Report - cuevana-3.buzz/pelicula/no-manches-frida-1375794Z/

Report Overview

Submitted URL
cuevana-3.buzz/pelicula/no-manches-frida-1375794Z/
IP
104.21.73.140
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 18:40:46
Access
public
Website Title
(1) New Message!
Final URL
cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cuevana-3.lat	unknown	2024-05-09	2023-02-21	2024-02-22	6.4 kB	72 kB	172.67.211.190
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	440 B	2.1 kB	104.17.24.14
intelligenceconcerning.com	unknown	2024-05-06	2024-05-07	2024-05-08	3.3 kB	37 kB	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.0 kB	33 kB	216.58.207.227
i1.wp.com	6037	1997-03-28	2012-09-27	2024-05-09	6.6 kB	118 kB	192.0.77.2
aptlydoubtful.com	unknown	unknown	No data	No data	482 B	467 B	192.243.59.13
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-09	1.5 kB	846 B	192.243.59.12
cuevana-3.buzz	unknown	unknown	No data	No data	506 B	66 kB	172.67.145.145
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	427 B	420 B	18.185.9.67
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-09	477 B	1.2 kB	172.67.74.218
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-09	820 B	173 kB	188.114.96.1
static-assets.bamgrid.com	19125	2012-07-25	2022-12-12	2024-05-06	1.1 kB	74 kB	3.164.240.92
flawerosion.com	unknown	2021-05-12	2021-05-29	2023-11-19	860 B	25 kB	192.243.61.227
lifetimeagriculturalproducer.com	unknown	2024-05-06	2024-05-07	2024-05-08	3.3 kB	23 kB	172.240.253.132
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-09	896 B	95 kB	45.133.44.10
shapedcongest.com	unknown	2024-05-06	2024-05-08	2024-05-10	8.0 kB	13 kB	192.243.61.227
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-09	2.9 kB	336 kB	188.114.96.1
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	416 B	17 kB	142.250.74.74

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	lifetimeagriculturalproducer.com	Sinkholed
2024-05-10	medium	lifetimeagriculturalproducer.com	Sinkholed
2024-05-10	medium	intelligenceconcerning.com	Sinkholed
2024-05-10	medium	lifetimeagriculturalproducer.com	Sinkholed
2024-05-10	medium	intelligenceconcerning.com	Sinkholed
2024-05-10	medium	intelligenceconcerning.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed
2024-05-10	medium	shapedcongest.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	cuevana-3.lat/assets/js/global.js	3.4 kB	2023-03-09	2024-05-17
Pretty URL cuevana-3.lat/assets/js/global.js IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:36:30 Last Seen2024-05-17 10:15:26 Times Seen36 Hash 89cb627cc51bd26db054b60ac778f08d d5f233a2c077418add3401b7d1e44ffba065a91a c4e49f1f6b6eb188c301ecd71b88e46cc8bef5ece6246f235d51481ed37bd666 Loading...

	cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js	3.7 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-19 13:34:54 Times Seen1305 Hash 3ad5caa5616445685659f934407a9472 e8797e351e12d40326abbb1054fa42e141b9c16b ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312 Loading...

	unknown	145 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 29002b9dd6c8b8c7135b9598440f37db 85831f193d4923e8eac87360c16fba954e53fb51 e79f4fb41f942a3af38f860d8d3d7f5150139cf99fa7f5d1f2e9be50dd7172c2 Loading...

	unknown	145 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash a636a436e345bc0f6b6c7bd4dafd4f65 0a28d862476caca444c401b4eaa9cf2910caf54b 4480f26a5ea54660e9163a16fe178f3e4db5cc3e7a359e5382169d7db388b15e Loading...

	unknown	9.7 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:47:10 Times Seen2 Hash 63337d83ec94524ac0df78d1b6001b8b bd3b07e7bbd9fa92b3acfe6d6cb9f4089fa15a05 a473887abf14455e2286bf580614d811b6ec1d807ec4e5b2c4ff6f3d6b11fed3 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	unknown	196 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 2f9c22cd2bf85bd5a58c75dd3aea249f f99c07a5e8f813980530b9f52233d72582039c62 a74e34143e66f691734bf95a00e7f6e67fd5d5d15439fcf536c7c48f9bfaca54 Loading...

	flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js	31 kB	2024-05-10	2024-05-10
Pretty URL flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:40:56 Times Seen2 Hash 8a05e96e128e34fcf0ff05d01af8a185 fb51307a3a7166cab4ed84141fb1cc0d9aba6bb2 d0ee9917702e8c414cb991cc2deedb40e264db0c647b4dcb025516ea19de8328 Loading...

	flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js	31 kB	2024-05-10	2024-05-10
Pretty URL flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:40:56 Times Seen2 Hash 434d93ee37dde2ca30b7ce8de3fe5f93 06107a7b7aaf9df76cead0d750493fa37bcbd884 fc62296e224a0db19591583c1e698ed1fe01efca4fe92fe8f14380b0f69f1d2b Loading...

	cuevana-3.lat/assets/js/sidebar.js	243 B	2023-03-10	2024-05-17
Pretty URL cuevana-3.lat/assets/js/sidebar.js IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:36 Last Seen2024-05-17 10:15:25 Times Seen25 Hash 3f33cca2f0ef61b2a2b18030c86cbb2a 3dc3593259f8019a11f84677f1652d67632dca37 c9ec3c90473e7e7cc1fe8ab0c27e218bdb62ee47ead46bf7ccbd3e0ddb767fb5 Loading...

	intelligenceconcerning.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js	84 kB	2024-05-10	2024-05-10
Pretty URL intelligenceconcerning.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:40:56 Times Seen2 Hash 87456c4860619b376499f01b9a5579f7 d2c1942b8361c0050a1d9ea5970d6920237e955f e59c6ca5e12f0e714df74f6ad33496b069631b14afffc1fb2d7db1462720fd38 Loading...

	unknown	3.3 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:40:55 Times Seen1 Hash 5c008fec97cfd38ca9f9c142fc98ac75 fa9c62731d324e068211d80ac3275796618f9707 7bc702b03406cfc1a6a8fd6c20069fa0ae264cfa651adffd56a0b076ffb29423 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-1375794Z/	262 B	2024-04-24	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-1375794Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 9c8b8228385e0386f33390703e78850b 2cb4c24984b2aae9d220d7962955fef4afe7578b f4f1e5d9a3c784ce73d7822799b51a211883a6fe14ec6a4928b67dd9fa755f46 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-1375794Z/	262 B	2024-04-24	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-1375794Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash f5192bfc16769d2180c017ef350e7aec 4c591cd14e583b7b1c02ec334c241b50a8048b35 bd5e3736034ca38dcba0d1da7b8162bfce00d6bb1d27cdd7558505b9a17c4f66 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-1375794Z/	461 B	2024-05-10	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-1375794Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:47:10 Times Seen2 Hash 6116382d3cf7a3277ef6b697e570995f d335817bbc4c5d3c6dc388efcc6787df07f51896 c3f42008407872bad43e43f20b9fff92d92a97f3d4a9b80344ba4c9fd3f86096 Loading...

	lifetimeagriculturalproducer.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js	44 kB	2024-05-10	2024-05-10
Pretty URL lifetimeagriculturalproducer.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:40:56 Times Seen2 Hash fed5ecee8de698dbadbfcf2aeb98cbc6 4366f598bb4931c4a1631796aa27d4e3fad0e1d5 680b3f4d014ca693e3ee7a639a5daec5e8a08e593671238822a04fd713831647 Loading...

	unknown	3.4 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:56 Last Seen2024-05-10 20:40:56 Times Seen1 Hash fc4cd5a49b35af4a268c18a8f7ed7e1c d569ada3ff5511a434a647e38da2aab52aad8588 8e870d34494aa45267cd635fdd1fc3940683b7588996559f2c9ee59cfa54dfbb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 607a9ba6fe8933ed9a73e86f9804e860	2.1 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:40:56 Last Seen2024-05-10 20:40:56 Times Seen1 Hash 607a9ba6fe8933ed9a73e86f9804e860 3a0df67f8235ef6f03ac91703c2a19a70b76f6f9 3dbcedcb73b143e258195d9d07d59d1f5546fe0c8f6be3ec4eab8a6abaabc739 Loading...

	#2 Eval - bc53151c3919927a1f8a23a42e3fcfb4	2.1 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:40:56 Last Seen2024-05-10 20:40:56 Times Seen1 Hash bc53151c3919927a1f8a23a42e3fcfb4 ca0a07e726a3b9ef55c48c97e90000b5bcf0963d 968d348af86bcc41fba46faa6baffa632b63c3114842dce3860508e2431b49cd Loading...

		Size	First Seen	Last Seen
	#1 Write - fa6215f98b72fbf63158b8f46b55f2a5	107 B	2024-04-24	2024-05-10
Pretty Observations First Seen2024-04-24 04:43:55 Last Seen2024-05-10 20:47:11 Times Seen3 Hash fa6215f98b72fbf63158b8f46b55f2a5 6bfb754ab0366caae2f602f69c8537a5c247c192 fb1f888ff846932f5609fef506ca542b2e3f3ff881c274b3b5c0ba4c12d6cef7 Loading...

	#2 Write - 12026209352cf3f3a098b30069c4d25b	107 B	2024-04-24	2024-05-10
Pretty Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:11 Times Seen3 Hash 12026209352cf3f3a098b30069c4d25b 42381ee7d478d0642e0cfbb57e7797835ba7028e 3db30715e9be129bfa8e19a82ec8e221ef48da70fe70c4696ef77f7303770776 Loading...

HTTP Transactions (64)

URL IP Response Size

cuevana-3.lat/icon/latino.png

172.67.211.190

200 OK

420 B

URL GET HTTP/3
cuevana-3.lat/icon/latino.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
420 B (420 bytes)
Hash
58f7dfa9c36fe02e90e49725826bac5a
5810e268f7f9ac7c64e89ad07e5cb9a53ebee66b
169f703de20781d404d1ed8c8d8b0aab0d74eccd65533ae14cf1bac83140cb7d

HTTP Headers

GET /icon/latino.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 420
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "1a4-6310782c-9e7edb;;;"
last-modified: Thu, 01 Sep 2022 09:15:24 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V2hPGWG8Aqj%2ByFWQfAxNKk2NTFBmcyCf%2BvPppIdefJD1TdFB8F35dmGeiLawPsefn1lhRhx69HV%2FAiqIdgDk1cPc0hfVfhCx58IRda7fX9vIsXPPW5seBjp8teufUzKu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea0dc3bb515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/youtube.png

172.67.211.190

200 OK

168 B

URL GET HTTP/3
cuevana-3.lat/icon/youtube.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
168 B (168 bytes)
Hash
30dc65552b4e2a6915ae32f512ad7d2d
329082a2a63f5cfb25da72486c7330f238294ee9
b4ff92df8c0a6c0916502e3e363d4d6c3b29430ba05d71ecb2da9c0b9f952a67

HTTP Headers

GET /icon/youtube.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 168
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "a8-63107a74-9e7ee2;;;"
last-modified: Thu, 01 Sep 2022 09:25:08 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2xDzFPG2zDvBcbYNRvzVKlRHolgU5Cw7JUpmj%2BFaiJs2HLhLNOgPhl6DKaUXWiuL2pBCYOUEEhDxofpNzndFJh4qUFOwjHSErx2FlLE%2FNKWNSXGlYlJNUlxCPeR9fWtL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea0ec47b515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/english.png

172.67.211.190

200 OK

448 B

URL GET HTTP/3
cuevana-3.lat/icon/english.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
448 B (448 bytes)
Hash
8b904914d7955aa5f273bbcf1022ee06
77578061cb1da0bc8c4677745a30f335c629de46
4de58f794756044da3ad12af4e3146aff32a5bf6a9eeb618db00223a71b99f04

HTTP Headers

GET /icon/english.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 448
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "1c0-63107a22-9e7ede;;;"
last-modified: Thu, 01 Sep 2022 09:23:46 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nlu1Xbx30Jsb2a9561Na7rxJqSt2nRIDtSFpKavNvRmhZO%2F%2F9QkX2shJlqKENeDp%2FPFfYRMVoA4pSUGXML42Le8I82S8Os%2BvLLLhTsLWOpsJ5AgrfRff4P%2FU5MOeW%2BKw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea0ec46b515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/castellano.png

172.67.211.190

200 OK

272 B

URL GET HTTP/3
cuevana-3.lat/icon/castellano.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
272 B (272 bytes)
Hash
ab18c42d44d9cc5a1f5f8dd9ba3007ee
ab631a304f025ecea3e5af608b60eacd4e3cd12a
7d6675cea82cd93ddfe945dfe384411a76f5cd135156b07a846e91c07913562d

HTTP Headers

GET /icon/castellano.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 272
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "110-63107999-9e7ee6;;;"
last-modified: Thu, 01 Sep 2022 09:21:29 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1pzyy8t6%2BiICKl0Y%2BGpaHc7a7sJZmMYqGo%2Bk%2BCqK3qoTO5UG%2BKWKZradElUNzGjLAwaAvpRfz4XiIGufBaYNBrG0JapW2ERdQfvYaVu2OHHUgkQirJTgz%2BSu3I0PpRPX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea0ec45b515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/play.png

172.67.211.190

200 OK

3.4 kB

URL GET HTTP/3
cuevana-3.lat/icon/play.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 140 x 140, 8-bit colormap, non-interlaced
Size
3.4 kB (3356 bytes)
Hash
6d714fc573cd2ee7698326231da3731d
b662ce1cc1e70cd96806b7eabcd79ba3c339187a
62f1e98ad70f5b2cc3863a644d636d015adfcb803181ff6d31423bc542cfe330

HTTP Headers

GET /icon/play.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 3356
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "d1c-65108060-9e7ed8;;;"
last-modified: Sun, 24 Sep 2023 18:30:56 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wuVDPrGLNct1rpf%2B8rGt6GBq94lCUINbjCI3lmWX5Cc5gh7qMSMgQjkVcbRCe6BBmjj5teQY%2BL1hHhAgvd3hu6w%2B1V9el3hrQXehPGg7jywc7HARi8BlXpHOmAhrT0FX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea0fc59b515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/logo.png

172.67.211.190

200 OK

1.7 kB

URL GET HTTP/3
cuevana-3.lat/logo.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 240 x 60, 8-bit colormap, non-interlaced
Size
1.7 kB (1651 bytes)
Hash
ac098c3779eaa821043230fc8622201d
809df0158b1c3d37bd508e48cef6c58992956417
4d01e0d4d1b75ad128c3c91ab7e57b5e59b6033e829b6473f76c0c3060b4633b

HTTP Headers

GET /logo.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/png
content-length: 1651
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "673-65d6066f-9018d5;;;"
last-modified: Wed, 21 Feb 2024 14:19:27 GMT
cf-cache-status: HIT
age: 3364
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NRSzZH0%2BuFUkcnZU9PPRAuJGhivuHlMYdh5gbskb2YX6MV2UwFYusB0v6XvBZGXKo%2FRMHyHIB%2BjPI3jzAxoIAhd3q4bw7qArw13I5uglzbt4rGVBOwnAsvovkVrk9nZF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea10c7bb515-OSL
alt-svc: h3=":443"; ma=86400

i1.wp.com/www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg

192.0.77.2

200 OK

8.9 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.9 kB (8934 bytes)
Hash
9f4d3dfbb5c019d2b1d3165eea56a41c
7883fccdf141a2191cad250afa887f0fdba9d8a8
3790799a4254b20b1a759c5aca754f5b83ebc5c51538f6f31a348712fc77547f

HTTP Headers

GET /www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 8934
last-modified: Fri, 03 Nov 2023 17:42:11 GMT
expires: Mon, 03 Nov 2025 05:42:11 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4592777226d65bb6"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/6HfyXfIEywLa2HvcswKi44dDKxL.jpg

192.0.77.2

200 OK

8.8 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/6HfyXfIEywLa2HvcswKi44dDKxL.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.8 kB (8800 bytes)
Hash
648e38df084a3e558820de50ec430439
72ba255a031f5e0ffc39010a7e684f29c7bfc1bf
f27bbce666faca2e47630567df5dfdbe7bfbeffeeb0d39832403131aa1ee6f83

HTTP Headers

GET /www.themoviedb.org/t/p/w185/6HfyXfIEywLa2HvcswKi44dDKxL.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 8800
last-modified: Sat, 06 Apr 2024 21:26:05 GMT
expires: Tue, 07 Apr 2026 09:26:05 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/6HfyXfIEywLa2HvcswKi44dDKxL.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "a0b4c4e62bcc62ad"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg

192.0.77.2

200 OK

5.6 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.6 kB (5604 bytes)
Hash
a028e9d22271409d17a467918f962ee8
7d0186d02c4a56fd2459ca1fb0566163b6e1bf7c
a263cc43d1f446a0d3e014494a41f7e9bde44614f6f2968c27b0edd3dc4f12e6

HTTP Headers

GET /www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 5604
last-modified: Tue, 27 Feb 2024 22:51:10 GMT
expires: Fri, 27 Feb 2026 10:51:10 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "09cfe2d820a48f84"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg

192.0.77.2

200 OK

6.0 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.0 kB (6008 bytes)
Hash
3f60e99ee83fd5dc29740f045141671e
1e9cba68f202e1af96d0733709d4b5b2aa3bd32e
2d572ae9254252826fe542ad9ab18b466dce5d52fed4ca10fb674b48b281c91e

HTTP Headers

GET /www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 6008
last-modified: Tue, 23 Apr 2024 19:11:30 GMT
expires: Fri, 24 Apr 2026 07:11:30 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f92d98682bc6c3c6"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg

192.0.77.2

200 OK

4.3 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x277, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.3 kB (4274 bytes)
Hash
3ecd81660212c85b58d7d1f57e309b18
b4ac2974973f25b0bfbc367e57324a38f908449a
f2bc234a501dccdba2ca4117f7a07c58a9896b5f3befcc50684bba9a90bb390a

HTTP Headers

GET /www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 4274
last-modified: Wed, 08 May 2024 08:34:16 GMT
expires: Fri, 08 May 2026 20:34:16 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3320465286aa836d"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg

192.0.77.2

200 OK

8.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.2 kB (8156 bytes)
Hash
e27e4855d9095c9c97c4ac18f8e8fd35
4b240681af1e241057b9318b15c861f52ac4be91
cb23d75221fbf6fb26176f4165faf323d7fbc340f06597fae47b5f45e969d48d

HTTP Headers

GET /www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 8156
last-modified: Sat, 16 Mar 2024 15:38:46 GMT
expires: Tue, 17 Mar 2026 03:38:46 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e8941383baef29f2"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg

192.0.77.2

200 OK

5.9 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.9 kB (5854 bytes)
Hash
c7587a8c52991f45ea255541715f430f
b0b7de730e57c8a1268a2050283f536c96ad6ffc
360cf0640303a55ed928d3a476b16224dd90d3170b2ba6d6da453d48d8794644

HTTP Headers

GET /www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 5854
last-modified: Tue, 16 Apr 2024 21:23:31 GMT
expires: Fri, 17 Apr 2026 09:23:31 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9ab287378b7cdbc5"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg

192.0.77.2

200 OK

5.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.2 kB (5166 bytes)
Hash
1be730fdefa8632e52c7f249af8054a7
92b057446be0869d192842846064c65a52fffe26
c9342f614febdc4f80f8f01b15c44e1ebba64927ce90a745d00f490f4127bd62

HTTP Headers

GET /www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 5166
last-modified: Sun, 14 Apr 2024 05:04:51 GMT
expires: Tue, 14 Apr 2026 17:04:51 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b0e59699d33e4d87"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg

192.0.77.2

200 OK

8.3 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.3 kB (8252 bytes)
Hash
d2789911d9796e010b3db54a442d9099
f2928eb006eff169bafae773479b8758b7817f29
34ef241731233e277da882a489ffdb80a46cc7e2737f38ccae068602ec948bf6

HTTP Headers

GET /www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 8252
last-modified: Fri, 03 May 2024 13:19:58 GMT
expires: Mon, 04 May 2026 01:19:58 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b2a9c6fe3c6bdc91"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg

192.0.77.2

200 OK

6.6 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x264, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.6 kB (6602 bytes)
Hash
f7de3b130b5843e7475fe30c1422f3c0
556558225067e907f9427c17b32682b220899518
bc4b602cf00ca9fb222e87f228eae8916b7bdca26569a466351d74a8ccf36e64

HTTP Headers

GET /www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 6602
last-modified: Fri, 19 Apr 2024 14:09:25 GMT
expires: Mon, 20 Apr 2026 02:09:25 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f2850a833a48559a"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg

192.0.77.2

200 OK

2.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x265, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.2 kB (2226 bytes)
Hash
3dc604330557bf7572bb905c58dc3a43
56f20bdf5f867b6ed66f34708bbc54aac18491d5
c672e670585f6819735bd4e4891d8c2a5c73287d2424f381a4e82c728b129fbf

HTTP Headers

GET /www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 2226
last-modified: Mon, 22 Apr 2024 14:15:09 GMT
expires: Thu, 23 Apr 2026 02:15:09 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d68301ce5b13ffa0"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg

192.0.77.2

200 OK

5.1 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.1 kB (5050 bytes)
Hash
de3762805a3f8988de9a93909cf757b9
4cf9f2fa69e124ad17cadbe50e4c4d83a68d9b6a
41d354be0990d33ed68008ede554e0f335a7aab78ad093953f7b7fe2a0d7a016

HTTP Headers

GET /www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 5050
last-modified: Thu, 11 Apr 2024 15:46:22 GMT
expires: Sun, 12 Apr 2026 03:46:22 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d4e57b5f090c270e"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg

192.0.77.2

200 OK

5.5 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.5 kB (5484 bytes)
Hash
d401d7b5406048e1bb45f16bf428bc4e
9bcfe714c9b156100417537fd4f88c048803c299
ad1b9c2faf795e946027780a2e510f912c2a014e4f40a12a1d27678bd676c3af

HTTP Headers

GET /www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 5484
last-modified: Sat, 06 Apr 2024 15:35:37 GMT
expires: Tue, 07 Apr 2026 03:35:37 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3be39198640d210e"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

static-assets.bamgrid.com/fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2

3.164.240.92

200 OK

30 kB

URL GET HTTP/2
static-assets.bamgrid.com/fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2
IP
3.164.240.92:443
ASN
#0

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerAmazon
Subject*.bamgrid.com
Fingerprint5F:6A:DA:DB:6D:4E:CB:83:75:16:7B:81:6D:31:85:E4:96:56:16:E7
ValidityWed, 12 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30344, version 1.0
Size
30 kB (30344 bytes)
Hash
8c6e15565760efae86de48644cfd9b71
4fb0af97ef902a0f163ad47f6b2130240fb994ba
3c6b2b561767911c306bb7195606d149d6c7412485d1cf172df32902f52546f6

HTTP Headers

GET /fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2 HTTP/1.1
Host: static-assets.bamgrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana-3.lat/
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 30344
date: Thu, 09 May 2024 16:15:49 GMT
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Apr 2024 15:26:02 GMT
etag: "8c6e15565760efae86de48644cfd9b71"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-version-id: toPKOPg6QoEpHbDj56Un1r5y6ALUXrOE
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a015763506a36624e56a8a469e3484c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: 0XPy3BVIcS73qLkOZd_mQrY8LRKJYKDenkczfCEjTjNBXKCtK2KzJw==
age: 95072
timing-allow-origin: *
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js

104.17.24.14

200 OK

1.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3683), with no line terminators
Size
1.1 kB (1105 bytes)
Hash
3ad5caa5616445685659f934407a9472
e8797e351e12d40326abbb1054fa42e141b9c16b
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

HTTP Headers

GET /ajax/libs/instant.page/5.1.0/instantpage.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 1105
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ece4c80-e63"
last-modified: Wed, 27 May 2020 11:18:24 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 858329
expires: Wed, 30 Apr 2025 18:40:20 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=80wIwe9TvLapzXEf%2BX848HiX9A4ZuNwVxlcbwcshzThMcCyTAfnAix7BWzo7uIUyAIMfELR8Gax%2Btrl4bBnCZmwksWkdLMGjs8UkxiVmi4NvPE2Xwloyfo7jzaRHXJ9c2oiNWoW%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881c0ea1cf6eb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static-assets.bamgrid.com/fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2

3.164.240.92

200 OK

42 kB

URL GET HTTP/2
static-assets.bamgrid.com/fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2
IP
3.164.240.92:443
ASN
#0

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerAmazon
Subject*.bamgrid.com
Fingerprint5F:6A:DA:DB:6D:4E:CB:83:75:16:7B:81:6D:31:85:E4:96:56:16:E7
ValidityWed, 12 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42284, version 1.0
Size
42 kB (42284 bytes)
Hash
8c900afcd8a9418271094b90126ffa64
eef8599f852ca801c620762f2924dac07072ccc9
f6e757fc68943cf4b16fc3fa4b165662891c44c8ae0786d418022d5e345b7d80

HTTP Headers

GET /fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2 HTTP/1.1
Host: static-assets.bamgrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana-3.lat/
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 42284
date: Thu, 09 May 2024 16:15:49 GMT
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Apr 2024 15:26:02 GMT
etag: "8c900afcd8a9418271094b90126ffa64"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-version-id: HI1WUO8Qkpu9elQ_spapvGKVr_sfycDZ
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 a015763506a36624e56a8a469e3484c4.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: i1jnLxnSALgQ-kH34Pz2vJEQ5m4ofpt5KTFWSAtqdoVFiuJWIhP1Gw==
age: 95072
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w1280/3z8cveYwdIz2IZRhm6cHu8f2HRT.jpg

192.0.77.2

200 OK

29 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w1280/3z8cveYwdIz2IZRhm6cHu8f2HRT.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
29 kB (29164 bytes)
Hash
86cfa4b11dd9a88bc903922d4a7f3524
7b90793eb43076e22157661059badd3f7051e370
c37548f5f23c7a4d21dbbc887d498a26fdc49c1d4a6d303ccf3502925224ecd1

HTTP Headers

GET /www.themoviedb.org/t/p/w1280/3z8cveYwdIz2IZRhm6cHu8f2HRT.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:40:20 GMT
content-type: image/webp
content-length: 29164
last-modified: Fri, 23 Feb 2024 22:24:38 GMT
expires: Mon, 23 Feb 2026 10:24:38 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w1280/3z8cveYwdIz2IZRhm6cHu8f2HRT.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "6964df3c920df859"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectflawerosion.com
Fingerprint15:29:86:F1:77:14:F8:B2:4C:FC:94:E1:E4:04:9B:FF:07:C5:F9:E7
ValiditySat, 27 Apr 2024 06:54:38 GMT - Fri, 26 Jul 2024 06:54:37 GMT

File type
JavaScript source, ASCII text, with very long lines (31328), with no line terminators
Size
12 kB (11839 bytes)
Hash
8a05e96e128e34fcf0ff05d01af8a185
fb51307a3a7166cab4ed84141fb1cc0d9aba6bb2
d0ee9917702e8c414cb991cc2deedb40e264db0c647b4dcb025516ea19de8328

HTTP Headers

GET /d2b747987612e7f594f92285b3e4e4f3/invoke.js HTTP/1.1
Host: flawerosion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 786b9db6a1d6c64ec95f287538c6fa87
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

proftrafficcounter.com/stats

18.185.9.67

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.185.9.67:443
ASN
#16509 AMAZON-02

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f02b9d01ddb3200e9d3e7566c2d19220
e8916b1a0109908f969a67fdd41772fc168ba7de
4f331896d7c15030bef8f9eee47bf985ec2d564154dbc6740d3311e12da07eb8

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:21 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cuevana-3.lat
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; expires=Mon, 08 May 2034 18:40:21 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js

192.243.61.227

200 OK

12 kB

URL GET HTTP/1.1
flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectflawerosion.com
Fingerprint15:29:86:F1:77:14:F8:B2:4C:FC:94:E1:E4:04:9B:FF:07:C5:F9:E7
ValiditySat, 27 Apr 2024 06:54:38 GMT - Fri, 26 Jul 2024 06:54:37 GMT

File type
JavaScript source, ASCII text, with very long lines (31310), with no line terminators
Size
12 kB (11847 bytes)
Hash
434d93ee37dde2ca30b7ce8de3fe5f93
06107a7b7aaf9df76cead0d750493fa37bcbd884
fc62296e224a0db19591583c1e698ed1fe01efca4fe92fe8f14380b0f69f1d2b

HTTP Headers

GET /2326ee323678b68aae8836941e20a70e/invoke.js HTTP/1.1
Host: flawerosion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6a621ddefbe619148668c7cb9a6ed8b1
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cuevana-3.lat/icon/lazyload.gif

172.67.211.190

200 OK

53 B

URL GET HTTP/3
cuevana-3.lat/icon/lazyload.gif
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
GIF image data, version 89a, 1 x 1
Size
53 B (53 bytes)
Hash
26206732aca5e92d398cfaffe3cf4162
d8a13bfed35405dcfaced74c3d0a46e705f461a2
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

HTTP Headers

GET /icon/lazyload.gif HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:21 GMT
content-type: image/gif
content-length: 53
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "35-63107d29-9e7ed9;;;"
last-modified: Thu, 01 Sep 2022 09:36:41 GMT
cf-cache-status: HIT
age: 781
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9BjiO1%2F4O71Y3n8xBxsFV3BYeL3GkQIDuV6DgQsIfiRFMDTuxSOxxulZjMpvadHVXMymKJ8%2FqdP3rvejFtfHKlixYcpDCBFj3qpNiAvszmLxeLYKkhC9Nl4VR3LqD5C8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ea7ed1db515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/apple-touch-icon.png

172.67.211.190

200 OK

3.9 kB

URL GET HTTP/3
cuevana-3.lat/icon/apple-touch-icon.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
3.9 kB (3922 bytes)
Hash
d11ad25d125c2b1469ff3bcc0cf2b0a9
9eb034e0e54ce024361142bd77001b468430c8b9
aba51d5d8ffbdecc8e84b98efa0c837b39daa2d539143bc185c25267f4bc6c2f

HTTP Headers

GET /icon/apple-touch-icon.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: image/png
content-length: 3922
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:06:05 GMT
etag: "f52-638b6090-9e7ee1;;;"
last-modified: Sat, 03 Dec 2022 14:43:28 GMT
cf-cache-status: HIT
age: 3362
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jkTMzMsadnniaKRjjwwvQmA431n81czNuquY73PyT%2BOP%2FEG9Ammtz4zx0Yq5gOoB81LEgSqtVhv5bjPLmSuNGb3ghstbEqdXsz0P2vVXDkeWPyyCM2A%2F9CSYpvhJfzQw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eaa785fb515-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/favicon-16x16.png

172.67.211.190

200 OK

1.3 kB

URL GET HTTP/3
cuevana-3.lat/icon/favicon-16x16.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.3 kB (1277 bytes)
Hash
c58458466daf98b34a86777d4935b440
a01cfcf9f7c9a121f0672c2c4be28904d766efb8
bbcb75f4fd63059bf6ce95d11cce349bd457fbbb75ec617bcdc83304b103bb18

HTTP Headers

GET /icon/favicon-16x16.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda; dom3ic8zudi28v8lr6fgphwffqoz0j6c=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: image/png
content-length: 1277
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:51 GMT
etag: "4fd-638b62f8-9e7edd;;;"
last-modified: Sat, 03 Dec 2022 14:53:44 GMT
cf-cache-status: HIT
age: 6182
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lE5xMsneVc7w6qgspi%2B5IGRdWmfE57sOB9OWIKkzzt4FiQsbf23eS0jHta9fKsryXaWDqyJHmHhgQTZ9eMEehXU1Cnha2%2FaAkVcDQqwoPaFPaZSZpf1KAbz7bDsQvJ5F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eaa7862b515-OSL
alt-svc: h3=":443"; ma=86400

lifetimeagriculturalproducer.com/watch.991691964020.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1

172.240.253.132

307 Temporary Redirect

0 B

URL GET HTTP/1.1
lifetimeagriculturalproducer.com/watch.991691964020.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectlifetimeagriculturalproducer.com
FingerprintB1:00:CB:CF:6F:C1:E3:CD:FA:E3:5B:47:C8:D6:55:01:F7:14:93:83
ValidityMon, 06 May 2024 12:50:20 GMT - Sun, 04 Aug 2024 12:50:19 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.991691964020.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1 HTTP/1.1
Host: lifetimeagriculturalproducer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Location: https://lifetimeagriculturalproducer.com/watch.991691964020.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=7c2308dc4b4eba9e7be86408c0dfe7d7ed37b47f009d3abd5998b0b4aca6b6bc97f1218c6c6abc9ad1e24717098e2746b6143d126cbdb750b03bcc7083a448a72f4c5241d3c314a9b934d076ae33343c391d1d653f5bb7fa2f8e60ef92138e&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
Set-Cookie: u_pl=22697752; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5Nzc1MiwiayI6ImQyYjc0Nzk4NzYxMmU3ZjU5NGY5MjI4NWIzZTRlNGYzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ3hlNHl0YXEiLCJjcGtzIjp7IjI5IjoiYzM3YjRmZjNhZjYxYjUxMDA4ZGM5NmZhMDdkYzY4YTQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VldmFuYS0zLmxhdC9wZWxpY3VsYS9uby1tYW5jaGVzLWZyaWRhLTEzNzU3OTRaLyIsImFyIjpbXX19.Y41YWJRzl3jwn8pWuJDJGNHCk-_qQMbuUcARjah7v9Y; expires=Fri, 10 May 2024 18:41:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b491dbd4466d110b6fe38ef8084523e
Strict-Transport-Security: max-age=0; includeSubdomains

lifetimeagriculturalproducer.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js

172.240.253.132

200 OK

16 kB

URL GET HTTP/1.1
lifetimeagriculturalproducer.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectlifetimeagriculturalproducer.com
FingerprintB1:00:CB:CF:6F:C1:E3:CD:FA:E3:5B:47:C8:D6:55:01:F7:14:93:83
ValidityMon, 06 May 2024 12:50:20 GMT - Sun, 04 Aug 2024 12:50:19 GMT

File type
JavaScript source, ASCII text, with very long lines (44023), with no line terminators
Size
16 kB (15794 bytes)
Hash
fed5ecee8de698dbadbfcf2aeb98cbc6
4366f598bb4931c4a1631796aa27d4e3fad0e1d5
680b3f4d014ca693e3ee7a639a5daec5e8a08e593671238822a04fd713831647

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js HTTP/1.1
Host: lifetimeagriculturalproducer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6787e81f866a581d9cc6d14850f3986d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

intelligenceconcerning.com/watch.133795118022.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1

192.243.61.227

307 Temporary Redirect

0 B

URL GET HTTP/1.1
intelligenceconcerning.com/watch.133795118022.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectintelligenceconcerning.com
FingerprintC0:A5:42:A6:FF:2A:A2:5A:B8:05:95:E6:77:40:C1:82:5F:95:09:51
ValidityMon, 06 May 2024 08:11:10 GMT - Sun, 04 Aug 2024 08:11:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.133795118022.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&tz=0&dev=e&res=14.2071&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1 HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Location: https://intelligenceconcerning.com/watch.133795118022.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=86691c318c64981cb0e9cd4d37a80829647693fe78117545b35b4b7daf2574fa4ae7ac89ba6931d09e6b8727bbec35e993dec45b6a8c66a01b521d6fc84dbee1d7c08ce51e0ef1937798df4dbe605b2f7f470bc8c38fd83a80b05f59aba9b1&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
Set-Cookie: u_pl=22697731; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5NzczMSwiayI6IjIzMjZlZTMyMzY3OGI2OGFhZTg4MzY5NDFlMjBhNzBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoidXA2Y3BiY2ptIiwiY3BrcyI6eyIyOCI6IjEwYWViMjY3NzQ2YjllYTYyMjllMTIyMzM4MzI0N2NiIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1ZXZhbmEtMy5sYXQvcGVsaWN1bGEvbm8tbWFuY2hlcy1mcmlkYS0xMzc1Nzk0Wi8iLCJhciI6W119fQ.HDP3qX9VyjOk9Uj16IDXvhmdiG-Ld7hiXF5yms1Xx_U; expires=Fri, 10 May 2024 18:41:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b947c82382868544d0c5c8f72a09e035
Strict-Transport-Security: max-age=0; includeSubdomains

lifetimeagriculturalproducer.com/watch.991691964020.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=7c2308dc4b4eba9e7be86408c0dfe7d7ed37b47f009d3abd5998b0b4aca6b6bc97f1218c6c6abc9ad1e24717098e2746b6143d126cbdb750b03bcc7083a448a72f4c5241d3c314a9b934d076ae33343c391d1d653f5bb7fa2f8e60ef92138e&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1

172.240.253.132

200 OK

2.1 kB

URL GET HTTP/1.1
lifetimeagriculturalproducer.com/watch.991691964020.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=7c2308dc4b4eba9e7be86408c0dfe7d7ed37b47f009d3abd5998b0b4aca6b6bc97f1218c6c6abc9ad1e24717098e2746b6143d126cbdb750b03bcc7083a448a72f4c5241d3c314a9b934d076ae33343c391d1d653f5bb7fa2f8e60ef92138e&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectlifetimeagriculturalproducer.com
FingerprintB1:00:CB:CF:6F:C1:E3:CD:FA:E3:5B:47:C8:D6:55:01:F7:14:93:83
ValidityMon, 06 May 2024 12:50:20 GMT - Sun, 04 Aug 2024 12:50:19 GMT

File type
JavaScript source, ASCII text, with very long lines (2659)
Size
2.1 kB (2121 bytes)
Hash
da394a7eddf7941e64227c214799662e
f02af1e5ec2e1c2a3cd5c4b711dc11bfb3e395b9
2b2f1be87253a84bfefec345738f84a5ea952a019b24ca42f37731cd4021403a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.991691964020.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=7c2308dc4b4eba9e7be86408c0dfe7d7ed37b47f009d3abd5998b0b4aca6b6bc97f1218c6c6abc9ad1e24717098e2746b6143d126cbdb750b03bcc7083a448a72f4c5241d3c314a9b934d076ae33343c391d1d653f5bb7fa2f8e60ef92138e&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1 HTTP/1.1
Host: lifetimeagriculturalproducer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
Referer: https://cuevana-3.lat/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22697752; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5Nzc1MiwiayI6ImQyYjc0Nzk4NzYxMmU3ZjU5NGY5MjI4NWIzZTRlNGYzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ3hlNHl0YXEiLCJjcGtzIjp7IjI5IjoiYzM3YjRmZjNhZjYxYjUxMDA4ZGM5NmZhMDdkYzY4YTQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VldmFuYS0zLmxhdC9wZWxpY3VsYS9uby1tYW5jaGVzLWZyaWRhLTEzNzU3OTRaLyIsImFyIjpbXX19.Y41YWJRzl3jwn8pWuJDJGNHCk-_qQMbuUcARjah7v9Y
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; expires=Fri, 17 May 2024 18:40:22 GMT; secure; SameSite=None
iprc63928496a0c70e7212a21abbf6390cac=3570421; expires=Fri, 10 May 2024 22:40:22 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1df73e2de8d0bc8bfeaa2976f8128fc8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

intelligenceconcerning.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js

192.243.61.227

200 OK

30 kB

URL GET HTTP/1.1
intelligenceconcerning.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectintelligenceconcerning.com
FingerprintC0:A5:42:A6:FF:2A:A2:5A:B8:05:95:E6:77:40:C1:82:5F:95:09:51
ValidityMon, 06 May 2024 08:11:10 GMT - Sun, 04 Aug 2024 08:11:09 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30376 bytes)
Hash
87456c4860619b376499f01b9a5579f7
d2c1942b8361c0050a1d9ea5970d6920237e955f
e59c6ca5e12f0e714df74f6ad33496b069631b14afffc1fb2d7db1462720fd38

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /10/ae/b2/10aeb267746b9ea6229e1223383247cb.js HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 90904a36fd1651fe437bbcba3497760f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

intelligenceconcerning.com/watch.133795118022.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=86691c318c64981cb0e9cd4d37a80829647693fe78117545b35b4b7daf2574fa4ae7ac89ba6931d09e6b8727bbec35e993dec45b6a8c66a01b521d6fc84dbee1d7c08ce51e0ef1937798df4dbe605b2f7f470bc8c38fd83a80b05f59aba9b1&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1

192.243.61.227

200 OK

2.1 kB

URL GET HTTP/1.1
intelligenceconcerning.com/watch.133795118022.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=86691c318c64981cb0e9cd4d37a80829647693fe78117545b35b4b7daf2574fa4ae7ac89ba6931d09e6b8727bbec35e993dec45b6a8c66a01b521d6fc84dbee1d7c08ce51e0ef1937798df4dbe605b2f7f470bc8c38fd83a80b05f59aba9b1&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectintelligenceconcerning.com
FingerprintC0:A5:42:A6:FF:2A:A2:5A:B8:05:95:E6:77:40:C1:82:5F:95:09:51
ValidityMon, 06 May 2024 08:11:10 GMT - Sun, 04 Aug 2024 08:11:09 GMT

File type
JavaScript source, ASCII text, with very long lines (2535)
Size
2.1 kB (2055 bytes)
Hash
2106e4c92b6039ad6ea88cdd0759a090
1f0f6bcfd6e9e3cd59c6b7e307b5455078b057b6
b7da70779d7679b0e5a0b9eeab65e06f2d0cde91dac7efeefb69e6b2ef00eedc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.133795118022.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222016%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366482&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-1375794Z%2F&res=14.2071&rmtc=t&shu=86691c318c64981cb0e9cd4d37a80829647693fe78117545b35b4b7daf2574fa4ae7ac89ba6931d09e6b8727bbec35e993dec45b6a8c66a01b521d6fc84dbee1d7c08ce51e0ef1937798df4dbe605b2f7f470bc8c38fd83a80b05f59aba9b1&tz=0&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1 HTTP/1.1
Host: intelligenceconcerning.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
Referer: https://cuevana-3.lat/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22697731; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5NzczMSwiayI6IjIzMjZlZTMyMzY3OGI2OGFhZTg4MzY5NDFlMjBhNzBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoidXA2Y3BiY2ptIiwiY3BrcyI6eyIyOCI6IjEwYWViMjY3NzQ2YjllYTYyMjllMTIyMzM4MzI0N2NiIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1ZXZhbmEtMy5sYXQvcGVsaWN1bGEvbm8tbWFuY2hlcy1mcmlkYS0xMzc1Nzk0Wi8iLCJhciI6W119fQ.HDP3qX9VyjOk9Uj16IDXvhmdiG-Ld7hiXF5yms1Xx_U
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; expires=Fri, 17 May 2024 18:40:22 GMT; secure; SameSite=None
iprccb2284b46ce25375ffd22c859cc9f09b=5191644; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 11 May 2024 18:40:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7bed3136656b9e104035e93aad4d6d30
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg

45.133.44.10

200 OK

25 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 320x50, components 3
Size
25 kB (24714 bytes)
Hash
d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd

HTTP Headers

GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sun, 12 May 2024 18:40:22 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg

45.133.44.10

200 OK

69 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
69 kB (69331 bytes)
Hash
e14b730e0a2658ed28a3ce670a105a99
d989b38da47a03474882cc6e6175e436c044c134
e64c3eb5c5c59878141b805e025623cb0dd4d0f43cc979b1aedd79f7e7dc5507

HTTP Headers

GET /cti/4a/1e/d8/4a1ed8e2ff519fa6a8bd0e90ddda6b11/1711621664.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: image/jpeg
content-length: 69331
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:27:52 GMT
etag: "66054628-10ed3"
expires: Sun, 12 May 2024 18:40:22 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

aptlydoubtful.com/pixel/purst?dl=0&th=0&sc=0&rs=3670&rd=3670&fd=746&bv=24.5.6485&tmpl=136

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
aptlydoubtful.com/pixel/purst?dl=0&th=0&sc=0&rs=3670&rd=3670&fd=746&bv=24.5.6485&tmpl=136
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectaptlydoubtful.com
FingerprintD6:D6:C5:46:01:37:99:D3:A0:D4:5A:4D:2D:B8:FF:55:DC:74:FC:D0
ValidityFri, 10 May 2024 11:49:09 GMT - Thu, 08 Aug 2024 11:49:08 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=3670&rd=3670&fd=746&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: aptlydoubtful.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:40:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:40:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 849d3cd9d1c72d72fa5e06ac7ac593a6
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=4e075d16-2285-4536-949a-3af8aafc0876&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:40:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e399d9d96740b4ecbea8e3e4572e70a9
Strict-Transport-Security: max-age=0; includeSubdomains

shapedcongest.com/sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1

192.243.61.227

200 OK

8.0 kB

URL GET HTTP/1.1
shapedcongest.com/sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type
JSON text data
Size
8.0 kB (7955 bytes)
Hash
d36f1740c7362cca181471da80d39b04
12710ba650eceb4459bb29eb5eee8ddca3168853
7339b57c42bd243775b44cd4cce6ba330d49e0f21696a409c1e11d89335e2afc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=4e075d16-2285-4536-949a-3af8aafc0876%3A3%3A1 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22850642; expires=Sat, 11 May 2024 18:40:29 GMT; secure; SameSite=None
uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; expires=Fri, 17 May 2024 18:40:29 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:40:30 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:40:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 18:40:30 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 18:40:30 GMT; secure; SameSite=None
slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]; expires=Fri, 10 May 2024 18:40:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8eff02f28e7f6870b5c7a19dbb37f47d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

shapedcongest.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURAlN1EG8aAkO9s9P90zBozGZGVxzcZEUTAYq6uqJ5Wt7mqquqdn97S4IDmOXgRPvd%2FsZklcgoInwSizAQ8L4o6nRdxbvIsY8CYzLll8h3rv1fcVfPW99%2BlGfkjqyOnB%2Bbf1qlSKzrVqbvWlDzzvTHVRJnm%2F2m%2F71%2FzmmarpvdLxa%2B7L1TcFW9ZzdddzXc%2F1qvPSiEj35yYgZLrT8Wodt9as17xWE33z%2F97mDix1wHuH5BlIPp6575yEZCMk8dfnhV3OdHr6QpwrmmmDHt9%2BL1lOdJEgPi4j4yBKto%2FY0HZ%2F%2Fh50sjWVC917RAzlmDg%2F3UOYbB%2BJRNjbnOoMFUSCkD%2BBojeCUCNIOgLT65B8nwCM4%2BISkvjWRW0KuvIfSifomMw8%2FAuyGJOZ308iie%2BeU7JfvaJVnkmdWPSjErI%2FguyOkOa7yFYrkMUuWPYJJP%2BZzD1cRBJvLlmlIfnBi03hBi3u%2BbP1ers122w1%2FNlOs0NnGzRqUxoxtx34U4OkHEFGIygxALUnkFsHuXSQRw7y1EHMD6rM87zA5Yy67Q5jDR6I0OeuR4PIo57rt5GzyR8GyNIBmBqAmTWkZg3L8rMxcR4%2FBZP%2FCHu9hOUnYLMxcd5ZQY%2BXKARBYQkKSlBIgiIjKHrlFle2bstbXNk89I5y%2FSg3yqHOuht0S2ddkRBQM4Dh5UZ6SJ6eOOlc3bmMZXFQZY0gbEZRg0a%2BF7Y8121z1vEj6gac%2BW3ahJUlpK2AWgerckyCP68hlWNy8raDkO7Cql0w6YDmz4EWJej1EqvJXZaLHk3obKMW61CC6xJpNoNsxdlQh%2BTZ6TSX1i0E23uN3Mlmvv1yG8yUSE2JG%2FI%2BQVfdHF7WBdm8rAtLvllKMxnLVTqZ9JWMZuKxO2%2BJlUIbvnDeDm6%2FzibApNx5V9hskSZcJl1LvjonORdmXhsmyPcL9n0RXsrt9XO5SfJ08dIb8wtxaoS1UicjULl%2F4QswOSZP%2FXB1usKnP3wAaUYweYk43yNHAal3wdI12HTv7N%2BnKk8ufPcRrCYw6pgTpg6KvByaenh8qSSBEsc9DUtYsXf2j39%2Be%2BGXBx8jFI%2FsGBo6eU1luWFvomsqoNk6krhEz5ToqRJUDWDzE8MsNXtnf21MA6GqDENlKpuhMurzqcmTw8DKg2rQaLjU77S8IKAiCJv1duR7nNJ606%2F7Pm0gs%2BPo1RvP%2FwsAAP%2F%2FAQAA%2F%2F9gHk%2BinAQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
shapedcongest.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURAlN1EG8aAkO9s9P90zBozGZGVxzcZEUTAYq6uqJ5Wt7mqquqdn97S4IDmOXgRPvd%2FsZklcgoInwSizAQ8L4o6nRdxbvIsY8CYzLll8h3rv1fcVfPW99%2BlGfkjqyOnB%2Bbf1qlSKzrVqbvWlDzzvTHVRJnm%2F2m%2F71%2FzmmarpvdLxa%2B7L1TcFW9ZzdddzXc%2F1qvPSiEj35yYgZLrT8Wodt9as17xWE33z%2F97mDix1wHuH5BlIPp6575yEZCMk8dfnhV3OdHr6QpwrmmmDHt9%2BL1lOdJEgPi4j4yBKto%2FY0HZ%2F%2Fh50sjWVC917RAzlmDg%2F3UOYbB%2BJRNjbnOoMFUSCkD%2BBojeCUCNIOgLT65B8nwCM4%2BISkvjWRW0KuvIfSifomMw8%2FAuyGJOZ308iie%2BeU7JfvaJVnkmdWPSjErI%2FguyOkOa7yFYrkMUuWPYJJP%2BZzD1cRBJvLlmlIfnBi03hBi3u%2BbP1ers122w1%2FNlOs0NnGzRqUxoxtx34U4OkHEFGIygxALUnkFsHuXSQRw7y1EHMD6rM87zA5Yy67Q5jDR6I0OeuR4PIo57rt5GzyR8GyNIBmBqAmTWkZg3L8rMxcR4%2FBZP%2FCHu9hOUnYLMxcd5ZQY%2BXKARBYQkKSlBIgiIjKHrlFle2bstbXNk89I5y%2FSg3yqHOuht0S2ddkRBQM4Dh5UZ6SJ6eOOlc3bmMZXFQZY0gbEZRg0a%2BF7Y8121z1vEj6gac%2BW3ahJUlpK2AWgerckyCP68hlWNy8raDkO7Cql0w6YDmz4EWJej1EqvJXZaLHk3obKMW61CC6xJpNoNsxdlQh%2BTZ6TSX1i0E23uN3Mlmvv1yG8yUSE2JG%2FI%2BQVfdHF7WBdm8rAtLvllKMxnLVTqZ9JWMZuKxO2%2BJlUIbvnDeDm6%2FzibApNx5V9hskSZcJl1LvjonORdmXhsmyPcL9n0RXsrt9XO5SfJ08dIb8wtxaoS1UicjULl%2F4QswOSZP%2FXB1usKnP3wAaUYweYk43yNHAal3wdI12HTv7N%2BnKk8ufPcRrCYw6pgTpg6KvByaenh8qSSBEsc9DUtYsXf2j39%2Be%2BGXBx8jFI%2FsGBo6eU1luWFvomsqoNk6krhEz5ToqRJUDWDzE8MsNXtnf21MA6GqDENlKpuhMurzqcmTw8DKg2rQaLjU77S8IKAiCJv1duR7nNJ606%2F7Pm0gs%2BPo1RvP%2FwsAAP%2F%2FAQAA%2F%2F9gHk%2BinAQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURAlN1EG8aAkO9s9P90zBozGZGVxzcZEUTAYq6uqJ5Wt7mqquqdn97S4IDmOXgRPvd%2FsZklcgoInwSizAQ8L4o6nRdxbvIsY8CYzLll8h3rv1fcVfPW99%2BlGfkjqyOnB%2Bbf1qlSKzrVqbvWlDzzvTHVRJnm%2F2m%2F71%2FzmmarpvdLxa%2B7L1TcFW9ZzdddzXc%2F1qvPSiEj35yYgZLrT8Wodt9as17xWE33z%2F97mDix1wHuH5BlIPp6575yEZCMk8dfnhV3OdHr6QpwrmmmDHt9%2BL1lOdJEgPi4j4yBKto%2FY0HZ%2F%2Fh50sjWVC917RAzlmDg%2F3UOYbB%2BJRNjbnOoMFUSCkD%2BBojeCUCNIOgLT65B8nwCM4%2BISkvjWRW0KuvIfSifomMw8%2FAuyGJOZ308iie%2BeU7JfvaJVnkmdWPSjErI%2FguyOkOa7yFYrkMUuWPYJJP%2BZzD1cRBJvLlmlIfnBi03hBi3u%2BbP1ers122w1%2FNlOs0NnGzRqUxoxtx34U4OkHEFGIygxALUnkFsHuXSQRw7y1EHMD6rM87zA5Yy67Q5jDR6I0OeuR4PIo57rt5GzyR8GyNIBmBqAmTWkZg3L8rMxcR4%2FBZP%2FCHu9hOUnYLMxcd5ZQY%2BXKARBYQkKSlBIgiIjKHrlFle2bstbXNk89I5y%2FSg3yqHOuht0S2ddkRBQM4Dh5UZ6SJ6eOOlc3bmMZXFQZY0gbEZRg0a%2BF7Y8121z1vEj6gac%2BW3ahJUlpK2AWgerckyCP68hlWNy8raDkO7Cql0w6YDmz4EWJej1EqvJXZaLHk3obKMW61CC6xJpNoNsxdlQh%2BTZ6TSX1i0E23uN3Mlmvv1yG8yUSE2JG%2FI%2BQVfdHF7WBdm8rAtLvllKMxnLVTqZ9JWMZuKxO2%2BJlUIbvnDeDm6%2FzibApNx5V9hskSZcJl1LvjonORdmXhsmyPcL9n0RXsrt9XO5SfJ08dIb8wtxaoS1UicjULl%2F4QswOSZP%2FXB1usKnP3wAaUYweYk43yNHAal3wdI12HTv7N%2BnKk8ufPcRrCYw6pgTpg6KvByaenh8qSSBEsc9DUtYsXf2j39%2Be%2BGXBx8jFI%2FsGBo6eU1luWFvomsqoNk6krhEz5ToqRJUDWDzE8MsNXtnf21MA6GqDENlKpuhMurzqcmTw8DKg2rQaLjU77S8IKAiCJv1duR7nNJ606%2F7Pm0gs%2BPo1RvP%2FwsAAP%2F%2FAQAA%2F%2F9gHk%2BinAQAAA%3D%3D HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aadcf7b0760443796875ccbee6c4d538
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html

172.67.74.218

200 OK

480 B

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html
IP
172.67.74.218:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
480 B (480 bytes)
Hash
988cd00695890a395de736ef1f43180a
fc35045adb5a0bb89e9150574db517cffb44b0c9
100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66236
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S4I8HM8%2BItv2KuQEyH05yK8P42n22vBK2mXsk%2B%2FmpY2xYcMhf%2B29Enn4Jorx6yDuSJds8p%2FGw%2B7AfYURCM%2FJkxCIm%2FmBzCos%2FESeVzQY7IodFqdY9kOu548I73foIlC%2BFAJJusI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0edcdb87568e-OSL
content-encoding: br
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif

188.114.96.1

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864057
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SUvcwVnrLdM0AA3A1238csTtDR0s%2BNBtJXTp9%2FQF9fcrvfV5o4fdaGcg5OdfpSOd4XIpSXeysOekQFXw45k0NDv0nNPKWEgt%2BEhPswvE8miZN%2FEPWKbXZQtdTfJUht8e3JQdhDUG5ntC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ede8f41712a-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/pelicula/no-manches-frida-1375794Z/

172.67.211.190

200 OK

48 kB

URL User Request GET HTTP/2
cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (65384), with no line terminators
Size
48 kB (47964 bytes)
Hash
776ce634be599f7c83162280dfd943ff
b43d72fdecc13e62bc1e740082198048370a06a3
804d9f71a79bc8446f9632f498cabd9a9704d91066a186868071adfe8c44d6ca

HTTP Headers

GET /pelicula/no-manches-frida-1375794Z/ HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
set-cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XTdr0OLYKXJtOyn4VWP%2F%2F4liTc3HiXfB1k4hHMJMy6%2BoEBHBOnKOvefsKTeAzOk9CILxaPCdVcSo2JUDtj7iJvDtvU1IQi0LY4tMcFVq5JRxjUQriHSyLVFazVo86i8K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c0e98ecf356cb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css

188.114.96.1

200 OK

1.1 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
1.1 kB (1053 bytes)
Hash
af19abbabe1a862a20cb0e0a3ef31c7e
efcc04c4011905e4f013adae56ea928dc47ac7ef
8a72b4d48ce36805c492e3927213e1327c8d924544a595527da9955fd8916e19

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 67428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j9PjjMpOsnhc7Q45x9%2FBxKG8ZotQeH8TXP6yjL4tPIN0ekriMYtXSPNixtyF6ASzeIwF577IH96tGQruOISFB6orX7chHObWzhxBZ3PdSqmyTEJADndX1uWFYMwMYl2DWGKVGZpPNome"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eddcbc50afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=87

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=87
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=87 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=78

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=78
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=78 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

shapedcongest.com/pixel/sbs?c=1

172.240.253.132

200 OK

0 B

URL GET HTTP/1.1
shapedcongest.com/pixel/sbs?c=1
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

shapedcongest.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2BbxoXoiBKd6IM4kJpM3lv%2FseC1dpGgrGpraJgsd6%2FN73Nfe8%2B7n1v3iSrYEC6HN0Irl6%2BSRpaQ1FwJVhlUnAREDOugphd3YtYcCczhgbP4p5z7vdd%2BO53zqcb2SGpIqMH5982q0prOteo%2BOWXPgiCM%2BVFFWf9cr%2FdvNasnynb3iudZsV%2Fufym5MtmruoHvh%2F4QXleWRma%2FtwEhEp2OkGl41fq1UrQqKNv%2F9%2B7zIOjHkTvkDwDJcYz972TUHyEOPr6vHTLqUlOX4gyTVNj0RPb78XLscljRMdlaD2E8fYRG8btz9%2BDibemcmF6j4hMjYn30z2wePtIJFhvc6qTacgYTDyBvDeC1CMoOgI361BinwBc4OIS4ujWRWNzuvIfSifomMw8%2FAsqH5OZ308iju6e06pfvmJ0lioTO%2FTDAqo%2FguqOkGS7SFdLUPkuePoJlPiZzD1cRBxtLjltoMTBi3XptxoiaM5Wq%2B3GbL1Ra8526h06W6Nhm9KQ%2B%2B1Wc2qQUiOocAQtB6DuBDLnIVMestBDlniIxEGZB0HQ8gWnfrvDeU20JGsKP6CtMKCB32wj45M%2FDJAmA3A9ALdrSOwaltVnY%2BI9fgo2%2BxHuegEnTsClY%2BK9s4KeKJBLgtwR5JQgVwR5SpD3ii2hXdUVt4R2GQuOcvUo14qhSbsbdMukXRkTUDuAFcVGckienjjpXd25jGV5UOa1FquHYY2GzYA1At9vC95phtRvCd5s0zqcKqBcCdR5WFVj0vrzGhI1Jidve2B0F07vgisPNHsONC9ArxdYje%2FyTPZoTGdrlcgwBWEKJOkM0hVvQx%2BSZ6fTXFp3kHzvNXInnfn2y21wWyCxBW6o%2BwRdfXN42eRk87LJHflmKUlVpFbpZNJXUprKx%2B68JVdyY8XCeTe4%2FTqfAJNy513p0kUaCxV3HfnqnBJC2nljuSTfL7j3JbuUuevnMhtnyeKlN%2BYXosRK55SJR6Bq%2F8IX4GpMnvrh6nSFT3%2F4AMqOYLMCUbZHjgLK7IIna3DJ3tm%2FT5WeXPjuIzhDYPUxhyUe8qwY2io7vtSKQMvjnrICTu6d%2FeOf31745cHHYPKRHUNLJ6%2BpKjbcTXRtCTRdRxwV6NkCPV2A6gFcdmKYJnbv7K%2B1aYDp0pBpW9pk2urPpyZPDgunDso1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqxuGrN57%2FFwAA%2F%2F8BAAD%2F%2F%2BDKmkqcBAAA

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
shapedcongest.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2BbxoXoiBKd6IM4kJpM3lv%2FseC1dpGgrGpraJgsd6%2FN73Nfe8%2B7n1v3iSrYEC6HN0Irl6%2BSRpaQ1FwJVhlUnAREDOugphd3YtYcCczhgbP4p5z7vdd%2BO53zqcb2SGpIqMH5982q0prOteo%2BOWXPgiCM%2BVFFWf9cr%2FdvNasnynb3iudZsV%2Fufym5MtmruoHvh%2F4QXleWRma%2FtwEhEp2OkGl41fq1UrQqKNv%2F9%2B7zIOjHkTvkDwDJcYz972TUHyEOPr6vHTLqUlOX4gyTVNj0RPb78XLscljRMdlaD2E8fYRG8btz9%2BDibemcmF6j4hMjYn30z2wePtIJFhvc6qTacgYTDyBvDeC1CMoOgI361BinwBc4OIS4ujWRWNzuvIfSifomMw8%2FAsqH5OZ308iju6e06pfvmJ0lioTO%2FTDAqo%2FguqOkGS7SFdLUPkuePoJlPiZzD1cRBxtLjltoMTBi3XptxoiaM5Wq%2B3GbL1Ra8526h06W6Nhm9KQ%2B%2B1Wc2qQUiOocAQtB6DuBDLnIVMestBDlniIxEGZB0HQ8gWnfrvDeU20JGsKP6CtMKCB32wj45M%2FDJAmA3A9ALdrSOwaltVnY%2BI9fgo2%2BxHuegEnTsClY%2BK9s4KeKJBLgtwR5JQgVwR5SpD3ii2hXdUVt4R2GQuOcvUo14qhSbsbdMukXRkTUDuAFcVGckienjjpXd25jGV5UOa1FquHYY2GzYA1At9vC95phtRvCd5s0zqcKqBcCdR5WFVj0vrzGhI1Jidve2B0F07vgisPNHsONC9ArxdYje%2FyTPZoTGdrlcgwBWEKJOkM0hVvQx%2BSZ6fTXFp3kHzvNXInnfn2y21wWyCxBW6o%2BwRdfXN42eRk87LJHflmKUlVpFbpZNJXUprKx%2B68JVdyY8XCeTe4%2FTqfAJNy513p0kUaCxV3HfnqnBJC2nljuSTfL7j3JbuUuevnMhtnyeKlN%2BYXosRK55SJR6Bq%2F8IX4GpMnvrh6nSFT3%2F4AMqOYLMCUbZHjgLK7IIna3DJ3tm%2FT5WeXPjuIzhDYPUxhyUe8qwY2io7vtSKQMvjnrICTu6d%2FeOf31745cHHYPKRHUNLJ6%2BpKjbcTXRtCTRdRxwV6NkCPV2A6gFcdmKYJnbv7K%2B1aYDp0pBpW9pk2urPpyZPDgunDso1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqxuGrN57%2FFwAA%2F%2F8BAAD%2F%2F%2BDKmkqcBAAA
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTWhcVRS%2BbxoXoiBKd6IM4kJpM3lv%2FseC1dpGgrGpraJgsd6%2FN73Nfe8%2B7n1v3iSrYEC6HN0Irl6%2BSRpaQ1FwJVhlUnAREDOugphd3YtYcCczhgbP4p5z7vdd%2BO53zqcb2SGpIqMH5982q0prOteo%2BOWXPgiCM%2BVFFWf9cr%2FdvNasnynb3iudZsV%2Fufym5MtmruoHvh%2F4QXleWRma%2FtwEhEp2OkGl41fq1UrQqKNv%2F9%2B7zIOjHkTvkDwDJcYz972TUHyEOPr6vHTLqUlOX4gyTVNj0RPb78XLscljRMdlaD2E8fYRG8btz9%2BDibemcmF6j4hMjYn30z2wePtIJFhvc6qTacgYTDyBvDeC1CMoOgI361BinwBc4OIS4ujWRWNzuvIfSifomMw8%2FAsqH5OZ308iju6e06pfvmJ0lioTO%2FTDAqo%2FguqOkGS7SFdLUPkuePoJlPiZzD1cRBxtLjltoMTBi3XptxoiaM5Wq%2B3GbL1Ra8526h06W6Nhm9KQ%2B%2B1Wc2qQUiOocAQtB6DuBDLnIVMestBDlniIxEGZB0HQ8gWnfrvDeU20JGsKP6CtMKCB32wj45M%2FDJAmA3A9ALdrSOwaltVnY%2BI9fgo2%2BxHuegEnTsClY%2BK9s4KeKJBLgtwR5JQgVwR5SpD3ii2hXdUVt4R2GQuOcvUo14qhSbsbdMukXRkTUDuAFcVGckienjjpXd25jGV5UOa1FquHYY2GzYA1At9vC95phtRvCd5s0zqcKqBcCdR5WFVj0vrzGhI1Jidve2B0F07vgisPNHsONC9ArxdYje%2FyTPZoTGdrlcgwBWEKJOkM0hVvQx%2BSZ6fTXFp3kHzvNXInnfn2y21wWyCxBW6o%2BwRdfXN42eRk87LJHflmKUlVpFbpZNJXUprKx%2B68JVdyY8XCeTe4%2FTqfAJNy513p0kUaCxV3HfnqnBJC2nljuSTfL7j3JbuUuevnMhtnyeKlN%2BYXosRK55SJR6Bq%2F8IX4GpMnvrh6nSFT3%2F4AMqOYLMCUbZHjgLK7IIna3DJ3tm%2FT5WeXPjuIzhDYPUxhyUe8qwY2io7vtSKQMvjnrICTu6d%2FeOf31745cHHYPKRHUNLJ6%2BpKjbcTXRtCTRdRxwV6NkCPV2A6gFcdmKYJnbv7K%2B1aYDp0pBpW9pk2urPpyZPDgunDso1X7SYDGWLyXqjHkouWKPBfB5yVhPtNkfqxuGrN57%2FFwAA%2F%2F8BAAD%2F%2F%2BDKmkqcBAAA HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6b58e7404ce6665c689258ebc9b49b7b
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 551513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.74

200 OK

17 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
17 kB (16577 bytes)
Hash
1298b8a71ffc95bcd8c12a4edf7cded3
fa6baae683b44f80e732c480ed53da6e3bef71b0
ae4befdaeb4f3dd4bd9879a4a54b7fc89398167e571d04f7658967edcb338cb3

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:40:30 GMT
date: Fri, 10 May 2024 18:40:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cuevana-3.buzz/pelicula/no-manches-frida-1375794Z/

172.67.145.145

301 Moved Permanently

65 kB

URL User Request GET HTTP/2
cuevana-3.buzz/pelicula/no-manches-frida-1375794Z/
IP
172.67.145.145:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcuevana-3.buzz
Fingerprint20:F3:FA:E5:89:EB:9C:18:7E:58:1E:15:D8:AA:39:37:54:78:D7:BF
ValidityMon, 06 May 2024 16:56:50 GMT - Sun, 04 Aug 2024 16:56:49 GMT

File type

Size
65 kB (65437 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pelicula/no-manches-frida-1375794Z/ HTTP/1.1
Host: cuevana-3.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 18:40:19 GMT
content-type: text/html
location: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y4%2B5gXpF%2BMncPV4oBOgAAZWYiwXW4Z5TgYpQkad%2FK2hoEP%2Fspp1W5lldjUM4FurxrToDA41kKtWt7a48pLhcQLOeYxCglbzvFKQ3BVeekn09%2FWdyWcvigAZ55upeOPJadw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c0e95dd411c0e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuevana-3.lat/assets/js/global.js

172.67.211.190

200 OK

3.4 kB

URL GET HTTP/3
cuevana-3.lat/assets/js/global.js
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
JavaScript source, ASCII text, with very long lines (3482), with no line terminators
Size
3.4 kB (3414 bytes)
Hash
540b629c9aa3f4c13b0e968aeae3d226
9d340ef42b08d48326298eae0a1369b845b74f5a
aadf769d4d5067c1b6d50e1911d8ce411c9c3d310c948aa904f587f762942cfc

HTTP Headers

GET /assets/js/global.js HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: text/javascript
etag: W/"d56-63124b07-9e7ebd;br"
last-modified: Fri, 02 Sep 2022 18:27:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kBJW93gdWKSI4EaM7jiqA%2BFF4IsSpxTiYPTID6IO%2B2QNR%2BoW9VE%2FmJRHToflbPZKhIk5FVftDcmxyDUy973Laz0UYKTQiItH4KvpaRk1KRQyhQI%2Bsx%2FtHR1oGw69xXqB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c0ea10c7cb515-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js

188.114.96.1

200 OK

9.5 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text, with very long lines (8821), with no line terminators
Size
9.5 kB (9466 bytes)
Hash
d0707ac5d95047febbb8f131cc7a9af4
65021f149e99900eeaf7d298d2303160872b43f3
3e2e7ab351d401339df520fbd7ce4f177643dca01cad22bf59dd4b3e14853810

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 67428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pl8cjN9Rcx6%2F7P6Yued1kB2uVx4uAy5j1bCu0Fs3desROP7UY70iPno0mk8WgQ9UHWLiGfZECuwKRCQZexEBtUp35nuRNpjm6uU8%2BrMNVdyhwFj%2B%2B3IBevANpqF9YC4v4OMigF0ANMuV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0edddbd30afa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=40

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=40
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=40 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4

188.114.96.1

206 Partial Content

34 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
34 kB (34238 bytes)
Hash
69e52ff16a779d8ab66a1156cc50ab23
27f8897a2acc3bcfd319c267d137aaa4650fb3c5
2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 206 Partial Content
date: Fri, 10 May 2024 18:40:30 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864048
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6CeZ90rhs3a0H834GYkn4GFsRQ9%2FT4z%2BzZeNjmcYmxo4IuieAz2DmXrrv6cm5SFEt8zUeDUf8nebIV4lWHGFM6ILqc78B7Qi%2FJMYaMrY2VQD8%2BVH3CkOpKQd0DzExFxshLmyAULpkNex"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0edeaf6d712a-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 146730
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7fb14fb45cce4eceb14a526487f877a4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 18:40:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJOcPTasPHOly3KjNjwoOyOMJAKWVg%2FFUMGnq7dXnViwWFieZuQ5WMV3gjaq1t568GAcS7o%2BE93dNpwxDGqJSZzQiok3jb4kegSPeXwTBlLVO070nEImlTAb9XuDd7jdijPk7u3Dm0k7NYlprn9dVA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eac88e856a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css

188.114.96.1

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
79 kB (78693 bytes)
Hash
49a38187f94418e173e4bcc50c96dc4b
b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293
92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 36773
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5uo5BjIaLIwPQTNO1bZIjQMv6CRWQbay%2FZU5r44nqV8Q2xvmFDhslRPLpPylcNPx3DsGY40iRossRTEhwiCikR4gw1thKn3BLRFg5Gj%2Bj5HOqYODhB4f4f31sYtWbzTJegzS1yhqqv8t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eddcb920afa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=76

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
shapedcongest.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=76
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectshapedcongest.com
Fingerprint92:A2:D9:7A:1E:FD:F7:37:DF:46:9B:BD:2F:92:7E:81:1D:89:61:01
ValidityMon, 06 May 2024 12:44:57 GMT - Sun, 04 Aug 2024 12:44:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=76 HTTP/1.1
Host: shapedcongest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=4e075d16-2285-4536-949a-3af8aafc0876:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:40:30 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cuevana-3.lat/assets/js/sidebar.js

172.67.211.190

200 OK

243 B

URL GET HTTP/3
cuevana-3.lat/assets/js/sidebar.js
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
243 B (243 bytes)
Hash
bd79c69138514ff300af02dfdaabc791
380df86e0652d840fcc1c89e525a13842c8b6c9d
e5bfce3c16b913bcfc8e1cfb5b197691f8749cc308ddf005a5cc9fdfb06c660a

HTTP Headers

GET /assets/js/sidebar.js HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Cookie: PHPSESSID=o2oa49shvrn0b2dho2nebm1uda
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:20 GMT
content-type: text/javascript
etag: "f3-63124c14-9e7ebe;gz"
last-modified: Fri, 02 Sep 2022 18:31:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3364
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SzdMkpZhHsVabhN02thXpBE5zD%2BC91HiY3qK7MTAtl2QJ3ORhpcVcIvgGi2vSWnT2pqqHUPjilOjU8hqsvg4mQc0SZLzgTZSy2rcw5nV0joucw2OnhQB8bXRoMpHHOxE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c0ea10c7fb515-OSL
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

188.114.96.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:40:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 8cb83c6e367e454132e55ec762fb0cb3
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 18:40:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=egNgkLBlabrcL9uwA6XqyVmux%2BCHayqUGjYQxTRemBxs4nkxhMartkloHdFCSOkYnL%2Fg9EndTR0MbsBEYoJYqZJhJ8ih23Z7djSSpdm0tg9PoHFah9M0jxuBA927HYOmcXNxSeiM0jKKJd7i3SuibQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0eabdfe256a5-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-1375794Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
24937fd159a21f2e91207d5788e86c70
1b07e0334cc16c5cd659de56314bd2188e3a82f9
b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:40:30 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 868414
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zCLzPc5cNnFyXHOeLhjJmR%2FRjKZjSQce3v7JfeyT6dLo%2BOzoS8n2K9lU1gt%2FIfE%2FJ9bktf4sh86RjTuorbSHvyXhQqEK6jPtDlridTxs3v7Ok6Jpl%2BYYT9S230ov8gBMWLrheKeWUYrR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c0ede8f3c712a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN