zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2
172.67.138.73301 Moved Permanently 0 B URL HTTP/1.1 zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2
IP 172.67.138.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Dec 2022 19:53:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 18 Dec 2022 20:53:21 GMT
Location: https://zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgI4XBTQvXgQwfTBLSz%2FfGKUzLEn%2BtPfubCjJq4XVJV%2FThy75Ju1iHpIfIdoXhj3KR%2BMxIdxNVD0OP2ej3BH98l36kwCl7npYAr5ESUSza7GUd2PCpHiR9bSjgLKlw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77ba71b70913b518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 460af93786e1eaa666f135e6c3fdc634
bc8aeba36225c79718f5de73d79928fe817c5490
471f4e7ae29bcf6ba1f749c0f5d4ab446cebfac5aa80c3e19c6edf21be456eb5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "471F4E7AE29BCF6BA1F749C0F5D4AB446CEBFAC5AA80C3E19C6EDF21BE456EB5"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3000
Expires: Sun, 18 Dec 2022 20:43:22 GMT
Date: Sun, 18 Dec 2022 19:53:22 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9f3cf7e36f17a535e53e5213c02cf2b4
e65acbc03135ce135b9e91b4f74b3e1439faa6f6
a2317476862acd0a92fe523454c3991752b07ba14e7667f421dd9624e0233758
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A2317476862ACD0A92FE523454C3991752B07BA14E7667F421DD9624E0233758"
Last-Modified: Sat, 17 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8788
Expires: Sun, 18 Dec 2022 22:19:50 GMT
Date: Sun, 18 Dec 2022 19:53:22 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 18 Dec 2022 19:45:29 GMT
content-type: application/json
age: 473
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bcade8542361774f13ecd22557ff8fb8
5e67a3753b0856c765f3b17f1742d3ed684ffb6d
647f8d9d3d1170e60a60e15fdfd9b59445feb56a6ce9d9bb2fa4720f0bfc3a14
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "647F8D9D3D1170E60A60E15FDFD9B59445FEB56A6CE9D9BB2FA4720F0BFC3A14"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2965
Expires: Sun, 18 Dec 2022 20:42:47 GMT
Date: Sun, 18 Dec 2022 19:53:22 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xyUjgtrVvY8P68lRhgQXjYlCzEoY8Z1gd6Isc//THrNFbCdmWGEcBjQsFAVM+Vma5CiRVIO+4QE=
x-amz-request-id: A2W7WWMHZ7BWSNYV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 18 Dec 2022 19:28:39 GMT
age: 1483
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 063f05b1d77da74981c52358219aa4ec
44535e93131ef91bc3a7d4ddc3f9866d282540d2
f574a70cf67d308126097b75dae476d00b01b00376019e7671c6ac6ef415079e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:22 GMT
Last-Modified: Sun, 18 Dec 2022 19:07:57 GMT
Server: ECS (amb/6B82)
X-Cache: HIT
Content-Length: 280
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Backoff, Content-Length, Pragma, Alert, Expires, Last-Modified, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 18 Dec 2022 19:33:23 GMT
age: 1199
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 063f05b1d77da74981c52358219aa4ec
44535e93131ef91bc3a7d4ddc3f9866d282540d2
f574a70cf67d308126097b75dae476d00b01b00376019e7671c6ac6ef415079e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2725
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:22 GMT
Last-Modified: Sun, 18 Dec 2022 19:07:57 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0bc27cdcd6c42d7f8eece6c074bc452f
ff1234b58f7381f51f9082c1ef4894b1ac5700ff
672fc3b7ba7ee7a8b376c73a86a5bab00b1a1aead54c3ca64c0bff83d831348e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 636
Cache-Control: max-age=134645
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:22 GMT
Etag: "639ed82b-1d7"
Expires: Tue, 20 Dec 2022 09:17:27 GMT
Last-Modified: Sun, 18 Dec 2022 09:06:51 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 51194868593d48a4183f94aece654949
09f06164b789806b3218f83cabdd6266d0f6fe53
f4d52e6063554167147e6a867ee5cb67f43be48c3328ed90597040ceaa40838b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:22 GMT
Etag: "639e26eb-118"
Server: ECS (amb/6BA6)
Content-Length: 280
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0HSVsj7l/0XwgwFzw6ixrQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7xOKdXHRdLeF8k2wy/ZIzxTiH5c=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 51194868593d48a4183f94aece654949
09f06164b789806b3218f83cabdd6266d0f6fe53
f4d52e6063554167147e6a867ee5cb67f43be48c3328ed90597040ceaa40838b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2952
Cache-Control: max-age=91584
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Etag: "639e26eb-118"
Expires: Mon, 19 Dec 2022 21:19:47 GMT
Last-Modified: Sat, 17 Dec 2022 20:30:35 GMT
Server: ECS (amb/6BA4)
X-Cache: HIT
Content-Length: 280
m.imagenesderopaparaperros.com/zshorte_theme/images/logo-dark-2.png
104.21.94.136200 OK 45 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/images/logo-dark-2.png
IP 104.21.94.136:0
File type PNG image data, 857 x 155, 8-bit/color RGBA, non-interlaced\012- data
Hash 28ed5694cb52b688df8f6cb9d3c38e9c
2ec4b679e43cd8bf66919b860bfd830f2b23c7d9
0541ab488abc3b9fcc067d1085aae4fadba1c42910207a8260a909dbf489ed31
GET /zshorte_theme/images/logo-dark-2.png HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: image/png
content-length: 44788
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:34 GMT
cache-control: max-age=31536000
expires: Thu, 28 Sep 2023 19:19:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
cf-cache-status: HIT
age: 7000426
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hr7b%2Br3e0mOpt71ljwxQ3r6wfTv%2BCj84ySMxWQ%2Bg8RJmHZE2bWo2CccRqkmTkKk%2BYFWTK9QqqVlvyMZ4E7eWOPnBLMS0FmyW2AVf%2BKG4eQDKUUm7bfGcxr9f7GwL7d7RqmIX%2Fli2VxeOEoZ0anu0ZyI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1ea17b51e-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 930f0320ed7bc9738f6d3d00639c7537
f9a1d6bea1bd4816546a03821888cd3dff122c73
1f59797edf40eaef89b0c2671766ecdcaf9e48ec2883f285b34d330f01823d19
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.imagenesderopaparaperros.com/zshorte_theme/css/owl.theme.default.min.css
104.21.94.136200 OK 25 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/owl.theme.default.min.css
IP 104.21.94.136:0
File type ASCII text, with very long lines (846)
Hash c74507927bdece0a1316ed8457ce6238
b12711d32e5551f9510b8bec9b71ce829851cbd4
f2bc31cf63b7f5f313bf2464bd8cf89e5ba148356f2ce1fa37285fdf16d72d69
GET /zshorte_theme/css/owl.theme.default.min.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:07 GMT
cache-control: max-age=2592000
expires: Mon, 16 Jan 2023 01:47:25 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-served-by: m.imagenesderopaparaperros.com
cf-cache-status: HIT
age: 151558
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puvdaiSaC5Stow47P6RriscuY8Mn1JDXFfSYUbwKHPSGEiY2XsHWdHES%2F4P2DeCKC1B8B3Mp6s2TTHaHQXt7MXZcvCB5h4VbL5gIBG3UfQ1OEju6vMmdQUsRgttCkJwEkgMxYqU7OXA1BwI%2FyB6guZY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1da08b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 063f05b1d77da74981c52358219aa4ec
44535e93131ef91bc3a7d4ddc3f9866d282540d2
f574a70cf67d308126097b75dae476d00b01b00376019e7671c6ac6ef415079e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=87547
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Etag: "639e22ae-118"
Expires: Mon, 19 Dec 2022 20:12:30 GMT
Last-Modified: Sat, 17 Dec 2022 20:12:30 GMT
Server: nginx
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 61a9358a5ee2b62531d1d64c9a142843
b83a422ab426d870b17da66cdd8ee3b999b4bba2
6c51b015c429c2b191434d7703199b39cea01ab98255e16affb1554ff6bc2114
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C51B015C429C2B191434D7703199B39CEA01AB98255E16AFFB1554FF6BC2114"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6821
Expires: Sun, 18 Dec 2022 21:47:04 GMT
Date: Sun, 18 Dec 2022 19:53:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 61a9358a5ee2b62531d1d64c9a142843
b83a422ab426d870b17da66cdd8ee3b999b4bba2
6c51b015c429c2b191434d7703199b39cea01ab98255e16affb1554ff6bc2114
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C51B015C429C2B191434D7703199B39CEA01AB98255E16AFFB1554FF6BC2114"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7957
Expires: Sun, 18 Dec 2022 22:06:00 GMT
Date: Sun, 18 Dec 2022 19:53:23 GMT
Connection: keep-alive
www.googletagmanager.com/gtag/js?id=UA-77394287-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-77394287-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 93fc015c12e6204cbcd17ce7e56e1f1b
648ab2eeb446e3e58c2336062408fa69549b44d2
1ce75d4e6c7179245e58552d006d9e7f7f04907f0d059997f90ac88eb502e7b0
GET /gtag/js?id=UA-77394287-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Dec 2022 19:53:23 GMT
expires: Sun, 18 Dec 2022 19:53:23 GMT
cache-control: private, max-age=900
last-modified: Sun, 18 Dec 2022 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3cc1866fc9c3235fc00e984bd2d7a1f2
309c47bdee0a04d1234b1b130793cc492797c335
26597f97dfd979d5bf0f32bbf732448bb25d13f2ed3c0857de783439f1976574
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1968
Cache-Control: max-age=142833
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Etag: "639ef2f4-117"
Expires: Tue, 20 Dec 2022 11:33:56 GMT
Last-Modified: Sun, 18 Dec 2022 11:01:08 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 40588a98e7b9045ed0f89cef0ae81bc9
047c03794a9de378f66b81ce84edfaab928d28aa
574d5ada571abb63674ee166c8e0ddce49a734a227841b1377f196900de04fdc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4083
Cache-Control: max-age=106801
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Etag: "639e5df1-138"
Expires: Tue, 20 Dec 2022 01:33:24 GMT
Last-Modified: Sun, 18 Dec 2022 00:25:21 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 312
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ec70919372ab27cd51c8af3e004482d
d426a1d3a0c3703b3f8af7315af4427e4f5fa9e4
576448ef5d41871b94cf6d97aa385d1c7fd28dd9bdb70f23aacdf1b2b5a6add5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "576448EF5D41871B94CF6D97AA385D1C7FD28DD9BDB70F23AACDF1B2B5A6ADD5"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15048
Expires: Mon, 19 Dec 2022 00:04:11 GMT
Date: Sun, 18 Dec 2022 19:53:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fdbb7ba725cc70f13ad981863c8c5581
1b9a678e8f3b68f162bc7a6e7bde5171f5415046
dcab650b9fa579906912c3b598b7099cf0728e72b7782d5362849ef310a00965
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
m.imagenesderopaparaperros.com/Pkm1ZSV
104.21.94.136200 OK 11 kB URL HTTP/2 m.imagenesderopaparaperros.com/Pkm1ZSV
IP 104.21.94.136:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2970), with CRLF, LF line terminators
Hash d2811b12c6abb2d531dcfee7cc4e8e92
f298a7ed2e28910fb25ccacbcc22fe34814024d1
ac332adacfccb37cab2f9680c1ea226d9998bdb5b8ab312aa7ad1be0fea044d8
GET /Pkm1ZSV HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Wed, 13-Dec-2023 19:53:23 GMT; Max-Age=31104000; path=/
AppSession=2b3678f5742fe7c903de9fd53a08a297; path=/; HttpOnly
csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87; path=/; HttpOnly
x-served-by: m.imagenesderopaparaperros.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMGV06r%2FMMU7kDL5EZ%2BDKZO98BcqjNVFVu8WK4qE%2FhYiB0NUJYyG4aizZHpn8e0Kl5PSF6QYrE5CIIly70gx12qElJhGVmwpogWQcsEjtphKuUBPrPCy0rRLdxigc%2F5HnFVJ60um9QpH6LRUtEpHk%2FI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71be6ddbb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 20 kB IP 104.18.32.68:0
File type gzip compressed data, from Unix\012- data
Hash 721e4dd5c270840c76697ad784c1800a
4a0e665b2780cfaeba80b0048e25e6a41822f4d4
22d3e39db63e7b1bb5a4682af556ef33fc28da6adcc040ba816fa3dc97728e3b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:23 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 22:16:03 GMT
Expires: Sat, 24 Dec 2022 22:16:02 GMT
Etag: "00347116440a772ad55046962fa1b44bf17424d8"
Cache-Control: max-age=526358,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71c4893db523-OSL
arbourrenewal.com/cf/62/1e/cf621eb24aa5b4a128894819698170b8.js
192.243.61.225200 OK 11 kB URL HTTP/1.1 arbourrenewal.com/cf/62/1e/cf621eb24aa5b4a128894819698170b8.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32129), with no line terminators
Hash 0a2b1a08903796a14471c4afe5c175b7
720c0888ee473fbb48e93365e5325dd5481baee3
4ee2c66e686ca3dadc2b48bc6e1fce5a59e654960f80b63430781d049c6eca56
GET /cf/62/1e/cf621eb24aa5b4a128894819698170b8.js HTTP/1.1
Host: arbourrenewal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3877ac6ec4b44401e98fa2a89e11d14a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 10a3a852ef62dc4d4ccbbf6ff396688b
953e40775326102f6c3fc09a18a7039239df656f
30872c631302c914fc93b789892b200beb6284a3ba6753e1ee7f909a1231f2dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.21200 OK 38 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
Hash a53f46daeb3c45aef70187ebc211311d
db5b00c19d47b809fe56b6f274e2dff9cd1f118f
6e58a446afb985441d34d409cdc1eca14c02e2e9203c679f28c88a0697da3fc1
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671771785
server: CDN77-Turbo
x-77-nzt: AblMCRR0ku7/qnMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f63c2884f27
x-cache: HIT
x-age: 226218
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
m.imagenesderopaparaperros.com/zshorte_theme/css/colors/skyblue.css
104.21.94.136200 OK 1.6 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/colors/skyblue.css
IP 104.21.94.136:0
File type CSV text\012- assembler source text\012- assembler source, ASCII text
Hash 289b068bb9e5ec7bd3a6303e32d41301
479661f5c538d3ea82f71aa7fc25e0815ad6c64e
bdb8ca1e1233131ca153cc46b3c99bb387f92800a810c3a5314c69ce4a4e3851
GET /zshorte_theme/css/colors/skyblue.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:09:38 GMT
cache-control: max-age=2592000
expires: Fri, 23 Dec 2022 11:03:08 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-served-by: m.imagenesderopaparaperros.com
cf-cache-status: HIT
age: 2191815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OUVykEx%2FhlqXzSK2lWjDLhOxwlK9HvXJ8z8jTEkNvSrWfLcYhUfpLD2%2FuxzJbfmZiPlQjsqg8bdjh%2B6I2XDOW4TJ9dMhT38bkRobBBIHrkd4jKboGEqirrNAz51SDU3dGgPNrZuMXV2hPYm6QmCTB2k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1ea10b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m.imagenesderopaparaperros.com/zshorte_theme/css/materialdesignicons.min.css
104.21.94.136200 OK 40 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/materialdesignicons.min.css
IP 104.21.94.136:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9e9ec7d5ce791ebd388cb86e2a7e8088
6d1f46141de89aab0693ce76d210718552452408
e51e7bb560b1fd1a8c09e89c8bc96ceac2d40fa5e8f51aed4415e6d11ea6fb24
GET /zshorte_theme/css/materialdesignicons.min.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:10 GMT
cache-control: max-age=2592000
expires: Fri, 23 Dec 2022 11:03:08 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-served-by: m.imagenesderopaparaperros.com
cf-cache-status: HIT
age: 2191815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhxvkbKIfCGR0DA0X1POwoS9nsFJJ5JJU7saYrrHr1%2FArKNpfu9Jfm%2FvyFDhgkU%2FP1A0phli8pvyxJsw%2FsCqoX8bp6ZBpg3DC98M1hDqdM9ikJxpEgXZ9OoWfi2xMPpmUi3m%2BtRwElLeQ4UOeoFVDyU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1da02b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unicons.iconscout.com/release/v2.1.9/script/monochrome/bundle.js
104.18.28.243200 OK 8.9 kB URL HTTP/2 unicons.iconscout.com/release/v2.1.9/script/monochrome/bundle.js
IP 104.18.28.243:0
File type ASCII text, with very long lines (9104)
Hash d0451c175811b9a9280ff6d777513f95
308ceb10be732c8a71249e0537f2742e2dab19fd
a9204da24d953b31337f93360f17e354d87c05f2c3d66dafcb5de65f984fbb8e
GET /release/v2.1.9/script/monochrome/bundle.js HTTP/1.1
Host: unicons.iconscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: application/javascript
x-amz-id-2: GvCKrN3nQW/FEY2jWfHeYZvKkWCt3JBdCuMVwvzgDsMJlQPRsp7xleY2w8Me+pQdtPQBGP2L4Og=
x-amz-request-id: J4Q012JMVSHPPMBE
last-modified: Fri, 22 May 2020 12:00:38 GMT
etag: W/"be52f9b7d5de40f1e7cf1faab2f6d95d"
cf-cache-status: HIT
age: 717693
expires: Mon, 18 Dec 2023 19:53:23 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71c24ddeb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e22c487307aca2e6e3d5ecfc7daae99a
3fb9ea3a5166ba4dfd6e5d05139936a96bc33c2d
66fc32efbb2c29a16706b6ea40145509974f7b9dbfafc72e104232a4c4d52d69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de8a9a815195e349752babc98f1ccd53
813579195eaa5387fffcdb077da3652a28feaf51
43d7011fa70a71689c2dec1180628606e5ed9e38c029ef624844443f2009a9c4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43D7011FA70A71689C2DEC1180628606E5ED9E38C029EF624844443F2009A9C4"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21579
Expires: Mon, 19 Dec 2022 01:53:03 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash b22f42410ca03f237bde0ba56969e388
1bcdbe680567dfa438eadadb7cba567bb95d4268
2f61059a50e8bd97568204a704a85a82358ad50b68545a8b891f2297cf20d662
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sun, 18 Dec 2022 19:33:35 GMT
Expires: Mon, 19 Dec 2022 19:33:35 GMT
ETag: "1bcdbe680567dfa438eadadb7cba567bb95d4268"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
m.imagenesderopaparaperros.com/zshorte_theme/css/bootstrap.min.css
104.21.94.136200 OK 25 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/bootstrap.min.css
IP 104.21.94.136:0
File type ASCII text, with very long lines (65324)
Hash 21ac51bc8eac7802f5792eb7a730f747
c73e4a8c40527d7b7b44ba1e13b74f7fed2a6f76
fc33af787c4e1dd39e5bd5b12c02ff00035de3cba460681d070503b7c703f38c
GET /zshorte_theme/css/bootstrap.min.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:09 GMT
cache-control: max-age=2592000
expires: Fri, 23 Dec 2022 11:03:07 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2191816
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCdY603W%2FzVLFP3aKOMVW6%2B3m7agneEhqBA144LUpVsF5Ae6u%2BMo3UpEmmOcgta8Ak4aSizEUx1kddC%2FdvqnhkZfkhKYdE4orsSAn2i5NSFZkHTh8oGq%2FjcePGLAg5GpA3OR4ZRhbM2JPAVfgcK5Aow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1d9fbb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.ftd.agency/libs/e.js
37.48.117.210200 OK 1.7 kB IP 37.48.117.210:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 02f679c9e331e69ac43f87af96915b9d
e589290852a088c34cbf7bb3104faa833244e1d4
7ea9bdfdd368aa5835ba2930414dc029b4d2ffbd46c362e33d2efaffbb8fad32
GET /libs/e.js HTTP/1.1
Host: cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 13 Sep 2022 09:47:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632051a8-aec"
Expires: Mon, 19 Dec 2022 19:53:24 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip
iononetravoy.com/1clkn/33405
23.109.87.79200 OK 26 B URL HTTP/1.1 iononetravoy.com/1clkn/33405
IP 23.109.87.79:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/33405 HTTP/1.1
Host: iononetravoy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 19-Dec-2022 19:53:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 19-Dec-2022 19:53:24 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 335822a64b16e34e0f2dc3ea93e80ab7
7442405bb8c86b633da9c95e352a36b43b0a3afa
ec07432b7dc2622ea70c001daa707530138d201cf8471c174832839e93c57fdc
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 16 Dec 2022 12:11:58 GMT
Expires: Fri, 23 Dec 2022 12:11:57 GMT
Etag: "7442405bb8c86b633da9c95e352a36b43b0a3afa"
Cache-Control: max-age=403712,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71c54a1eb523-OSL
ads.vidoomy.com/imagenesderopaparaperros_14871.js
3.19.54.139200 OK 4.8 kB URL HTTP/1.1 ads.vidoomy.com/imagenesderopaparaperros_14871.js
IP 3.19.54.139:0
File type ASCII text, with very long lines (4753)
Hash dca7d770c45a86e8ed98a1a70b16b30a
8d09f9f86cd4dd3f0cf8cef950e4e1ade9ce9c1b
3cfd562889f90c112dadbb1d22fcc0a37235cb8a95484d4c285a13ae670042c9
GET /imagenesderopaparaperros_14871.js HTTP/1.1
Host: ads.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:24 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4755
Keep-Alive: timeout=2, max=300
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
142.250.74.74200 OK 19 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
IP 142.250.74.74:0
Hash fde750a6a49a0a7bfa7635a8a588208e
9fb7f8c131b8185b6043dc48d07f588917eae16a
e599eabd59564e6585720862a60e1ebeb37e61f9e9c1bd03dfaac1bba58c1db1
GET /css?family=Nunito:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Dec 2022 19:53:23 GMT
date: Sun, 18 Dec 2022 19:53:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
arbourrenewal.com/2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js
192.243.61.225200 OK 21 kB URL HTTP/1.1 arbourrenewal.com/2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60157), with no line terminators
Hash c322e3aedbfa6f6169bff5890b7dd889
19a56cb2772b1eb9c0f4a8c038553921278ec7b5
5ee8a1c822f833f2bb4d906091cdf772697050cc00037133cc35b184e94f8b82
GET /2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js HTTP/1.1
Host: arbourrenewal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e5e3e9f1a01c8e07f09bd6fd7372ea78
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
z.cdn.ftd.agency/load?z=1339915142&div=9tcm6amq0uw&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=2386&hc=16&n=1671393204010&url=m.imagenesderopaparaperros.com%2FPkm1ZSV&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=2955252928
37.48.117.210204 No Content 0 B URL HTTP/1.1 z.cdn.ftd.agency/load?z=1339915142&div=9tcm6amq0uw&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=2386&hc=16&n=1671393204010&url=m.imagenesderopaparaperros.com%2FPkm1ZSV&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=2955252928
IP 37.48.117.210:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=1339915142&div=9tcm6amq0uw&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=2386&hc=16&n=1671393204010&url=m.imagenesderopaparaperros.com%2FPkm1ZSV&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=2955252928 HTTP/1.1
Host: z.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: -1
P3P: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Set-Cookie: AU=66910b6b60a9cf5e; Expires=Sun, 17 Dec 2034 22:00:40 GMT; Path=/; HttpOnly; Domain=.cdn.ftd.agency; SameSite=None; Secure
m.imagenesderopaparaperros.com/zshorte_theme/css/aos.css
104.21.94.136200 OK 1.6 kB URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/aos.css
IP 104.21.94.136:0
File type ASCII text, with very long lines (25948)
Hash b9e438d6bf5552772919cc61d955dd68
520160ccd68a02659fbad584fe438bd770a2c3e5
9068e679c70273a2b6999c376189a7604153e562757eaa12749b52e534ceed65
GET /zshorte_theme/css/aos.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:05 GMT
cache-control: max-age=2592000
expires: Wed, 04 Jan 2023 23:37:16 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1109767
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B5v9Upwnb6S3ZtwlpUfyrzL5pkQGxeknMm7eIKJ0wYzhyg9YAb9N33ClP30Oa0HAjlY5KsKGCV7fZJIh%2FUyXsTEBgNzqQAwHn%2Fyt4cnvCTHcJh8i2DXZfgO2UFsEfkZAM5cFw59%2B1JkFNqMv%2FI75nPA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1ea0db51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=52788&f=19&fi=99
54.38.64.100200 OK 20 kB URL HTTP/1.1 c.tmyzer.com/c/?s=52788&f=19&fi=99
IP 54.38.64.100:0
Hash a0bb90c6badf6f8f1af5e3699997ae4f
552c7b5085012a758db91d5466e3b2fab7dde9dc
9d10e227385f7a53d1ea7fc8ef463bc02f7541dd2a992db1db98d061c2528e84
GET /c/?s=52788&f=19&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:33DA_36264064:01BB_639F6FB3_B05D679:1465C
X-IPLB-Instance: 20687
c.tmyzer.com/c/?s=52788&f=11&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=52788&f=11&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=52788&f=11&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:F9B5_36264064:01BB_639F6FB4_B043D40:1465B
X-IPLB-Instance: 20687
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10222
Expires: Sun, 18 Dec 2022 22:43:46 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6a2c92aabf226387b040787c81fc5aaa
62e9dabd18f7d3270ebe263d14f82c2ee73ce396
9fac9f2daacc5056f8e55c29ec701952d6ad2ad6c8d953f6fdfe763d0c9a7c53
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9FAC9F2DAACC5056F8E55C29EC701952D6AD2AD6C8D953F6FDFE763D0C9A7C53"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5503
Expires: Sun, 18 Dec 2022 21:25:07 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 74619c8a7d32d46fc91cc86f793f107c
3f2b1390ef4f7cd385f513d57297fa482f7dd43c
6aa1fbfb532fc85b041684e259bbeecf53c7e7f711c8d414fc0775c4c1404457
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6AA1FBFB532FC85B041684E259BBEECF53C7E7F711C8D414FC0775C4C1404457"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10222
Expires: Sun, 18 Dec 2022 22:43:46 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 578392bee48563d778885698790a124b
597892da925c3a363878e81ff02032a316303512
d30fe2470e1f63c5249fd42d7cd804bbf326cf9a703c61e31b5322ebdb26fca6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb6b04bcc-ed1e-40f8-81f9-587f3470d5fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9925
x-amzn-requestid: 15eb2112-b947-458a-8544-51bac721773d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2k9HNjIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e37b9-7c5b94866d266af252f133b3;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:42:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 0nlTTVMgZIa6HUmL4bx0L-menIA1szAYPKbL-2p3jcX9XDGOAHL5eg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:51:24 GMT
etag: "597892da925c3a363878e81ff02032a316303512"
content-type: image/jpeg
age: 79320
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fdbd1e175352e7ec7dc2a25f04a5a9d
954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2
bdba0c3d4509764e87db688c1b8086c309f4a2cbe95d1f2130ce01d184f2fa17
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a0c4858-28d1-47b1-bfba-b4500f28eeae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9741
x-amzn-requestid: 5d9871d6-1512-4ffa-8b85-3c4c7595b723
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dEj3XGsxoAMFxIQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639819c8-7a65df352cc4e71e5aa518f8;Sampled=0
x-amzn-remapped-date: Tue, 13 Dec 2022 06:20:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: V2j4CWBbvNniyBK3vdt4Hg7ROB-xjuzsvdGBmh2U1BGYGWwkT6JJ_g==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:01:05 GMT
age: 78739
etag: "954bdd8d6b2f3d0ec086631ecf1bbd76c6507fe2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ada04738696f861648635c9ba98841e4
ce644cd4349d88aa7c24b2503b0b18b444061639
e5cee777efbf1d8a0f95f6cce71199e5f016a91f90cf0afe38bc86654b9d730d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a667002-4518-4b30-baaa-3a4eab2bdc1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8696
x-amzn-requestid: c897aeed-a082-46a1-965f-39e8c763cb05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10ZH3jIAMF0gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-548ac80840737a20743980f5;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xFbmIbrDz7MnhaF8tqHeTDzjrwbsP7SbmYb_OLLWZPb7poAmecfDew==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 80059
etag: "ce644cd4349d88aa7c24b2503b0b18b444061639"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12c4c2232b6d09e9085f0214b3260c1e
a24f8e949a2f2a973fe2dd5af994cd970d37f13a
000475ed7d0aab9a7dab3e25f0a29f82552739fea99f98cbf5131282d0db7d63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e098e9f-4d93-4282-beb5-b37a17658134.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10670
x-amzn-requestid: d72e1904-caf4-4c72-a811-d1bde023f4b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT11JGCsIAMFRDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3687-7789040d71253d00378f9162;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NWh-ecaQXJITj6VyK4qutXz95L557E8kCDxs-fNBRmkjUk_ZG0Oygg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 80059
etag: "a24f8e949a2f2a973fe2dd5af994cd970d37f13a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash ba07ca01954fbcfa04e49ce6520e80cb
c8c508e7cc20e0ec033d487e14e1618defcb88cf
f421e47834c212fdd65f1badb0c735cffc4266365c4a271416b8625cd6527718
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=154163
Date: Sun, 18 Dec 2022 19:53:24 GMT
Etag: "639f1615-1d7"
Expires: Tue, 20 Dec 2022 14:42:47 GMT
Last-Modified: Sun, 18 Dec 2022 13:31:01 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 6b590e690e32695caa633ab770319d74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: 5HFNeXHysuiMDzn3cVCrV_m4LE-6a90hn3P8uTRqh18ZxgsMj_jNBg==
Age: 4306
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bfd0e913579b4ff2f511223d70cb01fb
497e0ffef816e100e6ddc221ec17d5f389c1142a
bee68ae1a938a5111a32dab4ec4f6964994e6c39143eac9ab94d6c5e29999372
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2ded193-0301-4ad3-a888-72c52212ad95.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5185
x-amzn-requestid: 3087af97-3f2d-4848-b297-eba8d84f10c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT10YHv8oAMF2sg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3682-7527022d4bd9c15518fe75cc;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:37:06 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dg3c2lWr1FbFUalH5QB05VrQIkpt3LNuUM-VxJZiaXy3nJu-cfd5jg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 21:39:05 GMT
age: 80059
etag: "497e0ffef816e100e6ddc221ec17d5f389c1142a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 10ac00cddfd1dab4038b04eac25988bf
a9a7b428491dd0a56ef50ec230f510f0d09408a8
460d9c31c8b3b3636f20c20e472ad690bd697fad84ee860fef7a9dc395bd8a33
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "460D9C31C8B3B3636F20C20E472AD690BD697FAD84EE860FEF7A9DC395BD8A33"
Last-Modified: Fri, 16 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12677
Expires: Sun, 18 Dec 2022 23:24:41 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
www.cdn4ads.com/w2ui.min.css
185.76.9.25200 OK 0 B URL HTTP/2 www.cdn4ads.com/w2ui.min.css
IP 185.76.9.25:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w2ui.min.css HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:24 GMT
content-type: text/html; charset=UTF-8
content-length: 0
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
x-accel-expires: @1672087600
server: CDN77-Turbo
x-77-nzt: AblMCRSx6WH/hDkFAA
x-77-nzt-ray: af5856306e2a0be7b46f9f636215521c
x-cache: HIT
x-age: 342404
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed374d0c34e8b2e15f08a6479a4f45e7
5db9e59699048998f0685e940640eae19ef11c8e
9933854830be796a87cfe44b6b8336294e2d3dbbe3205f267720aca6968c3a21
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c81bdf4-0a78-472d-ba75-80092016f334.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12125
x-amzn-requestid: e44faa15-1dfd-4bc0-bdfb-307c3de2755d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT2QPFZAIAMFf5g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3734-33d636210a1e24742ee71187;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 21:40:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JHDfcd35b-bHZm6oayBIN5NDt6ZeGygBfvu7IKU18wFiLHMGEPQPkQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Dec 2022 22:02:19 GMT
etag: "5db9e59699048998f0685e940640eae19ef11c8e"
content-type: image/jpeg
age: 78665
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash ba07ca01954fbcfa04e49ce6520e80cb
c8c508e7cc20e0ec033d487e14e1618defcb88cf
f421e47834c212fdd65f1badb0c735cffc4266365c4a271416b8625cd6527718
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153994
Date: Sun, 18 Dec 2022 19:53:24 GMT
Etag: "639f1615-1d7"
Expires: Tue, 20 Dec 2022 14:39:58 GMT
Last-Modified: Sun, 18 Dec 2022 13:31:01 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 ff7194a111d1912088727cbee9f13db0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: _79bggaxrZDxvBoOzghO6sAfQL0MTUCQNdNFZRf6fadECk-e0wObgA==
Age: 4137
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash 8aa586f7f57fddad30c34651fa3d91d2
f840a511eea71e70fccd46bf133999063b1d7bce
7c12abdebe9dc69aa42ddd60db2a9c35368bbc88bd28137b51944344e1642890
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-allow-credentials: true
set-cookie: uid_id2=8880f1a1-5430-4c11-84f9-e9c3cf4b976c:1:1; expires=Wed, 15 Dec 2032 19:53:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash 16d7fd76582cb4a9d836db96303025b2
c53670423d90c92e2870f8be48baa5fcc458c78b
ecfbb65b3e1bd98a8e0376f6de5f6971bd02e5a6085754cd110489d2bb2441dc
Analyzer Verdict Alert fortinet Malware
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-allow-credentials: true
set-cookie: uid_id2=f37572a6-cd9e-4160-b69c-b255e52b1607:3:1; expires=Wed, 15 Dec 2032 19:53:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 6a2c92aabf226387b040787c81fc5aaa
62e9dabd18f7d3270ebe263d14f82c2ee73ce396
9fac9f2daacc5056f8e55c29ec701952d6ad2ad6c8d953f6fdfe763d0c9a7c53
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9FAC9F2DAACC5056F8E55C29EC701952D6AD2AD6C8D953F6FDFE763D0C9A7C53"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5503
Expires: Sun, 18 Dec 2022 21:25:07 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
pursuingconjunction.com/pixel/purst?dl=0&th=0&sc=0&rs=2462&rd=2462&fd=751&bv=22.10.v.9&tmpl=70
192.243.59.20200 OK 0 B URL HTTP/1.1 pursuingconjunction.com/pixel/purst?dl=0&th=0&sc=0&rs=2462&rd=2462&fd=751&bv=22.10.v.9&tmpl=70
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2462&rd=2462&fd=751&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: pursuingconjunction.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a5b4d2abaf3d2bc15620538a0c5ac64a
207ac3fac58ec776d6a2f16bb7c4dce1748c3f3b
eb87ef7369334039684e076200095e3316eacf28cf7fb4ec6a14d47a32b9221d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB87EF7369334039684E076200095E3316EACF28CF7FB4EC6A14D47A32B9221D"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14696
Expires: Sun, 18 Dec 2022 23:58:20 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash d76c378bae9db9c77c834ced1e583846
df356e5ea1097ebae3d043597c70f0700145eb7a
a51191a33bf66f302ea545405a1baa8c812a5b22a8c0c51587dfe579e03d9c01
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A51191A33BF66F302EA545405A1BAA8C812A5B22A8C0C51587DFE579E03D9C01"
Last-Modified: Sun, 18 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4974
Expires: Sun, 18 Dec 2022 21:16:18 GMT
Date: Sun, 18 Dec 2022 19:53:24 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
173.233.139.164200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 173.233.139.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:24 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4d3f3ddd6d9678e7e29e3ee4f7631fd5
Strict-Transport-Security: max-age=0; includeSubdomains
a.teads.tv/analytics/tag.js
23.38.201.50200 OK 3.4 kB URL HTTP/2 a.teads.tv/analytics/tag.js
IP 23.38.201.50:0
File type ASCII text, with very long lines (4822)
Hash 6ddfb3a828a563a7719081ff9aeedaba
80286455b7c85311df5f997714b83380ac02fd6d
826524e59a21d4190f923f804a17db1513e1ee3cb4a5ed12f3bb6a5b4f370835
GET /analytics/tag.js HTTP/1.1
Host: a.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +hi3J8gLh7odTbzzwPTTi1cNLRiMIMeCbLwhFS3fdhvnkPc6F/KidF+aylAlaVgqP4umQC5X3TY=
x-amz-request-id: VYTSDGA8QVA7F7Y0
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
accept-ranges: bytes
content-type: text/javascript;charset=utf-8
content-length: 3391
cache-control: private, max-age=3600
date: Sun, 18 Dec 2022 19:53:25 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ced.sascdn.com/tag/1097/smart.js
23.36.77.24200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.24:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4686ea4ceef48bf4d7b06bf70fe2a6ef
6a1348d13eca8b7882c4679c53019a51f48a94fd
685fc19fe5c57ebff672b1a9c03ea8b85f78d37558cc6743a39baa034f852d0d
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32836
Cache-Control: public, max-age=7200
Expires: Sun, 18 Dec 2022 21:53:25 GMT
Date: Sun, 18 Dec 2022 19:53:25 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.64200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.64:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sun, 18 Dec 2022 03:26:20 GMT
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UWejIPvMjLQuch2sYRD5wDFDfcsUFIwYVrbXxSAagF4jLjbo9lGPgQ==
Age: 59227
www.google-analytics.com/analytics.js
216.239.36.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.36.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 18 Dec 2022 19:34:02 GMT
expires: Sun, 18 Dec 2022 21:34:02 GMT
cache-control: public, max-age=7200
age: 1163
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.35200 OK 583 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.35:0
File type ASCII text, with very long lines (921), with no line terminators
Hash d04cc7abf4ab1b4423a341bc45a9b724
25ed36ad23e8155314a88c49482f6d514ab87895
d87a39f80944e880f9654f236aec3fe6dbcd2e0edd31761c94f23b5fb7baa2af
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 18 Dec 2022 19:53:25 GMT
date: Sun, 18 Dec 2022 19:53:25 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 8b7b7077155f27d3646c396e59093a8f
659ae9a121ed3c7b9609628af313c92649062310
3f2107d8494ee13361f0bdb0e3e33c3e12da1a4e58ffff6acbb3ac446aba76ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1134
Cache-Control: max-age=96615
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:25 GMT
Etag: "639e41ae-2d7"
Expires: Mon, 19 Dec 2022 22:43:40 GMT
Last-Modified: Sat, 17 Dec 2022 22:24:46 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e3b13d6f509880ac491f951c68743ea1
82b3f4ff5a56d54a79cfebe2d96e9037bbfec87b
170e4c3c6963db458df1d13b46c34caa15e4e366e7770a234021189829cfb9fa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4333
Cache-Control: max-age=170737
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:25 GMT
Etag: "639f56b9-1d7"
Expires: Tue, 20 Dec 2022 19:19:02 GMT
Last-Modified: Sun, 18 Dec 2022 18:06:49 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash d696b08d3b9a3a372fed237dbaae597c
39936ccc3fbc998a34a7bb00d6aa2d55554aed89
97cccb55feb1282255b72ae493479a800778be7f61591914fb7e9e3af3f12143
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 240
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:25 GMT
Last-Modified: Sun, 18 Dec 2022 19:49:25 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cc78a9f54cfa6fa46efd132eecdcbd14
57893a24c77baf1eabe42465d6750e04786cc41d
727ba281aaf1bac266135f617ff72354840a054683aac983886be0ec2e8e66ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5768
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:25 GMT
Last-Modified: Sun, 18 Dec 2022 18:17:17 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9a9ec7b3c087ab0fabb9244384b08009
4e5b9ec91000b811a7985077648ab573dd363be2
f56a8c3395f5b1bedcd1c1b49052a656a9972e73f2ad5cf30aaadf050611dac3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ups.analytics.yahoo.com/ups/58610/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58610/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58610/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 18 Dec 2022 19:53:25 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLVvn2MCEESYVo2_CaIugfYhYLE_D4oFEgEBAQHBoGOpYwAAAAAA_eMAAA&S=AQAAAoRx_18f_rRurl3LriLruWQ; Expires=Tue, 19 Dec 2023 01:53:25 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 489bcce06333557aa2640067ff717358
d9d95da5900d177b82c935d34667d32704916cf1
81ca347fe11a2476c5b3bcb593b2da563e3c2353cd96a71acac8afd4d8464834
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 01:56:51 GMT
Expires: Sat, 24 Dec 2022 01:56:50 GMT
Etag: "d9d95da5900d177b82c935d34667d32704916cf1"
Cache-Control: max-age=453204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71ccccf0b523-OSL
d3g5ovfngjw9bw.cloudfront.net/leaflet.toolbar.js
143.204.42.75200 OK 9.7 kB URL HTTP/2 d3g5ovfngjw9bw.cloudfront.net/leaflet.toolbar.js
IP 143.204.42.75:0
File type HTML document, ASCII text, with very long lines (1568), with CRLF line terminators
Hash 93b5f13322d803d75e58cd7721761b8a
e23cc49ab632469cd61771c8ec5ae2b0cefd2d50
6305abe5a19fd031d7b8c1b417de9bf5f3b4f03f3db3801687f13bc1696bdc4b
Analyzer Verdict Alert fortinet Malware
GET /leaflet.toolbar.js HTTP/1.1
Host: d3g5ovfngjw9bw.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
content-length: 9695
expires: Thu, 22 Dec 2022 09:48:49 GMT
access-control-allow-origin: *
link: <https://cdn4ads.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
content-encoding: gzip
date: Thu, 15 Dec 2022 09:48:49 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: oz2wPCsA_RnrMQF-4Q1v2kujjNhuYlVLG8D_sDovwxG5O2ECz5WUtQ==
age: 295476
X-Firefox-Spdy: h2
spinalmultiple.com/sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=8880f1a1-5430-4c11-84f9-e9c3cf4b976c%3A1%3A1
173.233.137.36200 OK 5.1 kB URL HTTP/1.1 spinalmultiple.com/sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=8880f1a1-5430-4c11-84f9-e9c3cf4b976c%3A1%3A1
IP 173.233.137.36:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7254), with no line terminators
Hash 09afb654a7a7d679711553e9c64b8185
2557f14987e88261d8e9433f9c5d7e17ff2754fc
54f54fb5acd383c2e6372d55dcfcd35c56bb3a91589063983f9984ee8c20d555
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=8880f1a1-5430-4c11-84f9-e9c3cf4b976c%3A1%3A1 HTTP/1.1
Host: spinalmultiple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:25 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15289012; expires=Mon, 19 Dec 2022 19:53:25 GMT; secure; SameSite=None
uid_id2=8880f1a1-5430-4c11-84f9-e9c3cf4b976c:1:1; expires=Sun, 25 Dec 2022 19:53:25 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 19 Dec 2022 19:53:25 GMT; secure; SameSite=None
uncs=1; expires=Mon, 19 Dec 2022 19:53:25 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 19 Dec 2022 19:53:25 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 19 Dec 2022 19:53:25 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 08327ec1bc68efbe5fa1f8f3beb1cc27
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
x.bidswitch.net/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785
54.93.177.113302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785
IP 54.93.177.113:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 18 Dec 2022 19:53:25 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=1e6560a2-8bb7-4c1a-9212-e5d367de4446; path=/; expires=Mon, 18-Dec-2023 19:53:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671393205; path=/; expires=Mon, 18-Dec-2023 19:53:25 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1671393205; path=/; expires=Mon, 18-Dec-2023 19:53:25 GMT; domain=.bidswitch.net; samesite=none; secure
c=1671393205; path=/; expires=Mon, 18-Dec-2023 19:53:25 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
spinalmultiple.com/ren.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczubLKbUmLapHHbNIlJNOBLuXPnzua6d%2B4d772zk6wvwRbpixjFBy1IJidJ02rpH9AHHwTZ9EUDQldB9sGAjz5ZLRSfVHYTqT4IPnhg5vwOvxnO73fOeWMt2UUOJLgzfVY2Gee4v5R37KfmmQhkqu3JOdt18s4xe56JAe%2BYvdh9qcaQ65TyztP2OCV12V9wXMdxHdc%2BxRQN5WJ%2FjwUWX6u4%2BYqT9wp5t%2BTBovprrRMLNLYgaOyiR4AF7UMLX9wCRlogopujVNeNjJ8dixKOjVTQCLZeFHUhUwHRAxgqC0Kxtf81SN1G6L0DIMXWvgOQjY2uA%2FBZG1nfuuCLrX2Z4Dc295T6HKgAP%2Fg%2FpI0WUN4ChltA5HlgwR0EQAKYnAIRXZ6UKsVLeyzusm108P49YGkbHfzuMIjo%2BgnOFu1ZyRPDpNCwGGbAFlvAai2Ik20wTQtYug3EvA4s%2BAr1358AEW1MaS6BBZ0ny%2BWyE7rY7St5RafPI67bV%2FbCSh%2BtkCIJPb8yOEB6I2KsBSxsAacrgLUFSfdhFiShBUlsQRR0bFyqhI4zGPphsVj2CCHFIiGl8kBQCopeOXQgIV0PK2DiFSB8BYhahlgtQ52tgEo%2BB72QgQ4s0AZBI8ggpQhSjSDFCFKGIDUI0ka2GXBd0NnlgOvEd%2FdzYT8Xs3Vpamt4U5oaFWgt3kUP9wb3w%2BmPoU47NgkHCi71Cx7GJd%2FDbqFcrnhltzJQKbuDjl8GzTJg%2BkDPZrO7xUd%2Fhpi1EfpxGXy8DZpvA2FHACdPAE7XBwsO4IV1r%2BxAU1xrcr0glaF5QQ0EMoPYHAKzZK3xXfRYT0fpwptAyc5z%2F711u%2FDl%2FBUgKoNYZfAKu42gxi%2Buz8gUbczIVKNbU7FhEWvi7nJnDTYUfXiGLqVSBdVRvXJ1hHSJLrw2R7WZwCJgoqbRRydYEFB1SipC0WdVPU%2F96UQvnEiUSOKJ6ZOnqlGsqNZMihZgdmfxZSCsjf730k%2B9s338ngdMbYNKOqMLxsRD%2Ff2EM1LPx4TX8wJHdK8e1hSb48WBilMoHMUBC%2F7A7HjDf%2BGZ02fnXm0OeOcciJKd4U%2Ff78YlYLIFJL5wJZernpyazOU6M3%2FTwiwkkS8w4%2F%2B0zVEW1cxxRqS4msvNVecmxnK5Tv%2Fd1Xc351igfVpTVGhqbMO4nwRDtus4jj05dcYOpbIDWrPvrl5avpHLjY7NnpypTs9Ve%2FKOzNaXRNDjtzftcHvTblBel5E2vhSJvrv6zs0budzEyMz42Lnq2ZHxbtPn%2Fy1LoOMdtB%2BgJQLFH9R%2BbEGaZOuq4O8Mf%2FDQ8siB394Cztpo6NdfgNOd4W%2Ba349fP%2FwaYD8DTf%2F04wO8pi9CTVmAzXkQUQYNlUGDZ4D5CujkP%2BsmVjvDXxd7AT631n2urA2fK%2F723iVr1rFpKXRC6hSoH1b8cBA7QSX0Kj6uuHTQL2EXjG6TVfnJ7wAAAP%2F%2FAQAA%2F%2F%2FAZGqm%2FQUAAA%3D%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 spinalmultiple.com/ren.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczubLKbUmLapHHbNIlJNOBLuXPnzua6d%2B4d772zk6wvwRbpixjFBy1IJidJ02rpH9AHHwTZ9EUDQldB9sGAjz5ZLRSfVHYTqT4IPnhg5vwOvxnO73fOeWMt2UUOJLgzfVY2Gee4v5R37KfmmQhkqu3JOdt18s4xe56JAe%2BYvdh9qcaQ65TyztP2OCV12V9wXMdxHdc%2BxRQN5WJ%2FjwUWX6u4%2BYqT9wp5t%2BTBovprrRMLNLYgaOyiR4AF7UMLX9wCRlogopujVNeNjJ8dixKOjVTQCLZeFHUhUwHRAxgqC0Kxtf81SN1G6L0DIMXWvgOQjY2uA%2FBZG1nfuuCLrX2Z4Dc295T6HKgAP%2Fg%2FpI0WUN4ChltA5HlgwR0EQAKYnAIRXZ6UKsVLeyzusm108P49YGkbHfzuMIjo%2BgnOFu1ZyRPDpNCwGGbAFlvAai2Ik20wTQtYug3EvA4s%2BAr1358AEW1MaS6BBZ0ny%2BWyE7rY7St5RafPI67bV%2FbCSh%2BtkCIJPb8yOEB6I2KsBSxsAacrgLUFSfdhFiShBUlsQRR0bFyqhI4zGPphsVj2CCHFIiGl8kBQCopeOXQgIV0PK2DiFSB8BYhahlgtQ52tgEo%2BB72QgQ4s0AZBI8ggpQhSjSDFCFKGIDUI0ka2GXBd0NnlgOvEd%2FdzYT8Xs3Vpamt4U5oaFWgt3kUP9wb3w%2BmPoU47NgkHCi71Cx7GJd%2FDbqFcrnhltzJQKbuDjl8GzTJg%2BkDPZrO7xUd%2Fhpi1EfpxGXy8DZpvA2FHACdPAE7XBwsO4IV1r%2BxAU1xrcr0glaF5QQ0EMoPYHAKzZK3xXfRYT0fpwptAyc5z%2F711u%2FDl%2FBUgKoNYZfAKu42gxi%2Buz8gUbczIVKNbU7FhEWvi7nJnDTYUfXiGLqVSBdVRvXJ1hHSJLrw2R7WZwCJgoqbRRydYEFB1SipC0WdVPU%2F96UQvnEiUSOKJ6ZOnqlGsqNZMihZgdmfxZSCsjf730k%2B9s338ngdMbYNKOqMLxsRD%2Ff2EM1LPx4TX8wJHdK8e1hSb48WBilMoHMUBC%2F7A7HjDf%2BGZ02fnXm0OeOcciJKd4U%2Ff78YlYLIFJL5wJZernpyazOU6M3%2FTwiwkkS8w4%2F%2B0zVEW1cxxRqS4msvNVecmxnK5Tv%2Fd1Xc351igfVpTVGhqbMO4nwRDtus4jj05dcYOpbIDWrPvrl5avpHLjY7NnpypTs9Ve%2FKOzNaXRNDjtzftcHvTblBel5E2vhSJvrv6zs0budzEyMz42Lnq2ZHxbtPn%2Fy1LoOMdtB%2BgJQLFH9R%2BbEGaZOuq4O8Mf%2FDQ8siB394Cztpo6NdfgNOd4W%2Ba349fP%2FwaYD8DTf%2F04wO8pi9CTVmAzXkQUQYNlUGDZ4D5CujkP%2BsmVjvDXxd7AT631n2urA2fK%2F723iVr1rFpKXRC6hSoH1b8cBA7QSX0Kj6uuHTQL2EXjG6TVfnJ7wAAAP%2F%2FAQAA%2F%2F%2FAZGqm%2FQUAAA%3D%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczubLKbUmLapHHbNIlJNOBLuXPnzua6d%2B4d772zk6wvwRbpixjFBy1IJidJ02rpH9AHHwTZ9EUDQldB9sGAjz5ZLRSfVHYTqT4IPnhg5vwOvxnO73fOeWMt2UUOJLgzfVY2Gee4v5R37KfmmQhkqu3JOdt18s4xe56JAe%2BYvdh9qcaQ65TyztP2OCV12V9wXMdxHdc%2BxRQN5WJ%2FjwUWX6u4%2BYqT9wp5t%2BTBovprrRMLNLYgaOyiR4AF7UMLX9wCRlogopujVNeNjJ8dixKOjVTQCLZeFHUhUwHRAxgqC0Kxtf81SN1G6L0DIMXWvgOQjY2uA%2FBZG1nfuuCLrX2Z4Dc295T6HKgAP%2Fg%2FpI0WUN4ChltA5HlgwR0EQAKYnAIRXZ6UKsVLeyzusm108P49YGkbHfzuMIjo%2BgnOFu1ZyRPDpNCwGGbAFlvAai2Ik20wTQtYug3EvA4s%2BAr1358AEW1MaS6BBZ0ny%2BWyE7rY7St5RafPI67bV%2FbCSh%2BtkCIJPb8yOEB6I2KsBSxsAacrgLUFSfdhFiShBUlsQRR0bFyqhI4zGPphsVj2CCHFIiGl8kBQCopeOXQgIV0PK2DiFSB8BYhahlgtQ52tgEo%2BB72QgQ4s0AZBI8ggpQhSjSDFCFKGIDUI0ka2GXBd0NnlgOvEd%2FdzYT8Xs3Vpamt4U5oaFWgt3kUP9wb3w%2BmPoU47NgkHCi71Cx7GJd%2FDbqFcrnhltzJQKbuDjl8GzTJg%2BkDPZrO7xUd%2Fhpi1EfpxGXy8DZpvA2FHACdPAE7XBwsO4IV1r%2BxAU1xrcr0glaF5QQ0EMoPYHAKzZK3xXfRYT0fpwptAyc5z%2F711u%2FDl%2FBUgKoNYZfAKu42gxi%2Buz8gUbczIVKNbU7FhEWvi7nJnDTYUfXiGLqVSBdVRvXJ1hHSJLrw2R7WZwCJgoqbRRydYEFB1SipC0WdVPU%2F96UQvnEiUSOKJ6ZOnqlGsqNZMihZgdmfxZSCsjf730k%2B9s338ngdMbYNKOqMLxsRD%2Ff2EM1LPx4TX8wJHdK8e1hSb48WBilMoHMUBC%2F7A7HjDf%2BGZ02fnXm0OeOcciJKd4U%2Ff78YlYLIFJL5wJZernpyazOU6M3%2FTwiwkkS8w4%2F%2B0zVEW1cxxRqS4msvNVecmxnK5Tv%2Fd1Xc351igfVpTVGhqbMO4nwRDtus4jj05dcYOpbIDWrPvrl5avpHLjY7NnpypTs9Ve%2FKOzNaXRNDjtzftcHvTblBel5E2vhSJvrv6zs0budzEyMz42Lnq2ZHxbtPn%2Fy1LoOMdtB%2BgJQLFH9R%2BbEGaZOuq4O8Mf%2FDQ8siB394Cztpo6NdfgNOd4W%2Ba349fP%2FwaYD8DTf%2F04wO8pi9CTVmAzXkQUQYNlUGDZ4D5CujkP%2BsmVjvDXxd7AT631n2urA2fK%2F723iVr1rFpKXRC6hSoH1b8cBA7QSX0Kj6uuHTQL2EXjG6TVfnJ7wAAAP%2F%2FAQAA%2F%2F%2FAZGqm%2FQUAAA%3D%3D HTTP/1.1
Host: spinalmultiple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=8880f1a1-5430-4c11-84f9-e9c3cf4b976c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:25 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 41a703c853978260689b745248be3094
Strict-Transport-Security: max-age=0; includeSubdomains
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 4c27bb2ba2acc2b177746256595cd57c
ac37bba5f33eab2a3942b50472c852ad71c72e70
48dde36af83ae95b771ae8bba9655cc75a25d4a88a75291fedfbb796435ea853
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 12:04:31 GMT
Expires: Sun, 25 Dec 2022 12:04:30 GMT
Etag: "ac37bba5f33eab2a3942b50472c852ad71c72e70"
Cache-Control: max-age=576064,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71ce1e84b523-OSL
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 0c61a9397a6dacb86a871e21c5681ef2
8c87de2b592d25245ae51239acf64073c1dccdad
021b67e280d13e14ada7447cf4411e69929faaa0bc107669f1998a2703d69948
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "021B67E280D13E14ADA7447CF4411E69929FAAA0BC107669F1998A2703D69948"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2882
Expires: Sun, 18 Dec 2022 20:41:27 GMT
Date: Sun, 18 Dec 2022 19:53:25 GMT
Connection: keep-alive
c.adsco.re/
104.17.167.186200 OK 27 kB IP 104.17.167.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash cb5c226b05ba40aaf69a34646cf92a4f
d025ac2ae36b45a2674c96ba3dbad2e1ac0ecbeb
ea5d923899224c7e2d991d8c7e2ef63b7424d0976a882ff8d5bdb3b1f46ef0f1
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 18 Jan 2023 19:53:25 GMT
etag: W/"xkCBFtC0Wl/JiS60JFipuQ=="
cf-cache-status: HIT
age: 1216719
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71cf6c4bb4f4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d0aea2b505-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:25 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785
54.93.177.113200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785
IP 54.93.177.113:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=vidoomy&user_id=332738885.36259071897447765.6212785 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58610/occ?verify=true
3.126.56.137204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58610/occ?verify=true
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58610/occ?verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 18 Dec 2022 19:53:26 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBLZvn2MCEN0ZFniZ2qE-lMno3mxTQI8FEgEBAQHBoGOpYwAAAAAA_eMAAA&S=AQAAAjmZNeJz86jI5UEP_vriHGE; Expires=Tue, 19 Dec 2023 01:53:26 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.33200 OK 1.1 kB URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.33:0
Hash 3efd96b9c9e0e7e3d825d0918bf78f39
1a94570ef101dbb271becdc7556c8bb426ee72c7
98273ecbd4b86c002f70192b56853e555bc5191dc2c1000cc82b273136ffd0a7
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
date: Sun, 18 Dec 2022 19:43:59 GMT
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
x-amz-server-side-encryption: AES256
cache-control: max-age=3600
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1O-wgSN9lm7oA4eoff5FvSJhAPJ12fzCjS5iojxCz5MK7xLjfLtqsA==
age: 568
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.138200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.138:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Dec 2022 20:56:42 GMT
expires: Fri, 15 Dec 2023 20:56:42 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 255404
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3cda1c47db8264b40ac43789cee638d5
dabca282194f6cae510ac7b44060318e67dd4881
ce538ec7d0940cb1a1cc2c5b51d8c3e854ede6ce270dddab44f45a12359cdbc3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CE538EC7D0940CB1A1CC2C5B51D8C3E854EDE6CE270DDDAB44F45A12359CDBC3"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1931
Expires: Sun, 18 Dec 2022 20:25:37 GMT
Date: Sun, 18 Dec 2022 19:53:26 GMT
Connection: keep-alive
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.14200 OK 27 kB URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.14:0
File type JSON data\012- , ASCII text, with very long lines (10104), with no line terminators
Hash d3f627f9ffd52ad4bbacd7d1af1c2907
d64598fc6cbb282d87af683c2a68f25725fb3210
7cd09dea8f8e40c338f09fc845496e1b9edf8ec920be77c4ad37b885ca40dfdf
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sun, 18 Dec 2022 03:00:36 GMT
last-modified: Thu, 15 Dec 2022 19:53:40 GMT
etag: W/"1fcb7b340973662b8c72821035297be8"
x-amz-server-side-encryption: AES256
x-amz-version-id: 1z0UoXMJ9xzbs2qI0bEVqRIwlX6l1fM5
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1ckWgSY4cBCHkZhDBMKvE0kSLCTQzbtqNalGFlIZEOC3TE08V6lJlA==
age: 60771
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png
172.64.109.13200 OK 49 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/img/close.png
IP 172.64.109.13:0
File type PNG image data, 2063 x 2063, 8-bit/color RGBA, non-interlaced\012- data
Hash c468e1d251e84cbbd9fd43f1bf756866
29512569a2da569797a545eb36c6176d6285a8da
b0da14eff7c6fe39d973148b55c51ee6ce3948e76e488c401eb6dca5dfbd1cd8
GET /sb/interstitial/rtb/default/3/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: image/png
content-length: 48623
last-modified: Wed, 23 Jun 2021 13:33:23 GMT
etag: "60d33823-bdef"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1174182
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lq6CAKz%2BmMIZ5zKFqd1V8cxYUt3Fsi4b9YsrxzLNjFtBQSgLfXYcPgOrWTcMr4jm3CbELTXwSGhU8aE1cpvrkqp%2FM6wYiAyc%2FalDG0ctBVW5YQjhe0jMwqNsRIF4XE0AtwbpEeFXQkw2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d38c3023f3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tgb3mntrssd6.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 tgb3mntrssd6.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tgb3mntrssd6.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
23.33.119.27200 OK 345 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3cda1c47db8264b40ac43789cee638d5
dabca282194f6cae510ac7b44060318e67dd4881
ce538ec7d0940cb1a1cc2c5b51d8c3e854ede6ce270dddab44f45a12359cdbc3
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "CE538EC7D0940CB1A1CC2C5B51D8C3E854EDE6CE270DDDAB44F45A12359CDBC3"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Sun, 18 Dec 2022 20:35:01 GMT
Date: Sun, 18 Dec 2022 19:53:26 GMT
Connection: keep-alive
at.teads.tv/fpc?analytics_tag_id=PUB_11398&tfpvi=&gdpr_status=23&gdpr_reason=230&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=8480ba3&
184.24.45.54200 OK 0 B URL HTTP/1.1 at.teads.tv/fpc?analytics_tag_id=PUB_11398&tfpvi=&gdpr_status=23&gdpr_reason=230&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=8480ba3&
IP 184.24.45.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /fpc?analytics_tag_id=PUB_11398&tfpvi=&gdpr_status=23&gdpr_reason=230&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=8480ba3& HTTP/1.1
Host: at.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain; charset=UTF-8
Content-Length: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Expires: Sun, 18 Dec 2022 19:53:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Dec 2022 19:53:26 GMT
Connection: keep-alive
adsco.re/p
162.252.214.5200 OK 169 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 89c205190ce6bdacbf6d472000fb7e5f
9218d1e2194055981f2d5ff60a4aba8858fa3a6f
47116af1f58d7d82d82d63264fb1ba643b4799ed0a8b8a28e197c0b0bd47d2bf
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2007
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:26 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f653713a68d68cbc3fd3f92cb225fff8
0f79195907469b1615818dc345d4b17689de62b5
f89dee8914042022351c99fe107219d5d222c7b2b03baf5aef602b848bc5b4d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F89DEE8914042022351C99FE107219D5D222C7B2B03BAF5AEF602B848BC5B4D5"
Last-Modified: Sat, 17 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3647
Expires: Sun, 18 Dec 2022 20:54:13 GMT
Date: Sun, 18 Dec 2022 19:53:26 GMT
Connection: keep-alive
ad.lkqd.net/vpaid/formats.js
151.139.128.10200 OK 36 kB URL HTTP/2 ad.lkqd.net/vpaid/formats.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b3736cf69ac3288810f4c8bb85ce569c
70984d14343ea485a8232927d58db0671eb1778f
1d2893bf6270530e1df90bc8279d8319cd721ba8dc4ba94970b1a0adf03bac98
GET /vpaid/formats.js HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-encoding: gzip
content-length: 35765
content-type: application/javascript
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
accept-ranges: bytes
etag: "286704660baa2c113268f28385080796"
cache-control: public, max-age=1209600
x-sp-metadata: HS256.CMb7/ZwGEoYBCiQ1OTAwMDg1Yy1kYjkwLTQzNjgtOTJmNS0zYWFlY2VhNmZkMzEQkKbXzNb5+wIaBgi23/2cBiIMOTEuOTAuNDIuMTU0KIoyMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ3OTE3YTg3OS1kNzJmLTQxMWUtODFlYi0zZWZjZDI5NjJjYjQYtZcCIhgIAhIUY2RzMjI5LnNrMS5od2Nkbi5uZXQ=.8OCO0zeSHNqUQFjXk/BXxDtKGWUrf9J/ug+PepZ384s=
x-hw: 1671393206.cds024.sk1.hn,1671393206.cds229.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 2c08782f237d854f497f4923e2a7634a
fda57361565917a068bec9097de451b47288259b
522e81c7af5bf345b595940c91732cc7a6090a6d810b59c736d60ebcf23ec738
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90943
Date: Sun, 18 Dec 2022 19:53:26 GMT
Etag: "639e25ae-1d7"
Expires: Mon, 19 Dec 2022 21:09:09 GMT
Last-Modified: Sat, 17 Dec 2022 20:25:18 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 6b590e690e32695caa633ab770319d74.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: NPJEaE4b2hLXIG6xDLjFnGQ4sRBnaIXUhvA2KKJwQt77K5N_5TNlRA==
Age: 2631
click.pclk.name/thumbnail?seat=369022&adid=369022&i=vbQ*JMTqz64_0&imgt=icon
173.239.53.24302 Found 0 B URL HTTP/1.1 click.pclk.name/thumbnail?seat=369022&adid=369022&i=vbQ*JMTqz64_0&imgt=icon
IP 173.239.53.24:0
ASN #27257 WEBAIR-INTERNET
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /thumbnail?seat=369022&adid=369022&i=vbQ*JMTqz64_0&imgt=icon HTTP/1.1
Host: click.pclk.name
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 302 Found
Cache-Control: no-store
Content-Length: 0
Age: 0
Connection: keep-alive
Location: https://us.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1671393205127-7-8077-1178228-f404c62b-0697-fe38-809c-7a8744cb6f99&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DGIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
Pragma: no-cache
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258
142.250.74.130302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258
IP 142.250.74.130:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6dabcd648c1f3373e285e1b808771c5a
a37011ca85a7c18d20dce2a537c6ba55fa7abbac
e07d70368c376c1eca2de8afb5aa7944ccf22c2667058378563921ca384ba63b
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258&google_tc=
date: Sun, 18 Dec 2022 19:53:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 18-Dec-2022 20:08:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ad.lkqd.net/cookie-sync/usync.html
151.139.128.10200 OK 1.9 kB URL HTTP/2 ad.lkqd.net/cookie-sync/usync.html
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 41b852ed55af42897839dd36a74c8836
ab34ebee16e719e22645fb8560fd66adf90f9dff
eb7f7a625357319b2e1a3f3099e9630dada48ec5c079e5d698699ebe15c8002f
GET /cookie-sync/usync.html HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-encoding: gzip
content-length: 1882
content-type: text/html
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges: bytes
etag: "952dcfd8e3703b5a7e78418d51009535"
cache-control: public, max-age=1209600
x-sp-metadata: HS256.CMb7/ZwGEoYBCiRhNmM0NjM2ZC04OWMwLTRkMjYtYjljYi05OTEzMjAyYzg5YmQQkKbXzNb5+wIaBgi23/2cBiIMOTEuOTAuNDIuMTU0KIoyMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiRkZGVjOTllYi1kYjUzLTRmNWYtYmVjZS0wMzQ1YTU4ZWFhMmYY2g4iGAgCEhRjZHMwMDMuc2sxLmh3Y2RuLm5ldA==.AwqIQ/xbGii96xNZ537jx/uk7UnpdKnRJz2ku2ctCW8=
x-hw: 1671393206.cds024.sk1.hn,1671393206.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0973dd05c36d5b21a858d6a6bec71334
e5bc1af376e6cd71fe3be45b393ceb1f61434891
e46922306d68a94ce397d96c12c5ddfd0341e139369cab988a6c57b57a9bd0ad
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ad.lkqd.net/cookie-sync/usync.html
151.139.128.10200 OK 1.9 kB URL HTTP/2 ad.lkqd.net/cookie-sync/usync.html
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 41b852ed55af42897839dd36a74c8836
ab34ebee16e719e22645fb8560fd66adf90f9dff
eb7f7a625357319b2e1a3f3099e9630dada48ec5c079e5d698699ebe15c8002f
GET /cookie-sync/usync.html HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-encoding: gzip
content-length: 1882
content-type: text/html
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges: bytes
etag: "952dcfd8e3703b5a7e78418d51009535"
cache-control: public, max-age=1209600
x-sp-metadata: HS256.CMb7/ZwGEoYBCiQ3MTU2YjM1NC1jNzU5LTQzZDctODhiMy0yNTYzYjI3YjUwY2YQkKbXzNb5+wIaBgi23/2cBiIMOTEuOTAuNDIuMTU0KIoyMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaKwgBEiQxODAzNGNmNi04ZDNmLTRmZGUtYjllZS0xNzg0YWVjNjVhZGMY2g4iGAgCEhRjZHMwMDMuc2sxLmh3Y2RuLm5ldA==.8KoP7aQguOm9S1bLhVQsamNBvq8/HgtuDEbzmUrxRaA=
x-hw: 1671393206.cds024.sk1.hn,1671393206.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
ads.stickyadstv.com/auto-user-sync
23.36.77.41200 OK 43 B URL HTTP/1.1 ads.stickyadstv.com/auto-user-sync
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /auto-user-sync HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1671393206854003-518
Expires: Sun, 18 Dec 2022 19:53:26 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 18 Dec 2022 19:53:26 GMT
Content-Length: 43
Connection: keep-alive
Set-Cookie: UID=aacba5d6735a4eefd3ffc8a083c946; Domain=ads.stickyadstv.com; Expires=Tue, 17-Jan-2023 19:53:26 GMT; Path=/
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51e86fb7e4e3bcce2a2845ca0f41f473
5432e9856839a4a607360976a8ff5cfaa137556f
207f1ff300d9fda0c754a07821521240d84fa63134b748bd3f6245d62c0ba320
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "207F1FF300D9FDA0C754A07821521240D84FA63134B748BD3F6245D62C0BA320"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13383
Expires: Sun, 18 Dec 2022 23:36:29 GMT
Date: Sun, 18 Dec 2022 19:53:26 GMT
Connection: keep-alive
id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
162.19.138.118200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
IP 162.19.138.118:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 18-Dec-2022 19:58:26 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 18 Dec 2022 19:53:26 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1671393206723%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-6muv9kmxb13p6y3wr1je%22%7D
52.57.91.94200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1671393206723%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-6muv9kmxb13p6y3wr1je%22%7D
IP 52.57.91.94:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1671393206723%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-6muv9kmxb13p6y3wr1je%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f47f5a3b2c2c60219cc56d37b8a0e324
d4fbcecbf7f8636b158f189a833bb9f71fec70ba
ae8c47219ffa27ea633e4462d3162fcc41c62a910f32bbe2f58528c068a0ffde
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AE8C47219FFA27EA633E4462D3162FCC41C62A910F32BBE2F58528C068A0FFDE"
Last-Modified: Sun, 18 Dec 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9902
Expires: Sun, 18 Dec 2022 22:38:29 GMT
Date: Sun, 18 Dec 2022 19:53:27 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fc2a13e14c1e8d57d485bb1ea60d1752
81aab4804e2e79bcc1c8f93acb7d0b95132427df
07d8ff8e5a6f8d68e8d0e418136de2a8aa6ed81b5b3d2964e1d01c69ee34b8dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07D8FF8E5A6F8D68E8D0E418136DE2A8AA6ED81B5B3D2964E1D01C69EE34B8DC"
Last-Modified: Sat, 17 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18328
Expires: Mon, 19 Dec 2022 00:58:55 GMT
Date: Sun, 18 Dec 2022 19:53:27 GMT
Connection: keep-alive
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258&google_error=3
104.22.24.87200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258&google_error=3
IP 104.22.24.87:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=a1ef1fe9-e1e2-4034-4eca-31018a7422b4&reqId=d3646858-7ede-4474-4f20-381a0eb3f1fa&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Connection: keep-alive
Cookie: zc=a1ef1fe9-e1e2-4034-4eca-31018a7422b4; zsc=%DE%F6%9D%9B%28%D1%CCp%0F%E6_%1B%E1%28%FD%E6%D9%409H%93%03%A6%B0%8A%FC~O%5Dd%AB%AA%E3n%01%5C%1D-%E94X%B1%FA%C8%7D%25Y%DFN%C9n5%10%CA%F9%8A%E6%CF%AB%1B%95m%851%97H%08%18%3Co%22Yq%8F5%CC%3D%921J%0E%C9L
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://m.imagenesderopaparaperros.com
set-cookie: zc=a1ef1fe9-e1e2-4034-4eca-31018a7422b4; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77ba71d7e981b524-OSL
X-Firefox-Spdy: h2
csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
35.214.223.115307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
IP 35.214.223.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=8d462fba-6274-4ce5-b018-fdf672e65618; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Sat, 18-Mar-2023 19:53:27 GMT; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=8d462fba-6274-4ce5-b018-fdf672e65618
content-length: 0
date: Sun, 18 Dec 2022 19:53:27 GMT
server: _
X-Firefox-Spdy: h2
tgb3mntrssd6.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 tgb3mntrssd6.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: tgb3mntrssd6.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:26 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bce7ad3306f99babb733fa5c11575bb1
3e948cd6f3f3e948948b8be10ad9a900671ee12b
91980c3c773f70e07cba5ade57ce70aaa978a5d1eb1921e5be150f40f354ed6c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1995
Cache-Control: max-age=128820
Content-Type: application/ocsp-response
Date: Sun, 18 Dec 2022 19:53:27 GMT
Etag: "639ebc20-1d7"
Expires: Tue, 20 Dec 2022 07:40:27 GMT
Last-Modified: Sun, 18 Dec 2022 07:07:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ad.turn.com/r/cs?pid=65
46.228.164.11302 Found 0 B IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=2951333182733971509; Domain=.turn.com; Expires=Fri, 16-Jun-2023 19:53:27 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=2951333182733971509
content-length: 0
date: Sun, 18 Dec 2022 19:53:26 GMT
X-Firefox-Spdy: h2
us.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1671393205127-7-8077-1178228-f404c62b-0697-fe38-809c-7a8744cb6f99&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DGIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
38.100.129.11302 Found 0 B URL HTTP/2 us.doctorpost.net/metrics/save.img?event=impressions&bid-id=v2-1671393205127-7-8077-1178228-f404c62b-0697-fe38-809c-7a8744cb6f99&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DGIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
IP 38.100.129.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metrics/save.img?event=impressions&bid-id=v2-1671393205127-7-8077-1178228-f404c62b-0697-fe38-809c-7a8744cb6f99&img=https%3A%2F%2Ftrack.trackingtraffo.com%2Fpush%2Fic%3Fauth%3Dpz6u78%26c%3DGIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl HTTP/1.1
Host: us.doctorpost.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: openresty/1.15.8.3
date: Sun, 18 Dec 2022 19:53:27 GMT
content-length: 0
location: https://track.trackingtraffo.com/push/ic?auth=pz6u78&c=GIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
172.64.109.13200 OK 63 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/script.js
IP 172.64.109.13:0
Hash cfe8dacb38c07dfbaadc2cc835799f84
d4b5da8536f17599100a6bc78b573769546fa11e
f0147e429de283b4d1c78bc72a08c8253b3d11be24d619220bb73088b2bfdae8
GET /sb/interstitial/rtb/default/3/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:24 GMT
etag: W/"60d33824-2ed"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 75106
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zo5ZvJTAqBWBHdDZral9gRMv58PPUYgnznC%2FQ97B0cHoQJtZCnslwteCWaNiw%2F3oyFONkpkX%2BvLz2ZVnAPjtH4r8%2FjKj1yBP%2BUIBbjoQwsDnYPpKDyTerkOJ7K6mpYtg3Nke3nmBNuhQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d49dd623f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css
172.64.109.13200 OK 1.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/style.css
IP 172.64.109.13:0
Hash 4c2ce18f2ed663097d55a39044f8a22e
64385d32cdcd058ffa7a1b64896d8bef0932e91a
d678023a37d11b70d66e54d434397bd9db931642ccce814ad8b67055e346098b
GET /sb/interstitial/rtb/default/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:21 GMT
etag: W/"60d33821-14da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 75108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1n%2BY%2BEIC%2FT0S6QvvbCgaQreH59rlax8AkDbCnnx48BqDXAj0aTeB26PYrV1Ok2PDVywhTdiHIKHP7B4GbrWsbByve70Jf9qOy5RT9oCWgYrjn1xMcm8hqZEpo%2FUc2wcpt6cS43pzZUVl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d38c1b23f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
108.157.217.164200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 108.157.217.164:0
Hash 3678c5342a3531674497fcd352df920f
09b27f9ff55b24fcfeec5b40eda7f7241bed4744
ab7010b756af09494729823f35fdcc785a969ef991fa7a98b4b35db4bb11cb31
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=116895
Date: Sun, 18 Dec 2022 19:53:27 GMT
Etag: "639e9335-1d7"
Expires: Tue, 20 Dec 2022 04:21:42 GMT
Last-Modified: Sun, 18 Dec 2022 04:12:37 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 ff7194a111d1912088727cbee9f13db0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: ARN56-P1
X-Amz-Cf-Id: PwfWKtuPi-LhK0nZwurdIba56GaNOk04WKsND98loe_a4rU2pqsa1w==
Age: 545
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 645f24084a4486c9882f9f6b2979a79d
e47c8799fb00f4a4b7e90d9415f55fc20acaa7e3
644b0fa793131d7e1785589e3b83080c44d19396208b6a1548dc8b8cc430df9c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Dec 2022 06:57:12 GMT
Expires: Sun, 25 Dec 2022 06:57:11 GMT
Etag: "e47c8799fb00f4a4b7e90d9415f55fc20acaa7e3"
Cache-Control: max-age=557623,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71da1f21b523-OSL
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:27 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
146.20.132.188200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
IP 146.20.132.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=94&partnerUserId=2951333182733971509
146.20.132.188200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=94&partnerUserId=2951333182733971509
IP 146.20.132.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=94&partnerUserId=2951333182733971509 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
34.193.201.64302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP 34.193.201.64:0
File type HTML document, ASCII text
Hash ef501d9b5f6ff9164af8b3a9d75ee5bb
a5e1812f6bb527ff32c102b5bc0851601046e786
802e9271a3f831787dcc8a0ff0b7b6107c24ddc05ce315f7def275a7f954f0a8
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sun, 18 Dec 2022 19:53:27 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=eJ7nSCKCTMJEsY1CKNoRgltaKpo
Set-Cookie: sa-user-id=s%3A0-789ee748-2282-4cc2-44b1-8d4228da1182.WLhdfTfY8K7uHGcNMZZvFCjeocaYWAgvGJqs5%2BCeS%2B8; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AeJ7nSCKCTMJEsY1CKNoRgltaKpo.Kt7iabEcBnwu9UgPuBLob9GIpLka%2FBUIdjlUnHdZMbU; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
cdn4ads.com/A.asp?_=BAYAY59vtgFjn2-2gAGBAsAAIOjSKo1YbsoKtIdPf3RqdfP2v6BgC04FFnqhElJmO_YkwQBGMEQCIDO3SFZyu3tf4geDHOkWN6Rpt23BLb28UyKFHVsEGJpnAiBqxdI_mSvQQb2ewUjtO2nOhoO0JeYFtfjByCUB2m0WHA&v=4&YtWBfHcw=4293767&minBid=&zTDSxYRg=0,0&fnowZANY=&nROCpkwL=&s=1280,1024,1,1280,1024,0
216.59.63.128200 OK 44 B URL HTTP/2 cdn4ads.com/A.asp?_=BAYAY59vtgFjn2-2gAGBAsAAIOjSKo1YbsoKtIdPf3RqdfP2v6BgC04FFnqhElJmO_YkwQBGMEQCIDO3SFZyu3tf4geDHOkWN6Rpt23BLb28UyKFHVsEGJpnAiBqxdI_mSvQQb2ewUjtO2nOhoO0JeYFtfjByCUB2m0WHA&v=4&YtWBfHcw=4293767&minBid=&zTDSxYRg=0,0&fnowZANY=&nROCpkwL=&s=1280,1024,1,1280,1024,0
IP 216.59.63.128:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /A.asp?_=BAYAY59vtgFjn2-2gAGBAsAAIOjSKo1YbsoKtIdPf3RqdfP2v6BgC04FFnqhElJmO_YkwQBGMEQCIDO3SFZyu3tf4geDHOkWN6Rpt23BLb28UyKFHVsEGJpnAiBqxdI_mSvQQb2ewUjtO2nOhoO0JeYFtfjByCUB2m0WHA&v=4&YtWBfHcw=4293767&minBid=&zTDSxYRg=0,0&fnowZANY=&nROCpkwL=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 18 Dec 2022 19:53:27 GMT
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=54&partnerUserId=8d462fba-6274-4ce5-b018-fdf672e65618
146.20.132.188200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=54&partnerUserId=8d462fba-6274-4ce5-b018-fdf672e65618
IP 146.20.132.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=54&partnerUserId=8d462fba-6274-4ce5-b018-fdf672e65618 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
spinalmultiple.com/impr.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczsbDKbUmLapHHbNIlJNOBLuXPvnc1178wd597ZSdaXYIv0RYzigxYkk5OkabX0D%2BiDD4Js%2BqIBoasg%2B2DAR5%2BsFopPKruJVB8EHzwwc3%2BH38w9v9855421dBdZkOLO9FnZ5ELg%2FnLRMp%2Ba5xGVmTIn50zbKlrHzHkeDbjHzMXuK2kM2Va5aD1tjjNSl%2F2OZVuWbdnmKZ6wQC7291jg8bWKXaxYRdcp2mUXFpO%2F5io1QGEDaGMXPQKctg8tfHELOGlBFN4cZaquZfzsWJgKrGUCDbr1YlSPZBZB%2BAAGiQFBtLX%2FNUjVRui9AyCjrX0HIBsbXQfg8zYyvrXBj7b2ZYLf2NxT6gtgEfj0%2F5A1WsBECzhuAZHngdM7CIBQmJyCKLw8KZMML%2B2xuMu20cH794BnbXTwu8MQhddPCL5ozkqRai4jBYtBDnyxBbzWgjjdBt00gGfbQPTrwOlXqP%2F%2BBEThxpQSEjjtPOl5nhXY2O4ruyWrzyW23ee5QaWPVUiJBK5fGRwgvRZx3gIetECwFcDKgLT7cAPSwIA0NiCkHROXK4FlDQZ%2BUCp5LiGkVCKk7A3QMi25XmBBSroeVkDHK0DECpBkGeJkGep8BZL0c1ALOShqgNIIGjSHjCHIFIIMI8g4gkwjyBr5JhXKUfllKlTq2%2Funs3%2BW8nWpa2t4U%2Boai9BavIse7jXuh9MfQ511TBIMODbzHRfjsu9i2%2FG8iuvZlYGKZw9avgeK58DVgZ7NZneKj%2F4MMW8j9OMy%2BHgblNgGwo8ATp8AnK0POhbghXXXs6AZXWsKtSATzYoR00BlDrE%2BBHrJWBO76LGejvKFN4GRnef%2Be%2Bu28%2BX8FSBJDnGSwyv8NoKauLg%2BIzO0MSMzhW5NxZqHvIm7w53VWDP04Rm2lMmEVkfVytUR0iW68NocU3oCR5RHNYU%2BOsEpZckpmRCGPquqeeZPp2rhRJpEaTwxffJUNYwTphSXUQswv7P4MhDeRv976afe2j5%2BzwWebEOSdkYXtI6H%2BvuJ4KRejImoFyMcsr18WDGsj5cGKpbjHMWU0z8wP97wX3jm9Nm5V5sD7jkLwnRn%2BNP3u3EJuGwBiS%2FcKBQmRmbGx85Vz46MjxUKnef%2FppJeSEM%2Fwlz802pXCoXqyanJQqEz829deZSHNX2cExldLRTmqnMTXcH9d1ff3ZzjVPmslrBIMW1qLvyUDpm2ZVnm5NQZM5CJSVnNvLt6aflGoTA6Nntypjo9V%2B3JOzJbX4poj9%2FeNIPtTbPBRF2GSvsyStXd1Xdugop30H6AkggS8SD3YwOyNF9PHH9n%2BIOHlkcO%2FPYWCN5GQ7%2F%2BAoLtDH%2FT%2FH78%2BuHXAPs5KPanHx%2FgNXURaokBWJ%2BHKMyhkeTQEDlgsQIq%2Fc%2B6jpOd4a9LvQBfGOu%2BSIwNXyTi7b1NVrxjlm2Xeb43SCj1GaH2oFPySpblUOoOVphdAa3aZFV%2B8jsAAAD%2F%2FwEAAP%2F%2F40tZZ%2F0FAAA%3D
173.233.137.36200 OK 7 B URL HTTP/1.1 spinalmultiple.com/impr.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczsbDKbUmLapHHbNIlJNOBLuXPvnc1178wd597ZSdaXYIv0RYzigxYkk5OkabX0D%2BiDD4Js%2BqIBoasg%2B2DAR5%2BsFopPKruJVB8EHzwwc3%2BH38w9v9855421dBdZkOLO9FnZ5ELg%2FnLRMp%2Ba5xGVmTIn50zbKlrHzHkeDbjHzMXuK2kM2Va5aD1tjjNSl%2F2OZVuWbdnmKZ6wQC7291jg8bWKXaxYRdcp2mUXFpO%2F5io1QGEDaGMXPQKctg8tfHELOGlBFN4cZaquZfzsWJgKrGUCDbr1YlSPZBZB%2BAAGiQFBtLX%2FNUjVRui9AyCjrX0HIBsbXQfg8zYyvrXBj7b2ZYLf2NxT6gtgEfj0%2F5A1WsBECzhuAZHngdM7CIBQmJyCKLw8KZMML%2B2xuMu20cH794BnbXTwu8MQhddPCL5ozkqRai4jBYtBDnyxBbzWgjjdBt00gGfbQPTrwOlXqP%2F%2BBEThxpQSEjjtPOl5nhXY2O4ruyWrzyW23ee5QaWPVUiJBK5fGRwgvRZx3gIetECwFcDKgLT7cAPSwIA0NiCkHROXK4FlDQZ%2BUCp5LiGkVCKk7A3QMi25XmBBSroeVkDHK0DECpBkGeJkGep8BZL0c1ALOShqgNIIGjSHjCHIFIIMI8g4gkwjyBr5JhXKUfllKlTq2%2Funs3%2BW8nWpa2t4U%2Boai9BavIse7jXuh9MfQ511TBIMODbzHRfjsu9i2%2FG8iuvZlYGKZw9avgeK58DVgZ7NZneKj%2F4MMW8j9OMy%2BHgblNgGwo8ATp8AnK0POhbghXXXs6AZXWsKtSATzYoR00BlDrE%2BBHrJWBO76LGejvKFN4GRnef%2Be%2Bu28%2BX8FSBJDnGSwyv8NoKauLg%2BIzO0MSMzhW5NxZqHvIm7w53VWDP04Rm2lMmEVkfVytUR0iW68NocU3oCR5RHNYU%2BOsEpZckpmRCGPquqeeZPp2rhRJpEaTwxffJUNYwTphSXUQswv7P4MhDeRv976afe2j5%2BzwWebEOSdkYXtI6H%2BvuJ4KRejImoFyMcsr18WDGsj5cGKpbjHMWU0z8wP97wX3jm9Nm5V5sD7jkLwnRn%2BNP3u3EJuGwBiS%2FcKBQmRmbGx85Vz46MjxUKnef%2FppJeSEM%2Fwlz802pXCoXqyanJQqEz829deZSHNX2cExldLRTmqnMTXcH9d1ff3ZzjVPmslrBIMW1qLvyUDpm2ZVnm5NQZM5CJSVnNvLt6aflGoTA6Nntypjo9V%2B3JOzJbX4poj9%2FeNIPtTbPBRF2GSvsyStXd1Xdugop30H6AkggS8SD3YwOyNF9PHH9n%2BIOHlkcO%2FPYWCN5GQ7%2F%2BAoLtDH%2FT%2FH78%2BuHXAPs5KPanHx%2FgNXURaokBWJ%2BHKMyhkeTQEDlgsQIq%2Fc%2B6jpOd4a9LvQBfGOu%2BSIwNXyTi7b1NVrxjlm2Xeb43SCj1GaH2oFPySpblUOoOVphdAa3aZFV%2B8jsAAAD%2F%2FwEAAP%2F%2F40tZZ%2F0FAAA%3D
IP 173.233.137.36:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F6xSX2gcVRe%2F06%2F94OPzRSmCiDB0paiYzczsbDKbUmLapHHbNIlJNOBLuXPvnc1178wd597ZSdaXYIv0RYzigxYkk5OkabX0D%2BiDD4Js%2BqIBoasg%2B2DAR5%2BsFopPKruJVB8EHzwwc3%2BH38w9v9855421dBdZkOLO9FnZ5ELg%2FnLRMp%2Ba5xGVmTIn50zbKlrHzHkeDbjHzMXuK2kM2Va5aD1tjjNSl%2F2OZVuWbdnmKZ6wQC7291jg8bWKXaxYRdcp2mUXFpO%2F5io1QGEDaGMXPQKctg8tfHELOGlBFN4cZaquZfzsWJgKrGUCDbr1YlSPZBZB%2BAAGiQFBtLX%2FNUjVRui9AyCjrX0HIBsbXQfg8zYyvrXBj7b2ZYLf2NxT6gtgEfj0%2F5A1WsBECzhuAZHngdM7CIBQmJyCKLw8KZMML%2B2xuMu20cH794BnbXTwu8MQhddPCL5ozkqRai4jBYtBDnyxBbzWgjjdBt00gGfbQPTrwOlXqP%2F%2BBEThxpQSEjjtPOl5nhXY2O4ruyWrzyW23ee5QaWPVUiJBK5fGRwgvRZx3gIetECwFcDKgLT7cAPSwIA0NiCkHROXK4FlDQZ%2BUCp5LiGkVCKk7A3QMi25XmBBSroeVkDHK0DECpBkGeJkGep8BZL0c1ALOShqgNIIGjSHjCHIFIIMI8g4gkwjyBr5JhXKUfllKlTq2%2Funs3%2BW8nWpa2t4U%2Boai9BavIse7jXuh9MfQ511TBIMODbzHRfjsu9i2%2FG8iuvZlYGKZw9avgeK58DVgZ7NZneKj%2F4MMW8j9OMy%2BHgblNgGwo8ATp8AnK0POhbghXXXs6AZXWsKtSATzYoR00BlDrE%2BBHrJWBO76LGejvKFN4GRnef%2Be%2Bu28%2BX8FSBJDnGSwyv8NoKauLg%2BIzO0MSMzhW5NxZqHvIm7w53VWDP04Rm2lMmEVkfVytUR0iW68NocU3oCR5RHNYU%2BOsEpZckpmRCGPquqeeZPp2rhRJpEaTwxffJUNYwTphSXUQswv7P4MhDeRv976afe2j5%2BzwWebEOSdkYXtI6H%2BvuJ4KRejImoFyMcsr18WDGsj5cGKpbjHMWU0z8wP97wX3jm9Nm5V5sD7jkLwnRn%2BNP3u3EJuGwBiS%2FcKBQmRmbGx85Vz46MjxUKnef%2FppJeSEM%2Fwlz802pXCoXqyanJQqEz829deZSHNX2cExldLRTmqnMTXcH9d1ff3ZzjVPmslrBIMW1qLvyUDpm2ZVnm5NQZM5CJSVnNvLt6aflGoTA6Nntypjo9V%2B3JOzJbX4poj9%2FeNIPtTbPBRF2GSvsyStXd1Xdugop30H6AkggS8SD3YwOyNF9PHH9n%2BIOHlkcO%2FPYWCN5GQ7%2F%2BAoLtDH%2FT%2FH78%2BuHXAPs5KPanHx%2FgNXURaokBWJ%2BHKMyhkeTQEDlgsQIq%2Fc%2B6jpOd4a9LvQBfGOu%2BSIwNXyTi7b1NVrxjlm2Xeb43SCj1GaH2oFPySpblUOoOVphdAa3aZFV%2B8jsAAAD%2F%2FwEAAP%2F%2F40tZZ%2F0FAAA%3D HTTP/1.1
Host: spinalmultiple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=8880f1a1-5430-4c11-84f9-e9c3cf4b976c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46f7804ec98edd3c19fe19be685ab295
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 29501358dcc6d683338c68e35663a808
3243b26a18c3d45e21c9704985511731361548fe
8191fd294a0bcb8a97c43df1a15aa14861f84853e03a3771e3dfd5a0318f7693
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8191FD294A0BCB8A97C43DF1A15AA14861F84853E03A3771E3DFD5A0318F7693"
Last-Modified: Sat, 17 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15378
Expires: Mon, 19 Dec 2022 00:09:45 GMT
Date: Sun, 18 Dec 2022 19:53:27 GMT
Connection: keep-alive
cs.lkqd.net/cs?partnerId=93&partnerUserId=eJ7nSCKCTMJEsY1CKNoRgltaKpo
146.20.132.188200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=93&partnerUserId=eJ7nSCKCTMJEsY1CKNoRgltaKpo
IP 146.20.132.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=93&partnerUserId=eJ7nSCKCTMJEsY1CKNoRgltaKpo HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
146.20.132.188200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP 146.20.132.188:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:27 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 707a75781f08409b53c43a85fe9245cb
fa131c04ec9a044ac06a8c75c8a2f2d992fe9da1
65a210bed290505cfe123e0a2210696a4662d382248ac39f254fb57e489870ed
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Dec 2022 18:28:16 GMT
Expires: Sat, 24 Dec 2022 18:28:15 GMT
Etag: "fa131c04ec9a044ac06a8c75c8a2f2d992fe9da1"
Cache-Control: max-age=512687,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77ba71db68c4b523-OSL
spinalmultiple.com/pixel/sbs?c=1
173.233.137.36200 OK 0 B URL HTTP/1.1 spinalmultiple.com/pixel/sbs?c=1
IP 173.233.137.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: spinalmultiple.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=8880f1a1-5430-4c11-84f9-e9c3cf4b976c:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
track.trackingtraffo.com/push/ic?auth=pz6u78&c=GIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
88.214.206.175302 Found 0 B URL HTTP/1.1 track.trackingtraffo.com/push/ic?auth=pz6u78&c=GIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl
IP 88.214.206.175:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /push/ic?auth=pz6u78&c=GIalTrwHZQBKlXSQU2f4zJkE9RNp-ZhWppapFXJ8W1piOfEd97WVr73s_ysUpP7EKfpzZC5o4QkKEHQwCKK-Sema4blmYiZd49GAIAaYamshaTrfi8HyN-Z98nf9HW9cCw1FfIearMmJNUOkqiVIqq-pEJvXfAT-62tvGAAH0wrC9qVNejbm4x4JmPG1Fp7xd-9k6NjbgyXCC_u8v6T4eLw5smo9hPBfhb_JFufj6rVVKIo27lCvnau4dY5L0gMBARFpPNBov4gYRJwB3Ti3v2kx95I_KNlCNMaay88zpONKIkK8BVoQ-4L2j3rHvbChR0scMKkRjAb4IfJUdrDbqa5GJLum2zsQX-OBjtHJuvJGZp_2vZ9vMA8WNSetmFdYQMYTew3dLRZWNNKlDC4p_E3h6GS73727J1RloZiQgWFTbbBIhBkglxR8ZRB3vbto0Go5ziHV8VVqw9lKAOtEy6zHPUgLgLnlC7afEP1dcY3-a8Tsk0eoCyuaEn5v9Av15awMLDAw0HYjDL6hYZRbge98TZfwHlmuIedf9MYYVBoAl9GIeQzzORswlwckdxCQbh0BQ9igsFQ6TnZpfeRroj92R_pHbNcJnQR-xzGWLRW9QKMl HTTP/1.1
Host: track.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
Pragma: no-cache
Expires: Sat, 01 Jan 2000 00:00:00 GMT
Location: https://ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National Casino black.png
unseenreport.com/pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aab578f14106a565c61701af5cba6082
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=f37572a6-cd9e-4160-b69c-b255e52b1607&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=19 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sun, 18 Dec 2022 19:53:27 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b63486830ee7bf57034f2233910e009a
Strict-Transport-Security: max-age=0; includeSubdomains
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.InitiateFetch~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:27 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
142.132.194.196200 OK 4.5 kB URL HTTP/1.1 ads.trackingtraffo.com/creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png
IP 142.132.194.196:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 58be17b22d6e1178a54c92cf862c817e
b821bc2f016751647df49e49863077e927a70322
9cc4f3f40313b08baf54c956685ac7a21ac8a3573908b9763865c6f613ce1b5f
GET /creatives/k1qy286gxmd5g3dpr397nw5v/1659514995116-National%20Casino%20black.png HTTP/1.1
Host: ads.trackingtraffo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Sun, 18 Dec 2022 19:53:28 GMT
Content-Type: image/png
Content-Length: 4456
Last-Modified: Wed, 03 Aug 2022 08:23:15 GMT
Connection: keep-alive
ETag: "62ea3073-1168"
Accept-Ranges: bytes
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m=
69.20.43.192200 OK 1.4 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m=
IP 69.20.43.192:0
File type ASCII text, with very long lines (1821), with no line terminators
Hash 8ab6a7bf19e2c5993b538212deb6c352
8616062d5ad2d925216c94bc471ab021bf9dea4c
aae63400a6c8d19f6a267b0cc53daeabac2d353719dc8bd0489ffe3f14c6c427
GET /ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: application/xml; charset=UTF-8
content-length: 1363
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.183200 OK 0 B IP 146.20.128.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=27573843&m=
69.20.43.192200 OK 150 B URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=27573843&m=
IP 69.20.43.192:0
File type ASCII text, with no line terminators
Hash f2200dfc5e8b75dea19cc2ff13526ce8
5235427034ffed5be887acecc26f62210be11554
e459e49bb953fa15bac6d8bcf457713e3f78a5154c0e1f213be85e378af41b38
GET /ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=27573843&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: application/xml; charset=UTF-8
content-length: 150
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.183200 OK 0 B IP 146.20.128.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
151.139.128.10200 OK 62 kB URL HTTP/2 ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2a0adab82b941577dbd1041f8448fd08
bf2cf01d95e02fb5ec9075835cbee4e3e35a0246
757ad1d5b7a305d8eaa810c6585b5b7431b212af4ff8fdef9fbd40a8254666a6
GET /vpaid/vpaid.js?fusion=1.0 HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:30 GMT
content-encoding: gzip
content-length: 62021
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
accept-ranges: bytes
etag: "88ca76abee51b1544e17b021f04aaaed"
cache-control: public, max-age=1209600
x-sp-metadata: HS256.CMr7/ZwGEoYBCiRhYzgwNGZkOC0yNjI3LTRhOWItYjlhNS1iOTFiZDZkNjY3YzAQkKbXzNb5+wIaBgi63/2cBiIMOTEuOTAuNDIuMTU0KIoyMAM4BEIWVExTX0FFU18xMjhfR0NNX1NIQTI1NlogYzdkMmI0YzQ4NGE0MTNlMTkxZGU2YWNmZjJkYjIwMDkaLAgBEiQ1OWU5YzJiNS03MzIxLTQ1YjktOTNiNi1hYTg2NjkwOThlNDAYxeQDIhgIAhIUY2RzMjI4LnNrMS5od2Nkbi5uZXQ=.Gf8ZM2AxqVwunLH+10m0tb/aky+apCt2G1oH8zJPvwY=
x-hw: 1671393210.cds024.sk1.hn,1671393210.cds228.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.183200 OK 0 B IP 146.20.128.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 601
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: lkqdidts=1671393210; Max-Age=31536000; Domain=.lkqd.net
lkqdid=I5r_5iRci2Q; Max-Age=31536000; Domain=.lkqd.net
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.183200 OK 0 B IP 146.20.128.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 153
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: lkqdidts=1671393210; Max-Age=31536000; Domain=.lkqd.net
lkqdid=ysscpxgb1bU; Max-Age=31536000; Domain=.lkqd.net
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.183200 OK 0 B IP 146.20.128.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 602
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: lkqdidts=1671393210; Max-Age=31536000; Domain=.lkqd.net
lkqdid=bMNhIUa_oyM; Max-Age=31536000; Domain=.lkqd.net
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m=&rtv=1&thost=m.imagenesderopaparaperros.com
69.20.43.192200 OK 0 B URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m=&rtv=1&thost=m.imagenesderopaparaperros.com
IP 69.20.43.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FPkm1ZSV&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=20439281&m=&rtv=1&thost=m.imagenesderopaparaperros.com HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 18 Dec 2022 19:53:30 GMT
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.93200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.93:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:24 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 7c0bb4ab267fe5de72b0a7701b62da47
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 18 Dec 2022 19:53:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3xnX1reo1ofafzWqcWEect%2FxeTfzniZXjO%2BDrhqVkGoK2dKeDAB2gyONeygQJDfeTPRK4GDUzUki09WRcEDrSLGGKkIQLJTvyWdC%2FRf37B%2BfsJ%2B9S71HC9ofXjNhoGZXkLIQ1qY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71c7c8bedd13-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.62200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.62:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 18 Dec 2022 19:53:16 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: _Qn-Av3FfyEL91K85frkB0Pq3ELtj_ZnwT4tv2ko9ReLACbxEJCYLg==
age: 56
X-Firefox-Spdy: h2
wt.rqtrk.eu/6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js
162.19.141.161200 OK 0 B URL HTTP/2 wt.rqtrk.eu/6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js
IP 162.19.141.161:0
GET /6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js HTTP/1.1
Host: wt.rqtrk.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
last-modified: Tue, 13 Dec 2022 14:20:55 GMT
etag: W/"82fef41533854eb9348a85e5baf8c3af"
x-cache: Hit from cloudfront
via: 1.1 e5b747ffd1713cb17ddd7d55234a3300.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 3dnN7vD7QJcvfqzSI4sv3ndmM-9qdjvTKL2RpJRqyQ0zxkaFzzlKKQ==
age: 84983
expires: Mon, 19 Dec 2022 19:53:25 GMT
cache-control: max-age=86400,public
content-encoding: gzip
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=11
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=11
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=11 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671788205
server: CDN77-Turbo
x-77-nzt: AblMCRSMysL/hjMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f63f1d96826
x-cache: HIT
x-age: 209798
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:24 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 685174
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/interstitial/rtb/default/3/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/interstitial/rtb/default/3/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-525"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 18 Dec 2022 20:53:25 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.62200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.62:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 18 Dec 2022 03:00:28 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 18 Dec 2022 03:00:26 GMT
etag: W/"505447daad0efff5e3d0fa9fe62f05e2"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qg4ZAaZIHFfEdhtgHoZ8ohOZzVlkIxyJaUwk8hoA_FFmGKxMibVdqg==
age: 60779
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://m.imagenesderopaparaperros.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 77ba71c49edcb524-OSL
content-encoding: br
X-Firefox-Spdy: h2
unicons.iconscout.com/release/v2.1.7/css/unicons.css
104.18.28.243200 OK 0 B URL HTTP/2 unicons.iconscout.com/release/v2.1.7/css/unicons.css
IP 104.18.28.243:0
GET /release/v2.1.7/css/unicons.css HTTP/1.1
Host: unicons.iconscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=63509
etag: W/"aaeb6aed7a9c71959a3b51e937c363f0"
last-modified: Tue, 28 Apr 2020 10:01:21 GMT
x-amz-id-2: qSduub1s3mFmCfde2XDgqPc08zdrY5EGOqvrCKN/6T4V9eqzeXI3mUndTj3zhrgkkk8TiMbEISM=
x-amz-request-id: V3PY903MVV55FPTX
cf-cache-status: HIT
age: 1831171
expires: Mon, 18 Dec 2023 19:53:23 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71c24ddab4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=2
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=2
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671771785
server: CDN77-Turbo
x-77-nzt: AblMCRQGquv/qnMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f631e61c326
x-cache: HIT
x-age: 226218
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=6
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=6
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671788202
server: CDN77-Turbo
x-77-nzt: AblMCRQZBlH/iTMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f636fdc0827
x-cache: HIT
x-age: 209801
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
m.imagenesderopaparaperros.com/zshorte_theme/css/style-dark.css
104.21.94.136200 OK 0 B URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/style-dark.css
IP 104.21.94.136:0
GET /zshorte_theme/css/style-dark.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:10 GMT
cache-control: max-age=2592000
expires: Fri, 23 Dec 2022 11:03:08 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2191815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jhvUrAfJZQumFcpt1CaAhmvQEGrJDwhMOB1aLYVy28Ogx5IB45FluFHDxba01FnQfzZtl6%2BWP2YozE1FnYKzqAiJQTqJu3vU6BFiJs2hLgiG%2BYI3bzd04j%2Bdg3jP61ngDxsCO8D5ZskHpWWFvGz0jnA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1ea0eb51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671771785
server: CDN77-Turbo
x-77-nzt: AblMCRRwvN//qnMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f6359851926
x-cache: HIT
x-age: 226218
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.62200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.62:0
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 18 Dec 2022 03:00:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 18 Dec 2022 03:00:33 GMT
etag: W/"e7d8b0f974119caf720679ec234db47d"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mfFhFOLIMD8gbz0wpCd8mZ9PC0BLH9HEPy4uX1BgMQLNBlr2eYqoSQ==
age: 60769
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
143.204.55.62200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
IP 143.204.55.62:0
GET /tcfv2/42/cmp2.js?referer=www.themoneytizer.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
cache-control: max-age=172800
date: Sun, 18 Dec 2022 04:40:54 GMT
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eHsredSuFpwSnxv8LtY4WVVxMaRg4GGoHovJIpAT57Ikv098McDwPw==
age: 54752
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=19
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=19
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671788205
server: CDN77-Turbo
x-77-nzt: AblMCRSPsrn/hjMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f63bd3e2826
x-cache: HIT
x-age: 209798
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=11
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=11
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=11 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671771797
server: CDN77-Turbo
x-77-nzt: AblMCRTk4u//nnMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f63b4556226
x-cache: HIT
x-age: 226206
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
zshorte.net/js/app.js?ver=6.4.0
172.67.138.73200 OK 0 B URL HTTP/2 zshorte.net/js/app.js?ver=6.4.0
IP 172.67.138.73:0
GET /js/app.js?ver=6.4.0 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=30407
expires: Thu, 22 Dec 2022 22:54:39 GMT
last-modified: Sat, 20 Jun 2020 00:07:31 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 2235524
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pQxJa4Rbc3ifYsrP7pRAq15Z6%2BfGxRzwf5dnfmh09SeuoyzjCyo7OiKdXKTUlJ5k0MfQG4PCfnk9jF3R4rfxFTeBzmjCryxQeWiyAqXKTd9Jr2%2B0tjY8DivK0TlE%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c43ab0b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2
104.21.89.60301 Moved Permanently 0 B URL HTTP/2 zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2
IP 104.21.89.60:0
GET /full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cHM6Ly93d3cubWVkaWFmaXJlLmNvbS9maWxlL28zOXJzNDZud2tpeXNudS9UaDVlRm9yZThzdC0xLjEyLWVsYW1pZ29zLnBhcnQxLnJhci9maWxl&type=2 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 18 Dec 2022 19:53:22 GMT
content-type: text/html; charset=UTF-8
location: https://m.imagenesderopaparaperros.com/Pkm1ZSV
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex, nofollow
set-cookie: AppSession=da0b9f104a9fd029cded3dd3c10ef801; path=/; HttpOnly
csrfToken=636facd97f240d9f76854966b84b49f11ac9a52f2ca04a7a2b56a67e8d5a2d85dd6750eda824aeb6589a77634f2ce1ce47cbb6c5e0764de350aa3abf3c112cc6; path=/; HttpOnly
x-served-by: zshorte.net
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UfIBHhQFGUe%2F%2B7zq7WX4ji8SZNaMSTt%2FXlxyBXElhv9c1JQqEXVPSuUoft%2BH%2FjxRwz3XC7Eg0UeBtvaJIvrpUPzqh486i6spg3U3Y8y405dKirnkpY%2FSA7%2BZAyCfQg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71b95b120b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://m.imagenesderopaparaperros.com
server-processing-duration-in-ticks: 632238
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
m.imagenesderopaparaperros.com/zshorte_theme/css/owl.carousel.min.css
104.21.94.136200 OK 0 B URL HTTP/2 m.imagenesderopaparaperros.com/zshorte_theme/css/owl.carousel.min.css
IP 104.21.94.136:0
GET /zshorte_theme/css/owl.carousel.min.css HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/Pkm1ZSV
Cookie: lang=en_US; AppSession=2b3678f5742fe7c903de9fd53a08a297; csrfToken=4dc6bfee54ff84c73a8759b414319bf2288b13cdb91acc1b5feb813b5809d03b6876034392f1ed8a790800df9d0c460e5604bc08b4eae49a62edc8f8fa11dc87
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/css
x-frame-options: SAMEORIGIN
last-modified: Sat, 20 Jun 2020 00:08:07 GMT
cache-control: max-age=2592000
expires: Fri, 23 Dec 2022 11:03:08 GMT
vary: Accept-Encoding,User-Agent
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2191815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JfqUx3S%2FhfgGvToudBzv9EY2cieZU2NsGB3SK2G23RUZ0vcXBfd6scIQVUSeSvEOO%2FCoUsFgdF3TZakHx5zioN02Zb7Ul7pvGMG4hn3NX10kgucfWx3KkQL4lZlmmacuix%2BO%2FHRzabbgTDVmiA%2BfriQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77ba71c1da05b51e-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.159200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.159:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:25 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
expires: Sun, 25 Dec 2022 19:53:25 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=19
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=19
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671771787
server: CDN77-Turbo
x-77-nzt: AblMCRQSm1T/qHMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f63c5df2126
x-cache: HIT
x-age: 226216
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/css/animate.css
IP 172.64.109.13:0
GET /sb/interstitial/rtb/default/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: text/css
last-modified: Wed, 23 Jun 2021 13:33:20 GMT
etag: W/"60d33820-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 75108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CRR7wCrZhNA4oRu8CqfpmTcrHXvKd1njeRho0IYJrMxhSLghMuhrNjVfapZoKie98xFN2fQBYelvGQnQiYB%2Bj3xQ8dJmepZLvuY%2BJ0R2TW6ospUz1gScrF44j%2B%2B9yzzBxp%2B2SDNtXzNG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d38c2e23f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
172.64.109.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js
IP 172.64.109.13:0
GET /sb/interstitial/rtb/default/3/js/jquery-3.2.1.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:26 GMT
content-type: application/javascript
last-modified: Wed, 23 Jun 2021 13:33:25 GMT
etag: W/"60d33825-1fa27"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 75108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l35xCyv2WhsE9nP47%2Fl8S4fBs5u%2FscJ3ak%2BU8Xg8xa02q1gm7My39FFXszkryDseAnUcuPWFNTmsL53WihjMQaGUXWHJmrjWDy76dgmEXkAS%2BEKmODoDujr8Hp6WGhzDVz7EPwKNzBKZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77ba71d38c2623f3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/GVL-v2/purposes-ES.json
143.204.55.62200 OK 0 B URL HTTP/2 cmp.quantcast.com/GVL-v2/purposes-ES.json
IP 143.204.55.62:0
GET /GVL-v2/purposes-ES.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sun, 18 Dec 2022 03:00:39 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sun, 18 Dec 2022 03:00:33 GMT
etag: W/"b580ef7c60b7fa812e3687d549be13b9"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HMJd1BMTO8BtQszLULFgPfApg89nTJCYd5hvfStbn_A8w68nPi4zCw==
age: 60769
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=2
185.76.9.21200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=2
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Dec 2022 19:53:23 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1671788202
server: CDN77-Turbo
x-77-nzt: AblMCRR2n6L/iTMDAA
x-77-nzt-ray: af585630cc245cdeb36f9f630a9bc926
x-cache: HIT
x-age: 209801
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.62200 OK 0 B URL HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.62:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 18 Dec 2022 19:53:16 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 0aHm8s0KX0KHjSo32CwNfl4qYtBiwM2u1fOWqGC0Ml0QEfWn-D40qA==
age: 54
X-Firefox-Spdy: h2