Report - www.onlyfree.mx/

Report Overview

Visited public
2023-12-07 02:02:16
Tags
URL
www.onlyfree.mx/
Finishing URL
www.onlyfree.mx/
IP / ASN
74.208.236.75
#8560 IONOS SE
Title
OnlyFree | OnlyFans Gratis - Encuentra los OnlyFans más famosos de Internet, totalmente gratis.

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pl17621979.highrevenuegate.com	unknown	2023-03-02	2023-07-17 14:19:51	2023-07-17 14:19:51	461 B	16 kB	173.233.139.164
pagead2.googlesyndication.com	101	2003-01-21	2021-02-20 16:52:05	2023-12-06 12:31:28	469 B	52 kB	142.250.74.2
assistantasks.com	unknown	2023-11-28	2023-11-28 10:07:34	2023-12-04 10:38:34	4.6 kB	6.4 kB	173.233.137.60
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-12-06 20:26:27	413 B	86 kB	104.21.234.33
www.onlyfree.mx	unknown	2022-08-19	2022-09-06 05:19:56	2023-11-09 04:20:13	11 kB	1.3 MB	74.208.236.75
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-12-06 07:40:41	901 B	152 kB	142.250.74.168
proftrafficcounter.com	unknown	2023-11-16	2023-11-21 09:55:14	2023-12-06 20:26:27	958 B	720 B	18.157.140.81
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-12-05 22:22:23	3.0 kB	238 kB	172.64.108.10
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29 18:47:27	2023-12-04 17:44:16	507 B	2.2 kB	104.26.6.19
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21 01:06:24	2023-12-06 11:33:58	350 B	942 B	143.204.53.97
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-06 07:50:48	2.1 kB	82 kB	216.58.207.227
sp-ao.shortpixel.ai	17221	2018-07-14	2021-08-12 00:39:52	2023-12-06 10:24:22	7.1 kB	69 kB	194.242.11.186
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-12-06 07:08:39	1.4 kB	64 kB	142.250.74.106
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-12-06 18:50:09	766 B	424 B	192.243.59.12

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-06	medium	highrevenuegate.com	Sinkholed
2023-12-06	medium	assistantasks.com	Sinkholed
2023-12-06	medium	assistantasks.com	Sinkholed
2023-12-06	medium	assistantasks.com	Sinkholed
2023-12-06	medium	assistantasks.com	Sinkholed
2023-12-07	medium	unseenreport.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (16)

	URL	From	Size	First Seen	Last Seen
	www.onlyfree.mx/	ScriptElement	294 B	2023-03-07	2025-05-11
Pretty URL www.onlyfree.mx/ IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-11 08:00 Times Seen1237 Hash 6f996f77dbfaf8f8f570a41fe4bc0e66 c6c21cdf9d26daac3c3fa466d46da03c70c2e8b6 e67bb8576493cbde78b6822ce205f837102cad9cf1a8302b9829f167f6158674 Loading...

	www.onlyfree.mx/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL www.onlyfree.mx/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 18:43 Times Seen341987 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.onlyfree.mx/wp-content/cache/minify/f97f6.js	ScriptElement	16 kB	2023-07-17	2023-12-07
Pretty URL www.onlyfree.mx/wp-content/cache/minify/f97f6.js IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-17 14:20 Last Seen2023-12-07 03:02 Times Seen2 Hash ac3ca1344e85ac2688d91eb78e6a565f f8e09a86133b6238958df2610dc6672fc0d16564 7a2b7bd1eaecfd3e3c7ac1931b47513613d398a2bb5426c6776d3346c5dded10 Loading...

	pagead2.googlesyndication.com/pagead/js/adsbygoogle.js	ScriptElement	1.6 kB	2023-05-06	2025-05-11
Pretty URL pagead2.googlesyndication.com/pagead/js/adsbygoogle.js IP 142.250.74.2 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-11 18:05 Times Seen24233 Hash 2e9e391ad98fbe1b2de0b7b4fa9ca904 21d7771223e8286a06ad878af425094a40de32b5 1468d954f25ab75355f3c0f42cd9c84efd64a67922c47d3b69bdb6d0eb399e69 Loading...

	www.googletagmanager.com/gtag/js?id=G-ZXH4Q1Q8SZ&l=dataLayer&cx=c	ScriptElement	229 kB	2023-12-07	2023-12-07
Pretty URL www.googletagmanager.com/gtag/js?id=G-ZXH4Q1Q8SZ&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 03:02 Last Seen2023-12-07 03:02 Times Seen1 Hash b7b315c49d4f0521fdceff606add7764 62e6c8eb892e2bf2cb61aab76aef7ea6a6b6864b 32da17283df100b201e4218e144fdf0dab0c9ccc3b32874cd0d0d7cd1517286e Loading...

	www.onlyfree.mx/sandbox%20eval%20code		128 B	2023-05-06	2025-05-11
Pretty URL www.onlyfree.mx/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 01:21 Last Seen2025-05-11 18:05 Times Seen24443 Hash 23c336606ee3a6d444b305153fa0e2e2 473a2111970ae2a94b373e656d20c4bd4184d703 305375d5052f6a14434d2d338f852f0f4f04fb26495f88a5d62b6afde2e2cc60 Loading...

	unknown	ScriptElement	4.1 kB	2024-08-20	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 16:31 Last Seen2024-08-20 16:31 Times Seen1 Hash 330988b987729c966e5249b9fa4eb88b cb36f82ba0996ec80e6d91b6890098c4caab059a e4329f83ab3553264e96bed20045ff890cbf5aeabf8e5314797387cb3441e46a Loading...

	www.googletagmanager.com/gtag/js?id=UA-238708264-1	ScriptElement	191 kB	2023-12-07	2023-12-07
Pretty URL www.googletagmanager.com/gtag/js?id=UA-238708264-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 03:02 Last Seen2023-12-07 03:02 Times Seen1 Hash 2b80c0cee50905f0fcfc5fc59e6e29e1 921496a9702a4b3add7a96f4c872c06606252753 5b0b5c5640cdd2a4c413c710ee1193437d62403f9b95167fb5f67036dc2c868d Loading...

	pl17621979.highrevenuegate.com/d1/96/0f/d1960f6710066ccd569ff9bb5f5ee42f.js	ScriptElement	42 kB	2023-12-07	2023-12-07
Pretty URL pl17621979.highrevenuegate.com/d1/96/0f/d1960f6710066ccd569ff9bb5f5ee42f.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 03:02 Last Seen2023-12-07 03:02 Times Seen1 Hash cace5d2706f48fdde4b19a8ea1f9aa8b 38db36ead5d676f87747a66a1e93622ae6c3fc82 c3157a4577ad4421483e00fd607eb533d6c8fa07670b26f924d9d4cb42815b6b Loading...

	www.onlyfree.mx/wp-content/cache/minify/91e73.js	ScriptElement	153 kB	2023-12-07	2023-12-07
Pretty URL www.onlyfree.mx/wp-content/cache/minify/91e73.js IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-07 03:02 Last Seen2023-12-07 03:02 Times Seen1 Hash 33e1810279170dba2778d239623f6f91 fcd76add66018854525b0b5aa02a43d6d8eeb95f f7541b673075846a1e1a6faf64f1d11c85db7c170b83f663deb0e6837bbb5a28 Loading...

	www.onlyfree.mx/	ScriptElement	6.0 kB	2024-08-20	2024-08-20
Pretty URL www.onlyfree.mx/ IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 16:31 Last Seen2024-08-20 16:31 Times Seen1 Hash 634a9f6ce039f9443f5f8318b6affb45 c1bac37e74bfd9521f6f96664308411a8b904339 446e19e51a5a21b9fbe095af64552362a5d27479c414f46bf90f491091d3dd61 Loading...

	unknown	ScriptElement	2.1 kB	2023-03-08	2025-03-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:50 Last Seen2025-03-07 04:26 Times Seen80 Hash 2b9872b1c66bf923efcfa18f0f69eca1 17efef6e8b78ed400d1636696e7a586c0837fc5f 418ee759dc1ffc4c55215dc9311ceb0d8aaf80b0daecf16e8addf8c880d265c5 Loading...

	www.onlyfree.mx/	ScriptElement	84 B	2023-03-07	2025-05-10
Pretty URL www.onlyfree.mx/ IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 16:18 Times Seen2388 Hash 31370ae3f78a60279d29cd25e1eb8657 34f454d9855d2dc1d71ab7101bd7a04d1b0199bf 6682cf99413df38b7572d2f2eb9c549f33d2a52ceaa9c6a8ff723c02339380dc Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 18:43 Times Seen341185 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.onlyfree.mx/wp-content/cache/minify/d52ed.js	ScriptElement	88 kB	2023-11-03	2025-05-11
Pretty URL www.onlyfree.mx/wp-content/cache/minify/d52ed.js IP 74.208.236.75 ASN #8560 IONOS SE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 09:26 Last Seen2025-05-11 18:44 Times Seen92617 Hash 826eb77e86b02ab7724fe3d0141ff87c 79cd3587d565afe290076a8d36c31c305a573d18 cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-11-23	2024-08-20
Pretty URL friendshipmale.com/sfp.js IP 104.21.234.33 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-23 18:35 Last Seen2024-08-20 18:08 Times Seen6307 Hash 924e967bca1d599992556a8d139b1c5a 222b09dbf164ddc03d39100fd0524a22018d28b2 ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95 Loading...

HTTP Transactions (60)

URL IP Response Size

www.onlyfree.mx/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js

74.208.236.75

200 OK

2.6 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6274)
Size
2.6 kB (2573 bytes)
Hash
c0dc04a574108028bf6bde0c0e6d8e88
61237ccd1f8af2ae508382ded36af62bd54cb6c2
1a54a1907a6443e3c81608130bfed4546eb0ce5d0c8897e1d7a3b43d89ecc367

HTTP Headers

GET /wp-content/plugins/w3-total-cache/pub/js/lazyload.min.js HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 2573
date: Thu, 07 Dec 2023 02:01:59 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 21:36:11 GMT
etag: "1883-60b3d3509eae9-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:01:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-includes/css/dashicons.min.css?ver=6.4.1

74.208.236.75

200 OK

37 kB

URL GET HTTP/2
www.onlyfree.mx/wp-includes/css/dashicons.min.css?ver=6.4.1
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (58981)
Size
37 kB (36769 bytes)
Hash
d68d6bf519169d86e155bad0bed833f8
27ba9c67d0e775fc4e6dd62011daf4c3902698fc
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

HTTP Headers

GET /wp-includes/css/dashicons.min.css?ver=6.4.1 HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 36769
date: Thu, 07 Dec 2023 02:01:59 GMT
server: Apache
vary: Accept-Encoding
last-modified: Wed, 03 Mar 2021 20:16:22 GMT
etag: "e688-5bca786485180-gzip"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:01:59 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-238708264-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-238708264-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69015 bytes)
Hash
2b80c0cee50905f0fcfc5fc59e6e29e1
921496a9702a4b3add7a96f4c872c06606252753
5b0b5c5640cdd2a4c413c710ee1193437d62403f9b95167fb5f67036dc2c868d

HTTP Headers

GET /gtag/js?id=UA-238708264-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 02:01:59 GMT
expires: Thu, 07 Dec 2023 02:01:59 GMT
cache-control: private, max-age=900
last-modified: Thu, 07 Dec 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69015
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/cache/minify/d52ed.js

74.208.236.75

200 OK

30 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/cache/minify/d52ed.js
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
30 kB (30294 bytes)
Hash
826eb77e86b02ab7724fe3d0141ff87c
79cd3587d565afe290076a8d36c31c305a573d18
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

HTTP Headers

GET /wp-content/cache/minify/d52ed.js HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 30294
date: Thu, 07 Dec 2023 02:01:59 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2023 20:31:12 GMT
etag: "7656-60bc91d90a0ea"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:01:59 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/cache/minify/91e73.js

74.208.236.75

200 OK

44 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/cache/minify/91e73.js
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (61037)
Size
44 kB (44316 bytes)
Hash
33e1810279170dba2778d239623f6f91
fcd76add66018854525b0b5aa02a43d6d8eeb95f
f7541b673075846a1e1a6faf64f1d11c85db7c170b83f663deb0e6837bbb5a28

HTTP Headers

GET /wp-content/cache/minify/91e73.js HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 44316
date: Thu, 07 Dec 2023 02:01:59 GMT
server: Apache
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2023 20:31:12 GMT
etag: "ad1c-60bc91d943ade"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:01:59 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/cache/minify/f97f6.js

74.208.236.75

200 OK

6.2 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/cache/minify/f97f6.js
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7862)
Size
6.2 kB (6161 bytes)
Hash
ac3ca1344e85ac2688d91eb78e6a565f
f8e09a86133b6238958df2610dc6672fc0d16564
7a2b7bd1eaecfd3e3c7ac1931b47513613d398a2bb5426c6776d3346c5dded10

HTTP Headers

GET /wp-content/cache/minify/f97f6.js HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
content-length: 6161
date: Thu, 07 Dec 2023 02:01:59 GMT
server: Apache
vary: Accept-Encoding
last-modified: Wed, 06 Dec 2023 20:31:25 GMT
etag: "1811-60bdd3c28a191"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:01:59 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2

pl17621979.highrevenuegate.com/d1/96/0f/d1960f6710066ccd569ff9bb5f5ee42f.js

173.233.139.164

200 OK

15 kB

URL GET HTTP/1.1
pl17621979.highrevenuegate.com/d1/96/0f/d1960f6710066ccd569ff9bb5f5ee42f.js
IP
173.233.139.164:443
ASN
#7979 SERVERS-COM

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subjecthighrevenuegate.com
Fingerprint67:F5:FF:FF:6C:AF:E9:0E:DF:61:91:71:1C:EF:77:3F:A2:E1:8C:D8
ValidityMon, 30 Oct 2023 07:17:57 GMT - Sun, 28 Jan 2024 07:17:56 GMT

File type
ASCII text, with very long lines (42173), with no line terminators
Size
15 kB (15213 bytes)
Hash
cace5d2706f48fdde4b19a8ea1f9aa8b
38db36ead5d676f87747a66a1e93622ae6c3fc82
c3157a4577ad4421483e00fd607eb533d6c8fa07670b26f924d9d4cb42815b6b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /d1/96/0f/d1960f6710066ccd569ff9bb5f5ee42f.js HTTP/1.1
Host: pl17621979.highrevenuegate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 07 Dec 2023 02:02:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cc87e24a5545820a0cd00d7d3b002e05
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.googletagmanager.com/gtag/js?id=G-ZXH4Q1Q8SZ&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-ZXH4Q1Q8SZ&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (5955)
Size
81 kB (81277 bytes)
Hash
b7b315c49d4f0521fdceff606add7764
62e6c8eb892e2bf2cb61aab76aef7ea6a6b6864b
32da17283df100b201e4218e144fdf0dab0c9ccc3b32874cd0d0d7cd1517286e

HTTP Headers

GET /gtag/js?id=G-ZXH4Q1Q8SZ&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 07 Dec 2023 02:02:02 GMT
expires: Thu, 07 Dec 2023 02:02:02 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81277
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
6b8442f4e540f7d308475f9b831dfc56
e610d0c4e853b50160d97bff0535498627c5e784
ebca9adaacec7e34a2b4aba18b89d9473e0b7b3521943137a6bff506b95d0abb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Thu, 07 Dec 2023 02:02:02 GMT
Last-Modified: Thu, 07 Dec 2023 01:30:32 GMT
Server: ECAcc (ska/F776)
X-Cache: Miss from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: D4TsoiO5k9o4KcJO4tgOlQY6SJJGmj3kKvYUJtkCGkjoDI2VIJ7X9w==
Age: 1891

fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.227

200 OK

24 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size
24 kB (23580 bytes)
Hash
e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

HTTP Headers

GET /s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 23:17:47 GMT
expires: Wed, 04 Dec 2024 23:17:47 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
age: 96255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

216.58.207.227

200 OK

23 kB

URL GET HTTP/2
fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size
23 kB (23040 bytes)
Hash
de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

HTTP Headers

GET /s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 21:59:03 GMT
expires: Tue, 03 Dec 2024 21:59:03 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
age: 187379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.140.81

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.140.81:443
ASN
#16509 AMAZON-02

Requested by
https://www.onlyfree.mx/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48ca98375008a8b9c709dd6af11f86d1
4dd2cf036eb2b91e4bb7c9310cad81915217366c
41f93ab58d9ebdca0ac2af5d4635354fb2ce76e74e12256f9046301e197ccbe2

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:02 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.onlyfree.mx
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=1319019b-8d4a-4c08-8733-43d764aa4dd1:3:1; expires=Sun, 04 Dec 2033 02:02:02 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

142.250.74.2

200 OK

52 kB

URL GET HTTP/2
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
IP
142.250.74.2:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.g.doubleclick.net
Fingerprint6C:2A:75:F2:3F:EF:4F:43:B1:8D:C3:B7:E9:2E:4A:EF:40:6A:FC:92
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT

File type
ASCII text, with very long lines (3964)
Size
52 kB (51500 bytes)
Hash
0730270b95ec46f460fd26389a881c6d
6050f722a6c5302ef4e89d2337878fd9574739aa
b0d25a09561153a28169aa23e86e1cc6cd1d1c3d8ae6bb83da7719644143ca60

HTTP Headers

GET /pagead/js/adsbygoogle.js HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 07 Dec 2023 02:02:02 GMT
expires: Thu, 07 Dec 2023 02:02:02 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 3436474729313796283
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 51500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.onlyfree.mx/

74.208.236.75

200 OK

66 kB

URL User Request GET HTTP/2
www.onlyfree.mx/
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29468)
Size
66 kB (65786 bytes)
Hash
7dc38c585cfc4bda00f9a532196c79f4
84bfb47b3b0e3c0826387c81cc151935daf4ac94
cddcd76fc5a7c7eb8bf1b6370728788675154c3de857a3421ed9924616bcc7a0

HTTP Headers

GET / HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Thu, 07 Dec 2023 02:01:58 GMT
server: Apache
content-encoding: gzip
vary: Accept-Encoding
last-modified: Thu, 07 Dec 2023 02:01:58 GMT
etag: "3d4f435db05053ab50bb08efb298c2ba"
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:16
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: f45f05b9cc9758fee2464771f0d27714
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:18
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 15ea9669304cc0cd23c7dfcb35caae72
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:19
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 550a774f2012d524d008204c62cb843b
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 21:50:47
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: d40ffd585cd19346dd07e2e1e333c9b9
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/07/2023 00:40:20
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: b60eebd0fc988b9fbc4b2fb36267d3c4
cdn-cache: HIT
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:14
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 16b47b42e7acfa895a26ad9183145d17
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:11
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: ff121b97059399e1e4e14f28503a9a33
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:09
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 4619a6ec0040e91de70e3e883bc6f02d
cdn-cache: STALE
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:10
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 68704f0488149392fe8357b3c9949990
cdn-cache: STALE
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg

74.208.236.75

200 OK

110 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x960, components 3\012- data
Size
110 kB (110118 bytes)
Hash
768c6babfc48d2ac745cc05b9777eb95
a36e4b24f62d9f091f4965f872dc000b393b3347
b3ff9abf2fe8c66ced6defe3c3cb4ce70b0e331677a3335c7440c5e148e9f109

HTTP Headers

GET /wp-content/uploads/2023/09/photo_2023-09-13_02-13-57.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 110118
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sat, 30 Sep 2023 05:31:56 GMT
etag: "1ae26-6068cdbfa3416"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg

74.208.236.75

200 OK

82 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 589x807, components 3\012- data
Size
82 kB (82286 bytes)
Hash
457f396073eac71bada1d8f8dfcbcc09
a954f0bea9233a509c7000e338b09e768d5153ae
1bc33bea1602260129554b576db74e242656a2fef36edc49ff0ffeb52246632f

HTTP Headers

GET /wp-content/uploads/2023/10/photo_2023-09-30_15-20-50-2.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 82286
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 23:17:07 GMT
etag: "1416e-606afdb3bdb72"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg

74.208.236.75

200 OK

56 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 513x640, components 3\012- data
Size
56 kB (55749 bytes)
Hash
b41ca6a746842a5f727ceb46a9a24a31
4b3c14e7ac572b8daf361625f7fd40071aead111
503afbb8b578f90ac8518ca581e2192e996e9deea0bb9b949378755ee3851ffe

HTTP Headers

GET /wp-content/uploads/2023/12/Viviana-Altamar.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 55749
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sat, 02 Dec 2023 03:46:51 GMT
etag: "d9c5-60b7ebc2d693f"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

assistantasks.com/sbar.json?key=d1960f6710066ccd569ff9bb5f5ee42f

173.233.137.60

200 OK

3.4 kB

URL GET HTTP/1.1
assistantasks.com/sbar.json?key=d1960f6710066ccd569ff9bb5f5ee42f
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT

File type
JSON data\012- , ASCII text, with very long lines (5940), with no line terminators
Size
3.4 kB (3393 bytes)
Hash
b4f46d5f5c565795b172ab2ba46c219f
80148680d22a8a1c74bde899526a871575a700d7
234bbc7151fcb91115aa12d4ff9bad94b2b7156fa71513fd9bb377964c78d782

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=d1960f6710066ccd569ff9bb5f5ee42f HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 07 Dec 2023 02:02:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.onlyfree.mx
Access-Control-Allow-Origin: https://www.onlyfree.mx
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17521480; expires=Fri, 08 Dec 2023 02:02:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Fri, 08 Dec 2023 02:02:03 GMT; secure; SameSite=None
uncs=1; expires=Fri, 08 Dec 2023 02:02:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Fri, 08 Dec 2023 02:02:03 GMT; secure; SameSite=None
uncs29=1; expires=Fri, 08 Dec 2023 02:02:03 GMT; secure; SameSite=None
slecd1960f6710066ccd569ff9bb5f5ee42f=[4691073]; expires=Thu, 07 Dec 2023 02:02:08 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5c69c3e35b4212256b8c83fa36a3b147
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg

74.208.236.75

200 OK

119 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size
119 kB (119074 bytes)
Hash
187120c4bf6a3588a468604998b31bf1
1f0db5bd9453ab6b880394bd8649abd2cf0eabd0
0f4bd04146ada414773e83b2ad91152ec9adb5e70225a803561325ce0ff3bdbf

HTTP Headers

GET /wp-content/uploads/2023/10/photo_2023-09-30_23-49-51.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 119074
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 23:35:10 GMT
etag: "1d122-606b01bc588cc"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png

74.208.236.75

200 OK

1.7 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/05/logo20px.png
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
PNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1664 bytes)
Hash
407e1bc24242fc14f995c203daee7a4d
966db1010aece9ba9f5f7ed30a53adcb4bedc1ba
871f47b255da1395acf65df2c212b8b99a69ea973d5f3d08c0fbb04b25e33ece

HTTP Headers

GET /wp-content/uploads/2023/05/logo20px.png HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 1664
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sat, 27 May 2023 00:41:28 GMT
etag: "680-5fca21d3198a0"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg

74.208.236.75

200 OK

260 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x1215, components 3\012- data
Size
260 kB (259557 bytes)
Hash
cba3ed754343521a1d09fc862487d4a7
2a832b205878a91bd3c41ee64d210e313254a88b
23ffcb9f46cb3591da5bb867fc5bcbb75e64c19e85f1f0cb2745589198a4271b

HTTP Headers

GET /wp-content/uploads/2023/10/photo_2023-10-20_00-05-45.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 259557
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 04:15:50 GMT
etag: "3f5e5-6085a7a3371d4"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png

74.208.236.75

200 OK

675 B

URL GET HTTP/2
www.onlyfree.mx/wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
PNG image data, 66 x 70, 8-bit colormap, non-interlaced\012- data
Size
675 B (675 bytes)
Hash
9a4893da6fd32f13495ade19793c4b0b
5f71ae21464b3925f98d6357699615fac4c586d3
3a8f59340ce472660db410161f3e7fc7ade175053930bb1ef074df92bb58847a

HTTP Headers

GET /wp-content/plugins/wp-dark-mode/assets/images/btn-1/dark.png HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 675
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Wed, 08 Nov 2023 09:36:06 GMT
etag: "2a3-609a0d10654bb"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg

74.208.236.75

200 OK

138 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 120x120, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size
138 kB (138184 bytes)
Hash
6481e2875bdf0b11364bcec337104c08
126242c8b1276c369544584f264a85e611218629
b11d3c95a25493e44362625e3136d3dfd0d3d0e691d1b08b492386de82563d9a

HTTP Headers

GET /wp-content/uploads/2023/09/photo_2023-09-09_04-09-20-2.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 138184
date: Thu, 07 Dec 2023 02:02:03 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sat, 30 Sep 2023 05:23:24 GMT
etag: "21bc8-6068cbd80c12a"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:03 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:14
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: c865c9e984ba2f671fab95218b4f0506
cdn-cache: STALE
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg

74.208.236.75

200 OK

96 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 720x1280, components 3\012- data
Size
96 kB (95556 bytes)
Hash
a341ed0748826d8fd0bdcd3f0640388d
f1c24468617263c25822e17c20834ba0e39dbe90
81887767319c91145ae050fdfb8f1f7c6a9659227f9455ec63f377cd41a96183

HTTP Headers

GET /wp-content/uploads/2023/12/photo_2023-11-05_12-20-10-2.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 95556
date: Thu, 07 Dec 2023 02:02:04 GMT
server: Apache
vary: Accept-Encoding
last-modified: Sun, 03 Dec 2023 17:21:46 GMT
etag: "17544-60b9e3c6fad95"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:04 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg

74.208.236.75

200 OK

190 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 960x1280, components 3\012- data
Size
190 kB (190005 bytes)
Hash
87cc622db090c82bf4c145caefd50d30
abfbd8998595ffb1be3fd6163fef2079f7cab260
18e15332cf4af231e57b753d5a09589cf3c310a5310821ed8e4dc1a020676360

HTTP Headers

GET /wp-content/uploads/2023/10/photo_2023-10-20_13-06-10-4.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 190005
date: Thu, 07 Dec 2023 02:02:04 GMT
server: Apache
vary: Accept-Encoding
last-modified: Mon, 23 Oct 2023 04:20:57 GMT
etag: "2e635-6085a8c824219"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:04 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg

74.208.236.75

200 OK

91 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 757x1280, components 3\012- data
Size
91 kB (90668 bytes)
Hash
e3dcc2e30e3df13c6cd78e87f07b66ec
20ddb736e0d2cb037ebe397cb3c0c58515c4e477
c6e48579f04c95c0f480171db1f96c030a43af04a774d02b212ebe4fd6c2b877

HTTP Headers

GET /wp-content/uploads/2023/10/photo_2023-10-01_19-44-07-2.jpg HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/jpeg
content-length: 90668
date: Thu, 07 Dec 2023 02:02:04 GMT
server: Apache
vary: Accept-Encoding
last-modified: Mon, 16 Oct 2023 02:05:42 GMT
etag: "1622c-607cbd7e6ff96"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:04 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_32,h_32/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_32,h_32/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_32,h_32/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/07/2023 02:02:04
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 0c41ae2df2c33f25d2e06a0ad8212408
cdn-cache: MISS
X-Firefox-Spdy: h2

assistantasks.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BeFg8uHjxsDC3VZBJ98z0TMY9hI1r1mBM4u5KDl62uqt6Uqa6qq3qnp7kFF3Q9eQseBC8dL7JH3UXca%2BC7DLxIgNCehHJwVxEvArCnmUmI8EHVe9Vfa%2Fg%2B75XH%2B9mp8RDRk%2FW3tbbQko661fdysvrQjGd28rK7YrnVt2rlXWhmo2rld54M93XPNevuq9UbvBwU8%2FWXM91PderLArDI92bnaAQycO2V2271Uat6vkN9Mx%2FzzZzYKkD1j0llyBY%2Bf%2BNnx5BhEOo%2BLvr3G6mOnn1jTiTNNUGXXb4rtpUOleIz8vIOIjU4bQb2paEfHEBWh1OFUB398YKEIiSOL96CNThlCaC7v4Z00CCKwTsIvLuEFwOIegQob4LwY4JEDKsrELFByva5HTrDKVjtCQzz%2F6GyEsy89uLUPG3C1L0Kre0zFKhlUUvKiB6Q4jOEEl2hHTbgciPEKYfQbCfyeyzZah4b9VKDcGKiXohhhDREJL3Qa2DbLyEgyxykCUOYnZSoX47ct1WFET1%2BlwjDMN6PQz9uSbzWb0xF7nIwjG9PtKkj1D2EZodJGYHm%2BL%2BsX8JJnsCu1HAMgc2LYnzzg66rEDOCXJLkFOCXBDkKUHeLfaZtDVbHDBps8Cb5to014uBTju7dF%2BnHa4IqOnvJqfkhbE9zsX33sQmP6kwr910o2bLc91mMwyZ32xHUTsI%2FMjnvFGLYEUBYS9MFG%2BLklz%2BLEciSvLcLxwBPYKVRwjFBdDsMmg%2BaNVc0I1BY87FtnqgldyKDOfVuAemCyTpDNItZ1eekpcmU7rx%2BYfg4Wj%2Bz%2FokEJoCiSnwvviRoCPvDW7qnOzd1Lklj1aTVMRim44neCulKZ%2F55i2%2BlWvDlq7b%2FtfXwjEwLh%2Fe5jZdpooJ1bHkwYJgjJtFbUJOfliy6zxYy%2BzGQmZUliyvvb64FCeGWyu0GoKK4zuPEYqSPH8wP%2FmbV776HsIMYbICcTYi04DQRwiTHdhkNP%2F7lL3VBEae9wSJgzwrBqYWnF9KUZLGJ08h%2BWj%2ByR93rn3aWgYNClh%2BbkPAR4%2F%2FOuvftffQMQ5oehcqLtA1BbqyAJV92Ox%2FgzQxo%2Fmn%2F76TziCQxtkLpJH3z%2By14qTC%2FciNuFvjQdQOohZ1WTtqtAPa9ngr8KmH1Jb8gytf%2FgMAAP%2F%2FAQAA%2F%2F9oqygSdwQAAA%3D%3D

173.233.137.60

200 OK

7 B

URL GET HTTP/1.1
assistantasks.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BeFg8uHjxsDC3VZBJ98z0TMY9hI1r1mBM4u5KDl62uqt6Uqa6qq3qnp7kFF3Q9eQseBC8dL7JH3UXca%2BC7DLxIgNCehHJwVxEvArCnmUmI8EHVe9Vfa%2Fg%2B75XH%2B9mp8RDRk%2FW3tbbQko661fdysvrQjGd28rK7YrnVt2rlXWhmo2rld54M93XPNevuq9UbvBwU8%2FWXM91PderLArDI92bnaAQycO2V2271Uat6vkN9Mx%2FzzZzYKkD1j0llyBY%2Bf%2BNnx5BhEOo%2BLvr3G6mOnn1jTiTNNUGXXb4rtpUOleIz8vIOIjU4bQb2paEfHEBWh1OFUB398YKEIiSOL96CNThlCaC7v4Z00CCKwTsIvLuEFwOIegQob4LwY4JEDKsrELFByva5HTrDKVjtCQzz%2F6GyEsy89uLUPG3C1L0Kre0zFKhlUUvKiB6Q4jOEEl2hHTbgciPEKYfQbCfyeyzZah4b9VKDcGKiXohhhDREJL3Qa2DbLyEgyxykCUOYnZSoX47ct1WFET1%2BlwjDMN6PQz9uSbzWb0xF7nIwjG9PtKkj1D2EZodJGYHm%2BL%2BsX8JJnsCu1HAMgc2LYnzzg66rEDOCXJLkFOCXBDkKUHeLfaZtDVbHDBps8Cb5to014uBTju7dF%2BnHa4IqOnvJqfkhbE9zsX33sQmP6kwr910o2bLc91mMwyZ32xHUTsI%2FMjnvFGLYEUBYS9MFG%2BLklz%2BLEciSvLcLxwBPYKVRwjFBdDsMmg%2BaNVc0I1BY87FtnqgldyKDOfVuAemCyTpDNItZ1eekpcmU7rx%2BYfg4Wj%2Bz%2FokEJoCiSnwvviRoCPvDW7qnOzd1Lklj1aTVMRim44neCulKZ%2F55i2%2BlWvDlq7b%2FtfXwjEwLh%2Fe5jZdpooJ1bHkwYJgjJtFbUJOfliy6zxYy%2BzGQmZUliyvvb64FCeGWyu0GoKK4zuPEYqSPH8wP%2FmbV776HsIMYbICcTYi04DQRwiTHdhkNP%2F7lL3VBEae9wSJgzwrBqYWnF9KUZLGJ08h%2BWj%2ByR93rn3aWgYNClh%2BbkPAR4%2F%2FOuvftffQMQ5oehcqLtA1BbqyAJV92Ox%2FgzQxo%2Fmn%2F76TziCQxtkLpJH3z%2By14qTC%2FciNuFvjQdQOohZ1WTtqtAPa9ngr8KmH1Jb8gytf%2FgMAAP%2F%2FAQAA%2F%2F9oqygSdwQAAA%3D%3D
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2gkxReu3l9%2BeFg8uHjxsDC3VZBJ98z0TMY9hI1r1mBM4u5KDl62uqt6Uqa6qq3qnp7kFF3Q9eQseBC8dL7JH3UXca%2BC7DLxIgNCehHJwVxEvArCnmUmI8EHVe9Vfa%2Fg%2B75XH%2B9mp8RDRk%2FW3tbbQko661fdysvrQjGd28rK7YrnVt2rlXWhmo2rld54M93XPNevuq9UbvBwU8%2FWXM91PderLArDI92bnaAQycO2V2271Uat6vkN9Mx%2FzzZzYKkD1j0llyBY%2Bf%2BNnx5BhEOo%2BLvr3G6mOnn1jTiTNNUGXXb4rtpUOleIz8vIOIjU4bQb2paEfHEBWh1OFUB398YKEIiSOL96CNThlCaC7v4Z00CCKwTsIvLuEFwOIegQob4LwY4JEDKsrELFByva5HTrDKVjtCQzz%2F6GyEsy89uLUPG3C1L0Kre0zFKhlUUvKiB6Q4jOEEl2hHTbgciPEKYfQbCfyeyzZah4b9VKDcGKiXohhhDREJL3Qa2DbLyEgyxykCUOYnZSoX47ct1WFET1%2BlwjDMN6PQz9uSbzWb0xF7nIwjG9PtKkj1D2EZodJGYHm%2BL%2BsX8JJnsCu1HAMgc2LYnzzg66rEDOCXJLkFOCXBDkKUHeLfaZtDVbHDBps8Cb5to014uBTju7dF%2BnHa4IqOnvJqfkhbE9zsX33sQmP6kwr910o2bLc91mMwyZ32xHUTsI%2FMjnvFGLYEUBYS9MFG%2BLklz%2BLEciSvLcLxwBPYKVRwjFBdDsMmg%2BaNVc0I1BY87FtnqgldyKDOfVuAemCyTpDNItZ1eekpcmU7rx%2BYfg4Wj%2Bz%2FokEJoCiSnwvviRoCPvDW7qnOzd1Lklj1aTVMRim44neCulKZ%2F55i2%2BlWvDlq7b%2FtfXwjEwLh%2Fe5jZdpooJ1bHkwYJgjJtFbUJOfliy6zxYy%2BzGQmZUliyvvb64FCeGWyu0GoKK4zuPEYqSPH8wP%2FmbV776HsIMYbICcTYi04DQRwiTHdhkNP%2F7lL3VBEae9wSJgzwrBqYWnF9KUZLGJ08h%2BWj%2ByR93rn3aWgYNClh%2BbkPAR4%2F%2FOuvftffQMQ5oehcqLtA1BbqyAJV92Ox%2FgzQxo%2Fmn%2F76TziCQxtkLpJH3z%2By14qTC%2FciNuFvjQdQOohZ1WTtqtAPa9ngr8KmH1Jb8gytf%2FgMAAP%2F%2FAQAA%2F%2F9oqygSdwQAAA%3D%3D HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Cookie: u_pl=17521480; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 07 Dec 2023 02:02:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 5aaca55f997b7e31a110242ddabeb7a7
Strict-Transport-Security: max-age=0; includeSubdomains

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_192,h_192/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png

194.242.11.186

302 Found

0 B

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_192,h_192/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img,w_192,h_192/https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/07/2023 02:02:04
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: 5df1c92a7eb6be66246721d54853bc9d
cdn-cache: MISS
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.157.140.81

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.157.140.81:443
ASN
#16509 AMAZON-02

Requested by
https://www.onlyfree.mx/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
48ca98375008a8b9c709dd6af11f86d1
4dd2cf036eb2b91e4bb7c9310cad81915217366c
41f93ab58d9ebdca0ac2af5d4635354fb2ce76e74e12256f9046301e197ccbe2

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Cookie: uid_id2=1319019b-8d4a-4c08-8733-43d764aa4dd1:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.onlyfree.mx
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png

172.64.108.10

200 OK

9.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
PNG image data, 497 x 496, 8-bit/color RGBA, non-interlaced\012- data
Size
9.0 kB (8952 bytes)
Hash
b080cbdd5cc827b5a659a45676c079d4
3502ad6743a3a42dd92ee3cea142616356f47359
c89d28b4be45a7af77493e8f6c76894a7ba86469e5b6733e6ca3cb33eaabcd8f

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: image/png
content-length: 8952
last-modified: Thu, 19 Oct 2023 15:25:30 GMT
etag: "65314a6a-22f8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 3084214
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Z63cim3YHpQNpnRusTguLjLEWISHilIPfoWj9El64Q15IBNJvNW4WJ2Uk5PZOXIX4ch2zoU1gDShnzhTcX6Qrvv5GJafKIbkMQM1%2BCVrEZLzJyVnhxYidaDWLSCyZ6%2BokewLnH8E9RY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f33b94f3694-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg

172.64.108.10

200 OK

197 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size
197 kB (196572 bytes)
Hash
0f268ac97ce309645d705ae25e03383b
4c1462adfe8488d6f43f5a56a36b6302a29ac054
9d809e2358a07890e0a8683526070118f7c1056f25e30aee0fdfd020d6377bad

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/img/bg.jpg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: image/jpeg
content-length: 196572
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: "65314a6c-2ffdc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2065578
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4UGg0E5SpXpi%2F8%2BGQP80x9hPZYmd4BhjNB521NH3V%2FuYyxMfk3k5ddNXnREchlK4yFCaoUn9AdjXKUBgnnhPUunF8afAAREGMVuvxjlBmtPtG4H%2BfIM4JimNS%2F6uB6hgDXx56KkU%2Fbe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f33b9533694-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 594271
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 05 Dec 2023 03:54:00 GMT
expires: Wed, 04 Dec 2024 03:54:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 166085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css

172.64.108.10

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
4.9 kB (4854 bytes)
Hash
e1d8acd5ee9d1a90ea09313cbd8f2b02
8a8327b115d1356715e63270d1ce6d46124c7b1a
3028c87fc798ac3741f02079034e6c23462afc0c5e6c8d321188ce3716c8472a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:49 GMT
etag: W/"65314ba9-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mY1%2B3o5lGcSIADf1cBIxxyBW0hSq63Q0%2Bp%2FkInqptFtXQnTn6mpUkA3VXi7RH52m69wKn%2FShl5FH1U3X4vAJSzxvuatIkzfLpb869KmoVIESog2y%2BXeKwLm6pF9BYCBmpFOFnIIe%2FzAe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f33394948ac-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2

172.64.108.10

200 OK

17 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Web Open Font Format (Version 2), TrueType, length 17360, version 1.0\012- data
Size
17 kB (17360 bytes)
Hash
70322c317b1f4e2e17dbc6b672f95f5f
f3dff7c50e1aea33814c6aeeca177ae3ff900bfc
3877b522181765adf66ba89bd68d288ecb9f2483b441baab3424646b0c7aaa0a

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/fonts/gP1RrxsjcxVyin9l9nj2hTd52.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:05 GMT
content-type: application/octet-stream
content-length: 17360
last-modified: Thu, 19 Oct 2023 15:25:28 GMT
etag: "65314a68-43d0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xc1cBgrfjfzuebK%2BHoJG6pUbuyiQu2oOQuuDtHfXxhpxiGxjBSqWkzSxcoQLMf%2FzgJTu1Pxv7uYbepG8ceyoDRkz3ovMsou5IBXCYH%2BDrwpxIPgdCOa56CHo8R%2BOvE3TYLstVg0H9FaT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f35cb0948ac-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

695 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
gzip compressed data, max compression\012- data
Size
695 B (695 bytes)
Hash
11c14b9a1f729ba299f2e8cafd47bbfe
e62e834234cabcc8c5ba17b42edc35b3fdea726c
c24b21ce74aa589a98ce4ad245c8701b2b6d4b3a7eccaf4ca077232e28ac0b66

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 07 Dec 2023 02:02:04 GMT
date: Thu, 07 Dec 2023 02:02:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css

172.64.108.10

200 OK

1.0 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
1.0 kB (1030 bytes)
Hash
d33c62ba093179032ae454a879d99dd8
e6695c9d7c20dd4c70af4591eeab323013b10793
41e38913ec982b1d9f0c7f756b640f7320249b78a4a942e691380a678b6d72f4

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/css
last-modified: Thu, 19 Oct 2023 15:30:48 GMT
etag: W/"65314ba8-d55"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=olh3qlROeznWZdJIS91mvv8wkwlQt%2FDeXGrRrFcRYVaBaSx9oaCujYlljUGDOVW10O%2BGHuzQUq19cIYrZxBwy0vXUznssoAc6obe0r%2FdQV0oYZU%2F46UJ1pINwHdr42TKKMBKa8C8bmwd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f33394e48ac-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png

74.208.236.75

200 OK

598 B

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-32x32.png
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
598 B (598 bytes)
Hash
c547576f15ef324a502e3064c360aee8
cd52dfa0cc652f1c145a24dd4b0f8c622c7f9a1c
67ca5076ca2be7f0185e04f569ec96aabaf357e826270838c51988347f5b2989

HTTP Headers

GET /wp-content/uploads/2022/08/cropped-373229-1-32x32.png HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 598
date: Thu, 07 Dec 2023 02:02:05 GMT
server: Apache
vary: Accept-Encoding
last-modified: Wed, 31 Aug 2022 00:23:00 GMT
etag: "256-5e77e7fd34100"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:05 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png

74.208.236.75

200 OK

8.7 kB

URL GET HTTP/2
www.onlyfree.mx/wp-content/uploads/2022/08/cropped-373229-1-192x192.png
IP
74.208.236.75:443
ASN
#8560 IONOS SE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
8.7 kB (8730 bytes)
Hash
408cf2b7940dddc2a04f65f77149a660
f6679772449ba8c2df035f3b6d64d59fa1d37b49
ffa52d7e44fe357597e2120956176b10435c9a7fbddfaa61ddcce2b1d74c3184

HTTP Headers

GET /wp-content/uploads/2022/08/cropped-373229-1-192x192.png HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.onlyfree.mx/
DNT: 1
Connection: keep-alive
Cookie: _ga_ZXH4Q1Q8SZ=GS1.1.1701914529.1.0.1701914529.0.0.0; _ga=GA1.1.1401606877.1701914529
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 8730
date: Thu, 07 Dec 2023 02:02:05 GMT
server: Apache
vary: Accept-Encoding
last-modified: Wed, 31 Aug 2022 00:23:00 GMT
etag: "221a-5e77e7fd34100"
accept-ranges: bytes
cache-control: max-age=31536000
expires: Fri, 06 Dec 2024 02:02:05 GMT
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
X-Firefox-Spdy: h2

www.onlyfree.mx/favicon.ico

0.0.0.0

0 B

URL GET
www.onlyfree.mx/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://www.onlyfree.mx/
Certificate
IssuerDigiCert Inc
Subject*.onlyfree.mx
Fingerprint53:32:76:3F:FD:30:4D:6A:0D:6A:4B:9C:71:DA:89:57:C7:DA:76:68
ValidityTue, 08 Aug 2023 00:00:00 GMT - Tue, 20 Aug 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.onlyfree.mx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

assistantasks.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujhEPiwcXLx4W5rYKMume%2F3EPYeOaNRiTuLuSg5etrqqelKnuaqu6pyc5RRd0PTkLHgQvnW%2Fyo%2B4i7lWQXSZeZEBILyI5mIuIV0HYs8xkJOyDqveqvlfwfd%2BrT3fTU%2BIhpSdr7%2BptqRSdq5fd0qvrMuI6s6WVWyXPLbtXSusyatSulHrjzXTf8Nx62X2tdF2wTT1XcT3X9VyvtCiNCHRvboJCxg%2FaXrntlmuVslevoWeePdvUgaUOePeUXITkxfMbvzyEZENE4Q%2FXhN1MdPz6W2GqaKINuvzw%2FWgz0lmE8LwMjIMgOpx2Q9uCkK9moKPDqQLo7t5YAXxZEOd3D350OKUJv7t%2FxtRXEBF8fgFZdwihhpB0CKbvQPJjAjCOlVVE4cGKNhndOkPpGC3I7NN%2FIbOCzP7xMqLw%2BwUle6WbWqWJ1JFFL8ghe0PIzhBxeoRk24HMjsCSTyD5r2Tu6TKicG%2FVKg3J84l6KYeQwRBK9EGtg3S8pIM0cJDGDkJ%2BUqL1duC6zcAPqtVWjTFWrTJWbzV4nVdrrcBFysb0%2BkjiPpjqg5kdxGYHm%2FLecf0iTPoYdiOH5Q5sUhDnvR10eY5MEGSWIKMEmSTIEoKsm%2B9zZSs2P%2BDKpr43zZVpruYDnXR26b5OOiIioKa%2FG5%2BSl8b2OBc%2BeBub4qTEvXbDDRpNz3UbDcZ4vdEOgrbv14O6ELVKACtzSDszUbwtC3LpiwyxLMgLvwn49AhWHYHJGdD0Emg2aFZc0I1BreViO7qvI7UVGCHKYQ9c54iTWSRbzq46Ja9MpnT9y48h2Gj%2B7%2BokwEyO2OT4UP5M0FF3Bzd0RvZu6MySh6txIkO5TccTvJnQRMx%2B947YyrThS9ds%2F9urbAyMywe3hE2WacRl1LHk%2FoLkXJhFbZggPy3ZdeGvpXZjITVRGi%2Bvvbm4FMZGWCt1NASVx7cfgcmCvHgwP%2Fmbl7%2F5EdIMYdIcYToi04DUR2DxDmw8mv9zyt5qAqPOe%2FzYQZbmA1Pxzy%2BVLEjtsydQYjT%2F%2BK%2FbVz9vLoP6Oaw4t8EXo0f%2FnPXv2rvoGAc0uYMozNE1OboqB1V92PS5QRKb0fyT%2F98pZ%2BAr4%2Bz5yqh7Z%2FZaeVKqezXR8ltNxrkvGPealWqr6roVzmvNtvDaSGwhPrr89X8AAAD%2F%2FwEAAP%2F%2FfKOm9HcEAAA%3D

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
assistantasks.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujhEPiwcXLx4W5rYKMume%2F3EPYeOaNRiTuLuSg5etrqqelKnuaqu6pyc5RRd0PTkLHgQvnW%2Fyo%2B4i7lWQXSZeZEBILyI5mIuIV0HYs8xkJOyDqveqvlfwfd%2BrT3fTU%2BIhpSdr7%2BptqRSdq5fd0qvrMuI6s6WVWyXPLbtXSusyatSulHrjzXTf8Nx62X2tdF2wTT1XcT3X9VyvtCiNCHRvboJCxg%2FaXrntlmuVslevoWeePdvUgaUOePeUXITkxfMbvzyEZENE4Q%2FXhN1MdPz6W2GqaKINuvzw%2FWgz0lmE8LwMjIMgOpx2Q9uCkK9moKPDqQLo7t5YAXxZEOd3D350OKUJv7t%2FxtRXEBF8fgFZdwihhpB0CKbvQPJjAjCOlVVE4cGKNhndOkPpGC3I7NN%2FIbOCzP7xMqLw%2BwUle6WbWqWJ1JFFL8ghe0PIzhBxeoRk24HMjsCSTyD5r2Tu6TKicG%2FVKg3J84l6KYeQwRBK9EGtg3S8pIM0cJDGDkJ%2BUqL1duC6zcAPqtVWjTFWrTJWbzV4nVdrrcBFysb0%2BkjiPpjqg5kdxGYHm%2FLecf0iTPoYdiOH5Q5sUhDnvR10eY5MEGSWIKMEmSTIEoKsm%2B9zZSs2P%2BDKpr43zZVpruYDnXR26b5OOiIioKa%2FG5%2BSl8b2OBc%2BeBub4qTEvXbDDRpNz3UbDcZ4vdEOgrbv14O6ELVKACtzSDszUbwtC3LpiwyxLMgLvwn49AhWHYHJGdD0Emg2aFZc0I1BreViO7qvI7UVGCHKYQ9c54iTWSRbzq46Ja9MpnT9y48h2Gj%2B7%2BokwEyO2OT4UP5M0FF3Bzd0RvZu6MySh6txIkO5TccTvJnQRMx%2B947YyrThS9ds%2F9urbAyMywe3hE2WacRl1LHk%2FoLkXJhFbZggPy3ZdeGvpXZjITVRGi%2Bvvbm4FMZGWCt1NASVx7cfgcmCvHgwP%2Fmbl7%2F5EdIMYdIcYToi04DUR2DxDmw8mv9zyt5qAqPOe%2FzYQZbmA1Pxzy%2BVLEjtsydQYjT%2F%2BK%2FbVz9vLoP6Oaw4t8EXo0f%2FnPXv2rvoGAc0uYMozNE1OboqB1V92PS5QRKb0fyT%2F98pZ%2BAr4%2Bz5yqh7Z%2FZaeVKqezXR8ltNxrkvGPealWqr6roVzmvNtvDaSGwhPrr89X8AAAD%2F%2FwEAAP%2F%2FfKOm9HcEAAA%3D
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWgkRRSujhEPiwcXLx4W5rYKMume%2F3EPYeOaNRiTuLuSg5etrqqelKnuaqu6pyc5RRd0PTkLHgQvnW%2Fyo%2B4i7lWQXSZeZEBILyI5mIuIV0HYs8xkJOyDqveqvlfwfd%2BrT3fTU%2BIhpSdr7%2BptqRSdq5fd0qvrMuI6s6WVWyXPLbtXSusyatSulHrjzXTf8Nx62X2tdF2wTT1XcT3X9VyvtCiNCHRvboJCxg%2FaXrntlmuVslevoWeePdvUgaUOePeUXITkxfMbvzyEZENE4Q%2FXhN1MdPz6W2GqaKINuvzw%2FWgz0lmE8LwMjIMgOpx2Q9uCkK9moKPDqQLo7t5YAXxZEOd3D350OKUJv7t%2FxtRXEBF8fgFZdwihhpB0CKbvQPJjAjCOlVVE4cGKNhndOkPpGC3I7NN%2FIbOCzP7xMqLw%2BwUle6WbWqWJ1JFFL8ghe0PIzhBxeoRk24HMjsCSTyD5r2Tu6TKicG%2FVKg3J84l6KYeQwRBK9EGtg3S8pIM0cJDGDkJ%2BUqL1duC6zcAPqtVWjTFWrTJWbzV4nVdrrcBFysb0%2BkjiPpjqg5kdxGYHm%2FLecf0iTPoYdiOH5Q5sUhDnvR10eY5MEGSWIKMEmSTIEoKsm%2B9zZSs2P%2BDKpr43zZVpruYDnXR26b5OOiIioKa%2FG5%2BSl8b2OBc%2BeBub4qTEvXbDDRpNz3UbDcZ4vdEOgrbv14O6ELVKACtzSDszUbwtC3LpiwyxLMgLvwn49AhWHYHJGdD0Emg2aFZc0I1BreViO7qvI7UVGCHKYQ9c54iTWSRbzq46Ja9MpnT9y48h2Gj%2B7%2BokwEyO2OT4UP5M0FF3Bzd0RvZu6MySh6txIkO5TccTvJnQRMx%2B947YyrThS9ds%2F9urbAyMywe3hE2WacRl1LHk%2FoLkXJhFbZggPy3ZdeGvpXZjITVRGi%2Bvvbm4FMZGWCt1NASVx7cfgcmCvHgwP%2Fmbl7%2F5EdIMYdIcYToi04DUR2DxDmw8mv9zyt5qAqPOe%2FzYQZbmA1Pxzy%2BVLEjtsydQYjT%2F%2BK%2FbVz9vLoP6Oaw4t8EXo0f%2FnPXv2rvoGAc0uYMozNE1OboqB1V92PS5QRKb0fyT%2F98pZ%2BAr4%2Bz5yqh7Z%2FZaeVKqezXR8ltNxrkvGPealWqr6roVzmvNtvDaSGwhPrr89X8AAAD%2F%2FwEAAP%2F%2FfKOm9HcEAAA%3D HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Cookie: u_pl=17521480; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Thu, 07 Dec 2023 02:02:05 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3fb5be8b8e99d6926865f02aae795926
Strict-Transport-Security: max-age=0; includeSubdomains

friendshipmale.com/sfp.js

104.21.234.33

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.33:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85468 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:02 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 33e68205ff95980c3c530e513e2d775e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Thu, 07 Dec 2023 02:02:02 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvPyRTxJKNN8jDDL1PBqctKUO%2FMdfHQ66peBtqpXQpdVTRegwGKnGta%2FgiSQRLv%2BIcIgjWnCgZX%2BUoUnrXR4gGJ%2FGOPh6qzfYYLbkmRvgjl2IVVTS0FXkmGyJEy0MhQHF7rDJW0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f23a80771a4-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Gothic+A1&display=swap&ver=6.4.1

142.250.74.106

200 OK

58 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Gothic+A1&display=swap&ver=6.4.1
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (1116)
Size
58 kB (57993 bytes)
Hash
ab47dd993fc44fcbd2260d57107af286
2ff30417ffd8674aabcad1e7f175a4019e911baf
b429463b1a8ec25ec3e9da0ea129a64eff8d783c7e4f58e9b9184bb55f33418b

HTTP Headers

GET /css2?family=Gothic+A1&display=swap&ver=6.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 07 Dec 2023 02:01:59 GMT
date: Thu, 07 Dec 2023 02:01:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

assistantasks.com/pixel/sbs?c=1

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
assistantasks.com/pixel/sbs?c=1
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subjectassistantasks.com
Fingerprint89:09:6E:08:6E:3C:29:55:98:DE:AF:77:15:0F:3E:EF:C7:30:A5:7A
ValidityTue, 28 Nov 2023 08:05:53 GMT - Mon, 26 Feb 2024 08:05:52 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: assistantasks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Cookie: u_pl=17521480; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 07 Dec 2023 02:02:05 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js

172.64.108.10

200 OK

3.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js
IP
172.64.108.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
Unicode text, UTF-8 text, with very long lines (4040), with no line terminators
Size
3.9 kB (3900 bytes)
Hash
e085c571f117a4eae4e8047a950db243
a91b4001f77215894b218743c25b4d685904f959
dc7438a0aec50e1ed44bc7f6cbda0da34f29205fbb36bbb530f5df5d3850a660

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: application/javascript
last-modified: Thu, 19 Oct 2023 15:25:32 GMT
etag: W/"65314a6c-f3c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTX0XCydPnf%2BDYagC1FrmucYmFoZLYEG7qkGQyFfua0KH0VmbmJ6%2BdOx%2B8xV0ON5QcusCTrbLLbWTcPu2YMRs2UjavlvS70UDsi1gzNg2AhWDCoI9SUF%2FANLSKPE0waL6vlGpu2GFUTC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f33394d48ac-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg

194.242.11.186

302 Found

56 kB

URL GET HTTP/2
sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg
IP
194.242.11.186:443
ASN
#34989 ServeTheWorld AS

Requested by
https://www.onlyfree.mx/
Certificate
IssuerSectigo Limited
Subject*.shortpixel.ai
FingerprintD3:2C:60:18:FC:72:6F:6C:49:7F:6E:01:A8:C0:0D:30:3D:E9:43:24
ValidityThu, 26 Jan 2023 00:00:00 GMT - Wed, 17 Jan 2024 23:59:59 GMT

File type

Size
56 kB (55749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /client/to_webp,q_glossy,ret_img/https://www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg HTTP/1.1
Host: sp-ao.shortpixel.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 07 Dec 2023 02:02:03 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://www.onlyfree.mx/wp-content/uploads/2023/12/Viviana-Altamar.jpg
server: BunnyCDN-NO1-830
cdn-pullzone: 257218
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
pragma: cache
cdn-cachedat: 12/06/2023 11:37:09
cdn-tag: 0; Domain: www.onlyfree.mx; 302
cdn-proxyver: 1.04
cdn-requestpullcode: 302
cdn-requestpullsuccess: True
cdn-edgestorageid: 830
cdn-status: 302
cdn-requestid: f21bd50d18c26d01e6b0ced1f5a0049e
cdn-cache: STALE
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html

104.26.6.19

200 OK

1.4 kB

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html
IP
104.26.6.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.onlyfree.mx/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (1513), with no line terminators
Size
1.4 kB (1433 bytes)
Hash
81d8118d3537074ab40120b4e3f313d1
9e5bab2b235aadee5ef3ea18d5d73586e92e11f2
2f234b9a6693d5555fdaff9bf301a59a5912fb833f3e168fdbb717a08c6b4e51

HTTP Headers

GET /sb/notifications/games/hentai-heroes/global/custom-banner/1/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.onlyfree.mx
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 07 Dec 2023 02:02:04 GMT
content-type: text/html
last-modified: Thu, 19 Oct 2023 15:25:25 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvNQBVv71V1HUYOSCjowaI2QR5Hsj0JQKh%2BAQmRtN2%2BoPoor87I5TzJAt1GMeJsPIQ3SyMFC572fMgETrleUYjGR%2B7UObdcPqz56ilQkJel2f3KKyZUqkwYcFXHUD%2BlKnxEqELA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 83192f2f3ce1abc9-CPH
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.4.1

142.250.74.106

200 OK

2.9 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=6.4.1
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.onlyfree.mx/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (2956), with no line terminators
Size
2.9 kB (2892 bytes)
Hash
6c66969d7f293b59915db8d63cd153a8
419b2c35783cbcc4872b2cc731202f9513bff86d
6980666e606df30f7b9598bf657f928f3a93da9e9f316e8e431cbf0d01ec2d4a

HTTP Headers

GET /css?family=Lato%3A300%2C400%2C700%2C900&ver=6.4.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 07 Dec 2023 02:01:59 GMT
date: Thu, 07 Dec 2023 02:01:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=1319019b-8d4a-4c08-8733-43d764aa4dd1&eb=7b2567753794f957140222cbc6854b1e&te=e6fe368c6efc98c655e1000735d43b31&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d1960f6710066ccd569ff9bb5f5ee42f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=1319019b-8d4a-4c08-8733-43d764aa4dd1&eb=7b2567753794f957140222cbc6854b1e&te=e6fe368c6efc98c655e1000735d43b31&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d1960f6710066ccd569ff9bb5f5ee42f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.onlyfree.mx/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint79:45:7F:58:D5:82:45:0A:7D:1E:FF:7A:98:05:26:E9:D6:FE:91:14
ValidityWed, 22 Nov 2023 07:56:28 GMT - Tue, 20 Feb 2024 07:56:27 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=1319019b-8d4a-4c08-8733-43d764aa4dd1&eb=7b2567753794f957140222cbc6854b1e&te=e6fe368c6efc98c655e1000735d43b31&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.3095&b_frame=0&pk=d1960f6710066ccd569ff9bb5f5ee42f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=2 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.onlyfree.mx/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Thu, 07 Dec 2023 02:02:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b2b254142454f05fa897484e194e37e
Strict-Transport-Security: max-age=0; includeSubdomains

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash