rojadirectatv.ch/directv-sports.php
188.114.96.1301 Moved Permanently 178 B URL HTTP/1.1 rojadirectatv.ch/directv-sports.php
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
GET /directv-sports.php HTTP/1.1
Host: rojadirectatv.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 25 Jan 2023 21:49:26 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://rojadirectatv.ch/directv-sports.php
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcoAl9GHj0p6m%2B1rBBT6iCViJkHSIWAmDGXmZk8xlIYdrHnGApsl469mKQO%2FbE6j5h3sXoObItj5PRM1xwF%2FIP7dV9cOLkPDZ0h%2Fi8PhzzpCEdTijUkzXDZqsbwRaTBMw3%2Bk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78f43802ded30b06-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6433
Expires: Wed, 25 Jan 2023 23:36:40 GMT
Date: Wed, 25 Jan 2023 21:49:27 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9566
Expires: Thu, 26 Jan 2023 00:28:53 GMT
Date: Wed, 25 Jan 2023 21:49:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 25 Jan 2023 21:35:13 GMT
content-type: application/json
age: 854
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5051
Expires: Wed, 25 Jan 2023 23:13:38 GMT
Date: Wed, 25 Jan 2023 21:49:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: tl8NNgXBL6lYOW6WE7xwEPxjPWVWrBNKUvnnCwu/LN4mzoAceNqYS8iiyoW0bw7YErbY7ToGN2Q=
x-amz-request-id: WN5XV15QPTE8N2D2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 25 Jan 2023 21:19:49 GMT
age: 1778
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/-_-6j9T_WQY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-_-6j9T_WQY
IP 142.250.74.131:0
Hash e7cd347e6f33c97fb7ddf4963a317c73
442e1ed941a871ed1c084b4464bdd561200d5a52
c9ad688bd617390ca383998bb48cbc7425cf5da41c2f5764fe373b228b3c1321
POST /s/gts1p5/-_-6j9T_WQY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:27 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/-_-6j9T_WQY
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/-_-6j9T_WQY
IP 142.250.74.131:0
Hash e7cd347e6f33c97fb7ddf4963a317c73
442e1ed941a871ed1c084b4464bdd561200d5a52
c9ad688bd617390ca383998bb48cbc7425cf5da41c2f5764fe373b228b3c1321
POST /s/gts1p5/-_-6j9T_WQY HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3e7fdf1ab4be9ee80518d0400683f0d3
dd2ec6511ba05e7fb89d32a1ad407db5eaa1520b
eb789178a0b528aad87a5bf0d05aecd45e7623ebaf198820f9310887757e1d5f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3dc680bcb44349df6358a2d71483230d
f4ea1707dfb41d083f309964b919c92718fb6a3e
91142bf7dc5c9348aa10d0b9ab29837baa422df993c34a5b15872e03e0935ff8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v13/bH7276GfdCjMjApa_dkG6VtXRa8TVwTICgirnJhmVJw.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v13/bH7276GfdCjMjApa_dkG6VtXRa8TVwTICgirnJhmVJw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15772, version 1.0\012- data
Hash 13c8036c84a6c66d61dd16aed19e1997
394dfa1176a7c743dfaf05691aaf707aad6c2c7a
bd7d0a437b1a9635198041d116fb86a81e9dc9d2be27a3907bacb62f5fcf8c39
GET /s/oswald/v13/bH7276GfdCjMjApa_dkG6VtXRa8TVwTICgirnJhmVJw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15772
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 12:02:11 GMT
expires: Thu, 25 Jan 2024 12:02:11 GMT
cache-control: public, max-age=31536000
age: 35236
last-modified: Tue, 14 Feb 2017 18:22:59 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 25 Jan 2023 21:41:40 GMT
age: 467
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/dXsxlRUsgM4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dXsxlRUsgM4
IP 142.250.74.131:0
Hash 9961fdf992101cdfec4eb655f49aa79e
3285d743ebbb3dccb1b99f9dd6764e4d372229c5
b3cc3a3dd01f85bc9211d9fa029614cb8be34b720830181096d3547ace891b8e
POST /s/gts1p5/dXsxlRUsgM4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.bp.blogspot.com/-kZZQMQ3yJHg/YHyuiTg2JAI/AAAAAAAAGcw/LPszHvH8vNULlm4nUiwkJWokjOZp0mPqACLcBGAsYHQ/s0/rojadirectatv.png
142.250.74.161200 OK 19 kB URL HTTP/2 1.bp.blogspot.com/-kZZQMQ3yJHg/YHyuiTg2JAI/AAAAAAAAGcw/LPszHvH8vNULlm4nUiwkJWokjOZp0mPqACLcBGAsYHQ/s0/rojadirectatv.png
IP 142.250.74.161:0
File type PNG image data, 234 x 262, 8-bit colormap, non-interlaced\012- data
Hash 81145a84fe5a5966d872f260421970a0
a08e90c5d9bfcb32ca7d68426dbe79ed4685bd32
90c868eab2508a5de242fbbddec1bee75ece7b3719c0cc036664c6daeff3c9dc
GET /-kZZQMQ3yJHg/YHyuiTg2JAI/AAAAAAAAGcw/LPszHvH8vNULlm4nUiwkJWokjOZp0mPqACLcBGAsYHQ/s0/rojadirectatv.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="rojadirectatv.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 18709
x-xss-protection: 0
date: Wed, 25 Jan 2023 21:10:26 GMT
expires: Fri, 20 Jan 2023 22:31:29 GMT
cache-control: public, max-age=86400, no-transform
age: 2341
etag: "v19cd"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d72e962a579b678b57a9213e61869aa1
2f2d4ba36a4dafceae3e8ae8e337c78effb9b6a5
342bf3346476d1f699c9c9487781351dcfa06467fb57c89bb4888f03ee6e0eec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-59491653-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-59491653-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 979ea4d25db9dd5a0d4a22f226ba83f9
f485d10a76b2d4a7b277d0277ea3aa1256a65d84
3a589d80a1900148887ca8d79361041c8c165c6c437f13f9929b399570425b92
GET /gtag/js?id=UA-59491653-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 21:49:27 GMT
expires: Wed, 25 Jan 2023 21:49:27 GMT
cache-control: private, max-age=900
last-modified: Wed, 25 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43958
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogblog.com/1kt/awesomeinc/body_background_dark.png
216.58.207.233200 OK 106 B URL HTTP/2 www.blogblog.com/1kt/awesomeinc/body_background_dark.png
IP 216.58.207.233:0
File type PNG image data, 5 x 5, 1-bit colormap, non-interlaced\012- data
Hash 1de2f5d595cb35714e69a0f86e5f058a
c1ecb1aa5b2112d67dbe4644594a984a8df8d933
50d8a5573603d9819f10428efb4bdb6ff418aedbeb830d19e8c848b8f1df8677
GET /1kt/awesomeinc/body_background_dark.png HTTP/1.1
Host: www.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 106
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 14:54:38 GMT
expires: Tue, 31 Jan 2023 14:54:38 GMT
cache-control: public, max-age=604800
last-modified: Tue, 24 Jan 2023 14:51:17 GMT
content-type: image/png
age: 111289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash afeb3476c3b5b8e10f11db443b8528af
f419163f1e43fece9e428e088c49c65e145846ed
8f9bbf884ae3cddaf2f3eff5d31abf823004207b33bc925651516c60af1f37a9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3dc680bcb44349df6358a2d71483230d
f4ea1707dfb41d083f309964b919c92718fb6a3e
91142bf7dc5c9348aa10d0b9ab29837baa422df993c34a5b15872e03e0935ff8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 78ed7b7d814d987601b30851546309b5
12a653dabfd738fef99fad2295eec55e4651bc7c
a55164c954f0255d6d360ac0fac8b4598f8e0e01ec646105eed2e9b0abf5e2bd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8960
Expires: Thu, 26 Jan 2023 00:18:47 GMT
Date: Wed, 25 Jan 2023 21:49:27 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d72e962a579b678b57a9213e61869aa1
2f2d4ba36a4dafceae3e8ae8e337c78effb9b6a5
342bf3346476d1f699c9c9487781351dcfa06467fb57c89bb4888f03ee6e0eec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/dXsxlRUsgM4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/dXsxlRUsgM4
IP 142.250.74.131:0
Hash 9961fdf992101cdfec4eb655f49aa79e
3285d743ebbb3dccb1b99f9dd6764e4d372229c5
b3cc3a3dd01f85bc9211d9fa029614cb8be34b720830181096d3547ace891b8e
POST /s/gts1p5/dXsxlRUsgM4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:27 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c6363161f5d5f669f3ab0fb7658edc1
d4e17f65182d9445386fa607d46c12d6e6b3c1aa
8b7de57da4e86f7d992aaad04ad29f629c5cb4da6ab021a1a7a3a71775132a9a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B7DE57DA4E86F7D992AAAD04AD29F629C5CB4DA6AB021A1A7A3A71775132A9A"
Last-Modified: Mon, 23 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6892
Expires: Wed, 25 Jan 2023 23:44:19 GMT
Date: Wed, 25 Jan 2023 21:49:27 GMT
Connection: keep-alive
www.google-analytics.com/analytics.js
216.239.34.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.34.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 25 Jan 2023 21:45:20 GMT
expires: Wed, 25 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 247
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.43.197.133101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.197.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Vh54Y5k2Am/0xVFs3WIdUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5RZYpaBYzZGPODs+Y0sYUSYxXIY=
ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js
151.101.194.114200 OK 37 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.21.1/jwplayer.js
IP 151.101.194.114:0
File type ASCII text, with very long lines (65143)
Hash fc78d58f7dfd9a5c8e1ebf4e7cc8813d
8fd5b81abf03340aec150c69c385dd6878070db2
72a2c265df6e05cdb4eed0446e2d3e2fa59ae948c9588e3c26289a49ffbf8230
GET /player/v/8.21.1/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Fri, 16 Jul 2021 21:39:22 GMT
etag: "b646381f2f5695e6ccc9d7aea7dc2998"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 25 Jan 2023 21:49:28 GMT
via: 1.1 varnish
age: 1362349
x-served-by: cache-bma1646-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1674683368.167303,VS0,VE1
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 37317
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/level-selector@latest/dist/level-selector.min.js
151.101.65.229200 OK 9.5 kB URL HTTP/2 cdn.jsdelivr.net/npm/level-selector@latest/dist/level-selector.min.js
IP 151.101.65.229:0
File type HTML document, ASCII text, with very long lines (28462), with no line terminators
Hash be0026e2819aa0806ca7402cd2bd3485
2f3a41d2edd0121b541ba758aa048b0a3b784764
070bd971e1862c551f04c0d68a2c88fc32d5f0affb7e23d214de5835cd8cb82e
GET /npm/level-selector@latest/dist/level-selector.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.2.0
x-jsd-version-type: version
etag: W/"6f2e-QiFvefqcX7qrhCMG8irfXhmDfko"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 25 Jan 2023 21:49:28 GMT
age: 13227
x-served-by: cache-fra-eddf8230029-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9513
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash c6c99cefc9043c51f0b760f69a902a9e
bf8a22a32c8d7c492548599fee42d9470dfdba3b
3e91f5fed16a7ae1d43c480c9e7c4ca1e12f3d2f50b7aaf6fa5da2b9ceace286
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:28 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "6C3944CA0C8DBB8AFBB3D5D4D22EE33A647A24F7"
Expires: Thu, 26 Jan 2023 09:00:00 GMT
Last-Modified: Wed, 25 Jan 2023 21:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 741
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78f4380b4d61b4f1-OSL
cdn.jsdelivr.net/npm/dash-shaka-playback@latest/dist/dash-shaka-playback.min.js
151.101.65.229200 OK 105 kB URL HTTP/2 cdn.jsdelivr.net/npm/dash-shaka-playback@latest/dist/dash-shaka-playback.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (30019)
Size 105 kB (104783 bytes)
Hash 7ab7297f2539f1e0998b1d85a8a51f65
1d207a787dc5bde9d805b621e8d3bc41fcd4c9d5
be0bd8327b8038e732a3dd1f2f6dbd88fdc4350bbd6ed1ae8ab27391736b2d19
GET /npm/dash-shaka-playback@latest/dist/dash-shaka-playback.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.0.5
x-jsd-version-type: version
etag: W/"53361-bw1YE2YUJrOWvR6KGZPZzYvc01g"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 25 Jan 2023 21:49:28 GMT
age: 33494
x-served-by: cache-fra-eddf8230060-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 104783
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash 2548bf55e6dc8c38491a8a1d6e304ae4
fcf4f6ffcedde33c92eb3cac70933f09d4d05b53
2577c1a1524f7b5793b8d0db31b456f0c0b2baf7679b04a7265f2971596ab67e
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
151.101.65.229200 OK 6.9 kB URL HTTP/2 cdn.jsdelivr.net/npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js
IP 151.101.65.229:0
File type ASCII text, with very long lines (25391)
Hash 397585b48d8e13831b573102b4380f0a
33544d2f59b2980c7b9025eafab2c0ee5a9797c1
ac4aa1cee8cdbd20582f400b5e960d3f4105a9142afcdf0aff76d817891793e6
GET /npm/clappr-chromecast-plugin@latest/dist/clappr-chromecast-plugin.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 0.1.1
x-jsd-version-type: version
etag: W/"6368-DV51ALoM6pjV/AFJGNfNGki1pmg"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 25 Jan 2023 21:49:28 GMT
age: 1009
x-served-by: cache-fra-eddf8230107-FRA, cache-bma1626-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6903
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.64.104.21200 OK 5.8 kB IP 172.64.104.21:0
File type ASCII text, with very long lines (13121), with no line terminators
Hash 0e1aa245d3550e105c0204c5bce77126
bbe7f69091b1a2139598ebfe61be98bdc7ccc421
67e26309fe7f6370be94af4f9d3f82d731154879a172fae3b0fba4ad9459cc74
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript
last-modified: Thu, 29 Dec 2022 16:01:28 GMT
etag: W/"63adb9d8-3341"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 2748
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=orew2OAZohv9kL3CCt%2BEcaj1k%2BOzigtPU0nx2jF0e8KfWb0CzWofU60OINSUoDCkoQb075NA1KogRhXoQFSqhGZEGt0Rhph7Qziyo9glfvgS7gC1flVRvVbOfK3M%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f4380b79d0745b-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
my.rtmark.net/gid.js
139.45.195.8200 OK 65 B IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0195db796138ea391b59e29c6ab01ae0
3b5850af62d75280556bbd7078974fd805f1694f
256a541c68e48f9d1e86e6d0cfffa55caf107ce9d534be6a71f8f9b563dd9556
GET /gid.js HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://rojadirectatv.ch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c0b73b31d9e64e038d5eeaf46ab1d350; expires=Thu, 25 Jan 2024 21:49:28 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/x-QEV4IR2x0
IP 142.250.74.131:0
Hash 2548bf55e6dc8c38491a8a1d6e304ae4
fcf4f6ffcedde33c92eb3cac70933f09d4d05b53
2577c1a1524f7b5793b8d0db31b456f0c0b2baf7679b04a7265f2971596ab67e
POST /s/gts1p5/x-QEV4IR2x0 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tucanaldeportivo.com/directvsports.php
94.242.50.158200 OK 1.4 kB URL HTTP/2 tucanaldeportivo.com/directvsports.php
IP 94.242.50.158:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3594e3de4acf7f7d7098f4db5112b6ed
80c21a8262b422be17ce691be8a552e0dd3e2856
991f1ba23c1258c76327c553c0b1fa886fb467f04041793d36ab75fc70fc1f53
GET /directvsports.php HTTP/1.1
Host: tucanaldeportivo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 1408
content-encoding: br
vary: Accept-Encoding
date: Wed, 25 Jan 2023 21:49:28 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
code.jquery.com/jquery-latest.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-latest.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32086)
Hash a39e9fcc2a78d5b1ed25b5f853c17a22
f1d1d30d35146a7adee855becba02b776366f169
a0581d3f2c05cfb302f81d2894c114da758e14a290bd4f240c7b63628469ee8d
GET /jquery-latest.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-encoding: gzip
content-length: 33202
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1762a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPjjxp4GEoYBCiQ4NjJjMzg5NC1mOTY0LTQxNDUtOTdjZS00ZTA5MTE1ODFhMzQQ+OiCoKvU+wIaBgjox8aeBiIMOTEuOTAuNDIuMTU0KPJlMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiRhMTA4OTVkMC0xMWIyLTQwYWEtYWNhMy0wYzJmMDYxNzY5NTcYsoMCIhgIAhIUY2RzMjU2LnNrMS5od2Nkbi5uZXQ=.cjpXs5VT3C3HhmxlvBfDhmniHTM0aS5dw6UTX11dvxk=
x-hw: 1674683368.dop227.sk1.t,1674683368.cds021.sk1.hn,1674683368.cds256.sk1.c
X-Firefox-Spdy: h2
unpkg.com/video.js@7.21.1/dist/video-js.css
104.16.123.175200 OK 11 kB URL HTTP/2 unpkg.com/video.js@7.21.1/dist/video-js.css
IP 104.16.123.175:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash ffd200e29c97dcffcabd3aff2a315833
2f631fe558845a44e719489c9c846259307ee7d4
2e844b0d5a0d9c36a6ac7b2262f0624c45f749d511383e4b129a18c721b47791
GET /video.js@7.21.1/dist/video-js.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tucanaldeportivo.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"b60f-hBF10RMDB1g/GOe7oM3xM3grpys"
via: 1.1 fly.io
fly-request-id: 01GPR487WYG5P081H3J7SPVAAS-fra
cf-cache-status: HIT
age: 983832
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f4380d6a910b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1197fd69b0376b9f7efd0fd9a75c2d36
850422b130fbb244b2545bba9d1f8018afc1a464
a3b28e4d2d6ffac6aaab9fb82572aafd0591880dedc5f3a4a6c745a4aa54f2df
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3B28E4D2D6FFAC6AAAB9FB82572AAFD0591880DEDC5F3A4A6C745A4AA54F2DF"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6714
Expires: Wed, 25 Jan 2023 23:41:22 GMT
Date: Wed, 25 Jan 2023 21:49:28 GMT
Connection: keep-alive
acdcdn.com/script/suv4.js
188.114.97.1200 OK 35 kB URL HTTP/2 acdcdn.com/script/suv4.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (37814), with NEL line terminators
Hash ad94fd44812f5b7e9554deebdb3b8ed9
53e7aaaad3d01cf3ca94e7e34b5ad53128491df6
7eda94c417bdfe73b0bb9e5bd0e5c2fca809840a3148a2983c82f4ed36a80d35
GET /script/suv4.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycduiRa57d1vUaLu2zb8fSlxYTBRQKB7dbKmXmchSkWrua-LQghD1O64xjZeiQ4FSF3yI7031HrmCSWuqtqjgZpKyHw
x-goog-generation: 1674555149263589
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100716
x-goog-hash: crc32c=jg2Y+g==, md5=PkfV0f1nh0Fd2nS4GOUUrg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 25 Jan 2023 22:19:54 GMT
cache-control: public, max-age=14400
age: 1394
last-modified: Tue, 24 Jan 2023 10:12:29 GMT
etag: W/"3e47d5d1fd6787415dda74b818e514ae"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xB4JwqKJcYg%2FhdEUA47Gzzlm6LEZQ0pwh%2BOYs4yv7Tw%2FEhjm2vyDs12uZGGQuIXZHg6ObPTwEN%2FAsQCJkSgX59Mlpa5fjX4gjfo2gWHAr8YmdyGjms3GK9FrerPR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f4380dd940b4f1-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
azoaltou.com/tag.min.js
139.45.197.233200 OK 24 kB IP 139.45.197.233:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c4908e29d4b2ee5bb96790e426d7f232
57d500deb5757bcde65cf9d61df9514367d33837
769dd1240d0a52a9547bc6618ca0e7d274591768ce9aa919e3c3868c0045dc48
GET /tag.min.js HTTP/1.1
Host: azoaltou.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/javascript; charset=utf-8
content-length: 23678
content-encoding: br
x-trace-id: e72aae2371f90d5e10c9dcf946cd53f3
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 23 Jan 2023 15:53:40 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/G8Vr3B0kBMw
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/G8Vr3B0kBMw
IP 142.250.74.131:0
Hash 436ffe215bc852c6518b772f4d8d1380
d4b384810e1ee4bc287bdc4e1c2977beecc114f8
2638cf4870ec18a20d9b63919d9c41c3e5e877f1b3e1b0c5880c1ab4c8739e40
POST /s/gts1p5/G8Vr3B0kBMw HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:28 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
eehuzaih.com/500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 eehuzaih.com/500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://rojadirectatv.ch/
Origin: https://rojadirectatv.ch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:28 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://rojadirectatv.ch
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash da6d1131f8c9ad77c09853b9bc65a467
dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba
ea18b3e2c606aeb6128c798d0ce25827e7a630701a73248211b7d448805d2233
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:28 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 15:49:39 GMT
Expires: Wed, 01 Feb 2023 15:49:38 GMT
Etag: "dfcde7da9dc04065f6a3bbd2457ef90c75ed01ba"
Cache-Control: max-age=582609,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f4380c691fb51d-OSL
coolcast2.com/embed.js
172.67.145.158200 OK 977 B IP 172.67.145.158:0
File type ASCII text, with very long lines (320)
Hash 81e33388c307db725c3ea909b7494f13
7258f8d8c3af26da29944871fde85ef4e9e5fae1
2ea06f5d0c4579867efec149ac7314da1d39afd55fd65df6e90e8af3fc9f6003
GET /embed.js HTTP/1.1
Host: coolcast2.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 06:13:53 GMT
vary: Accept-Encoding
etag: W/"6364ada1-4df"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1770
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lw5cH9A7n28Hv2v9s1rNpJN%2FZxBIRljiNWr0UOKOqGKlQ%2FaEee%2BzWvdrzE1Gv3PEm4SqHcOGGSOs%2BQ2UQ%2FG9oHDOFoAb6qqfp%2Fc8466V13EszD91KRf4NdJlCylmejRb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f4380e2ad3b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.254200 OK 12 B URL HTTP/1.1 fleraprt.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.254:0
File type JSON data\012- , ASCII text, with no line terminators
Hash adb4650bfc9d2a73d4dd69583b0ceb14
1ce399d6e936232aaf2192cd7903a279c5015f22
21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: fleraprt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 913
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Wed, 25 Jan 2023 21:49:55 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://rojadirectatv.ch
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
buttons-config.sharethis.com/js/60d0b1dd89d72400193ecd45.js
54.230.111.123200 OK 850 B URL HTTP/2 buttons-config.sharethis.com/js/60d0b1dd89d72400193ecd45.js
IP 54.230.111.123:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 02d95b4581d5ddf6f25a09642f08b730
84d1bdb353b37f3087890da15cbe50bb1d6a0a7b
0d06ab1ed4f5a4e6940d070633087d74fda9f333af35813a7f52465e3617c4ed
GET /js/60d0b1dd89d72400193ecd45.js HTTP/1.1
Host: buttons-config.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 850
last-modified: Wed, 08 Sep 2021 17:32:02 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 25 Jan 2023 21:49:28 GMT
cache-control: public, max-age=60
etag: "02d95b4581d5ddf6f25a09642f08b730"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rPG8hZ3fwEoQXHqSoyalW7dxbUCSZNsqEIM_Y9gyTtwZfr4qU7Ftsw==
age: 42
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/facebook.svg
54.230.111.19200 OK 301 B URL HTTP/2 platform-cdn.sharethis.com/img/facebook.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c6e9be45643e197ce1db1d7e24a99adc
d7338e398bb0f7a9082d24f121140d2cf9e88859
768d97ec0916217ae82c70aeda3a61b9b0dab344edc4a3240a4f7cd94af00307
GET /img/facebook.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 301
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 09 Jan 2023 03:18:13 GMT
cache-control: public, max-age=2592000
etag: "c6e9be45643e197ce1db1d7e24a99adc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s0EkrY9__OJh9Cp-lZu6MvQQVJ3PlYQ1d3_GYucjtfps11wpjyqWJg==
age: 1449079
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/twitter.svg
54.230.111.19200 OK 731 B URL HTTP/2 platform-cdn.sharethis.com/img/twitter.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (575)
Hash 0af2fb38987598376c99e21af17ade45
bfbdfd0b1a2dcef714e347928bd11b8410dc7ca2
7c93346d4f681a0be90d1dfc19346382a4700f1810f41caa54415688dee1777f
GET /img/twitter.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 731
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 11 Jan 2023 07:49:38 GMT
cache-control: public, max-age=2592000
etag: "0af2fb38987598376c99e21af17ade45"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6Gbj-iQHSMiKKvQPDOAc1UXQjN_MLwNP4DmZakClmL6Evhk3Ca7-Rw==
age: 1259991
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/sharethis-white.svg
54.230.111.19200 OK 625 B URL HTTP/2 platform-cdn.sharethis.com/img/sharethis-white.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (533)
Hash 2506159844f1711ede2746e62df1370a
aefcb5bb0b8620b387cf8693b44679bd94b45ef4
a5e92663d140c2742136bd09372e2d37c070b09e3de4cd3bf16dabce17cd02d8
GET /img/sharethis-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 625
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Jan 2023 00:44:09 GMT
cache-control: public, max-age=2592000
etag: "2506159844f1711ede2746e62df1370a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xWlDyAnebqXQIjO9F3D9N_B_VvGr50uK0UjhTndskEuqVVIAaNAzKA==
age: 2149542
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/pinterest.svg
54.230.111.19200 OK 771 B URL HTTP/2 platform-cdn.sharethis.com/img/pinterest.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (615)
Hash 2b10a062e719c64b686e2e8fcdc216dc
38bd37fa3975f4d5b849763359481d8b31bb80ba
efc737b4f58cfe73a9bd0e57d7570365701381da31e628b269e7217a0ce3359d
GET /img/pinterest.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 771
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Wed, 28 Dec 2022 01:10:18 GMT
cache-control: public, max-age=2592000
etag: "2b10a062e719c64b686e2e8fcdc216dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0lvQ8hfxekqPQS6SmMgBTiQhNMvnoAPzlHyIIj_gOXoufhcY87caMw==
age: 2493551
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/email.svg
54.230.111.19200 OK 343 B URL HTTP/2 platform-cdn.sharethis.com/img/email.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 5977437466e857c7ddcadda6f6d88c2a
19c6378daa1f946ca225fb8d9e039e1f7762fb0d
5f5012132c752db2433e17712d91ef8689f1bc95167b2720e23224c2ae62e009
GET /img/email.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 343
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sat, 31 Dec 2022 08:13:27 GMT
cache-control: public, max-age=2592000
etag: "5977437466e857c7ddcadda6f6d88c2a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bb4aYbmq0JhuWrpRUgVvO_qiCNN3e5FD1-1Y5mDKpcU9Fci5By0qAQ==
age: 2208961
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/facebook-white.svg
54.230.111.19200 OK 357 B URL HTTP/2 platform-cdn.sharethis.com/img/facebook-white.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d2c2caf5b123988ddd17ceeb1c7d9d50
06890bd619eced1f588073c3c48da7a6280a34b8
2f3a7818f88c8afbe9111ed9f13f12e37a2ad56f87b54dc0dd19b2c372d3f6c8
GET /img/facebook-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 357
last-modified: Thu, 10 Oct 2019 01:20:12 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Mon, 09 Jan 2023 03:19:52 GMT
cache-control: public, max-age=2592000
etag: "d2c2caf5b123988ddd17ceeb1c7d9d50"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 114Zpy_HP-1Xgqpm3xXUKSNLG8pDJbFz_xj9S_cT9mQSR-mK9eWjdA==
age: 1448977
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/twitter-white.svg
54.230.111.19200 OK 797 B URL HTTP/2 platform-cdn.sharethis.com/img/twitter-white.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (705)
Hash 011c4584e5c59c6dc0daa1fa5c845b76
a007ec390d002a36a164797013d24644f15afd47
26a112b47990822d68103d4ac8d452f78d1da928874a376a7335d26244b50431
GET /img/twitter-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 797
date: Thu, 05 Jan 2023 07:43:06 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: "011c4584e5c59c6dc0daa1fa5c845b76"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ic6ocjfyLkHlh9nM0sr1tLVTGVt8yCFAk5boL8t6qmnwsmalY3Uwmw==
age: 1778783
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/messenger-white.svg
54.230.111.19200 OK 346 B URL HTTP/2 platform-cdn.sharethis.com/img/messenger-white.svg
IP 54.230.111.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 6e47d1a316ff66022db5c84721bb6cb2
c0c5511529c4a6eda31623126760596b72f9adb5
9a72a6a001720eb75f9c7381db5a0b011430aa144a1da8beca753fdecfa063e1
GET /img/messenger-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 346
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
date: Sun, 01 Jan 2023 06:41:55 GMT
cache-control: public, max-age=2592000
etag: "6e47d1a316ff66022db5c84721bb6cb2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Cs8TFKFq7DrMOkJVnEdcUgxKgUTROoGywfDDFhyvdkl5nuQHWLJFxQ==
age: 2128073
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash b9c370f0c5269c1d8b8525e2f7996eb7
9690e86fe7a47f9aa852bbb7271d431be4a612f6
a01da38e9ca9f574291698c006942290d77ec6a790662d4dfbcbd88fabdcfca5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=162146
Date: Wed, 25 Jan 2023 21:49:28 GMT
Etag: "63d17131-1d7"
Expires: Fri, 27 Jan 2023 18:51:54 GMT
Last-Modified: Wed, 25 Jan 2023 18:13:05 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: S1UR70ommDdLqYzyoOM_8L76GsoEQtCfkSSC83OmxHwXykP7oJKQog==
Age: 2329
count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
54.230.111.73200 OK 337 B URL HTTP/2 count-server.sharethis.com/v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
IP 54.230.111.73:0
File type ASCII text, with very long lines (337), with no line terminators
Hash 5bf3475063e77708b367558c8d9df3b6
4c6355f800676cd8a0db269f60cdd621a3c14ad7
fe4ef217ac19b548ca472e28e41073b9af459123bf5c076153f8784f43e27cf8
GET /v2.0/get_counts?cb=window.__sharethis__.cb&url=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php HTTP/1.1
Host: count-server.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 337
date: Wed, 25 Jan 2023 21:43:18 GMT
cache-control: public, max-age=900
etag: 5bf3475063e77708b367558c8d9df3b6
apigw-requestid: fUZSiiVoIAMEP7A=
x-cache: Hit from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1iosh_vf7nga85N0NsOn5qk1ziJr2T7gh-zHuDAMBwKFaXq_kDy3Kw==
age: 369
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
code.jquery.com/jquery-migrate-1.2.1.min.js
69.16.175.10200 OK 3.1 kB URL HTTP/2 code.jquery.com/jquery-migrate-1.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (7085)
Hash e1084a25976d8b8999acadc7350ffb48
99b723d38b78d8347e8dfa60193b12864a370227
b98359c65420aa3864d5b86ef94c4c9a5fb8c772a905884a5ba4ce55319a3d13
GET /jquery-migrate-1.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-encoding: gzip
content-length: 3063
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1c1f"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPnjxp4GEoYBCiQwMWNjMzJiMC04ZTRhLTQxZDItYTRjMS1kMWU4YTI0YjJmMDMQ+OiCoKvU+wIaBgjpx8aeBiIMOTEuOTAuNDIuMTU0KPJlMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQ5NGMzMzIzNS1lMmU5LTQ3ZWEtYjEzNS1lMDIyZjVlZmUwNmEY9xciGAgCEhRjZHMyNDIuc2sxLmh3Y2RuLm5ldA==.gEqHFoK0Epp3I89ihDQtbFjlOUZ+AcJMCcV2LjwBaUk=
x-hw: 1674683369.dop227.sk1.t,1674683369.cds021.sk1.hn,1674683369.cds242.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e445db9a7cc4272ed816edc3d933da11
1408e27c9e95752d603abe5c3d8d2b7aa497d5aa
813382d8e3fba590cd0637fe284203136fb41436e3ab85bc18b480d66c8a7be2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1682
Cache-Control: max-age=106061
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:29 GMT
Etag: "63d098a4-118"
Expires: Fri, 27 Jan 2023 03:17:10 GMT
Last-Modified: Wed, 25 Jan 2023 02:49:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
code.jquery.com/jquery-1.11.0.min.js
69.16.175.10200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-1.11.0.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32341)
Hash 665423f5df5f30d3e991653d594fd1cd
ad2be638c57e37aa00adacc89d233d70d5c5c927
fce13e871876bba3561cf18484a8f4fcab2d1b954079b78c1d8ff7a727583b33
GET /jquery-1.11.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-encoding: gzip
content-length: 33357
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1787d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPnjxp4GEoYBCiQ2OGUxMDQwNy03ZmU3LTQwNjktOGFmZC1lMjk1MTE1MzhkMmUQ+OiCoKvU+wIaBgjpx8aeBiIMOTEuOTAuNDIuMTU0KPJlMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ1OWQyYWYyZC0yN2YxLTQ4MGEtODQ0NC03NzEzMTQ3MjBhYTEYzYQCIhgIAhIUY2RzMjA2LnNrMS5od2Nkbi5uZXQ=.MjlZYRd8pWVeDcxrylsQZd4ICO11byWsbX/6hMRxaz0=
x-hw: 1674683369.dop227.sk1.t,1674683369.cds021.sk1.hn,1674683369.cds206.sk1.c
X-Firefox-Spdy: h2
t.dtscout.com/pv/?_a=v&_h=rojadirectatv.ch&_ss=3ug2smiqek&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5gph&_cb=_dtspv.c
141.101.120.10200 OK 54 B URL HTTP/2 t.dtscout.com/pv/?_a=v&_h=rojadirectatv.ch&_ss=3ug2smiqek&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5gph&_cb=_dtspv.c
IP 141.101.120.10:0
File type ASCII text, with no line terminators
Hash 1160b6d50dc4a2df5a7ac04183164183
14de2edd141f99598fe7e746c436a913ae176d5e
88670c7bca5d1c95c060d2bfa788b5a2df54468826f306a47d5ed061c5e51184
GET /pv/?_a=v&_h=rojadirectatv.ch&_ss=3ug2smiqek&_pv=1&_ls=0&_u1=1&_u3=1&_cc=no&_pl=d&_cbid=5gph&_cb=_dtspv.c HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Cookie: m=1; oa=1; df=1674683368
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript
x-t: 0.144
x-c: 0
expires: Wed, 25 Jan 2023 21:49:27 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyD5mm9YfEOzH6TJnCcWS8rEm5uFnilserZdhsBZRPyjvSLirD2DTjc3%2FZITs9Bmzd3XezxAf6F2USfm6NbEC9hk1bv7mjQbP6hu%2FH9ZDGlq4ey5nyhy7mD6bVLAR%2FA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f4380cbda30d46-ARN
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1005c9e99dc8d4390861d6730c7a403b
0e3858ae26a1c01e0160e3b60e400bea202ebd05
4ff7ceb81a3dad4fefd3a15ece4ce13898624c01bf5a0cb4fdd90958978ed6b9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6eb8a10eed41d0b855da6977e1e0f4be
e13340feedc0f85f0cef465ce9c2b9de35f5b3d0
6bd6ae28c623fba3ff7a10cd88a12e14acad598ad41993b471e5fc7b0bc2fedc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BD6AE28C623FBA3FF7A10CD88A12E14ACAD598AD41993B471E5FC7B0BC2FEDC"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6582
Expires: Wed, 25 Jan 2023 23:39:11 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e445db9a7cc4272ed816edc3d933da11
1408e27c9e95752d603abe5c3d8d2b7aa497d5aa
813382d8e3fba590cd0637fe284203136fb41436e3ab85bc18b480d66c8a7be2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1682
Cache-Control: max-age=106061
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:29 GMT
Etag: "63d098a4-118"
Expires: Fri, 27 Jan 2023 03:17:10 GMT
Last-Modified: Wed, 25 Jan 2023 02:49:08 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 280
ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32033)
Hash 7556a3f5497d3d7c16638a89ae2a7970
bcf358713c2c9b7fe6a6ea4ff3f7e3a6effdf8e0
d68af37a833fb796074b311adb4d7e62700ac2d6f238b2b07c193149e2918433
GET /ajax/libs/jquery/3.2.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30281
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 03:40:41 GMT
expires: Thu, 25 Jan 2024 03:40:41 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 65328
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 688 B IP 142.250.74.131:0
Hash 684117d0ce886eae11e67aa896ce79cc
53e1c0e9756334799b31ba6e014bb7af0e067a16
2f38b257844657999d90296cd63ea56a71e6df2edd4d936218bd5efc9007cc3e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 480a84860b5a64f7d266b7fa095c70a3
e4409d282dc6da24e38b759bf00be0dec31b8581
ae7169c9a001e909bf63fa5828d66ed267b951b14a7f967682fc08c1c6e5e229
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 22 Jan 2023 11:33:39 GMT
Expires: Sun, 29 Jan 2023 11:33:38 GMT
Etag: "e4409d282dc6da24e38b759bf00be0dec31b8581"
Cache-Control: max-age=308048,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f438103f7ab51d-OSL
rowansportstriped.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js
173.233.139.164200 OK 17 kB URL HTTP/1.1 rowansportstriped.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (53772), with no line terminators
Hash 497bb6c28e39b8ec288a83775b6dcc4b
9feb8e6c12b345c13c40d41b661dc88a3810bf80
ee0baff7d17d9e58b5ef52739494f13cb6eb6c7f11f294141d2cd5814300b2f0
Analyzer Verdict Alert quad9 Sinkholed
GET /ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js HTTP/1.1
Host: rowansportstriped.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: bc56f386409787a0bd94d358398b4bdb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Wed, 25 Jan 2023 23:06:02 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Wed, 25 Jan 2023 23:06:02 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
platform-cdn.sharethis.com/img/skype-white.svg
54.230.111.19200 OK 2.1 kB URL HTTP/2 platform-cdn.sharethis.com/img/skype-white.svg
IP 54.230.111.19:0
Hash c42396527cfc4679291034882a0186ea
bdd09b208db99263a56a98eeeed6afdce79423b7
85caa81163c6b8d10c0e20f7198f5ec521f432925681ad750be36e1ab0de2af4
GET /img/skype-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Sun, 15 Jan 2023 01:23:49 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: W/"d40f727a50c3af9c87a0e28a322b536a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g3Rv9ikgKgwUsRWm3HLm9OD4ya1iasBI5gCsdT9h1DKs3w3zbrVaAw==
age: 937539
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Wed, 25 Jan 2023 23:06:02 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4593
Expires: Wed, 25 Jan 2023 23:06:02 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7458f7a9b2070055df6f1d496794e43e
0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9
373097662c419eef9f4a19ce9f3bcead70f6eafbf0acf44806685eece43ce251
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ccbe5e-77b1-4d6d-98f5-a477f3861d8c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12758
x-amzn-requestid: c3540562-8c62-4957-9528-7ae952daebaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9gf1E87oAMFpsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c87acb-49fd3f78275937e24d23fca3;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 23:03:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: c5YOTqrEv9RLv_lKsrC377yost8auxYRPLubBFGjIWtnbueiGMJYGw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:33:54 GMT
age: 51335
etag: "0f5d2a6d846f4f8f85dd7e8089e643cacc57d8a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91b2e12a39dc4f63b9d52e8800cce1f2
42d5b4b4a091778d98c351f0002d8656449d0243
d4dbc79e3383e83f861ccf8cde3e78ba427a66cd3fa99c17e23ec935867de4ad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67efee66-d227-4c28-89a3-8fd7f382049b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8308
x-amzn-requestid: 1988d3b3-5e1a-41fd-83f5-092eddb9185f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNys5GDKoAMFdbA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefe52-2349fde60b7db8a34c996717;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:38:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5_1j_Z6HZ3DSGFPAACJduM5D9eAqMQT42GgI61x8dHAmPQtUexpEYQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:06:36 GMT
age: 85373
etag: "42d5b4b4a091778d98c351f0002d8656449d0243"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d10114508bd40d76f497fc5b9c064350
c9b86b2b27063e0a58b0f237d451f9cf05b2122d
a156bd21bee2fca1d82940fb172a695044321ed432786ae100a7baf3b5e12b3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e473b9-0adb-4371-8146-b148ce85cdec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8252
x-amzn-requestid: c7064a36-7bb0-42c7-9ee8-9ee798ce8cbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fEq3UEjVoAMFipg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb582e-5be2ad2a217f9b4b6834a278;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 03:12:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: b4EbiS-go4Yy-UcA4CbKj10TbS6qKgQd6ZgqB3XVyd9ieBPszfx_jw==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:47:58 GMT
age: 91
etag: "c9b86b2b27063e0a58b0f237d451f9cf05b2122d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash af3ceda828750acf5ac7c837612a6e0f
f6364de0805cf3cfe66d19293085da16a2c2f832
baa0cb6e3cec7f840477dfdcea518968f5b72a828dbd346abb09e2d3e3aa3bee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccf5342f-6184-4859-b154-9913ddd9b112.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9091
x-amzn-requestid: c5849f51-8fc6-40c0-a1e3-9deb74e06c59
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRE7TEzxoAMFmuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d04eae-22d80a0c3e6485dd62f420ef;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 21:33:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U8Pd9ECOLiB-ZaqU46162mJRnAYfNE3O5Zi_yaYTk_oNNm2xHNgQSQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:36:13 GMT
age: 796
etag: "f6364de0805cf3cfe66d19293085da16a2c2f832"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16d9c0855b43a6c2351cb450187948e2
7208e2e4beb739ae9aded4a207d48cb3572fad5f
92b0423b09aa653ec7326d0aa05dbe137ba452ef21f118c7eb6499a8ccecc8fd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67794d4b-c63e-47af-b530-92b195f8e718.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12907
x-amzn-requestid: c9f9a619-f0e1-4bc4-af2a-796b16aa1250
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fNzFqF-lIAMFXIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cefef0-625e4bab03baa979605f13f8;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 21:41:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kPx_xJAOsrYKWFcHe6JlWILe3jbBtqFuOphGjZALwy4xJC3F2vE2Xw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 22:04:52 GMT
age: 85477
etag: "7208e2e4beb739ae9aded4a207d48cb3572fad5f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb6c1403a1d3c878c08ccaf17f8b3d0a
7596b783e0da5fba63c49374933eccffc223d729
1524dbef51237950d4a14a0e2e053fad933dd92ee0831e2de5c45513122f1d58
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33050e82-3c0a-40d6-a722-e4ff96872edc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6026
x-amzn-requestid: 4b05d7f7-783f-4a79-9eed-bbbeb53bc677
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRQ-QHmZIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d061f4-721f473c5c8dadd163ca7689;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 22:55:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uuhyzrUcYv-zqjLZvGNYsUuAhCW2vkKpEhQQKlmfSgHDtKz0jD2PNQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 24 Jan 2023 23:18:31 GMT
age: 81058
etag: "7596b783e0da5fba63c49374933eccffc223d729"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ca54490d01eeebe55374c154f3a28506
fec8d16971cbe1ca053ce9f858b0b3b8eff8397f
6b185bb11e6c59f56fcaa6a041fc49b93835a5bf353fc94fcf49916ade7bc07e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B185BB11E6C59F56FCAA6A041FC49B93835A5BF353FC94FCF49916ADE7BC07E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2727
Expires: Wed, 25 Jan 2023 22:34:56 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ca54490d01eeebe55374c154f3a28506
fec8d16971cbe1ca053ce9f858b0b3b8eff8397f
6b185bb11e6c59f56fcaa6a041fc49b93835a5bf353fc94fcf49916ade7bc07e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B185BB11E6C59F56FCAA6A041FC49B93835A5BF353FC94FCF49916ADE7BC07E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2727
Expires: Wed, 25 Jan 2023 22:34:56 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c42cad58ddac453c3511ea3369b7c34f
513d01d867e352c7b69589fa7634e4f424c0ef56
45079355f57886ab10dd031d677fb5df9c66d2876288d31df62e77f31219ecf6
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "45079355F57886AB10DD031D677FB5DF9C66D2876288D31DF62E77F31219ECF6"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18106
Expires: Thu, 26 Jan 2023 02:51:15 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
waufooke.com/5/5492412/?oo=1&aab=1
139.45.197.238200 OK 45 B URL HTTP/2 waufooke.com/5/5492412/?oo=1&aab=1
IP 139.45.197.238:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d3e0bff57fa40443ce6244b095675606
12e762f0548e95d715ae840802efb6bbaec6cca3
7f98bac9d96040d969a67e8c4b7863f3ce12a32b2b424498f5ee7f6e08d07338
Analyzer Verdict Alert quad9 Sinkholed
GET /5/5492412/?oo=1&aab=1 HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://coolcast2.com
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/json
content-length: 45
x-trace-id: 342dfa788ca0fbb1e321dc7973bdee50
access-control-allow-origin: https://coolcast2.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=e5a3b36b77074dc8b6498613c7a9ccc5; expires=Thu, 25 Jan 2024 21:49:29 GMT; path=/; secure; SameSite=None
oaidts=1674683369; expires=Thu, 25 Jan 2024 21:49:29 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ac219af7df6a08280d2ab55cfa0e5469
8b32fa019a94e9c13c3b2574870301de8b57b539
37c7b91c30052309120af4f2fe7337e61cbf125a2c63505ed1336fd613dff812
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 05:22:26 GMT
Expires: Wed, 01 Feb 2023 05:22:25 GMT
Etag: "8b32fa019a94e9c13c3b2574870301de8b57b539"
Cache-Control: max-age=544975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f438140d850b51-OSL
waufooke.com/tag.min.js
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c4908e29d4b2ee5bb96790e426d7f232
57d500deb5757bcde65cf9d61df9514367d33837
769dd1240d0a52a9547bc6618ca0e7d274591768ce9aa919e3c3868c0045dc48
Analyzer Verdict Alert quad9 Sinkholed
GET /tag.min.js HTTP/1.1
Host: waufooke.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: text/javascript; charset=utf-8
content-length: 23678
content-encoding: br
x-trace-id: aed4b85a3a705cfbd07e3a0197bc8ec4
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Mon, 23 Jan 2023 15:51:55 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 05fcbab4dc6f77db4351a72e2b2e6414
40bd22952e049d26ff31047d191426628b308547
d9d7d4bf76ac44d4822e2cefade549a369a0d4a04a77b49b1863d621256966db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D7D4BF76AC44D4822E2CEFADE549A369A0D4A04A77B49B1863D621256966DB"
Last-Modified: Wed, 25 Jan 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4124
Expires: Wed, 25 Jan 2023 22:58:13 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
platform-cdn.sharethis.com/img/whatsapp-white.svg
54.230.111.19200 OK 1.5 kB URL HTTP/2 platform-cdn.sharethis.com/img/whatsapp-white.svg
IP 54.230.111.19:0
Hash 69e531e933319626c85e5d0e55c1f57b
62f76c2bdea0478847b435f490403242fbfda61f
495ae487eb1c8c6b48142a482896e179d336d4e14dfb0220f06ce37fdf1f77e8
GET /img/whatsapp-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
date: Thu, 05 Jan 2023 10:08:17 GMT
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
etag: W/"a2bc3effacbd66c837b37ccb0a16e417"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=2592000
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: golJD49blqV_SOO6b8mNkmZUZaSlb-TFM1Pcr2J8wdq0-YLbVd4IOw==
age: 1770072
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0d695ba38261e3993e484245c2d95fa4
cf6542de44ba8d6b3c9bd22e9ebfe00ef01829c4
276db56b513c9deb916d4a837d220690e762eafce532d9ea2dd449cf9a2f06e9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "276DB56B513C9DEB916D4A837D220690E762EAFCE532D9EA2DD449CF9A2F06E9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1979
Expires: Wed, 25 Jan 2023 22:22:28 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
youradexchange.com/ut/hb.php?cb=0.46382152729715076
35.190.41.116204 No Content 0 B URL HTTP/2 youradexchange.com/ut/hb.php?cb=0.46382152729715076
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.46382152729715076 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 707
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: openresty
date: Wed, 25 Jan 2023 21:49:29 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3c666ba36ce7523be9a911db67513b4d
95dd6ad9136acfd876fd1816208dcb657d0f3e8d
37c9d31e332c6bd81ca7fed7c7137da12c1e590ae61525f80ebb9f21ca437aed
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "37C9D31E332C6BD81CA7FED7C7137DA12C1E590AE61525F80EBB9F21CA437AED"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15394
Expires: Thu, 26 Jan 2023 02:06:03 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:29 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
youradexchange.com/ut/hb.php?cb=0.2906130299382996
35.190.41.116204 No Content 0 B URL HTTP/2 youradexchange.com/ut/hb.php?cb=0.2906130299382996
IP 35.190.41.116:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /ut/hb.php?cb=0.2906130299382996 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain; charset=utf-8
Content-Length: 712
Origin: https://coolcast2.com
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: openresty
date: Wed, 25 Jan 2023 21:49:29 GMT
access-control-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
prototypewailrubber.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js
173.233.139.164200 OK 13 kB URL HTTP/1.1 prototypewailrubber.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js
IP 173.233.139.164:0
File type ASCII text, with very long lines (37155), with no line terminators
Hash e432c0dbe3b06f0acce51bd462556a57
ef1ad065357f1349c856db6d99514501c7a73192
90c403242b4d41aa7929f27c5a9e0690f7a17a16689b878faf0eb73a99ee9516
Analyzer Verdict Alert quad9 Sinkholed
GET /33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js HTTP/1.1
Host: prototypewailrubber.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:29 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b66d09ef300aa16580ff74a398c7729d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 92883be66cd7785ebde7f1922e719351
8beea21f0f2952848886e7bbdec544f8d734fa43
13dc6320b728da4134e7a0b03250116600dc8260ba1254b7dfb792727858ca6e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "13DC6320B728DA4134E7A0B03250116600DC8260BA1254B7DFB792727858CA6E"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7739
Expires: Wed, 25 Jan 2023 23:58:28 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:46:42 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 58525408
content-type: text/javascript
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&t=Directv%20Sports%20en%20Vivo%20por%20Internet HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:29 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6372
Expires: Wed, 25 Jan 2023 23:35:41 GMT
Date: Wed, 25 Jan 2023 21:49:29 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash ac219af7df6a08280d2ab55cfa0e5469
8b32fa019a94e9c13c3b2574870301de8b57b539
37c7b91c30052309120af4f2fe7337e61cbf125a2c63505ed1336fd613dff812
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:30 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 25 Jan 2023 05:22:26 GMT
Expires: Wed, 01 Feb 2023 05:22:25 GMT
Etag: "8b32fa019a94e9c13c3b2574870301de8b57b539"
Cache-Control: max-age=544975,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78f438155e9b0b51-OSL
ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.39200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.39:0
Hash 8c1dd36ac79191547940cd051b082c5c
4051ed0b73b2d9ef0054a6c071c793446090dc19
d8c0e5fe6793df90ba09a546f58a3f2fe0df0b286d8b78cd6f4af017ad89cf65
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 25 Jan 2023 21:49:30 GMT
Last-Modified: Wed, 25 Jan 2023 21:43:31 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 37bCpYulGco6bBDj3P8J4fi7aZIOseORE-xQsTY-w8r14Yco7d2wpw==
Age: 359
de.tynt.com/deb/v2?id=w!6dwl7h3laoyf&dn=TC&cc=1&r=&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!6dwl7h3laoyf&dn=TC&cc=1&r=&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!6dwl7h3laoyf&dn=TC&cc=1&r=&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 26 Jan 2023 21:49:30 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 25 Jan 2023 21:49:29 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.57.123.133200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.57.123.133:0
File type ASCII text, with no line terminators
Hash e1140febffb06fd2f2c3580910bfdd2c
85df1e93294f6972916a2ed9f1d13eb97ffc1225
776dbabd9d54cbddf5e02a245e6ab0dc65fd1a23f3ba236a643336d15d16f479
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:30 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tucanaldeportivo.com
access-control-allow-credentials: true
set-cookie: uid_id2=2dfcd67b-76f2-4281-be83-d2a71b23da93:2:1; expires=Sat, 22 Jan 2033 21:49:30 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 574cdc005607817b8a2455a3a0bdea79
e2f0aec5fb53222654eb9be1a288b4731954558a
92d388aa41ace9e83c93d26b6ce89560c863c4d71f57a0323196bfd96314a7d9
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "92D388AA41ACE9E83C93D26B6CE89560C863C4D71F57A0323196BFD96314A7D9"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6371
Expires: Wed, 25 Jan 2023 23:35:41 GMT
Date: Wed, 25 Jan 2023 21:49:30 GMT
Connection: keep-alive
ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!6dwl7h3laoyf&lm=0&ts=1674683367494&dn=TC&iso=0&pu=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:30 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.108.35200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.108.35:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash e056e0a0a2847e46c21c771efbaa4697
6f7460453b1c5db1fc889c5689b257ea28928613
9d27c37cef150334ef1b69879925de1927adb72b54249f2862010740e5effc95
Analyzer Verdict Alert fortinet Malware
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:30 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 1a9e4de87fe31bcfe73f7454d744747f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Wed, 25 Jan 2023 21:49:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swwmuHBr%2FTojjibSt6%2FIklpWf%2BRvwurkKZ3lTVQwfvnFi8%2BHW126aYVGZGq73TiyGM%2FcKPWUoU8RDli5s8OpIK3AK%2F0Ha91%2BW1RUPxg4fYVZuRpYGxlP3f1m69VJ0ff4y2599VI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f438167ae07474-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4649252&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mcoolcast2.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Ftucanaldeportivo.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-30353305&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcoolcast2.com%2Fembed.php%3Fplayer%3Ddesktop%26live%3Ddirectvlive&@w
149.56.240.128200 OK 53 B URL HTTP/1.1 s4.histats.com/stats/0.php?4649252&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mcoolcast2.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Ftucanaldeportivo.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-30353305&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcoolcast2.com%2Fembed.php%3Fplayer%3Ddesktop%26live%3Ddirectvlive&@w
IP 149.56.240.128:0
File type ASCII text, with no line terminators
Hash 0a41148bf044c5375cd3163589378a9b
b906553de985b987c614c9051497791cc672f37b
b7b920742ba7d2a924c0203a3a9de8372fc2012504706648b6a0f8b046aae4b6
GET /stats/0.php?4649252&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mcoolcast2.com%20-%20Embedded%20player&@n0&@ohttps%3A%2F%2Ftucanaldeportivo.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-30353305&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fcoolcast2.com%2Fembed.php%3Fplayer%3Ddesktop%26live%3Ddirectvlive&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:30 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 53
Connection: close
d24ak3f2b.top/advertisers.js
64.58.113.244200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 64.58.113.244:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Wed, 25 Jan 2023 21:49:30 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
platform-api.sharethis.com/js/sharethis.js
54.230.111.65200 OK 69 kB URL HTTP/2 platform-api.sharethis.com/js/sharethis.js
IP 54.230.111.65:0
Hash 108c0c00b8b1fc4ffa258d8b53a9828b
a774712908c5f003d3dd7cdc9d57a2301c16ce03
8c1de9ea2438e0865f956f94ad16bb5dd6f3b13bd697786a1d6aa5fe2bd18563
GET /js/sharethis.js HTTP/1.1
Host: platform-api.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-encoding: gzip
edge-control: cache-maxage=60m,downstream-ttl=60m
x-frame-options: SAMEORIGIN
date: Wed, 25 Jan 2023 21:47:51 GMT
cache-control: max-age=600, public
etag: W/"302c1-EG4DNTzQnd49XZUQ/Gs3WyHzFo4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k1RLcYdx_8NiA7W-KatqsCRPyM6JsGLSjVVq43zhk716k2bWt3fOjQ==
age: 96
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
s4.histats.com/stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttps%3A%2F%2Fcasadelfutbol.tv%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-17508334&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&@w
149.56.240.128200 OK 161 B URL HTTP/1.1 s4.histats.com/stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttps%3A%2F%2Fcasadelfutbol.tv%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-17508334&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&@w
IP 149.56.240.128:0
Hash ad853f33d87528311eb5472e1599e564
5d773526f94bf2e14a39770bf6e9d2a45633ca25
fcdab0c41bf8298c070506799a5dde894aad744a5eba87f1ae7446e8563049a2
GET /stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttps%3A%2F%2Fcasadelfutbol.tv%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-17508334&@b3:1674683368&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 25 Jan 2023 21:49:30 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
whos.amung.us/pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&y=https%3A%2F%2Fcasadelfutbol.tv%2F&a=0&d=1.131&v=27&r=967
172.67.8.141200 OK 51 B URL HTTP/2 whos.amung.us/pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&y=https%3A%2F%2Fcasadelfutbol.tv%2F&a=0&d=1.131&v=27&r=967
IP 172.67.8.141:0
File type ASCII text, with no line terminators
Hash 9c4dc802110c777da3382cca0040701d
15050b746e038f23617aeb1ec7d51c070de81763
f81cc3ae9a64c519526315f0cb410f62538ba7a5e5425f83d107af3059b22022
GET /pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&y=https%3A%2F%2Fcasadelfutbol.tv%2F&a=0&d=1.131&v=27&r=967 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:30 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f4381849d70b55-OSL
X-Firefox-Spdy: h2
sweepfrequencydissolved.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1
173.233.137.36200 OK 4.3 kB URL HTTP/1.1 sweepfrequencydissolved.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1
IP 173.233.137.36:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6043), with no line terminators
Hash 0f18de7114aa8becfabeaed40d8be42a
e9dd51a0699a6bb4e39ca5ba334ce6d18a3a2c1f
2c9ae87ce39765d72193f60d899df9011d37b7486bfbf2d300436ed4cb474033
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=33a3af0c29be07a2460f507fcc8304c1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:30 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://tucanaldeportivo.com
Access-Control-Allow-Origin: https://tucanaldeportivo.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15497083; expires=Thu, 26 Jan 2023 21:49:30 GMT; secure; SameSite=None
pdhtkv=true; expires=Thu, 26 Jan 2023 21:49:30 GMT; secure; SameSite=None
uncs=1; expires=Thu, 26 Jan 2023 21:49:30 GMT; secure; SameSite=None
pdhtkv29=true; expires=Thu, 26 Jan 2023 21:49:30 GMT; secure; SameSite=None
uncs29=1; expires=Thu, 26 Jan 2023 21:49:30 GMT; secure; SameSite=None
slec33a3af0c29be07a2460f507fcc8304c1=[3952979]; expires=Wed, 25 Jan 2023 21:49:35 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0735730d8c9668f9853b69d07f3c958d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
de.tynt.com/deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=https%3A%2F%2Fcasadelfutbol.tv%2F&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
67.202.105.33200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=https%3A%2F%2Fcasadelfutbol.tv%2F&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
IP 67.202.105.33:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=https%3A%2F%2Fcasadelfutbol.tv%2F&pu=https%3A%2F%2Fcasadelfutbol.tv%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=86400
expires: Thu, 26 Jan 2023 21:49:31 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Wed, 25 Jan 2023 21:49:30 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F&t=DIRECTV%20SPORTS
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F&t=DIRECTV%20SPORTS
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F&t=DIRECTV%20SPORTS HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F&r=https%3A%2F%2Fcasadelfutbol.tv%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
67.202.105.31204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F
IP 67.202.105.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1674683368696&dn=TC&iso=1&pu=https%3A%2F%2Fcasadelfutbol.tv%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Wed, 25 Jan 2023 21:49:31 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.57.123.133200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.57.123.133:0
File type ASCII text, with no line terminators
Hash e1140febffb06fd2f2c3580910bfdd2c
85df1e93294f6972916a2ed9f1d13eb97ffc1225
776dbabd9d54cbddf5e02a245e6ab0dc65fd1a23f3ba236a643336d15d16f479
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: uid_id2=2dfcd67b-76f2-4281-be83-d2a71b23da93:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://tucanaldeportivo.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=de45376048144aec87358fc1acfb0270
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=de45376048144aec87358fc1acfb0270
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 0195db796138ea391b59e29c6ab01ae0
3b5850af62d75280556bbd7078974fd805f1694f
256a541c68e48f9d1e86e6d0cfffa55caf107ce9d534be6a71f8f9b563dd9556
GET /gid.js?userId=de45376048144aec87358fc1acfb0270 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://casadelfutbol.tv
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Cookie: ID=c0b73b31d9e64e038d5eeaf46ab1d350
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://casadelfutbol.tv
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=c0b73b31d9e64e038d5eeaf46ab1d350; expires=Thu, 25 Jan 2024 21:49:31 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 91a583b63b5d4f57de87198ee87ff542
13f349404ffebaa2c9058c4358954b44b386ca96
cdee7be7510ecb8ef783be3da3cc2ed2cc3f7cf8c95aa190179fed3ae9b2a415
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5818
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Last-Modified: Wed, 25 Jan 2023 20:12:33 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 279
offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
104.22.32.172200 OK 11 kB URL HTTP/2 offerimage.com/www/images/c203639f459b6e675afc744dd5393fc6.jpeg
IP 104.22.32.172:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 192x192, components 3\012- data
Hash c203639f459b6e675afc744dd5393fc6
c83a0142c1a7f6a07c2dd360243197a27f560932
64b4e386658d3f5764261f576a4673eb506fcad5e38e69ef085723f8dab72263
GET /www/images/c203639f459b6e675afc744dd5393fc6.jpeg HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: image/jpeg
content-length: 10857
cache-control: max-age=86400
cf-bgj: h2pri
etag: "6388849a-2a69"
expires: Thu, 26 Jan 2023 03:12:06 GMT
last-modified: Thu, 01 Dec 2022 10:40:26 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 67045
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f438205d679938-ARN
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0bbc597d82691f0020d6d1e60914306
ba18a55f73b48ea5d6be350ffbc1d43cea13eb98
0e64d8549df6a2e47a5ca2a51a418f45e47e5813924adf4540e0cac817e1667a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E64D8549DF6A2E47A5CA2A51A418F45E47E5813924ADF4540E0CAC817E1667A"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2325
Expires: Wed, 25 Jan 2023 22:28:16 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
sweepfrequencydissolved.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDU6VikBDAdoSJHSevR%2BfDyNZmGBkEWwnDrJENzszex48u7Oa2Z%2BzoTBYQmkiHVUo19%2FZsSARIg0dKDrTgKscBbjANFSIDkGN7nzC4km77735XvF933ufHuTnhCJnZ%2Bvvml2lNZtt1aj%2F8qZKhCmdv3rHD2iNLvibKplrLvi98c8WrwW0VaOv%2BG9Lvm1m6zSgNKCBv6ysjExvdoJCpY86Qa1Da816LWg10bP%2F713uwTEPojgn16HE6OrWD4%2Bh%2BBBJ%2FPUN6bYzk776VpxrlhmLQhy%2Fl2wnpkwQX5aR9RAlx9NpGDci5PMrMMnxVAFMcThWgFCNiPdzgDA5ntJEWBxdMA01ZIJQXENZDCH1EIoNwc0%2BlHhKAC6wuoYkfrBqbMl2LlA2Rkdk5p%2B%2FoMoRmfn1eSTxV0ta9fwNo%2FNMmcShF1VQvSFUd4g0P0G260GVJ%2BDZJ1CCIIkrKFFNVCs1hIqG0LIP5jzk4095yCMPeeohFmc%2Ba3UiSttRGDUa803OeaPBeWt%2BTrREozkfUeR8TKuPLO2D6z643UNq97Ct%2BrD5E7itCk54cNmIeLf2UIgKpSQoHUHJCEpFUGYEZVEdCe3qrnogtMvDYJrr09yoBibrHrAjk3VlQg7Sc%2FLsxI8%2Fyw%2BxLc%2F8RoM1WER5vRNK2mb15hyNWrQdcT7foE0ewKkKyl2ZSN0dL%2BelZaRqRMjf3yBkJ3D6BFw9B5a%2FCFYO2nUKtjVozlPsJg%2Bd0aaQpsZNDGEqpNkMsh3vQJ%2BTFyY0Xr%2B1AclPF3%2FxB78Xc9%2BB2wqprfCB%2Bp6gq%2B8ObpuSHN42pSOP19JMxWqXjVe2kbFMXv3yHblTGitWbrj%2BF2%2FwMTAuH92RLrvJEqGSriMPl5QQ0i4byyX5dsVtynA9d1tLuU3y9Ob6m8srcWqlc8okQ7Cxso8%2FAlcjcs1LJufo986h7BA2rxDnp2QaUOYEPN2DS08X799b%2B21BvA9nCKy%2BnAlTD2VeDWw9vHzUikDLy56FFZw8Xfzxyf715P49hPI%2FQw7cXXStB5btT46wsBUKXYHpPlz%2BzCBL7eniT41JINTeINTWOwy11Z9dmOvUmS9bEY0krcsw6oRRm1HRiZqdkHUC2Q5bLEDmRvzp4I9%2FAQAA%2F%2F8BAAD%2F%2F0Y5g%2F1mBAAA
173.233.137.36200 OK 7 B URL HTTP/1.1 sweepfrequencydissolved.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDU6VikBDAdoSJHSevR%2BfDyNZmGBkEWwnDrJENzszex48u7Oa2Z%2BzoTBYQmkiHVUo19%2FZsSARIg0dKDrTgKscBbjANFSIDkGN7nzC4km77735XvF933ufHuTnhCJnZ%2Bvvml2lNZtt1aj%2F8qZKhCmdv3rHD2iNLvibKplrLvi98c8WrwW0VaOv%2BG9Lvm1m6zSgNKCBv6ysjExvdoJCpY86Qa1Da816LWg10bP%2F713uwTEPojgn16HE6OrWD4%2Bh%2BBBJ%2FPUN6bYzk776VpxrlhmLQhy%2Fl2wnpkwQX5aR9RAlx9NpGDci5PMrMMnxVAFMcThWgFCNiPdzgDA5ntJEWBxdMA01ZIJQXENZDCH1EIoNwc0%2BlHhKAC6wuoYkfrBqbMl2LlA2Rkdk5p%2B%2FoMoRmfn1eSTxV0ta9fwNo%2FNMmcShF1VQvSFUd4g0P0G260GVJ%2BDZJ1CCIIkrKFFNVCs1hIqG0LIP5jzk4095yCMPeeohFmc%2Ba3UiSttRGDUa803OeaPBeWt%2BTrREozkfUeR8TKuPLO2D6z643UNq97Ct%2BrD5E7itCk54cNmIeLf2UIgKpSQoHUHJCEpFUGYEZVEdCe3qrnogtMvDYJrr09yoBibrHrAjk3VlQg7Sc%2FLsxI8%2Fyw%2BxLc%2F8RoM1WER5vRNK2mb15hyNWrQdcT7foE0ewKkKyl2ZSN0dL%2BelZaRqRMjf3yBkJ3D6BFw9B5a%2FCFYO2nUKtjVozlPsJg%2Bd0aaQpsZNDGEqpNkMsh3vQJ%2BTFyY0Xr%2B1AclPF3%2FxB78Xc9%2BB2wqprfCB%2Bp6gq%2B8ObpuSHN42pSOP19JMxWqXjVe2kbFMXv3yHblTGitWbrj%2BF2%2FwMTAuH92RLrvJEqGSriMPl5QQ0i4byyX5dsVtynA9d1tLuU3y9Ob6m8srcWqlc8okQ7Cxso8%2FAlcjcs1LJufo986h7BA2rxDnp2QaUOYEPN2DS08X799b%2B21BvA9nCKy%2BnAlTD2VeDWw9vHzUikDLy56FFZw8Xfzxyf715P49hPI%2FQw7cXXStB5btT46wsBUKXYHpPlz%2BzCBL7eniT41JINTeINTWOwy11Z9dmOvUmS9bEY0krcsw6oRRm1HRiZqdkHUC2Q5bLEDmRvzp4I9%2FAQAA%2F%2F8BAAD%2F%2F0Y5g%2F1mBAAA
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDU6VikBDAdoSJHSevR%2BfDyNZmGBkEWwnDrJENzszex48u7Oa2Z%2BzoTBYQmkiHVUo19%2FZsSARIg0dKDrTgKscBbjANFSIDkGN7nzC4km77735XvF933ufHuTnhCJnZ%2Bvvml2lNZtt1aj%2F8qZKhCmdv3rHD2iNLvibKplrLvi98c8WrwW0VaOv%2BG9Lvm1m6zSgNKCBv6ysjExvdoJCpY86Qa1Da816LWg10bP%2F713uwTEPojgn16HE6OrWD4%2Bh%2BBBJ%2FPUN6bYzk776VpxrlhmLQhy%2Fl2wnpkwQX5aR9RAlx9NpGDci5PMrMMnxVAFMcThWgFCNiPdzgDA5ntJEWBxdMA01ZIJQXENZDCH1EIoNwc0%2BlHhKAC6wuoYkfrBqbMl2LlA2Rkdk5p%2B%2FoMoRmfn1eSTxV0ta9fwNo%2FNMmcShF1VQvSFUd4g0P0G260GVJ%2BDZJ1CCIIkrKFFNVCs1hIqG0LIP5jzk4095yCMPeeohFmc%2Ba3UiSttRGDUa803OeaPBeWt%2BTrREozkfUeR8TKuPLO2D6z643UNq97Ct%2BrD5E7itCk54cNmIeLf2UIgKpSQoHUHJCEpFUGYEZVEdCe3qrnogtMvDYJrr09yoBibrHrAjk3VlQg7Sc%2FLsxI8%2Fyw%2BxLc%2F8RoM1WER5vRNK2mb15hyNWrQdcT7foE0ewKkKyl2ZSN0dL%2BelZaRqRMjf3yBkJ3D6BFw9B5a%2FCFYO2nUKtjVozlPsJg%2Bd0aaQpsZNDGEqpNkMsh3vQJ%2BTFyY0Xr%2B1AclPF3%2FxB78Xc9%2BB2wqprfCB%2Bp6gq%2B8ObpuSHN42pSOP19JMxWqXjVe2kbFMXv3yHblTGitWbrj%2BF2%2FwMTAuH92RLrvJEqGSriMPl5QQ0i4byyX5dsVtynA9d1tLuU3y9Ob6m8srcWqlc8okQ7Cxso8%2FAlcjcs1LJufo986h7BA2rxDnp2QaUOYEPN2DS08X799b%2B21BvA9nCKy%2BnAlTD2VeDWw9vHzUikDLy56FFZw8Xfzxyf715P49hPI%2FQw7cXXStB5btT46wsBUKXYHpPlz%2BzCBL7eniT41JINTeINTWOwy11Z9dmOvUmS9bEY0krcsw6oRRm1HRiZqdkHUC2Q5bLEDmRvzp4I9%2FAQAA%2F%2F8BAAD%2F%2F0Y5g%2F1mBAAA HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:31 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 39810b2dcba016ab7adc31a6f54eea08
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
45.133.44.3200 OK 955 B URL HTTP/2 cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Wed, 25 Jan 2023 22:49:31 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 810bf2bf9f302d0a65b1e0b447b549ef
d6ddcc1e64a1392f5942c0fc45864a282a93854e
f61096b63e6f62872d6d30aac7671c72403bba82f4f5c555add8e0997675f712
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&gjid=965689677&_gid=602584092.1674683366&_u=YEBAAUAAAAAAACAAI~&z=1947892773
173.194.73.155200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&gjid=965689677&_gid=602584092.1674683366&_u=YEBAAUAAAAAAACAAI~&z=1947892773
IP 173.194.73.155:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&gjid=965689677&_gid=602584092.1674683366&_u=YEBAAUAAAAAAACAAI~&z=1947892773 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://rojadirectatv.ch
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 25 Jan 2023 21:49:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ipp.littlecdn.com/web/static/ball.png
104.22.24.116200 OK 9.6 kB URL HTTP/2 ipp.littlecdn.com/web/static/ball.png
IP 104.22.24.116:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 903ff2b408f3246176c88a3936d5fd22
158954159a9ee7549b03bd5b93faa739dbbae7c3
7d82e30c72c434e3660014ff97d2cceea967d2014ce801844d784095133896cc
GET /web/static/ball.png HTTP/1.1
Host: ipp.littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: image/png
content-length: 9637
last-modified: Fri, 16 Apr 2021 13:05:23 GMT
etag: "903ff2b408f3246176c88a3936d5fd22"
expires: Thu, 26 Jan 2023 20:53:49 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 3341
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f438211a941c12-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash cc2b9a26cf016c0cf9e73531f6004051
408990c14ea8af4c979a277da755c89771672356
36e955bd017c3febc7623ad388bb260757294ca612b94ae5417de6cc04073a82
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 190a3bc280ae77bcdd9d5404a4827845
7a87ca451b0fa21d44faace1c2ddbb4dede06133
95988c13b98d7164f7bf530e59b411a3ba26eab34bfb0898191e96ee29704ab0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sweepfrequencydissolved.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=140
173.233.137.36200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=140
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.barscreative1.com%2Fsb%2Fau%2F5e%2F2f%2Fd4%2F5e2fd4b3d4c51bdf7b2952c27a9795ef%2F1652872195.html&l=955&fd=140 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:31 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ad6fd09fbf3d8b4a832252995424258
f090d018c530e46d689d416c86efa2d238bb2df5
8a029043e8142e37a905a5f5300b938b7319afaa3ebcb4c96962f8513594e8a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A029043E8142E37A905A5F5300B938B7319AFAA3EBCB4C96962F8513594E8A0"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 26 Jan 2023 02:17:18 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 21:49:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ad6fd09fbf3d8b4a832252995424258
f090d018c530e46d689d416c86efa2d238bb2df5
8a029043e8142e37a905a5f5300b938b7319afaa3ebcb4c96962f8513594e8a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A029043E8142E37A905A5F5300B938B7319AFAA3EBCB4C96962F8513594E8A0"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16067
Expires: Thu, 26 Jan 2023 02:17:18 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974
142.250.74.131200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974
IP 142.250.74.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-59491653-1&cid=679266654.1674683366&jid=1055005966&_u=YEBAAUAAAAAAACAAI~&z=1580504974 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 25 Jan 2023 21:49:31 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 47d71bf163265666c21e2410fb568043
54a4b0f241af261f878967ce058f5885be476cc4
8b7ce4c8269941cf55ca12415b1abfd7d4ae7bf5823657f3afe5e8dd34bed80b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash fdded3d5e68d5358634880be3d3f2d04
6a02176ed7735b46393d51bd142e0deace6a5007
7077e5a7a6aeee95ad600ca2a943f7062f593e12fa61e74bbb860f6019bf67b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 25 Jan 2023 21:49:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c74232c9c6835690ba12773ba923f0fc
815743204ee0678a5dab27ef865889812b088203
916efce1b685237dc8e8d8e485f7cb315175110d2f286e4aa82f69dfb2b9fba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "916EFCE1B685237DC8E8D8E485F7CB315175110D2F286E4AA82F69DFB2B9FBA0"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6108
Expires: Wed, 25 Jan 2023 23:31:19 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c74232c9c6835690ba12773ba923f0fc
815743204ee0678a5dab27ef865889812b088203
916efce1b685237dc8e8d8e485f7cb315175110d2f286e4aa82f69dfb2b9fba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "916EFCE1B685237DC8E8D8E485F7CB315175110D2F286E4AA82F69DFB2B9FBA0"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6108
Expires: Wed, 25 Jan 2023 23:31:19 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d6b5b203d46bba55c443a7dddcb3de26
085b11b02c0c5b71649c879c64c316a4b8d001ce
f1f770d497ce8d263c705c81bf390ba2462a05632abf79020517faaaa074fe59
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F1F770D497CE8D263C705C81BF390BA2462A05632ABF79020517FAAAA074FE59"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5304
Expires: Wed, 25 Jan 2023 23:17:55 GMT
Date: Wed, 25 Jan 2023 21:49:31 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
45.133.44.9200 OK 12 kB URL HTTP/2 cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826
GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Fri, 27 Jan 2023 21:49:31 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7ad6fd09fbf3d8b4a832252995424258
f090d018c530e46d689d416c86efa2d238bb2df5
8a029043e8142e37a905a5f5300b938b7319afaa3ebcb4c96962f8513594e8a0
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8A029043E8142E37A905A5F5300B938B7319AFAA3EBCB4C96962F8513594E8A0"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16066
Expires: Thu, 26 Jan 2023 02:17:18 GMT
Date: Wed, 25 Jan 2023 21:49:32 GMT
Connection: keep-alive
sweepfrequencydissolved.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fios%2Fdesk-new-big%2Fjs%2Fscript.js&l=387&fd=291
173.233.137.36200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fios%2Fdesk-new-big%2Fjs%2Fscript.js&l=387&fd=291
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fios%2Fdesk-new-big%2Fjs%2Fscript.js&l=387&fd=291 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3db797ca1e3a02af1b65c1a46065aa11
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2dfcd67b-76f2-4281-be83-d2a71b23da93&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=21 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:32 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b4ecba48ef4f7cb4ef445c98202058d
Strict-Transport-Security: max-age=0; includeSubdomains
ipp.littlecdn.com/web/static/sport.js
104.22.24.116200 OK 5.9 kB URL HTTP/2 ipp.littlecdn.com/web/static/sport.js
IP 104.22.24.116:0
File type ASCII text, with very long lines (12128), with no line terminators
Hash d2197ca791dec46d6d8dd0440c436a9e
e9faae998c1ded5834ff3ac079333d34d471e59d
ebb577bcdfb97f2002061a3154dfc778536813c8b2c335333be1f4fba14d927c
GET /web/static/sport.js HTTP/1.1
Host: ipp.littlecdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casadelfutbol.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: application/javascript
last-modified: Thu, 24 Nov 2022 12:40:16 GMT
etag: W/"d9fd7638e4b5122530bbc3715cdba2ad"
expires: Thu, 26 Jan 2023 20:52:39 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 3412
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f4382039e01c12-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
172.64.167.9200 OK 73 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP 172.64.167.9:0
File type Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Hash 53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715
GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:32 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 7061
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTJNAgO72RfH6%2FxHp9aSh8ngNlZ9%2B0hOOlI92jZ8ZoH3G4pc8zaZBjH4xJO3DX00UE85wlf%2FDo%2F%2FOAKcynWTK06qbAD%2FFzx%2FEbI%2FoEdSHEgpPBGe%2BIMEnnpJeMn6uSLjGFduyMnRW1oc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f43824582c775c-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
172.64.167.9200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP 172.64.167.9:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:32 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OfOHKP9Sq9BdF1EhFTfJ8n8Y%2F1vhEkzk4h0C7OWpYnpQEANYAu0Bg%2BSvzeB0xeP56ZOzwRvpSXtOvF56Id7ccDLvFuZWGZWcNQFFOoeJsizPswi8wd0zlX%2F17RsWQkZG%2FihaG9QKLIc2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f43821cb44775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sweepfrequencydissolved.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 sweepfrequencydissolved.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:32 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sweepfrequencydissolved.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUmVikBDAdoSJHSZvb3z3WEkCxOMLILtxEGW6GZnZs%2BD53ZWM%2FtzNhQGSyhNpKMK5fo7OxYkQqShA0VnGnCVowAXmIYK0SGo0Z1PWDxp97033yu%2B73vv0%2F38jFDk7HTtXbOjtGbXmzXqv7yhEmFK56%2Fc8QNao%2FP%2BhkrmGvN%2Bf%2FKzxWsBbdboK%2F7bkm%2BZ63UaUBrQwF9SVsamf32KQqWPOkGtQ2uNei1oNtC3%2F%2B9d7sExD6I4I9egxPjK5g%2BPofgISe%2FrG9JtZSZ99a1erllmLApx9F6ylZgyQe%2BijK2HODmaTcO4MSGfX4JJjmYKYIqDiQJEaky8nwNEydGMJqLi8JxppCETROIqymIEqUdQbARu9qDEUwJwgZVVJL0HK8aWbPscZRN0TC7%2F8xdUOSaXf30eSe%2BrRa36%2FrrReaZM4tCPK6j%2BCKo7QpofI9vxoMpj8OwTKEGQ9CooUU1VKzWCikfQcgDmPOSTT3nIYw956qEnTn3W7MSUtuIoDsN2g3Mehpw323OiKcJGO6bI%2BYTWAFk6ANcDcLuL1O5iSw1g8ydwmxWc8OCyMfFu7aIQFUpJUDqCkhGUiqDMCMqiOhTa1V31QGiXR8Es12c5rIYm6%2B6zQ5N1ZUL20zPy7NSPP8sPsSVP%2FTBkIYspr3ciSVus3pijcZO2Ys7bIW3wAE5VUO7SVOrOZDkvLSFVY0L%2B%2FgYRO4bTx%2BDqObD8RbBy2KpTsM1ho02xkzx0RptCmho3PQhTIc0uI9v29vUZeWFK4%2FVb65D8ZOEXf%2Fh7MfcduK2Q2gofqO8Juvru8LYpycFtUzryeDXNVE%2FtsMnK1jOWyStfviO3S2PF8g03%2BOINPgEm5aM70mU3WSJU0nXk4aISQtolY7kk3y67DRmt5W5zMbdJnt5ce3NpuZda6ZwyyQhsouzjj8DVmFz1kuk5%2Bv0zKDuCzSv08hMyCyhzDJ7uwqUnC%2Ffvrf42L96HMwRWX8xEqYcyr4a2Hl08akWg5UXPogpOniz8%2BGTvWnL%2FHiL5nyH77i661gPL9qZHWNgKha7A9AAuf2aYpfZk4adwGoi0N4y09Q4ibfVn5%2BY6deo3g4ZsR%2B0WFyKSXAStetgOKa0L0Wh1ZNBB5sb86fCPfwEAAP%2F%2FAQAA%2F%2F9SMQ0bZgQAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 sweepfrequencydissolved.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUmVikBDAdoSJHSZvb3z3WEkCxOMLILtxEGW6GZnZs%2BD53ZWM%2FtzNhQGSyhNpKMK5fo7OxYkQqShA0VnGnCVowAXmIYK0SGo0Z1PWDxp97033yu%2B73vv0%2F38jFDk7HTtXbOjtGbXmzXqv7yhEmFK56%2Fc8QNao%2FP%2BhkrmGvN%2Bf%2FKzxWsBbdboK%2F7bkm%2BZ63UaUBrQwF9SVsamf32KQqWPOkGtQ2uNei1oNtC3%2F%2B9d7sExD6I4I9egxPjK5g%2BPofgISe%2FrG9JtZSZ99a1erllmLApx9F6ylZgyQe%2BijK2HODmaTcO4MSGfX4JJjmYKYIqDiQJEaky8nwNEydGMJqLi8JxppCETROIqymIEqUdQbARu9qDEUwJwgZVVJL0HK8aWbPscZRN0TC7%2F8xdUOSaXf30eSe%2BrRa36%2FrrReaZM4tCPK6j%2BCKo7QpofI9vxoMpj8OwTKEGQ9CooUU1VKzWCikfQcgDmPOSTT3nIYw956qEnTn3W7MSUtuIoDsN2g3Mehpw323OiKcJGO6bI%2BYTWAFk6ANcDcLuL1O5iSw1g8ydwmxWc8OCyMfFu7aIQFUpJUDqCkhGUiqDMCMqiOhTa1V31QGiXR8Es12c5rIYm6%2B6zQ5N1ZUL20zPy7NSPP8sPsSVP%2FTBkIYspr3ciSVus3pijcZO2Ys7bIW3wAE5VUO7SVOrOZDkvLSFVY0L%2B%2FgYRO4bTx%2BDqObD8RbBy2KpTsM1ho02xkzx0RptCmho3PQhTIc0uI9v29vUZeWFK4%2FVb65D8ZOEXf%2Fh7MfcduK2Q2gofqO8Juvru8LYpycFtUzryeDXNVE%2FtsMnK1jOWyStfviO3S2PF8g03%2BOINPgEm5aM70mU3WSJU0nXk4aISQtolY7kk3y67DRmt5W5zMbdJnt5ce3NpuZda6ZwyyQhsouzjj8DVmFz1kuk5%2Bv0zKDuCzSv08hMyCyhzDJ7uwqUnC%2Ffvrf42L96HMwRWX8xEqYcyr4a2Hl08akWg5UXPogpOniz8%2BGTvWnL%2FHiL5nyH77i661gPL9qZHWNgKha7A9AAuf2aYpfZk4adwGoi0N4y09Q4ibfVn5%2BY6deo3g4ZsR%2B0WFyKSXAStetgOKa0L0Wh1ZNBB5sb86fCPfwEAAP%2F%2FAQAA%2F%2F9SMQ0bZgQAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSPWwcRRSeDUmVikBDAdoSJHSZvb3z3WEkCxOMLILtxEGW6GZnZs%2BD53ZWM%2FtzNhQGSyhNpKMK5fo7OxYkQqShA0VnGnCVowAXmIYK0SGo0Z1PWDxp97033yu%2B73vv0%2F38jFDk7HTtXbOjtGbXmzXqv7yhEmFK56%2Fc8QNao%2FP%2BhkrmGvN%2Bf%2FKzxWsBbdboK%2F7bkm%2BZ63UaUBrQwF9SVsamf32KQqWPOkGtQ2uNei1oNtC3%2F%2B9d7sExD6I4I9egxPjK5g%2BPofgISe%2FrG9JtZSZ99a1erllmLApx9F6ylZgyQe%2BijK2HODmaTcO4MSGfX4JJjmYKYIqDiQJEaky8nwNEydGMJqLi8JxppCETROIqymIEqUdQbARu9qDEUwJwgZVVJL0HK8aWbPscZRN0TC7%2F8xdUOSaXf30eSe%2BrRa36%2FrrReaZM4tCPK6j%2BCKo7QpofI9vxoMpj8OwTKEGQ9CooUU1VKzWCikfQcgDmPOSTT3nIYw956qEnTn3W7MSUtuIoDsN2g3Mehpw323OiKcJGO6bI%2BYTWAFk6ANcDcLuL1O5iSw1g8ydwmxWc8OCyMfFu7aIQFUpJUDqCkhGUiqDMCMqiOhTa1V31QGiXR8Es12c5rIYm6%2B6zQ5N1ZUL20zPy7NSPP8sPsSVP%2FTBkIYspr3ciSVus3pijcZO2Ys7bIW3wAE5VUO7SVOrOZDkvLSFVY0L%2B%2FgYRO4bTx%2BDqObD8RbBy2KpTsM1ho02xkzx0RptCmho3PQhTIc0uI9v29vUZeWFK4%2FVb65D8ZOEXf%2Fh7MfcduK2Q2gofqO8Juvru8LYpycFtUzryeDXNVE%2FtsMnK1jOWyStfviO3S2PF8g03%2BOINPgEm5aM70mU3WSJU0nXk4aISQtolY7kk3y67DRmt5W5zMbdJnt5ce3NpuZda6ZwyyQhsouzjj8DVmFz1kuk5%2Bv0zKDuCzSv08hMyCyhzDJ7uwqUnC%2Ffvrf42L96HMwRWX8xEqYcyr4a2Hl08akWg5UXPogpOniz8%2BGTvWnL%2FHiL5nyH77i661gPL9qZHWNgKha7A9AAuf2aYpfZk4adwGoi0N4y09Q4ibfVn5%2BY6deo3g4ZsR%2B0WFyKSXAStetgOKa0L0Wh1ZNBB5sb86fCPfwEAAP%2F%2FAQAA%2F%2F9SMQ0bZgQAAA%3D%3D HTTP/1.1
Host: sweepfrequencydissolved.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 25 Jan 2023 21:49:32 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f45fc9410c9cbfa3cdd35cfd774e3d01
Strict-Transport-Security: max-age=0; includeSubdomains
eehuzaih.com/impression/4vbNuiKgzzNTWAyJzNmtQIGhcK-ChEsenpUJHqkEUnnZfbH1oYJm5th-8LvEiy1I-FEhZySK3BJ1zCX101lIHxQd6rvlKGLSpvEoR1l9ZMz6PbAxFNRpovgG7YSDpHyxVT7ieLNmisPpMHbXZB-xd_yLxtfzNX3bvY1rJ-OQCdCscWVH5DsUOehdBJkocKIMB4T6QtbfiRycK076Jjgd3sZBxwzZ5XFEEne-gu_5KF9kqemn4HuZRLsxMphufvl1lwxaSjfbdjVQHJwfUmiMJPP7xxKSFfZ0VxJGEdsIx8vtF-9qZwwJxRlTC18u4lfhZ8_6O8_PgPAe5QRg087-a6-hdEnrhaXIUB049mptm8NREEWAts3lLPyBuapfga3m4swFk21-FPP0u_tBcaCl_J6XCmGyjZ8vXjM6x6Cpya7JvVxfaMdmo0YyPLL_xhIarTkhNuT7dnqNTF5BYRvFL3Hqurs5cG1qKJi4qje0kVrSyNEU?_z=4874572&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 eehuzaih.com/impression/4vbNuiKgzzNTWAyJzNmtQIGhcK-ChEsenpUJHqkEUnnZfbH1oYJm5th-8LvEiy1I-FEhZySK3BJ1zCX101lIHxQd6rvlKGLSpvEoR1l9ZMz6PbAxFNRpovgG7YSDpHyxVT7ieLNmisPpMHbXZB-xd_yLxtfzNX3bvY1rJ-OQCdCscWVH5DsUOehdBJkocKIMB4T6QtbfiRycK076Jjgd3sZBxwzZ5XFEEne-gu_5KF9kqemn4HuZRLsxMphufvl1lwxaSjfbdjVQHJwfUmiMJPP7xxKSFfZ0VxJGEdsIx8vtF-9qZwwJxRlTC18u4lfhZ8_6O8_PgPAe5QRg087-a6-hdEnrhaXIUB049mptm8NREEWAts3lLPyBuapfga3m4swFk21-FPP0u_tBcaCl_J6XCmGyjZ8vXjM6x6Cpya7JvVxfaMdmo0YyPLL_xhIarTkhNuT7dnqNTF5BYRvFL3Hqurs5cG1qKJi4qje0kVrSyNEU?_z=4874572&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/4vbNuiKgzzNTWAyJzNmtQIGhcK-ChEsenpUJHqkEUnnZfbH1oYJm5th-8LvEiy1I-FEhZySK3BJ1zCX101lIHxQd6rvlKGLSpvEoR1l9ZMz6PbAxFNRpovgG7YSDpHyxVT7ieLNmisPpMHbXZB-xd_yLxtfzNX3bvY1rJ-OQCdCscWVH5DsUOehdBJkocKIMB4T6QtbfiRycK076Jjgd3sZBxwzZ5XFEEne-gu_5KF9kqemn4HuZRLsxMphufvl1lwxaSjfbdjVQHJwfUmiMJPP7xxKSFfZ0VxJGEdsIx8vtF-9qZwwJxRlTC18u4lfhZ8_6O8_PgPAe5QRg087-a6-hdEnrhaXIUB049mptm8NREEWAts3lLPyBuapfga3m4swFk21-FPP0u_tBcaCl_J6XCmGyjZ8vXjM6x6Cpya7JvVxfaMdmo0YyPLL_xhIarTkhNuT7dnqNTF5BYRvFL3Hqurs5cG1qKJi4qje0kVrSyNEU?_z=4874572&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=898&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Cookie: OAID=c0b73b31d9e64e038d5eeaf46ab1d350
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:33 GMT
content-type: image/gif
content-length: 43
x-trace-id: 158426030aa311f5f7583bab18eec6bd
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 117627
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 8139
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
casadelfutbol.tv/js/embed.js
188.114.96.1200 OK 0 B URL HTTP/2 casadelfutbol.tv/js/embed.js
IP 188.114.96.1:0
GET /js/embed.js HTTP/1.1
Host: casadelfutbol.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:27 GMT
content-type: application/javascript
last-modified: Sat, 07 Jan 2023 11:33:14 GMT
etag: W/"63b9587a-1f3"
expires: Sat, 28 Jan 2023 15:08:11 GMT
cache-control: public, max-age=604800, must-revalidate
access-control-allow-origin: *
cf-cache-status: HIT
age: 369675
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJAJxs5F20o%2F7P7x7qvd7MAuNrRxShByEZkBvfcsHCWM1jFnVznyNudAU%2F9pHifzw67AksjUlHVlIiZhX1D71MjuxpdhuU2IQlA06dM9N235L87b0DLyEJnPZS3Lcy6fAuFy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f438085bd4b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
eehuzaih.com/401/4874572
139.45.197.237200 OK 0 B IP 139.45.197.237:0
GET /401/4874572 HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:27 GMT
content-type: application/javascript
x-trace-id: 968fe667686831291d269996d2da26df
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=93b5c66d44fe4f2daa200f49c7d535bc; expires=Thu, 25 Jan 2024 21:49:27 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
casadelfutbol.tv/player/directv.php?width=650&height=400
188.114.96.1200 OK 0 B URL HTTP/2 casadelfutbol.tv/player/directv.php?width=650&height=400
IP 188.114.96.1:0
GET /player/directv.php?width=650&height=400 HTTP/1.1
Host: casadelfutbol.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.29
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vqRzRJoBkuWYmjxjho6o5WUzTO8P%2BOUsZz2KF%2BZd5b%2F7IGmByixrlkr1%2F6X2fG2%2BCzAYiJClEZ28h4unkNHj3iHPTF6c%2BqVbK%2B7PrnFvL2dwsOU%2Fxn5%2BQfw%2BvsG7gSmN5Cj%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f438088c05b518-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/video.js/dist/video-js.css
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/video.js/dist/video-js.css
IP 104.16.123.175:0
GET /video.js/dist/video-js.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /video.js@7.21.1/dist/video-js.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQNDZR58A1E57B2VXM6X4WQ7-ams
cf-cache-status: HIT
age: 550
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f4380d5a650b65-OSL
X-Firefox-Spdy: h2
whos.amung.us/pingjs/?k=6dwl7h3laoyf&t=Directv%20Sports%20en%20Vivo%20por%20Internet&c=s&x=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&y=&a=0&d=0.98&v=27&r=413
172.67.8.141200 OK 0 B URL HTTP/2 whos.amung.us/pingjs/?k=6dwl7h3laoyf&t=Directv%20Sports%20en%20Vivo%20por%20Internet&c=s&x=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&y=&a=0&d=0.98&v=27&r=413
IP 172.67.8.141:0
GET /pingjs/?k=6dwl7h3laoyf&t=Directv%20Sports%20en%20Vivo%20por%20Internet&c=s&x=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&y=&a=0&d=0.98&v=27&r=413 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 78f4380ef8c00b55-OSL
X-Firefox-Spdy: h2
eehuzaih.com/500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 eehuzaih.com/500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/4874572?excludes=&oaid=c0b73b31d9e64e038d5eeaf46ab1d350&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wiw=1280&wih=939&wfc=1&pl=https%3A%2F%2Frojadirectatv.ch%2Fdirectv-sports.php&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: eehuzaih.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://rojadirectatv.ch
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Cookie: OAID=93b5c66d44fe4f2daa200f49c7d535bc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript
x-trace-id: 371f7ca2a38cad33b82cca72593dda04
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://rojadirectatv.ch
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=c0b73b31d9e64e038d5eeaf46ab1d350; expires=Thu, 25 Jan 2024 21:49:28 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
huddhi.com/script/bootstrap.js
104.21.1.109200 OK 0 B URL HTTP/2 huddhi.com/script/bootstrap.js
IP 104.21.1.109:0
Analyzer Verdict Alert fortinet Phishing
GET /script/bootstrap.js HTTP/1.1
Host: huddhi.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtg7VVEfqnxlguw7wOvFvt7ZHiCtz3XZiMsZCqiSjAraj_TZZbC4Q0eAjovCoufb4lWMrsMrvumtsGML8DqkhnimQ3BYljz
x-goog-generation: 1674554932798474
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100716
x-goog-hash: crc32c=jg2Y+g==, md5=PkfV0f1nh0Fd2nS4GOUUrg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 25 Jan 2023 21:50:15 GMT
cache-control: public, max-age=14400
age: 3310
last-modified: Tue, 24 Jan 2023 10:08:52 GMT
etag: W/"3e47d5d1fd6787415dda74b818e514ae"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7aBRGjo7siyInzUEN6Mhqqn4aj7dbDZ%2FcYDuc%2BXQp9OcymqXbiuhfb11DtrQ3X0BsfE5ezfGggS4WNNOwgLtjdHQMdD0dChOA6Cu9Bj4jNs27bDb73hpS9c7k25e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f438153f71b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
velocitycdn.com/script/bootstrap.js
188.114.97.1200 OK 0 B URL HTTP/2 velocitycdn.com/script/bootstrap.js
IP 188.114.97.1:0
GET /script/bootstrap.js HTTP/1.1
Host: velocitycdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdtg7VVEfqnxlguw7wOvFvt7ZHiCtz3XZiMsZCqiSjAraj_TZZbC4Q0eAjovCoufb4lWMrsMrvumtsGML8DqkhnimQ3BYljz
x-goog-generation: 1674554932798474
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100716
x-goog-hash: crc32c=jg2Y+g==, md5=PkfV0f1nh0Fd2nS4GOUUrg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Wed, 25 Jan 2023 21:50:15 GMT
cache-control: public, max-age=14400
age: 1453
last-modified: Tue, 24 Jan 2023 10:08:52 GMT
etag: W/"3e47d5d1fd6787415dda74b818e514ae"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HIyZHv%2FzRi0wtkhChWoRoFFfpNPNdcKV1zC8vDXAVRoSAqg05AJ%2FGAyK2joe6UfKP5aAAujVtuatrxSCnAGjkcxlOSWOeIZxRg1gkRqql9d3sgtxnf6WpeivChiNFrEXZME%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f43813cd3f0b51-OSL
content-encoding: br
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=4681243&cbur=0.6477811185407235&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Fcasadelfutbol.tv%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=4681243&cbur=0.6477811185407235&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Fcasadelfutbol.tv%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=4681243&cbur=0.6477811185407235&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Fcasadelfutbol.tv%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tucanaldeportivo.com/
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widgets.amung.us/small.js
172.67.8.141200 OK 0 B URL HTTP/2 widgets.amung.us/small.js
IP 172.67.8.141:0
GET /small.js HTTP/1.1
Host: widgets.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:27 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:40 GMT
etag: W/"63c0412c-2170"
expires: Thu, 26 Jan 2023 21:08:58 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: gzip
cf-cache-status: HIT
age: 2429
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f43809ebf30b55-OSL
X-Firefox-Spdy: h2
unpkg.com/video.js/dist/video.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/video.js/dist/video.js
IP 104.16.123.175:0
GET /video.js/dist/video.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /video.js@7.21.1/dist/video.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQNDZR522QSF95NQ5Z2QP7KT-ams
cf-cache-status: HIT
age: 550
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f4380d6a830b65-OSL
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&j=https%3A%2F%2Fcasadelfutbol.tv%2F
141.101.120.10200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&j=https%3A%2F%2Fcasadelfutbol.tv%2F
IP 141.101.120.10:0
GET /i/?l=https%3A%2F%2Ftucanaldeportivo.com%2Fdirectvsports.php&j=https%3A%2F%2Fcasadelfutbol.tv%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Cookie: m=1; oa=1; df=1674683368
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=2; Domain=dtscout.com; Expires=Wed, 25-Jan-2023 23:12:49 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=2; Domain=dtscout.com; Expires=Thu, 26-Jan-2023 01:49:29 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
x-t: 0.507
expires: Wed, 25 Jan 2023 21:49:28 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fnk6%2F1UeRFpj3fnXGSGW1xYyU%2BNA2C%2B7UN3s9yTSPgOAdKGY4qJlNoMhmoOJT0YcpcJNOw5eoS0OMj2hGujPPmDhd%2FRajTEhWd2rL%2BE6zrF6XpEoA9yTR95XEInSC40%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f4381388960d46-ARN
content-encoding: br
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=6411126&cbur=0.05122952316265739&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Ftucanaldeportivo.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=6411126&cbur=0.05122952316265739&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Ftucanaldeportivo.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=6411126&cbur=0.05122952316265739&cbiframe=1&cbWidth=730&cbHeight=420&cbtitle=&cbpage=https%3A%2F%2Ftucanaldeportivo.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=velocitycdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://coolcast2.com/
Origin: https://coolcast2.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
rojadirectatv.ch/directv-sports.php
188.114.97.1200 OK 0 B URL HTTP/2 rojadirectatv.ch/directv-sports.php
IP 188.114.97.1:0
GET /directv-sports.php HTTP/1.1
Host: rojadirectatv.ch
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:27 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/5.6.29
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SUyjw3iIN%2FA%2Bg1fY%2BvWrZazDWtOfOSRcQ5EJtEm2y9e0pFq3AIcagoJ6S5sxixbYsNrlNQ3EzeToLawdNEXFB%2FqQzBfu5BOGZZN4AOQXtObtjjig1U%2BUxgxMdAY6qM77rSas"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f438050e1c0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waust.at/t.js
104.26.5.7200 OK 0 B IP 104.26.5.7:0
GET /t.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/x-javascript
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
etag: W/"63c0411e-728a"
expires: Thu, 26 Jan 2023 21:05:21 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 2647
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQjj08g9Ndk1fFsoZTsLqb8kc9a3ttNOT0pMRCoITTDloC272IQD4vUvz9hm2DBUQE%2FJgg0uJM%2FtTMJoxXTiTUJMYapoOplepjSOBpcXr4IFyu%2FZCJYyBA9s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f4380daf36b500-OSL
content-encoding: br
X-Firefox-Spdy: h2
platform-cdn.sharethis.com/img/pinterest-white.svg
54.230.111.19200 OK 0 B URL HTTP/2 platform-cdn.sharethis.com/img/pinterest-white.svg
IP 54.230.111.19:0
GET /img/pinterest-white.svg HTTP/1.1
Host: platform-cdn.sharethis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://rojadirectatv.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 10 Oct 2019 01:20:13 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 28 Dec 2022 10:20:27 GMT
cache-control: public, max-age=2592000
etag: W/"f54e172d01168179f936c9e076216b2d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iLvDBOtf0TQDHYpIEh0_aXu5BYt_HR5FVEXPVebWD8-1KCFx_B-7yA==
age: 2460542
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
code.jquery.com/jquery-latest.js
69.16.175.10200 OK 0 B URL HTTP/2 code.jquery.com/jquery-latest.js
IP 69.16.175.10:0
GET /jquery-latest.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-encoding: gzip
content-length: 83875
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-4508e"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPnjxp4GEoYBCiRjM2VhOWNhYy1jYjY4LTQxNWMtYTA1Zi1lYjViMDkzOGE1NDQQ+OiCoKvU+wIaBgjpx8aeBiIMOTEuOTAuNDIuMTU0KPJlMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQzNzFmYjhjNC0zYWM2LTQ1NjYtOThlMy1lODljOTFiNjVlOTAYo48FIhgIAhIUY2RzMjEyLnNrMS5od2Nkbi5uZXQ=.hC42FpCTVyXLtEQBTdmnl+oRNqpH2Ny0CITlrMtZC3g=
x-hw: 1674683369.dop227.sk1.t,1674683369.cds021.sk1.hn,1674683369.cds212.sk1.c
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
172.64.167.9200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP 172.64.167.9:0
GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://tucanaldeportivo.com
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:31 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q131WIiVaSiUSVUsNKzhqzivbgfXr8uss9rWUJOjkn1LbGx0Ckqjy4vdxBXoO%2Fh68vMWfdkbb9J5LssLaClwA0bwId1WRi9xhNCnbj2tpLjtIC%2B%2FgkIpODjyPDEPGheMKqWzjd5G5tyq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78f43821bb2f775c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
IP 104.16.123.175:0
GET /videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://tucanaldeportivo.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GQNE6MAB664YFSCJXM46JV08-ams
cf-cache-status: HIT
age: 324
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f4380d5a6b0b65-OSL
X-Firefox-Spdy: h2
unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
104.16.123.175200 OK 0 B URL HTTP/2 unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
IP 104.16.123.175:0
GET /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://tucanaldeportivo.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:28 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
via: 1.1 fly.io
fly-request-id: 01G4XKX4QG128115AQAE4NBFMX-fra
cf-cache-status: HIT
age: 20126999
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 78f4380d6a950b65-OSL
content-encoding: br
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
IP 104.18.10.207:0
GET /bootstrap/3.3.7/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://coolcast2.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 25 Jan 2023 21:49:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:00 GMT
cdn-cachedat: 12/13/2021 20:18:53
cdn-edgestorageid: 755
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-proxyver: 1.02
cdn-requestid: 48135f30fbfcba704628453df5764d8f
cdn-cache: HIT
cf-cache-status: HIT
age: 20132854
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78f43810aceab51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2