=65e76fdf-42a4-11ed-af19-1a7cb9e30206
X-fe: 22
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329522535105928
23.38.201.22200 OK 43 B URL HTTP/2 x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5133329522535105928
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /e/rocketfuel_sync?na_exid=5133329522535105928 HTTP/1.1
Host: x.dlx.addthis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
expires: Sun, 02 Oct 2022 22:48:57 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 02 Oct 2022 22:48:57 GMT
strict-transport-security: max-age=2628000
X-Firefox-Spdy: h2
aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329522535105928
3.75.14.26200 OK 43 B URL HTTP/2 aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5133329522535105928
IP 3.75.14.26:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /adscores/g.pixel?sid=9212192898&rf=5133329522535105928 HTTP/1.1
Host: aa.agkn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:57 GMT
content-type: image/gif
content-length: 43
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
X-Firefox-Spdy: h2
idsync.rlcdn.com/501709.gif?partner_uid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/501709.gif?partner_uid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /501709.gif?partner_uid=db625dcb-165c-4b45-b57d-7a91b1f691c7%3A1664750936.6237917 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdkYjYyNWRjYi0xNjVjLTRiNDUtYjU3ZC03YTkxYjFmNjkxYzc6MTY2NDc1MDkzNi42MjM3OTE3EAAaDQjZquiZBhIFCOgHEABCAEoA
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Thu, 01 Dec 2022 22:48:57 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 02 Oct 2022 22:48:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8dfc2dfa669c1bb36a5aff950ccbacc
4acb29275d51ee4ac265817a8ab10502af460864
7f57eadf59a38ef65d3002fafdc99a48f62e37abeae0297e78a46376b78e23e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4011
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 02 Oct 2022 22:48:57 GMT
Last-Modified: Sun, 02 Oct 2022 21:42:07 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
193.0.160.128200 OK 42 B URL HTTP/1.1 a.rfihub.com/cm?pub=445&in=0&forward=&google_error=3
IP 193.0.160.128:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /cm?pub=445&in=0&forward=&google_error=3 HTTP/1.1
Host: a.rfihub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:57 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: euds=H4sIAAAAAAAA_-NicjUGAEAxo38EAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
eud=H4sIAAAAAAAA_-NicjUO4jU0MzMxNzWwNDY3MDECAMamqBITAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:57 GMT; Secure; SameSite=None
ruds=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwMRXiM9QNKw0pLPTyKAo3CUkHACOEyAklAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
rud=H4sIAAAAAAAA_-MSNjU0sDSzMDUzMjExM7cwNrUwMRXiM9QNKw0pLPTyKAo3CUkHACOEyAklAAAA; Path=/; Domain=.rfihub.com; Expires=Fri, 27 Oct 2023 22:48:57 GMT; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: image/gif
Content-Length: 42
Server: Jetty(9.3.29.v20201019)
ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522535105928
37.252.173.22200 OK 43 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522535105928
IP 37.252.173.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 592ebefc7104d681d57852665e9ad514
15cdf8df32aa251dd6dd590a60bf9cf74474e7c5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
GET /bounce?%2Fsetuid%3Fentity%3D18%26code%3D5133329522535105928 HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.21.3
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
AN-X-Request-Uuid: 40e4e35b-f71c-4f0c-824a-948921b562f5
Set-Cookie: anj=dTM7k!M4/YErk#WF']wIg2GVPqDrNJ!]tbPl1MNu::wpAk`W>$ka#=sjF$dak`W=ejG+I+n='%Y4^J$o!_6-zQEVk`!)Jo+oX$<a; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 31-Dec-2022 22:48:57 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash b3fdeb5e261e01994b3089502ee4f4c3
77b896dbed2aec76795f66189e00f68f7a395086
07a2685b2941c5d80884039478e1422205d7a9157726a05d1a63bf2a7577f954
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:48:57 GMT
Last-Modified: Sun, 02 Oct 2022 22:00:54 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 cb9d66c261e91793be744f629d6e309e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: TN9okx3GQXZdyG3hQLuPkNs907H5KTt2m1YNgtRjSJSv2gek8_xANQ==
Age: 2884
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b8469fcdf1f9936ba7e6d68d202de04e
581d3a5d1979b2c2374e0bba3231ef46868ef55f
fe333565928984049e3f12a239341030d6e651e8fd0c6193f59e2ef744ff8abe
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 01:56:50 GMT
Expires: Sat, 08 Oct 2022 01:56:49 GMT
Etag: "581d3a5d1979b2c2374e0bba3231ef46868ef55f"
Cache-Control: max-age=442671,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7540fd0c796ffac4-OSL
idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdkYjYyNWRjYi0xNjVjLTRiNDUtYjU3ZC03YTkxYjFmNjkxYzc6MTY2NDc1MDkzNi42MjM3OTE3EAAaDQjZquiZBhIFCOgHEABCAEoA
35.244.174.68307 Temporary Redirect 0 B URL HTTP/2 idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjdkYjYyNWRjYi0xNjVjLTRiNDUtYjU3ZC03YTkxYjFmNjkxYzc6MTY2NDc1MDkzNi42MjM3OTE3EAAaDQjZquiZBhIFCOgHEABCAEoA
IP 35.244.174.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1000.gif?memo=CM3PHhJBCj0IARAFGjdkYjYyNWRjYi0xNjVjLTRiNDUtYjU3ZC03YTkxYjFmNjkxYzc6MTY2NDc1MDkzNi42MjM3OTE3EAAaDQjZquiZBhIFCOgHEABCAEoA HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 307 Temporary Redirect
cache-control: no-cache, no-store
location: https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CNmq6JkGEgUI6AcQABIGCLrqARAA; Path=/; Domain=rlcdn.com; Expires=Thu, 01 Dec 2022 22:48:57 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 02 Oct 2022 22:48:57 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329522535105928
34.254.11.145204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5133329522535105928
IP 34.254.11.145:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner_id=rfuel&partner_user_id=5133329522535105928 HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 02 Oct 2022 22:48:57 GMT
set-cookie: _kuid_=PHVwWMm3; Expires=Fri, 31-Mar-23 22:48:57 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n020-dub-prod.krxd.net
x-request-time: D=31 t=1664750937
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522535105928&redir=
34.241.100.149200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522535105928&redir=
IP 34.241.100.149:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5133329522535105928&redir= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v044-06f4f0b6e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: cb/dwBC2ScY=
Content-Length: 59
Connection: keep-alive
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash a817bba433611bf35a63ebe3326abccf
b244c7c000b3df5c48e51409a2b4403d940a03ad
d8db7904e66cad58158ca313fdd78e9cbd65623aa920732cab13f343335e5ee3
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 01 Oct 2022 21:01:01 GMT
Expires: Sat, 08 Oct 2022 21:01:00 GMT
Etag: "b244c7c000b3df5c48e51409a2b4403d940a03ad"
Cache-Control: max-age=603732,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 1358
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7540fd0cba870b51-OSL
bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
52.59.66.69200 OK 0 B URL HTTP/2 bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
IP 52.59.66.69:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP/1.1
Host: bs.serving-sys.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:57 GMT
content-length: 0
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
X-Firefox-Spdy: h2
x.bidswitch.net/sync?dsp_id=119&user_id=5133329522535105928&expires=30
3.122.47.104302 Moved Temporarily 0 B URL HTTP/1.1 x.bidswitch.net/sync?dsp_id=119&user_id=5133329522535105928&expires=30
IP 3.122.47.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=119&user_id=5133329522535105928&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Cache-Control: no-cache, no-store, must-revalidate
Date: Sun, 02 Oct 2022 22:48:57 GMT
Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522535105928&expires=30
Set-Cookie: tuuid=94dbb4ba-5950-42ed-82a1-a360c16f8987; path=/; expires=Mon, 02-Oct-2023 22:48:57 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664750937; path=/; expires=Mon, 02-Oct-2023 22:48:57 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1664750937; path=/; expires=Mon, 02-Oct-2023 22:48:57 GMT; domain=.bidswitch.net; samesite=none; secure
c=1664750937; path=/; expires=Mon, 02-Oct-2023 22:48:57 GMT; domain=.bidswitch.net; samesite=none; secure
Content-Length: 0
Connection: keep-alive
sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522535105928&img=1&__user_check__=1&sync_id=65e76fdf-42a4-11ed-af19-1a7cb9e30206
185.94.180.126200 OK 43 B URL HTTP/1.1 sync.search.spotxchange.com/partner?adv_id=7180&uid=5133329522535105928&img=1&__user_check__=1&sync_id=65e76fdf-42a4-11ed-af19-1a7cb9e30206
IP 185.94.180.126:0
ASN #35220 SpotXchange, INC
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /partner?adv_id=7180&uid=5133329522535105928&img=1&__user_check__=1&sync_id=65e76fdf-42a4-11ed-af19-1a7cb9e30206 HTTP/1.1
Host: sync.search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
Set-Cookie: audience=65f58a7f-42a4-11ed-b83a-1d7abbad0106; expires=Sun, 30-Oct-2022 22:48:57 GMT; path=/; domain=.spotxchange.com
x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
X-fe: 28
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
ps.eyeota.net/match?uid=5109685624467835823&bid=omt9pi0
3.125.70.222200 OK 0 B URL HTTP/1.1 ps.eyeota.net/match?uid=5109685624467835823&bid=omt9pi0
IP 3.125.70.222:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?uid=5109685624467835823&bid=omt9pi0 HTTP/1.1
Host: ps.eyeota.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Set-Cookie: SERVERID=18916~DM; Domain=eyeota.net; Path=/; Expires=Sun, 02 Oct 2022 22:58:57 GMT; Secure; SameSite=None;
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
Content-Length: 0
Date: Sun, 02 Oct 2022 22:48:57 GMT
x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522535105928&expires=30
3.122.47.104200 OK 43 B URL HTTP/1.1 x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=5133329522535105928&expires=30
IP 3.122.47.104:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=119&user_id=5133329522535105928&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: image/gif
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Length: 43
Connection: keep-alive
idsync.rlcdn.com/362358.gif?google_error=3
35.244.174.68200 OK 42 B URL HTTP/2 idsync.rlcdn.com/362358.gif?google_error=3
IP 35.244.174.68:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /362358.gif?google_error=3 HTTP/1.1
Host: idsync.rlcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://20818439p.rfihub.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie: pxrc=CAA=; Path=/; Domain=rlcdn.com; Expires=Thu, 01 Dec 2022 22:48:57 GMT; Secure; SameSite=None
timing-allow-origin: *
date: Sun, 02 Oct 2022 22:48:57 GMT
content-length: 42
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
18.165.196.18200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 18.165.196.18:0
Hash 91f03363a001b4ca83188216839223c0
e542d10e699f0175f894d53cc22c2cd043ebaac9
6e4e7c1400c4ea02f0198322c5c507c2a9e6a3e94654e25a2ed573e4b7e94c98
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 02 Oct 2022 22:48:57 GMT
Last-Modified: Sun, 02 Oct 2022 21:57:27 GMT
Server: ECS (nyb/1D17)
X-Cache: Miss from cloudfront
Via: 1.1 cb9d66c261e91793be744f629d6e309e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P3
X-Amz-Cf-Id: NGojipo33LwuO-QwCwdiiMDBkdTL6yQFgY02tyaGv7CczZhXJ-VqrA==
Age: 3090
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash d0cccf4ce8253fd53286a85fef0716e8
12094e4f75e6d03415180d178cfc097ef2aeffd6
83f2b3c3564f374e97a8104b9d2dd8e731b17d886bdbe2d003f36179c0271890
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 02 Oct 2022 01:42:55 GMT
Expires: Sun, 09 Oct 2022 01:42:54 GMT
Etag: "12094e4f75e6d03415180d178cfc097ef2aeffd6"
Cache-Control: max-age=528236,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7540fd0cbfdab515-OSL
maps.googleapis.com/maps-api-v3/api/js/50/7a/common.js
216.58.211.10200 OK 69 kB URL HTTP/1.1 maps.googleapis.com/maps-api-v3/api/js/50/7a/common.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (581)
Hash a291cedc965149d8a38926dcd21cdd2b
6a20198759008813880dd5972e63a35029fc91d3
991382efdf7fb65264f3ff34e182330ed499a2eecac7d59dd017a792e0102b44
GET /maps-api-v3/api/js/50/7a/common.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Length: 69350
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 19:26:20 GMT
Expires: Thu, 28 Sep 2023 19:26:20 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 27 Sep 2022 20:35:20 GMT
Content-Type: text/javascript
Age: 357758
maps.googleapis.com/maps-api-v3/api/js/50/7a/util.js
216.58.211.10200 OK 61 kB URL HTTP/1.1 maps.googleapis.com/maps-api-v3/api/js/50/7a/util.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (548)
Hash 010a4c93e70c4e8d0fdb61e666cadf0f
c8d68d05240db807c7a2e97c38053bee62339eb5
1c181d0b27ff32bccc30193261c0267f2a3f8b65e1c46af03e8f34e86647df7d
GET /maps-api-v3/api/js/50/7a/util.js HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding, Origin
Content-Encoding: gzip
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="maps-api-js"
Report-To: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
Content-Length: 60561
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 28 Sep 2022 19:26:21 GMT
Expires: Thu, 28 Sep 2023 19:26:21 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 27 Sep 2022 20:35:20 GMT
Content-Type: text/javascript
Age: 357757
villamaryah.com/inst/includes/placeholders.jquery.min.js
176.221.34.180200 OK 0 B URL HTTP/1.1 villamaryah.com/inst/includes/placeholders.jquery.min.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/placeholders.jquery.min.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
googleads.g.doubleclick.net/pagead/viewthroughconversion/799010932/?random=1663974610490&cv=9&fst=1663974610490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
142.250.74.2200 OK 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/799010932/?random=1663974610490&cv=9&fst=1663974610490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
IP 142.250.74.2:0
GET /pagead/viewthroughconversion/799010932/?random=1663974610490&cv=9&fst=1663974610490&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=482&u_w=358&u_ah=482&u_aw=358&u_cd=24&u_his=2&u_tz=-360&u_java=false&u_nplug=0&u_nmime=0>m=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.itau.com.uy%2Finst%2F&ref=https%3A%2F%2Fwww.itau.com.uy%2F&tiba=Ita%C3%BA&auid=1980791754.1662580076&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 22:48:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1037
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 02-Oct-2022 23:03:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/299015114384284?v=2.9.83&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/299015114384284?v=2.9.83&r=stable
IP 31.13.72.12:0
GET /signals/config/299015114384284?v=2.9.83&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: /SSFwcGcbI6TuZcZstfz4qf1oSFQk9jj7pKfY4dd8QwiwR2ul0gFe6baC3Am8RSGAHC8yjbEkvneN3QQcZ4u0g==
priority: u=3,i
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:48:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
konecta-widget.net/.netlify/functions/readWidgetByBotId/611ff8f4f1e7d4de20da2954
18.159.128.50200 OK 0 B URL HTTP/2 konecta-widget.net/.netlify/functions/readWidgetByBotId/611ff8f4f1e7d4de20da2954
IP 18.159.128.50:0
GET /.netlify/functions/readWidgetByBotId/611ff8f4f1e7d4de20da2954 HTTP/1.1
Host: konecta-widget.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://villamaryah.com
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, authorization
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
age: 0
cache-control: no-cache
content-encoding: br
content-type: text/plain; charset=utf-8
date: Sun, 02 Oct 2022 22:48:54 GMT
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01GEDE6PC2NGNJM65J9JKM5BTC
X-Firefox-Spdy: h2
connect.facebook.net/signals/config/197011027887515?v=2.9.83&r=stable
31.13.72.12200 OK 0 B URL HTTP/2 connect.facebook.net/signals/config/197011027887515?v=2.9.83&r=stable
IP 31.13.72.12:0
GET /signals/config/197011027887515?v=2.9.83&r=stable HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: k6qGUQdTbzrc5Rkwv8IBBoag9iLOqg5ECVwjmq3v1/y/y5EbCTQbYLI9E+jDJMWsyOA7XFzsQuk870LWZK5C/g==
x-fb-trip-id: 1904183273
date: Sun, 02 Oct 2022 22:48:56 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
216.58.211.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap
IP 216.58.211.10:0
GET /css2?family=Roboto:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 02 Oct 2022 22:48:52 GMT
date: Sun, 02 Oct 2022 22:48:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.itau.com.uy/inst/aci/images/img_5060644_PlacaHomeanimadaCuentaPocket900kb.gif
200.40.133.70200 OK 0 B URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_5060644_PlacaHomeanimadaCuentaPocket900kb.gif
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
GET /inst/aci/images/img_5060644_PlacaHomeanimadaCuentaPocket900kb.gif HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Last-Modified: Mon, 20 Jun 2022 19:38:27 GMT
Accept-Ranges: bytes
ETag: "915e2450dd84d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 1001953
villamaryah.com/inst/includes/gtm.js
176.221.34.180200 OK 0 B URL HTTP/1.1 villamaryah.com/inst/includes/gtm.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/gtm.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:52 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
villamaryah.com/inst/includes/js.cookie.js
176.221.34.180200 OK 0 B URL HTTP/1.1 villamaryah.com/inst/includes/js.cookie.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/js.cookie.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
www.itau.com.uy/inst/aci/images/img_7799139_homesegurovacacionesprimavera1400x900.jpg
200.40.133.70200 OK 0 B URL HTTP/1.1 www.itau.com.uy/inst/aci/images/img_7799139_homesegurovacacionesprimavera1400x900.jpg
IP 200.40.133.70:0
ASN #6057 Administracion Nacional de Telecomunicaciones
GET /inst/aci/images/img_7799139_homesegurovacacionesprimavera1400x900.jpg HTTP/1.1
Host: www.itau.com.uy
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://villamaryah.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Mon, 12 Sep 2022 18:21:30 GMT
Accept-Ranges: bytes
ETag: "fd2ba37ad4c6d81:0"
Server:
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=86400
X-POWERED-BY:
Date: Sun, 02 Oct 2022 22:48:54 GMT
Content-Length: 874683
villamaryah.com/inst/includes/signals.min.js
176.221.34.180200 OK 0 B URL HTTP/1.1 villamaryah.com/inst/includes/signals.min.js
IP 176.221.34.180:0
ASN #15525 Servicos De Comunicacoes E Multimedia S.A.
Analyzer Verdict Alert openphish Itau Unibanco S.A
fortinet Phishing
GET /inst/includes/signals.min.js HTTP/1.1
Host: villamaryah.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://villamaryah.com/
Cookie: PHPSESSID=kcq4dln2s30jqbcctmc71bp3a4
HTTP/1.1 200 OK
Date: Sun, 02 Oct 2022 22:48:51 GMT
Server: Apache
X-Powered-By: PHP/5.4.45
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html
partners.tremorhub.com/sync?UIRF=5133329522535105928&r=CeVSU4nC5IC2
3.227.90.123200 OK 0 B URL HTTP/2 partners.tremorhub.com/sync?UIRF=5133329522535105928&r=CeVSU4nC5IC2
IP 3.227.90.123:0
GET /sync?UIRF=5133329522535105928&r=CeVSU4nC5IC2 HTTP/1.1
Host: partners.tremorhub.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://20818439p.rfihub.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 02 Oct 2022 22:48:57 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2