cuptowebrapp.webcindario.com/
200 OK 4.2 kB URL HTTP/1.1 cuptowebrapp.webcindario.com/
IP
ASN #29119 ServiHosting Networks S.L.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1370)
Hash 6fd791c6168fc167398f6940d8240073
6ecdab57b83ad693f1b2c418ec91041ea9e759df
8416619c042737183828daffe5f48acd5f3f8d3aa667c3aff2a9a8e38e6910b6
GET / HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:20 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: MquKxlDzTG50mdou9TZql2oAXzY4aodAIhXKED3daq-0g_fZwRGM1g==
Age: 179582
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8776
Expires: Fri, 07 Oct 2022 20:06:36 GMT
Date: Fri, 07 Oct 2022 17:40:20 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 94a09d62ab3057cda67a091c8d7478f5
b1c9d223a951d0bc9f17c9f3b84501266a552b58
582364f9f6014520c269f1f794e7c34027bd2697b53e5d02fad43e74a735e471
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "582364F9F6014520C269F1F794E7C34027BD2697B53E5D02FAD43E74A735E471"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14708
Expires: Fri, 07 Oct 2022 21:45:28 GMT
Date: Fri, 07 Oct 2022 17:40:20 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: SqnU1slKfrANjAjBCu7IqtmnlqMJcqRdDL02D0bL4um/k/l32eK4RcbVNTQi47Kbx7px7xk1d2E=
x-amz-request-id: 2XJ14EDH62020KE9
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 07 Oct 2022 17:31:17 GMT
age: 543
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 07 Oct 2022 17:40:20 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuptowebrapp.webcindario.com/
200 OK 4.2 kB URL HTTP/1.1 cuptowebrapp.webcindario.com/
IP
ASN #29119 ServiHosting Networks S.L.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1370)
Hash 97d09c5caf3ac9a851ed89ecc7b8659b
373efa967eb7de1a5b0babb990936c12f21bb1a6
e0a4bbc9981b467ff6946e5a09478102a1e9c42cbc7c7ac005ffba13abb4a344
GET / HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip
cuptowebrapp.webcindario.com/wp-content/themes/bestore/css/bootstrap.css
200 OK 10 kB URL HTTP/1.1 cuptowebrapp.webcindario.com/wp-content/themes/bestore/css/bootstrap.css
IP
ASN #29119 ServiHosting Networks S.L.
File type assembler source, ASCII text, with very long lines (534)
Hash 27d4cea8ef681293850091366c1e950d
12b4d5c3b71a5e1bf1cd2a40dcb369d04d3a0332
e2dc78d9824294202dbd2e23d0ab6701d947647f1489ca6cad7330db89aff34d
GET /wp-content/themes/bestore/css/bootstrap.css HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2019 13:05:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cb08d10-10854"
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip
cuptowebrapp.webcindario.com/zfwoi16.js
200 OK 509 B URL HTTP/1.1 cuptowebrapp.webcindario.com/zfwoi16.js
IP
ASN #29119 ServiHosting Networks S.L.
Hash 7263adf08b11a03172702be30a0a2b4a
9ca0931decd3a471b205f105e46f5cd9a5be7f14
498c31ccabe4595000a911c4ca3a2a3bfeda6077a758294469c9efdfbbf33ca9
GET /zfwoi16.js HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: application/javascript
Content-Length: 509
Last-Modified: Fri, 12 Apr 2019 13:05:25 GMT
Connection: keep-alive
ETag: "5cb08d15-1fd"
X-Powered-By: Webcindario Hosting Service
Accept-Ranges: bytes
cuptowebrapp.webcindario.com/wp-content/themes/bestore/style.css
200 OK 4.1 kB URL HTTP/1.1 cuptowebrapp.webcindario.com/wp-content/themes/bestore/style.css
IP
ASN #29119 ServiHosting Networks S.L.
File type Unicode text, UTF-8 text, with very long lines (307)
Hash 626dbcd0e5f602df6402d3fd26295a84
2aa1761a2d7d55e9f43daf7840e77c2e3839a4c6
4ea325fd3a974628ff1f68c0a95238d01904467031fd4c4557baa4085b90d419
GET /wp-content/themes/bestore/style.css HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/css
Last-Modified: Fri, 12 Apr 2019 13:05:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"5cb08d10-3eb9"
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/cuptowebrapp.webcindario.com/choice.js
204 No Content 0 B URL HTTP/2 quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/cuptowebrapp.webcindario.com/choice.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /choice/d5x2uDVHd7ALE/cuptowebrapp.webcindario.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
cache-control: max-age=900
date: Fri, 07 Oct 2022 17:40:20 GMT
server: AmazonS3
cross-origin-resource-policy: cross-origin
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qbPzhKiRFx1rYRIG6weyJkjJdEdBKqjjPfYArPvUlm3kTLE5EtYicg==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-T2VG59
200 OK 58 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-T2VG59
IP
File type ASCII text, with very long lines (2915)
Hash c33c4dadc76b7537db2fba04345d8980
580e61d208350257e7c98e5ee6a108bd92205708
0653adab9a3c4370e9dbc4e3240932bebcf21749a98722bd4d619ef129e3a1e9
GET /gtm.js?id=GTM-T2VG59 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 07 Oct 2022 17:40:21 GMT
expires: Fri, 07 Oct 2022 17:40:21 GMT
cache-control: private, max-age=900
last-modified: Fri, 07 Oct 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57718
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 5eee2baed68ec922370bd283860860fd
7d1e7dfdb9577dcd11587bb162e17c56eaf8e4c4
7931afabb9286276c385564aa73ed67927d31e12ab35eb92da84048a7896f27d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
healthgoldentrue.com/pipirka
302 Found 20 B URL HTTP/1.1 healthgoldentrue.com/pipirka
IP
ASN #48282 Hosting technology LTD
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /pipirka HTTP/1.1
Host: healthgoldentrue.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.2.1
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 20
Connection: keep-alive
X-Powered-By: PHP/5.4.45-0+deb7u2
Expires: Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified: Fri, 07 Oct 2022 17:40:21 GMT
Cache-Control: max-age=0
Pragma: no-cache
Set-Cookie: b042a=%7B%22streams%22%3A%5B1665164421%5D%2C%22campaigns%22%3A%7B%223%22%3A1665164421%7D%2C%22time%22%3A1665164421%7D; expires=Mon, 07-Nov-2022 17:40:21 GMT; path=/; domain=.healthgoldentrue.com
Location: https://apilond.com/TGHk
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Fri, 07 Oct 2022 17:29:41 GMT
Cache-Control: max-age=3600
Expires: Fri, 07 Oct 2022 18:20:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: oEMawGZQyWzMC2H1F6q21jusOqXtkkgHho0NzfnuRJfI8LeboWOF6g==
Age: 640
des.smartclip.net/ads?type=dyn&plc=75133&elementId=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&sz=400x320&rnd=63673015
200 1.3 kB URL HTTP/1.1 des.smartclip.net/ads?type=dyn&plc=75133&elementId=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&sz=400x320&rnd=63673015
IP
Hash 3f34c9488fda8e93e7f2d518d20047d8
d37428aaa242ce46fca93bb2ebcacf5d5e2242be
2f4cf402d43dee3df7041df8a0729fd6c151b49f06674c605cab4e47886d7955
GET /ads?type=dyn&plc=75133&elementId=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&sz=400x320&rnd=63673015 HTTP/1.1
Host: des.smartclip.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
HTTP/1.1 200
Server: openresty/1.19.9.1
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Vary: Accept-Encoding
Sc-Device-Type: PC
Sc-Supply-Network: 999999
Sc-Uuid: 40096880-8564-4063-57aa-74abe2596ce2
Access-Control-Allow-Credentials: true
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Encoding: gzip
Via: 1.1 google
cuptowebrapp.webcindario.com/images/favicon.ico
404 Not Found 3.2 kB URL HTTP/1.1 cuptowebrapp.webcindario.com/images/favicon.ico
IP
ASN #29119 ServiHosting Networks S.L.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with very long lines (828), with CRLF, LF line terminators
Hash 852ed59067c7a57e09a2f7bdafb1d894
19d605629c56bb9272b8c3b25d4f7780b03af8ce
d85d712aa1a73d4c6980738d881d8a2ce02c10ae31764d13174418892d750876
GET /images/favicon.ico HTTP/1.1
Host: cuptowebrapp.webcindario.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Cookie: __muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
hosting.miarroba.info/?__muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&h=1856880&t=1665164421&k=183b2a41f7148bf33174111851151372
200 OK 546 B URL HTTP/2 hosting.miarroba.info/?__muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&h=1856880&t=1665164421&k=183b2a41f7148bf33174111851151372
IP
File type ASCII text, with very long lines (1420), with no line terminators
Hash 2eeaffa74ae135f2b31acd667088f33f
cfb8c7265e8133c12cd9550f3da92868b9184103
096e01a51270cd72e306378bb83c928477f22dfa68d147d8291976e0355130e1
GET /?__muid=3ca43eb29f746dfbe3ab4989ce5faa7e6129fdb8&h=1856880&t=1665164421&k=183b2a41f7148bf33174111851151372 HTTP/1.1
Host: hosting.miarroba.info
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:21 GMT
content-type: application/javascript; charset=iso-8859-1
vary: Accept-Encoding
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 07 Oct 2022 17:40:21 GMT
cache-control: no-cache
pragma: no-cache
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
set-cookie: __weslvu=1665164421; expires=Fri, 07-Oct-2022 18:40:21 GMT; Max-Age=3600
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Twa05W9TY1kU%2F4xIf0xsVmQbyZ4QNcDDE2mq%2BMKvds0W%2Fnnfb9sbgbGCoMXKVN6xVdeEb29nY0XcTE079D4GGpzrgY37Nz6pTba8tPtBXTqAXIqg6kRxbOlXwyMzlpqKj3zEDOWpUkg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686be0bcafb52d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 07 Oct 2022 16:41:09 GMT
expires: Fri, 07 Oct 2022 18:41:09 GMT
cache-control: public, max-age=7200
age: 3552
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 23be53f0796c8e41706dcd00284560fc
9608740dde2b8801081f68b9aa0afe9ae048e3fb
08efc4c1977aef68123a25c191e9af752bf3ffc9d9c3a1790ae3ec350a239206
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash d6c404502c7987174a84d8f0a3efab23
fc3a3f6d63acab3f659fb3536b65fd8564ec8628
94b5693df873bd923ffbf31f576fff01d2628e5796af4c6b91306a743e27d19b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2174
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Last-Modified: Fri, 07 Oct 2022 17:04:07 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash cd650e1cf4265bc70730e05c09fe7683
96b17fab03ff031f81969df752bb5dfba3f0f29a
c466b1e8fdd632a158f50fc90289924a2470ead6e2ed417f2c655db6cab63339
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4135
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:21 GMT
Last-Modified: Fri, 07 Oct 2022 16:31:26 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c21ec9b89417585dd287a0c358b893df
cc46c754007855f7126cc9d2e1de82260a081d7e
c7cbc9d37bf4ba71ad46eb22f0535d0bffa4d50fa9a563954ef50ebc15dfc25a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7CBC9D37BF4BA71AD46EB22F0535D0BFFA4D50FA9A563954EF50EBC15DFC25A"
Last-Modified: Wed, 05 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21587
Expires: Fri, 07 Oct 2022 23:40:08 GMT
Date: Fri, 07 Oct 2022 17:40:21 GMT
Connection: keep-alive
pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
200 OK 55 kB URL HTTP/2 pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689
IP
File type ASCII text, with very long lines (2910)
Hash 2fb8fbd39be77bec4b9c9430e64685f0
a5c93f1fa1e8b8c31ee86232dfec75101985d219
18cae143c4084f505e71ea33b6dbcb3baefe6c847360fdee06ddcb38c05cbc82
GET /pagead/js/adsbygoogle.js?client=ca-pub-7294310421616689 HTTP/1.1
Host: pagead2.googlesyndication.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding, Origin
date: Fri, 07 Oct 2022 17:40:21 GMT
expires: Fri, 07 Oct 2022 17:40:21 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 9327075205307631875
access-control-allow-origin: *
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 54559
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
securepubads.g.doubleclick.net/tag/js/gpt.js
200 OK 28 kB URL HTTP/2 securepubads.g.doubleclick.net/tag/js/gpt.js
IP
File type ASCII text, with very long lines (45059)
Hash c9ae96028ec65a57bb614f22cc43300f
f5712ba971e4509903335c5bc4cb0f868483fb41
5e1cedf34eaabed7a37789652db7b1aa5a406a778c1f16561be1a9ac8721b278
GET /tag/js/gpt.js HTTP/1.1
Host: securepubads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 27726
date: Fri, 07 Oct 2022 17:40:21 GMT
expires: Fri, 07 Oct 2022 17:40:21 GMT
cache-control: private, max-age=900, stale-while-revalidate=3600
etag: "1356 / 159 of 1000 / last-modified: 1665141015"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 557330fc379988c915944ecf78f19678
ac6fd6f48f6ea7196edde944ca44d0f1bc435c69
a084423bbd1e6794cb9a0ff3c7ef741b8d678d76ebff6322cc3214a7aa7fb41b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A084423BBD1E6794CB9A0FF3C7EF741B8D678D76EBFF6322CC3214A7AA7FB41B"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5998
Expires: Fri, 07 Oct 2022 19:20:19 GMT
Date: Fri, 07 Oct 2022 17:40:21 GMT
Connection: keep-alive
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
200 OK 76 kB URL HTTP/1.1 static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash c7fc5d9b5a630a2023916696bd86857b
6dc50a170046b99868fcf3dc04159e40ddf67da5
a1ab4024f88addd29a8f7ffe696d16ed46a11dd0e236f3a7cfb0395fb81ec224
GET /integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: application/javascript
Content-Length: 76336
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 16:26:17 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=2592001
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 45622
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
200 OK 76 kB URL HTTP/1.1 static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 23eb402eed4952da3607883111041f37
e7f98e2ad7437dd26a61094c71512351c469a5e8
ab6612de459fcd612ff4eb61a94dbcc093f93d31d6713f7106681dbc118fafd2
GET /integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: application/javascript
Content-Length: 76411
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 16:26:20 GMT
Content-Encoding: gzip
Cache-control: max-age=0, s-maxage=2592001
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 45669
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
apilond.com/TGHk
302 Moved Temporarily 142 B IP
ASN #44066 diva-e Datacenters GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 82c98e8e012b79c922655461171cc2fa
0828d79135573276005b04be42d79a8a3291292b
745173bcc5c57ce9751dd019606e877e0aae13b60372fdb090f3db0470c3a43c
Analyzer Verdict Alert fortinet Phishing
GET /TGHk HTTP/1.1
Host: apilond.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: text/plain
Content-Length: 142
Connection: keep-alive
Set-Cookie: TID=63406485005B7A21290D5B1A; expires=Fri, 06-Sep-24 17:40:21 GMT; path=/
Location: https://www.sz9fgtrk.com/2P9J9R/26B6MK/?source_id=2316&sub2=63406485005B7A21290D5B1A&sub3={{sub5}}&sub4={{sub3}}&sub5={{sub4}}&sub6={{sub5}}
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 05cdf02bcbbeed0122679c1118a350ce
b5311d6866b69206bec8f67a19cfeeefed233ef1
4b7235ec2ca2295957e75e79fdc718fbacc13bfd5674d1aeb7cbe5bed9fe9ead
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
200 OK 4.4 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/html/r20221003/r20190131/zrt_lookup.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1731)
Hash 682bf699cccbc0ff817e1fcb7b95262a
11ad3edf0008f52b733c2d6d7199e1f052318d58
bd42f773d589f85cf6884d7893746d5d4e0c082f78e1c80511cf3aefa1c69a0f
GET /pagead/html/r20221003/r20190131/zrt_lookup.html HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4420
x-xss-protection: 0
date: Fri, 07 Oct 2022 05:23:52 GMT
expires: Fri, 21 Oct 2022 05:23:52 GMT
cache-control: public, max-age=1209600
age: 44190
etag: 9671129459699598864
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
200 OK 129 kB URL HTTP/1.1 cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
IP
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (65536), with no line terminators
Size 129 kB (128920 bytes)
Hash b57151479fb31d1a2afa26339088d338
e58ef5ce764a78f960143639c4ed22287e987d4c
e72aabae7e4b6b5ecbfdb001b9238acf75b8edfc26a5db4cfb1b9d7e60229e7c
GET /v1/Storage-a482323/smartclip-services/ava/ava.js HTTP/1.1
Host: cdn.smartclip-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 17:40:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 21 Jun 2022 15:40:47 GMT
ETag: W/"62b1e67f-6fb0e"
Expires: Mon, 10 Oct 2022 17:40:21 GMT
Pragma: public
Cache-Control: max-age=259200, public
Content-Encoding: gzip
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: a+U91O10ViKt6jgITWz9jw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Fx+S8eKb95LGeZ9YpmTCLss/pZE=
static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F
200 OK 1.6 kB URL HTTP/1.1 static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F
IP
File type ASCII text, with very long lines (3471), with no line terminators
Hash 50599b9643f617d2342a633b55656365
9b030cb8fd664d09d8a4cf4a2d31df2149c92d78
0e044e959c4a15e8e023471b246e000315d9542f201523ebfd5409e761969a19
GET /AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/javascript
Content-Length: 1634
Connection: keep-alive
Last-Modified: Mon, 21 Dec 2020 17:00:21 GMT
Content-Encoding: gzip
Cache-control: max-age=3600, s-maxage=2592000
X-Device: mobile
Accept-Ranges: bytes
Age: 45685
TP-Cache: HIT
Vary: Accept-Encoding
static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F
304 Not Modified 0 B URL HTTP/1.1 static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /AdBlockDetection/adblockDetector.min.js?abf=-adserver-%7C-doubleclick.js%7C-google-ad.%7C-google-adsense.&ref=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F HTTP/1.1
Host: static.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 21 Dec 2020 17:00:21 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/javascript
Connection: keep-alive
Last-Modified: Mon, 21 Dec 2020 17:00:21 GMT
Content-Encoding: gzip
Cache-control: max-age=3600, s-maxage=2592000
X-Device: mobile
Accept-Ranges: bytes
Age: 45685
TP-Cache: HIT
Vary: Accept-Encoding
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash 3928b5bf1a6fd34bb83490a0fa5dfc20
26eaaca01772326ff27ce9fe31477f38599f6a8d
e2543a6cbad888604ebea7044c07e7d7c89b71dd2ab1fd5439146dbde66a3893
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Oct 2022 14:37:56 GMT
Expires: Sat, 08 Oct 2022 14:37:56 GMT
ETag: "26eaaca01772326ff27ce9fe31477f38599f6a8d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
200 OK 209 B URL HTTP/2 rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
IP
Hash 3649c703b678da37479d92a9e5311095
5ce6fafe54234b0503f6d347153a14dd3252ecff
28192ac3b74187c18b1a749b4a03b877ddf36507d113f654ac9db63130a8b548
GET /rules-p-d5x2uDVHd7ALE.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 209
last-modified: Tue, 23 Aug 2022 06:03:01 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
date: Fri, 07 Oct 2022 17:40:22 GMT
cache-control: max-age=3600
etag: "3649c703b678da37479d92a9e5311095"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z8pmK4PkR6GzjXGlZinlgloSaAPUU4m1UCACpMwVnM6EiL9Lvbzcsw==
age: 111
X-Firefox-Spdy: h2
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/miarroba.js
200 OK 2.4 kB URL HTTP/1.1 cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/miarroba.js
IP
ASN #31898 ORACLE-BMC-31898
File type ASCII text, with very long lines (2447), with no line terminators
Hash 15c0d3b709b4d9132ce4dc3132f35059
153d102b798759e809a10b9e87167e48576b2140
bab456671bb95b2c9ba189ac07cdb7616ac1a577f6d4e54ea16cae07f887829e
GET /v1/Storage-a482323/smartclip-services/ava/config/miarroba.js HTTP/1.1
Host: cdn.smartclip-services.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/javascript
Content-Length: 2447
Connection: keep-alive
Last-Modified: Thu, 18 Nov 2021 17:48:08 GMT
ETag: "619691d8-98f"
Expires: Sat, 08 Oct 2022 17:40:22 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
IP
File type ASCII text, with very long lines (32058)
Hash fc3fc31e5e7c0933dc18e562c1c071bf
a44c31323f6bd29e583cc585036e6eb39f7014a6
ddad766fb94b23efeb5574cdedc5e8446d496fb91bd0b08cd80be212e001055d
GET /ajax/libs/jquery/3.2.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30306
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 08:00:18 GMT
expires: Fri, 06 Oct 2023 08:00:18 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 121204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.sz9fgtrk.com/2P9J9R/26B6MK/?source_id=2316&sub2=63406485005B7A21290D5B1A&sub3={{sub5}}&sub4={{sub3}}&sub5={{sub4}}&sub6={{sub5}}
302 Found 129 B URL HTTP/2 www.sz9fgtrk.com/2P9J9R/26B6MK/?source_id=2316&sub2=63406485005B7A21290D5B1A&sub3={{sub5}}&sub4={{sub3}}&sub5={{sub4}}&sub6={{sub5}}
IP
File type HTML document, ASCII text
Hash fd1ef4afac02d40f0529bdccdd4f75b9
45817b5ba9df539dc1640b11d747f4004dcdeaa5
7cc5e2c783ad3663f25067a57e83b7c4a64bc8a9bcf35dd1674095cf2ceda9ec
GET /2P9J9R/26B6MK/?source_id=2316&sub2=63406485005B7A21290D5B1A&sub3={{sub5}}&sub4={{sub3}}&sub5={{sub4}}&sub6={{sub5}} HTTP/1.1
Host: www.sz9fgtrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Fri, 07 Oct 2022 17:40:22 GMT
content-type: text/html; charset=utf-8
content-length: 129
location: https://theman-plus.com/init/manplus/v1/?sid=38-2316&sid2=700e4777d32744a2be334c33a0dbae34&netid=5
set-cookie: uniqueClick_26B6MK=a465c173-cb50-493e-ae60-f47a5a6945de:1665164422; Path=/; Expires=Fri, 14 Oct 2022 17:40:22 GMT; Secure; SameSite=None
transaction_id=700e4777d32744a2be334c33a0dbae34; Path=/; Expires=Thu, 05 Jan 2023 17:40:22 GMT; Secure; SameSite=None
vary: Origin
x-eflow-request-id: 14c8b92c-95db-487d-868e-a149f8264c58
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 18e0e019cd697bb16806d8f00408a319
60ceb13c31595e6cf9bb6800657e4593a1fbd670
7cb0778c80be637b67a5d198ca180a76bbfa4c32e502a0fa472a4c6946ffb56e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&gjid=196171492&_gid=420341750.1665164422&_u=YEBAAAAACAAAAC~&z=1451899330
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&gjid=196171492&_gid=420341750.1665164422&_u=YEBAAAAACAAAAC~&z=1451899330
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&gjid=196171492&_gid=420341750.1665164422&_u=YEBAAAAACAAAAC~&z=1451899330 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://cuptowebrapp.webcindario.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Oct 2022 17:40:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.starfieldtech.com/
200 OK 1.8 kB IP
Hash 3928b5bf1a6fd34bb83490a0fa5dfc20
26eaaca01772326ff27ce9fe31477f38599f6a8d
e2543a6cbad888604ebea7044c07e7d7c89b71dd2ab1fd5439146dbde66a3893
POST / HTTP/1.1
Host: ocsp.starfieldtech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/ocsp-response
Content-Length: 1846
Connection: keep-alive
X-Sucuri-ID: 19024
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Fri, 07 Oct 2022 14:37:56 GMT
Expires: Sat, 08 Oct 2022 14:37:56 GMT
ETag: "26eaaca01772326ff27ce9fe31477f38599f6a8d"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
e1.o.lencr.org/
200 OK 344 B IP
ASN #20940 Akamai International B.V.
Hash dfffa4e7cf447117d4304221f1aad721
6096b5e776e8547c82037ddf02df4a20da949549
d1826a97134d1290ef7edd6707df83ab1f9910cad650e96103d75abbc9cb3201
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "D1826A97134D1290EF7EDD6707DF83AB1F9910CAD650E96103D75ABBC9CB3201"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20058
Expires: Fri, 07 Oct 2022 23:14:40 GMT
Date: Fri, 07 Oct 2022 17:40:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 38c8ed81c69d2af0003394c9fb9274c5
a71c6fb6d685275f8a8c7d9d87860df08a450038
fdff30d374603ecd62c6d244a1175731787725dba48777122802055969be28f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 17:40:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-597118-7&cid=97258494.1665164422&jid=2064383619&_u=YEBAAAAACAAAAC~&z=418529615 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 07 Oct 2022 17:40:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1cecd042e106c70af7e8f0d9863ca3d9
fa94604e9e99c752d18708abcec8584a5eee66ea
3525f542ce5a72795646c2bba144333920f67f3e9938748f9d3bd3aff9ac496e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 74b63831a0a449c3e37b584db0009072
929f9f036c4a6a078c51c3b3dc2a7f902c9ee9ac
686845b4cf9a67078f03cb221ce13175a72074f6aa3804ba4fa06623ab856bae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
services.sunmedia.tv/geotarget/geocity.php
200 OK 464 B URL HTTP/1.1 services.sunmedia.tv/geotarget/geocity.php
IP
File type JSON data\012- , ASCII text, with very long lines (464), with no line terminators
Hash d36429add27a0f42a0deac791001b177
8a6aad988077f9c6c3ebf340ea5d97c8827d1c2f
1104f1df32687febd366acc42512e0379c6f8a4a9f7a54f84f77008a26920a5b
GET /geotarget/geocity.php HTTP/1.1
Host: services.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/json
Content-Length: 464
Connection: keep-alive
Cache-control: max-age=0, s-maxage=3600
X-Device: desktop
Accept-Ranges: bytes
Age: 1700
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
services.sunmedia.tv/geotarget/geocity.php
200 OK 464 B URL HTTP/1.1 services.sunmedia.tv/geotarget/geocity.php
IP
File type JSON data\012- , ASCII text, with very long lines (464), with no line terminators
Hash d36429add27a0f42a0deac791001b177
8a6aad988077f9c6c3ebf340ea5d97c8827d1c2f
1104f1df32687febd366acc42512e0379c6f8a4a9f7a54f84f77008a26920a5b
GET /geotarget/geocity.php HTTP/1.1
Host: services.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: application/json
Content-Length: 464
Connection: keep-alive
Cache-control: max-age=0, s-maxage=3600
X-Device: desktop
Accept-Ranges: bytes
Age: 1700
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
ocsp.digicert.com/
200 OK 471 B IP
Hash 351c5e625147132f0a5f2cada5e6bc9e
ba41d7306335a9f8d5fc319eab0f00be93ee3ae0
9a3c826872b1032384b2f42ef0e58120777d0ec5236ee753c6d0812f3291bec2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1316
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Last-Modified: Fri, 07 Oct 2022 17:18:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
pghub.io/js/pandg-sdk.js
200 OK 3.7 kB IP
File type ASCII text, with very long lines (14295), with no line terminators
Hash 1f39af8c4109e6a95d6895228aab0692
0aaacdd8b14d9df9513d0928e3d692b0517bfadb
93b95e3dccf2acabdbeeef82e4252612a4c18bf2a38a74bf34f8b3026de0745f
GET /js/pandg-sdk.js HTTP/1.1
Host: pghub.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduRt5YYvVf_S-YZzLV4ugMkDNZ2Gfn3ZbvISTN4F8iThvPKJg3q_kH93TBcUTZLZC7g6FwYhhLtDAKS-BhyBHq9J6hL5z0A
x-goog-generation: 1649178504809914
x-goog-metageneration: 9
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 3690
x-goog-meta-last-modified: 2022-07-11T15:04:42.732Z
x-goog-meta-cache-control: public, max-age=230400
content-encoding: gzip
x-goog-hash: crc32c=eS3F7w==, md5=HzmvjEEJ5qldaJUiiqsGkg==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3690
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
server: UploadServer
date: Fri, 07 Oct 2022 17:06:21 GMT
age: 2041
last-modified: Tue, 05 Apr 2022 17:08:24 GMT
etag: "1f39af8c4109e6a95d6895228aab0692"
content-type: application/javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
200 OK 471 B IP
Hash 351c5e625147132f0a5f2cada5e6bc9e
ba41d7306335a9f8d5fc319eab0f00be93ee3ae0
9a3c826872b1032384b2f42ef0e58120777d0ec5236ee753c6d0812f3291bec2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1316
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:22 GMT
Last-Modified: Fri, 07 Oct 2022 17:18:27 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:22 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f92d30da1e91030abcb0297eab24017
fc3929ff9e1357e20ea848e89b8ea1f0b37b2dee
23a044826ecf7abe6d043ca5bf17fd82469eac3fef85e518807d4cb71cf07334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23A044826ECF7ABE6D043CA5BF17FD82469EAC3FEF85E518807D4CB71CF07334"
Last-Modified: Fri, 07 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3149
Expires: Fri, 07 Oct 2022 18:32:52 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
theman-plus.com/static/manplus/v1/desktop/images/add49b9dc50d1ad1742b8246161a9d5b.png
200 OK 26 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/add49b9dc50d1ad1742b8246161a9d5b.png
IP
File type PNG image data, 127 x 108, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d610aff1e2f7b6f140076e2291a812b
92377cac284f2699a9111ddaba47af636fa5e08b
6d1863d84ef7cffa8c3e487d702a0779fa01cf5bf9370e55f614176f8ed83c22
GET /static/manplus/v1/desktop/images/add49b9dc50d1ad1742b8246161a9d5b.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 25582
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-63ee"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DelweCg5X4ZlUzU75O79%2FLgU5EZaWH2PvgG5XQdDPhFP55yDFc6BKf9olbhp8LxRqPdAyxFAcM5ITCF0UXC6b8%2BDExmelTxRpzf8G%2Bb2wJRYGnXG07y2zdnASXlx0tNGtw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdac3b4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/5a9986c1835bf5e995369785b2be7ec2.png
200 OK 102 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/5a9986c1835bf5e995369785b2be7ec2.png
IP
File type PNG image data, 686 x 754, 8-bit colormap, non-interlaced\012- data
Size 102 kB (102464 bytes)
Hash 8d73cdf7a0b9dfab8f8a64edd65c4a3e
83aa1ed585204c7afa41f30d5dee2719c249dde3
b815f7ac457e42c7e9ab94376c357ce3df514bf48d36a2e6d351a57c7e0378c9
GET /static/manplus/v1/desktop/images/5a9986c1835bf5e995369785b2be7ec2.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 102464
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-19040"
expires: Sun, 04 Dec 2022 11:36:05 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 194658
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUil%2Ffw4m2TY1dpMv0tAKVXn6MP4d5Dk98s8USpZJcV8ghqdL1LfJaThkEo3kAp3NS0ry1pzGnFA5T6dUX0mJtjsCODC87qCSfwRMKSEhEhX%2FuviRKB3NIQrQX5WfhO6Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdac2b4ff-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9f92d30da1e91030abcb0297eab24017
fc3929ff9e1357e20ea848e89b8ea1f0b37b2dee
23a044826ecf7abe6d043ca5bf17fd82469eac3fef85e518807d4cb71cf07334
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "23A044826ECF7ABE6D043CA5BF17FD82469EAC3FEF85E518807D4CB71CF07334"
Last-Modified: Fri, 07 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3149
Expires: Fri, 07 Oct 2022 18:32:52 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
theman-plus.com/static/manplus/v1/desktop/images/e5206089b16fcf64eb161aaae199fba2.png
200 OK 77 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/e5206089b16fcf64eb161aaae199fba2.png
IP
File type PNG image data, 526 x 802, 8-bit colormap, non-interlaced\012- data
Hash 1155add3c96c6a6dd1a41740bf93b25b
a20765d0be7676f39035d986fb08ea547468ec44
35fe6ad137068014045d8ba1038a0a2fbe5b5f6deb511065686b729136a19ca8
GET /static/manplus/v1/desktop/images/e5206089b16fcf64eb161aaae199fba2.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 77164
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-12d6c"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GCCZ3THM3xKoshJ8t7yuUh4goTnf1Yi8yMAZZDnF7Znc9Vg71GC5LLRWWyZb4emwR2LcTaZtZicDp81rnlVKkRu425YZe3GxsaLLm7Sx6Msyf3FRaB37VNc62gntYV8vJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebcab2b4ff-OSL
X-Firefox-Spdy: h2
track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
theman-plus.com/static/manplus/v1/desktop/images/7e16f0e50dd1ef54d45feb6a34ba43f6.png
200 OK 107 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/7e16f0e50dd1ef54d45feb6a34ba43f6.png
IP
File type PNG image data, 650 x 878, 8-bit colormap, non-interlaced\012- data
Size 107 kB (107421 bytes)
Hash 63a3dafb8b7d1330fe00d63804ec3721
7f67a9766130c4743c84a2a2ac168e3ec599907b
ceb8bce881d14b60c06dd48cbb8043798e881ce178d5e1416959189739ca4bb0
GET /static/manplus/v1/desktop/images/7e16f0e50dd1ef54d45feb6a34ba43f6.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 107421
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-1a39d"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRE8QdJzdO4gsR0m4w5EWm%2Fc3v9qGT3Y7rg49nLPdY26GSME3dCEUs2%2BTn%2BkGiUASZ5wGUx9yYLv%2BQVz7XJhv%2Fu9Aux1VdV9Ek%2BxDnyyTo%2F5mE3RCnuZlXuxBmZMgt%2B%2BNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdac1b4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/common/images/66abd1ae20dbaf850feb0e0c3eab87b8.png
200 OK 4.6 kB URL HTTP/2 theman-plus.com/static/common/images/66abd1ae20dbaf850feb0e0c3eab87b8.png
IP
File type PNG image data, 200 x 200, 8-bit colormap, non-interlaced\012- data
Hash 054d63d4fa5c35c2c20110835ed7e59a
0963f10c25b6feffe2a106a67ba8b95107943fc8
7fd8c7d595a74c8cc5d5e0f48687d59b4284ab2ba283c9c674c6bc0a914bb104
GET /static/common/images/66abd1ae20dbaf850feb0e0c3eab87b8.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 4606
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-11fe"
expires: Sun, 27 Nov 2022 20:55:11 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 765912
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzNop%2FNMJeQR2cWIG52fxfgJElOmuLG%2BZ03LpJIcGRrXS3Bw4zbDmWZoYaBP0vekGGEB92yJ%2B2p3m0tKlwHxOMoYM6%2BJFM62qf30lvjZxXRk3CJk31AxRTUfSZhqZ0NyyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebfaecb4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
200 OK 134 kB URL HTTP/2 theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (21490), with no line terminators
Size 134 kB (134117 bytes)
Hash 9d56d2c51d998fc00618e3c6286eeefd
b7a7eef73a621b6ba4b15fdd367ec2128d8a6d38
1d137d33af64a43c7820293125cd937744de00e48183e9e2386028f2b500048b
Analyzer Verdict Alert fortinet Phishing
GET /offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:22 GMT
content-type: text/html
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
expires: Tue, 06 Dec 2022 17:40:22 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9FxVDy0NhNIQ91fLvZ1jyHNU%2FYNro%2BOwIxbf8PSYtWr3OI9eeD6IaYsRQue%2Fiqbbs4hd%2BKGdgZRr%2BgMLtAXIjkJA2MXGXA5C9GgHggXePUpM%2BksfocjOJnrF5IwpY2LfJA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686beb09c8b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/f86c6154518932e86b70c39a91ff38eb.jpg
200 OK 127 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/f86c6154518932e86b70c39a91ff38eb.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x772, components 3\012- data
Size 127 kB (126726 bytes)
Hash 4c374aa5763b30d472ed07a511199c42
4e7534558ab44c538a51a96d7de5ccc832901761
254cd02d55308b5f9f4b3b071f240b8e188e86e23175e008766df3bbd9f31967
GET /static/manplus/v1/desktop/images/f86c6154518932e86b70c39a91ff38eb.jpg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/jpeg
content-length: 126726
cache-control: max-age=5184000
cf-bgj: h2pri
etag: "6321ba9f-1ef06"
expires: Mon, 05 Dec 2022 21:55:25 GMT
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uG350khQfS%2FDeLu%2F8oo2W4aaSBIbgZ11w0CCxa0R7DiUQWfcOcPA%2FJPuOOK2G8TVi9PXmqEuKiej%2FnuBH41TIZtpnw6wZBnak2tcJFVAeF6dOAZKeSHpaqJeaqUA7cK9Mg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bec6b54b4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/2d808cdd9de4989f47ecc2547c3bca83.png
200 OK 446 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/2d808cdd9de4989f47ecc2547c3bca83.png
IP
File type PNG image data, 575 x 3477, 8-bit/color RGBA, non-interlaced\012- data
Size 446 kB (445859 bytes)
Hash 8915f90dff25bc802b056e53ca91d511
a9634e1e1f90858cdb5c0b52a750f7471b40e42e
6c81ca6ac9b60a8d4347c185d7d7bd0cd978cf8ef81b8ab3fbacd7eb48ec35db
GET /static/manplus/v1/desktop/images/2d808cdd9de4989f47ecc2547c3bca83.png HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/png
content-length: 445859
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: "6321ba9f-6cda3"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cvFvpx1GyuDNBMU9n5iTCsZEM%2BYEwaN3B44I7EB0g6alR94h9oFxVOz50iDQRh1u8hcuM8RY%2FEFiTauNtbrHdoBID2N7wi%2F%2FbV8RzG9V8014LrMF0UGg%2FJVfwP1jvzB10A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bec6b57b4ff-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash d7a5966ed3b416d7c5d1cd2cd9ec9194
73e9d545ba70afa0d65187aa2f181b2d5dffb54f
b01a5c717205c12803d9a320eede923ddf8acab23cf6ec8432d3a038c5515012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6542
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 15:51:21 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash d7a5966ed3b416d7c5d1cd2cd9ec9194
73e9d545ba70afa0d65187aa2f181b2d5dffb54f
b01a5c717205c12803d9a320eede923ddf8acab23cf6ec8432d3a038c5515012
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2735
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:54:48 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
theman-plus.com/static/manplus/v1/desktop/images/53972151c217ab130720ebe59b24a960.svg
200 OK 27 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/53972151c217ab130720ebe59b24a960.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2573)
Hash e034552664239b1adcf1a6741d8fa620
8f266628a906e4448550af016276bcdbc8bac8c9
8d2b5fa6fbce33c05490afe79789b82efb596874372a2b5fb37a5072bde89ff0
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/53972151c217ab130720ebe59b24a960.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-40ed"
expires: Wed, 23 Nov 2022 14:31:26 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 1134537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TomTwPgFvoeiB7xiGSZJw9eZeqW1vmjOXYL15Zz2G3lbms1s6tMTo7w751dEPoGNMB25N5BqjOLe3a3K4RNqqO3fVmnySFjhn41PS3bBpquwNHpWhABvBC8v6cedVjDDdA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdabdb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
theman-plus.com/init/manplus/v1/?sid=38-2316&sid2=700e4777d32744a2be334c33a0dbae34&netid=5
307 Temporary Redirect 95 B URL HTTP/2 theman-plus.com/init/manplus/v1/?sid=38-2316&sid2=700e4777d32744a2be334c33a0dbae34&netid=5
IP
File type HTML document, ASCII text
Hash 7d529d1cb385e846460e6948153471fc
d1000eff818613e56042c5400f692166f5cbf9a1
9946108e8cc9fb2d3925602747e632bde7620bd5d9dd3c8223df8ff374a3ee2d
GET /init/manplus/v1/?sid=38-2316&sid2=700e4777d32744a2be334c33a0dbae34&netid=5 HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
date: Fri, 07 Oct 2022 17:40:22 GMT
content-type: text/html; charset=utf-8
location: /offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
set-cookie: uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a; Path=/; Max-Age=2592000; HttpOnly
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3j5n3hF%2Fz3mklmGCKj9lg0RfqqzO7sczBx32rz%2BlvPz0chx%2F3WUEH0RH8pMsSPRqGE8JmWJ2jEbhdjlMQg9zqqRzcCEYtHi38ZPjU20IGmnGL3eLgM%2BbTozyRjsMGjkK7g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686be92f55b4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/21994327c759de31f2a770e38867e6a5.svg
200 OK 86 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/21994327c759de31f2a770e38867e6a5.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (27567)
Hash f76ba33b12309822002d9b117e49e0c1
10a83e1dfa81d1f80feacfcb3a215b0a72d960da
cf6b256f040164d53b42d5f2b4a8679e344adb81447c6aa0d9f8051ad05b9bf4
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/21994327c759de31f2a770e38867e6a5.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-6c1b"
expires: Sun, 04 Dec 2022 11:36:05 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 194658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5M1PgV05WY95%2F6bjqm3X8m3fwovmQhDVoVqUihTF9SxES5NtJIKZYSCmpV%2B3VSm2PtdfWTip%2B1xFyTrWGfGCFO2%2FShyVJyCJWg%2FHoICFxjmWhmWYhfquHe7qqZobvhs1Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdac0b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
200 OK 17 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash e8f9f1184b6200442f4f2032747c1c12
13ba5c72482d8348f2e1d1ccb87423ad4d0633a3
a3740c5f63815529dd553c9cc79c3e4d82b001afa59c96a75bcf7f22bddb2be8
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6 HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-10be6"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FWntplQwvV5fhFefvo73rvxwkvpJCBK1txrKaf7uEAoAacD%2BwW4g%2BBD0%2F72hAx%2BcF9%2FYyB%2F69ipoD1c50TelWKS72DBjp%2FXxZN0Uep8yY7U%2BRrlRk3s3pmhu2Kv5egadw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686bebcaadb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 54014bdde9974c3bbe83a2727aa24eb9
26ff27ab9d0268fbac9f14c39f5feaaccbae1a6d
cad0c0d9e800791be40e99c0e4d985f842caedd0136dc0b18ef641268a772fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6366
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 15:54:17 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=req&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=req&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=req&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=ef&pb=1&pos=0&loop=1
200 OK 42 B URL HTTP/1.1 track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=ef&pb=1&pos=0&loop=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=ef&pb=1&pos=0&loop=1 HTTP/1.1
Host: track.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: image/gif
Content-Length: 42
Connection: keep-alive
Last-Modified: Thu, 15 Nov 2018 09:59:07 GMT
Cache-control: max-age=0, s-maxage=31536000
X-Device: mobile
Accept-Ranges: bytes
Age: 18365
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
theman-plus.com/static/manplus/v1/desktop/images/0097ff3b051f4c111285c9356341975d.svg
200 OK 7.1 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/0097ff3b051f4c111285c9356341975d.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (304)
Hash 28367e858d8c91869e43db1bf03651d0
98a0225ae466d832d467271d7415f3621ebd85d4
38f3bfa76b8971cef112a9640e6b343020b5bfa04350b184a5740cedb1cab5b8
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/0097ff3b051f4c111285c9356341975d.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-f70"
expires: Sun, 04 Dec 2022 11:36:05 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 194658
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnuAyCRT4wB9eZBc6s%2FMjAlCjAXrp43rq0bfh3JONrSlkxZ4NyWGuQM6vjnpWA4QTly%2F%2BR9pFgBNu59xzK3qXj%2FRRV1SaHvszVhk31PQk%2FNWYk1zYvo0lpRSJDHzIca%2BTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebeadcb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
pixel.es-config.sensic.net/tp?ty=IM&optin=false&m=adnetwork_sunmedia&c=0&cp_c1=0&cp_c9=08_05_02_00&pr=435331184&gdpr=0&gdpr_consent={gdpr_consent}
302 Found 0 B URL HTTP/2 pixel.es-config.sensic.net/tp?ty=IM&optin=false&m=adnetwork_sunmedia&c=0&cp_c1=0&cp_c9=08_05_02_00&pr=435331184&gdpr=0&gdpr_consent={gdpr_consent}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tp?ty=IM&optin=false&m=adnetwork_sunmedia&c=0&cp_c1=0&cp_c9=08_05_02_00&pr=435331184&gdpr=0&gdpr_consent={gdpr_consent} HTTP/1.1
Host: pixel.es-config.sensic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 07 Oct 2022 17:40:23 GMT
content-length: 0
location: https://EDA944083787EE03A2BEB26ADA82B7471B480928B4082BBC68A37363.trk.sensic.net/tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=16651644232119E91696FF989BAA2BD64C8D62A3F8000DF325515640
server: nginx/1.14.1
x-powered-by: Express
access-control-allow-origin: *
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/4b946276e968d57cdd895875bb5deb05.jpg
200 OK 33 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/4b946276e968d57cdd895875bb5deb05.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x648, components 3\012- data
Hash c7d91eb49b0e1621c0674188099d6dfd
fc2e5b18ef827d5fc36656b9727075dbf7ab41ba
c08566969c0749746d37f4b1ec1caad223b1c0334d1de3c3fc4c4d06e9311da5
GET /static/manplus/v1/desktop/images/4b946276e968d57cdd895875bb5deb05.jpg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/jpeg
content-length: 33426
cache-control: max-age=5184000
cf-bgj: h2pri
etag: "6321ba9f-8292"
expires: Mon, 05 Dec 2022 21:55:25 GMT
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lo%2Fxey0U1KLFbfKtI9gp2eJPJoAjEZhryuDW2cHE0%2B7OJ55MQx2l7tn0Gclqegyhw7k3lajE2OYPSPDwkU4gyuRjpxBU%2BTFiLSG42VNcyq%2BcSmEQmF9h9Y7eKMm7l9OmRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bed1c50b4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/0c3e6c4288c7c309a4702e4d24e95cde.jpg
200 OK 81 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/0c3e6c4288c7c309a4702e4d24e95cde.jpg
IP
File type gzip compressed data, max compression\012- data
Hash 2f5e1592ba9ee57b00d0a458c3723f49
c6c0c765380055bb7cda9d1005ba1c717ef6b366
620da3fd4e517f3156b0ec3385cc388dfa698b20596c074ca36040ed146724c1
GET /static/manplus/v1/desktop/images/0c3e6c4288c7c309a4702e4d24e95cde.jpg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/jpeg
content-length: 79447
cache-control: max-age=5184000
cf-bgj: h2pri
etag: "6321ba9f-13657"
expires: Mon, 05 Dec 2022 21:55:25 GMT
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyGkHFHfEfElGRGiJfGYSnZDyICtikXJ6OIFmYAPrwKMyJHbz9co8BMFDnlFw7Be9Tt0LjhrxVpyuddmt8QrbXr4OHlItm%2FK3UYY1PdWj5DABMtJRuwVwJFjBg4rp9SnXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bed1c4cb4ff-OSL
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/9b3eff684714db05d5b3dd539496c48d.jpg
200 OK 42 kB URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/9b3eff684714db05d5b3dd539496c48d.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1998x922, components 3\012- data
Hash 8da4c92b9ddac6a6f5e9287b05358ae5
d9b4c5974b5b2077b512cbccd18eb34085e18425
6e87579882691e296a2551a4c28d96bbbe580ec9e861c0dfc53fc020c186cfd3
GET /static/manplus/v1/desktop/images/9b3eff684714db05d5b3dd539496c48d.jpg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/jpeg
content-length: 41467
cache-control: max-age=5184000
cf-bgj: h2pri
etag: "6321ba9f-a1fb"
expires: Mon, 05 Dec 2022 21:55:25 GMT
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g8V0IWFLYvoLVtO1HxtPXD%2FgftBjD0%2FfXXh0nJHEjODMUiXzlwRZXpvLJwfTqW%2FuyKQ6m0jzUl7tVoi54Az8ovuDqruow3gPk8ha6H9PPklbyCM9j%2B7UYexFiGTXUUE7IA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bed1c4ab4ff-OSL
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash b77147aa6a43fa82a96062a46ba5a096
9cc86740f5b361876e98e918f116e9a6d3d0d8ad
6e35f126488de25e13bad23c2f12a3be784395b5e905c2d142a5a74ebe476ac0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5073
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:15:50 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash b77147aa6a43fa82a96062a46ba5a096
9cc86740f5b361876e98e918f116e9a6d3d0d8ad
6e35f126488de25e13bad23c2f12a3be784395b5e905c2d142a5a74ebe476ac0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:00:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash b77147aa6a43fa82a96062a46ba5a096
9cc86740f5b361876e98e918f116e9a6d3d0d8ad
6e35f126488de25e13bad23c2f12a3be784395b5e905c2d142a5a74ebe476ac0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:45:25 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
200 OK 471 B IP
Hash b77147aa6a43fa82a96062a46ba5a096
9cc86740f5b361876e98e918f116e9a6d3d0d8ad
6e35f126488de25e13bad23c2f12a3be784395b5e905c2d142a5a74ebe476ac0
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:00:28 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
theman-plus.com/static/manplus/v1/desktop/images/6983c07dea1962eaebb0e11c005428ef.svg
200 OK 809 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/6983c07dea1962eaebb0e11c005428ef.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash c8372a970edc34fcb09908b66bceee06
79900a98f73c67eca0e31e0969e46f91012a2676
ad035c89d0d8d87b3b0553fe32b737a1fc7afddc6c0018a1e424362d8a5263c3
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/6983c07dea1962eaebb0e11c005428ef.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-2bb"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SMmQ1USNlgY0Qe4o%2BCEF4J%2FFybGQ39e9ZMBK6rmGaQ7yzh4aibWZikKIQ%2F9LHL1xlhplSneVokZyjeeI4ekWJTA87PTptGP5BaZFoWPcY78yNEXA3Vn0Jp5sDNdWe0kStw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bec6b67b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de13f970f8aba26b5635ed31a9f7c667
2ce848652b67e0c2f9d8f5b299a80764cf83bf31
e3c3ee004ba0175fe4363bc1011e26f66fce0f848c83949a5d430e7d61ab781a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theman-plus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:34:08 GMT
expires: Thu, 05 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 165975
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
200 OK 48 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Hash 17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theman-plus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 18:59:14 GMT
expires: Tue, 03 Oct 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 340869
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 54014bdde9974c3bbe83a2727aa24eb9
26ff27ab9d0268fbac9f14c39f5feaaccbae1a6d
cad0c0d9e800791be40e99c0e4d985f842caedd0136dc0b18ef641268a772fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5605
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 16:06:58 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15752, version 1.0\012- data
Hash b20371a6daf29d4a1f2e85dbbf40fb20
0355a01c1ccb45cb728e7e07c41c8ebf456f70bb
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theman-plus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 19:40:23 GMT
expires: Thu, 05 Oct 2023 19:40:23 GMT
cache-control: public, max-age=31536000
age: 165600
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=269334256&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&custom[content_type][]=T13
200 OK 79 B URL HTTP/1.1 search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=269334256&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&custom[content_type][]=T13
IP
ASN #35220 SpotXchange, INC
File type XML 1.0 document text\012- XML document, ASCII text
Hash da3e93c7e93fe9042e8437060a62e496
cd98d23361e34a2589a5e5de32221dce2d29f283
b63012ca704337abcd6d19a5a7fd83f9a81102f82b78a1760184b86e21513aab
GET /vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=269334256&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent=1&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&custom[content_type][]=T13 HTTP/1.1
Host: search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers:
Access-Control-Allow-Credentials: true
X-fe: 130
X-SpotX-Timing-Page: 0.038040
X-SpotX-Timing-Page-Require: 0.000384
X-SpotX-Timing-Page-Context: 0.000468
X-SpotX-Timing-Page-URI: 0.000011
X-SpotX-Timing-Page-Mux: 0.000252
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-Page-Misc: 0.002383
X-SpotX-Timing-SpotMarket: 0.034245
X-SpotX-Timing-SpotMarket-Primary: 0.034245
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Transform: 0.000293
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 79
search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=911065164&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
200 OK 79 B URL HTTP/1.1 search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=911065164&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
IP
ASN #35220 SpotXchange, INC
File type XML 1.0 document text\012- XML document, ASCII text
Hash da3e93c7e93fe9042e8437060a62e496
cd98d23361e34a2589a5e5de32221dce2d29f283
b63012ca704337abcd6d19a5a7fd83f9a81102f82b78a1760184b86e21513aab
GET /vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=911065164&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13 HTTP/1.1
Host: search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers:
Access-Control-Allow-Credentials: true
X-fe: 066
X-SpotX-Timing-Page: 0.040859
X-SpotX-Timing-Page-Require: 0.000547
X-SpotX-Timing-Page-Context: 0.000452
X-SpotX-Timing-Page-URI: 0.000013
X-SpotX-Timing-Page-Mux: 0.000382
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-Page-Misc: 0.002874
X-SpotX-Timing-SpotMarket: 0.036231
X-SpotX-Timing-SpotMarket-Primary: 0.036231
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Transform: 0.000356
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 79
search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=662197889&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
200 OK 79 B URL HTTP/1.1 search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=662197889&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
IP
ASN #35220 SpotXchange, INC
File type XML 1.0 document text\012- XML document, ASCII text
Hash da3e93c7e93fe9042e8437060a62e496
cd98d23361e34a2589a5e5de32221dce2d29f283
b63012ca704337abcd6d19a5a7fd83f9a81102f82b78a1760184b86e21513aab
GET /vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=662197889&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13 HTTP/1.1
Host: search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers:
Access-Control-Allow-Credentials: true
X-fe: 066
X-SpotX-Timing-Page: 0.046982
X-SpotX-Timing-Page-Require: 0.000573
X-SpotX-Timing-Page-Context: 0.000471
X-SpotX-Timing-Page-URI: 0.000014
X-SpotX-Timing-Page-Mux: 0.000463
X-SpotX-Timing-Page-Cookie: 0.000004
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-Page-Misc: 0.003074
X-SpotX-Timing-SpotMarket: 0.042046
X-SpotX-Timing-SpotMarket-Primary: 0.042046
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Transform: 0.000337
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 79
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://theman-plus.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 05:42:51 GMT
expires: Fri, 06 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
age: 129452
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c9e17d797022f34667faaa6c96dbe257
e39fd34afb0ddb2835f597bded8bef27877bfff8
e236aaa7ddabc9c387ce42845a268d91e842b162930d1beb4ae0d33692c62e13
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E236AAA7DDABC9C387CE42845A268D91E842B162930D1BEB4AE0D33692C62E13"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10018
Expires: Fri, 07 Oct 2022 20:27:21 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash aea480478c3be7392d09e8a92826542f
b660fb42c8122efb07b3d1de1a8907ad1f6e1a60
ee691969e4d61ba3145fe90b28c5051367c223f31c0e0ee001d8481035090760
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=112015111&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
200 OK 79 B URL HTTP/1.1 search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=112015111&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13
IP
ASN #35220 SpotXchange, INC
File type XML 1.0 document text\012- XML document, ASCII text
Hash da3e93c7e93fe9042e8437060a62e496
cd98d23361e34a2589a5e5de32221dce2d29f283
b63012ca704337abcd6d19a5a7fd83f9a81102f82b78a1760184b86e21513aab
GET /vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&cb=112015111&player_width=420&player_height=315&custom_skin=1&ad_volume=0&gdpr=0&gdpr_consent={gdpr_consent}&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&custom[content_type][]=T13 HTTP/1.1
Host: search.spotxchange.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Fri, 07 Oct 2022 17:40:23 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers:
Access-Control-Allow-Credentials: true
X-fe: 096
X-SpotX-Timing-Page: 0.098151
X-SpotX-Timing-Page-Require: 0.000343
X-SpotX-Timing-Page-Context: 0.000268
X-SpotX-Timing-Page-URI: 0.000007
X-SpotX-Timing-Page-Mux: 0.000242
X-SpotX-Timing-Page-Cookie: 0.000011
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-Page-Misc: 0.002173
X-SpotX-Timing-SpotMarket: 0.094705
X-SpotX-Timing-SpotMarket-Primary: 0.049183
X-SpotX-Timing-SpotMarket-Secondary: 0.045522
X-SpotX-Timing-Transform: 0.000402
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 79
eda944083787ee03a2beb26ada82b7471b480928b4082bbc68a37363.trk.sensic.net/tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=16651644232119E91696FF989BAA2BD64C8D62A3F8000DF325515640
204 No Content 0 B URL HTTP/2 eda944083787ee03a2beb26ada82b7471b480928b4082bbc68a37363.trk.sensic.net/tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=16651644232119E91696FF989BAA2BD64C8D62A3F8000DF325515640
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=16651644232119E91696FF989BAA2BD64C8D62A3F8000DF325515640 HTTP/1.1
Host: eda944083787ee03a2beb26ada82b7471b480928b4082bbc68a37363.trk.sensic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: awselb/2.0
date: Fri, 07 Oct 2022 17:40:23 GMT
expires: Wed, 21 Oct 2015 07:28:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
8e640c0abe999879dc23a4fb96a028c7e4d7fc314481d1db66937bcd.trk.sensic.net/tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=1665164423167CAA43820A17CD908FBFB23B442B462522C9DFE8EFEF
204 No Content 0 B URL HTTP/2 8e640c0abe999879dc23a4fb96a028c7e4d7fc314481d1db66937bcd.trk.sensic.net/tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=1665164423167CAA43820A17CD908FBFB23B442B462522C9DFE8EFEF
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tp.gif?m=adnetwork_sunmedia&r=pixel.es-config.sensic.net&p=es1&instanceid=1665164423167CAA43820A17CD908FBFB23B442B462522C9DFE8EFEF HTTP/1.1
Host: 8e640c0abe999879dc23a4fb96a028c7e4d7fc314481d1db66937bcd.trk.sensic.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuptowebrapp.webcindario.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: awselb/2.0
date: Fri, 07 Oct 2022 17:40:23 GMT
expires: Wed, 21 Oct 2015 07:28:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-expose-headers: *
access-control-allow-headers: *
access-control-allow-origin: *
X-Firefox-Spdy: h2
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
200 OK 1.3 kB URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (363)
Hash c2e12f0ff82b039067de99b28f89747c
98c54c9caf0e448131b3b6c2bfce9499d66c2dec
1fa9d2dd2d0a337785ff223e1d5fb8a52112ec83f5eadc54ce50b301042fff94
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/xml
Content-Length: 1266
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:41 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: desktop
Accept-Ranges: bytes
Age: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
200 OK 1.3 kB URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (363)
Hash c2e12f0ff82b039067de99b28f89747c
98c54c9caf0e448131b3b6c2bfce9499d66c2dec
1fa9d2dd2d0a337785ff223e1d5fb8a52112ec83f5eadc54ce50b301042fff94
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/xml
Content-Length: 1266
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:41 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: desktop
Accept-Ranges: bytes
Age: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
200 OK 1.3 kB URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (363)
Hash c2e12f0ff82b039067de99b28f89747c
98c54c9caf0e448131b3b6c2bfce9499d66c2dec
1fa9d2dd2d0a337785ff223e1d5fb8a52112ec83f5eadc54ce50b301042fff94
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/xml
Content-Length: 1266
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:41 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: desktop
Accept-Ranges: bytes
Age: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
200 OK 1.3 kB URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (363)
Hash c2e12f0ff82b039067de99b28f89747c
98c54c9caf0e448131b3b6c2bfce9499d66c2dec
1fa9d2dd2d0a337785ff223e1d5fb8a52112ec83f5eadc54ce50b301042fff94
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/2cda9eed-462d-4d4c-a308-786a00b8bf95.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/xml
Content-Length: 1266
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:41 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: desktop
Accept-Ranges: bytes
Age: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
theman-plus.com/ajax/state?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a&_=1665164423312
200 OK 47 kB URL HTTP/2 theman-plus.com/ajax/state?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a&_=1665164423312
IP
File type JSON data\012- , ASCII text, with very long lines (1908), with no line terminators
Hash 1b16e955b7ee17fdea16616c92a91451
a95259fb131ec8bbd35257103c7d68fb80e53bfd
cde18373a5f35f5e882808bfd9a64750853c9cb41f1b1f21415fbd384515ee69
GET /ajax/state?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a&_=1665164423312 HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: application/json; charset=utf-8
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGYtReHd4bGqSW9Q4qLBhXxepv1wvwGueNNKj2bLdWg03aXL5c%2FOniwLUOnJtqTAhIQRVVVnyec34URMgEPcj4ugRcfrUkYifflu4xlcBi3LwF1EmnxG5IDoJpveRUJEgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686bef1f86b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Fri, 07 Oct 2022 20:29:58 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Fri, 07 Oct 2022 20:29:58 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
200 OK 16 kB URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63582), with no line terminators
Hash cc1f5deca2ab33f53dcd1fbd8ec13d24
1511da989a13eaad76a029dd340d5f830c518939
7a069b9e4da4012ff502257faa87d52a880c9c0b3549a29c715d456422b48530
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE} HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/javascript
Content-Length: 16336
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
TCDN-edad: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Fri, 07 Oct 2022 20:29:58 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 53b7ffdc3799e0ac7a225145242579ef
c47f0525fe5354ee13fe63c0ec31f0f826a58005
4bb518afc9b3e7bfb976d343e46b306155834adbe71fa35b0d6f509959f78aca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0b7bc4b-b79a-4bab-9bec-87695d757b08.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10987
x-amzn-requestid: c2ab1012-1afd-4d74-8114-97977b43da24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZgCHwGdGoAMFvyg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633cb097-3237927a0c1e081d22c902f7;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 22:15:51 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: JYDg0-KelCPr__4bKtpARLrwiE1CHGICcFI6I9_TFCMcmESbykNhXQ==
via: 1.1 3dde68f1f52282c9e1ee336d97233b0a.cloudfront.net (CloudFront), 1.1 27f6faf9790b5a2877fb528fa31f7922.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:50 GMT
age: 70293
etag: "c47f0525fe5354ee13fe63c0ec31f0f826a58005"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Fri, 07 Oct 2022 20:29:58 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash e825fc3ba1ec6c169fbc10ffef8dffb0
6bf9cffa8468b37068aebed5a43dbc911086fc84
b0c59e715d8c38c061cfa06ec64c69f442f9417d6bc9c76e393c1fa00b11af86
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10175
Expires: Fri, 07 Oct 2022 20:29:58 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2ac0ed19ef64f2f765ce7adb2a8fa7c
b6ea582befd01324dd456d59d3f610101dcf910c
d324c9f67b0efc38a935195076488dd0a62f61b893706ecf40ad1f2c5550a7d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F90038edb-d110-41cd-98e0-d47715e9135b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11492
x-amzn-requestid: 7ac7e364-5204-4101-87f6-89fbdf3c5cb0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_GKSoAMFdkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-4ae692e2617657225c88e5fb;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: trKPg7J7s_BuMlog8HXU2ipo4dQlR3RAJ93KqFxf0BhcrzB8FDx3_A==
via: 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 71803
etag: "b6ea582befd01324dd456d59d3f610101dcf910c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4572451a09430ca7a9203f14ddc035ba
46e17c44fba23988d7a9d9832c411ba2810136c3
fa54e73c4b32d8e109504ebcd46e4316de8143f44b7eae20a44ba63d14a6f24b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7758caee-c969-46dd-96d0-b4402437781d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8445
x-amzn-requestid: 7d295b3b-29d6-4b2e-8314-c9055d1def80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmju5FxwoAMFeQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4cc5-3f58c18b1159ad512c60422b;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:46:45 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: DC1ECXhkAhfdrU8ZyMhhDdwydsq4PQfzzGOPd-REjCkCsDbXQLnLiA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:57 GMT
etag: "46e17c44fba23988d7a9d9832c411ba2810136c3"
content-type: image/jpeg
age: 70286
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: Vy9jQu1a8BGypY4C4u_9gao5wPEkVHgArhG2zMNdH8KfBS0lfmyHBA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 71803
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: FO5iGJFmDfdklhzIVOxp4x3AV7ltFqBDDlYBz39Zzx99t7oykNR2WQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 a4479a6315f90864adc6175b280f8f44.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:43:40 GMT
age: 71803
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
304 Not Modified 0 B URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE} HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 26 May 2022 15:43:40 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/javascript
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
TCDN-edad: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16339989f5c6c229a3dcc0ed1e52032f
a1ea26d6e4eb4a72cc8c87100b40035dab69d285
16703f888ee6f974bb89e1c4c16a75186b31b64130abcd1a3bcd3741159d912c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ca4df15-4ecd-467c-a658-2352fca9a8ff.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13437
x-amzn-requestid: ec801fbc-c339-46ce-ac5f-18d064e5ef21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_HdeoAMFyOQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-02b52b770e6e76cf52b26e47;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Iesqk_XbGiZE-n3mTa1_1WtlXiyEqz-4qfyt3_609O1eujdLcFu3zA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 ece5d4a731ece5ff46c564ab2b946ede.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:47:25 GMT
age: 71578
etag: "a1ea26d6e4eb4a72cc8c87100b40035dab69d285"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
304 Not Modified 0 B URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE} HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 26 May 2022 15:43:40 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/javascript
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
TCDN-edad: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
304 Not Modified 0 B URL HTTP/1.1 creatives.sunmedia.tv/2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE}
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /2cda9eed-462d-4d4c-a308-786a00b8bf95/video/2cda9eed-462d-4d4c-a308-786a00b8bf95.js?rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}&schain=${supply_chain}&xclk=${xclk}&t=${VALUE} HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 26 May 2022 15:43:40 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:23 GMT
Content-Type: application/javascript
Connection: keep-alive
Last-Modified: Thu, 26 May 2022 15:43:40 GMT
Content-Encoding: gzip
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Cache-Control: max-age=0, s-maxage=3600
X-Device: mobile
Accept-Ranges: bytes
TCDN-edad: 708
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
ocsp.digicert.com/
200 OK 727 B IP
Hash 2b9475233c7cfd9455c99e14b43fecee
ec833d9219972cea529dbe5578d3f577aa7bdae2
5a20e06db93637bf9efa20c6d4122f5d47aebb182d7fa2528d0e90efb535698b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6155
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 07 Oct 2022 17:40:23 GMT
Last-Modified: Fri, 07 Oct 2022 15:57:48 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 727
ced.sascdn.com/tag/1999/smart.js
200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1999/smart.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65354)
Hash b6dc7d952fd310a922e3a63b27372235
08dd2ac3548c67aa9ebaaa3a0fe63a8b04f6dbaa
0f69ee41bc160786e273f45ae597b5aa0eb2e9a7de1b7010a46563e51fc92efe
GET /tag/1999/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32559
Cache-Control: public, max-age=7200
Expires: Fri, 07 Oct 2022 19:40:23 GMT
Date: Fri, 07 Oct 2022 17:40:23 GMT
Connection: keep-alive
usage.trackjs.com/usage.gif?token=290c8f87dddf45e3a65e0baf08b25d02&correlationId=1a2f3d2d-a39f-4510-a760-f0f6c28f7dc4&application=shop-frontend&x=dfe31410-8534-4fa8-a4a2-68224be30cd6&
200 OK 43 B URL HTTP/1.1 usage.trackjs.com/usage.gif?token=290c8f87dddf45e3a65e0baf08b25d02&correlationId=1a2f3d2d-a39f-4510-a760-f0f6c28f7dc4&application=shop-frontend&x=dfe31410-8534-4fa8-a4a2-68224be30cd6&
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /usage.gif?token=290c8f87dddf45e3a65e0baf08b25d02&correlationId=1a2f3d2d-a39f-4510-a760-f0f6c28f7dc4&application=shop-frontend&x=dfe31410-8534-4fa8-a4a2-68224be30cd6& HTTP/1.1
Host: usage.trackjs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: image/gif
Content-Length: 43
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Connection: keep-alive
www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6055968486&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
200 OK 42 B URL HTTP/1.1 www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6055968486&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
IP
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash f64493cecf2234e507d99292bbba6839
8dc0c3a9ea4bc1d183af7cbd2b3e560e41a6a86e
d52573922344ff447962eefac69ba45c3a23a1addaaffe20798195ba1243fce1
GET /ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6055968486&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 07 Oct 2022 17:40:23 GMT
cache-control: no-cache,no-store
content-encoding: gzip
pragma: no-cache
set-cookie: pbw=%24b%3d12960%3b%24o%3d99999%3b%24sw%3d1280%3b%24sh%3d1024; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
vs=281855=5136100; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
pid=4915409939716203559; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638007612241275469&o=1; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=2915322476&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
200 OK 42 B URL HTTP/1.1 www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=2915322476&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
IP
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash f64493cecf2234e507d99292bbba6839
8dc0c3a9ea4bc1d183af7cbd2b3e560e41a6a86e
d52573922344ff447962eefac69ba45c3a23a1addaaffe20798195ba1243fce1
GET /ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=2915322476&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 07 Oct 2022 17:40:23 GMT
cache-control: no-cache,no-store
content-encoding: gzip
pragma: no-cache
set-cookie: pbw=%24b%3d12960%3b%24o%3d99999%3b%24sw%3d1280%3b%24sh%3d1024; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
vs=281855=5136100; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
pid=2691335531496039622; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638007612241267393&o=1; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6456596055&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
200 OK 42 B URL HTTP/1.1 www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6456596055&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0
IP
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash f64493cecf2234e507d99292bbba6839
8dc0c3a9ea4bc1d183af7cbd2b3e560e41a6a86e
d52573922344ff447962eefac69ba45c3a23a1addaaffe20798195ba1243fce1
GET /ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6456596055&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent={gdpr_consent}&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&isLazy=0&isAdRefresh=0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 07 Oct 2022 17:40:24 GMT
cache-control: no-cache,no-store
content-encoding: gzip
pragma: no-cache
set-cookie: pbw=%24b%3d12960%3b%24o%3d99999%3b%24sw%3d1280%3b%24sh%3d1024; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
vs=281855=5136100; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
pid=7075454683429823620; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638007612241252882&o=1; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=3085562250&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent=1&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&isLazy=0&isAdRefresh=0
200 OK 42 B URL HTTP/1.1 www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=3085562250&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent=1&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&isLazy=0&isAdRefresh=0
IP
ASN #201081 SmartAdServer SAS
File type ASCII text, with no line terminators
Hash f64493cecf2234e507d99292bbba6839
8dc0c3a9ea4bc1d183af7cbd2b3e560e41a6a86e
d52573922344ff447962eefac69ba45c3a23a1addaaffe20798195ba1243fce1
GET /ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=3085562250&tgt=T13&tag=sas_70691&sh=1024&sw=1280&pgDomain=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&gdpr_consent=1&noadcbk=sas.noad&schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&isLazy=0&isAdRefresh=0 HTTP/1.1
Host: www8.smartadserver.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
HTTP/1.1 200 OK
content-type: application/javascript; charset=UTF-8
date: Fri, 07 Oct 2022 17:40:23 GMT
cache-control: no-cache,no-store
content-encoding: gzip
pragma: no-cache
set-cookie: pbw=%24b%3d12960%3b%24o%3d99999%3b%24sw%3d1280%3b%24sh%3d1024; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
vs=281855=5136100; domain=.smartadserver.com; path=/
TestIfCookie=ok; domain=.smartadserver.com; path=/
TestIfCookieP=ok; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
pid=2838719039360296181; expires=Sat, 07 Oct 2023 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd2=q=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0&c=1&l=819242284&lo=988266927<=638007612241400963&o=1; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
sasd=%24qc%3D1311348260%3B%24ql%3DMedium%3B%24qpc%3D1006%3B%24qt%3D216_1430_41056t%3B%24dma%3D0; expires=Sat, 08 Oct 2022 17:40:24 GMT; domain=.smartadserver.com; path=/
transfer-encoding: chunked
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 65d230f137b2cd5a8c59c1e68da453fe
bb7f075e28767e83728c92f721499280363cc02e
22a66acf7d5d0a9e671210b99d8794503de18e7bd28ebace21b1512009b079c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:36:11 GMT
Expires: Fri, 07 Oct 2022 23:36:11 GMT
ETag: "bb7f075e28767e83728c92f721499280363cc02e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 65d230f137b2cd5a8c59c1e68da453fe
bb7f075e28767e83728c92f721499280363cc02e
22a66acf7d5d0a9e671210b99d8794503de18e7bd28ebace21b1512009b079c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:36:11 GMT
Expires: Fri, 07 Oct 2022 23:36:11 GMT
ETag: "bb7f075e28767e83728c92f721499280363cc02e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 65d230f137b2cd5a8c59c1e68da453fe
bb7f075e28767e83728c92f721499280363cc02e
22a66acf7d5d0a9e671210b99d8794503de18e7bd28ebace21b1512009b079c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:36:11 GMT
Expires: Fri, 07 Oct 2022 23:36:11 GMT
ETag: "bb7f075e28767e83728c92f721499280363cc02e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 65d230f137b2cd5a8c59c1e68da453fe
bb7f075e28767e83728c92f721499280363cc02e
22a66acf7d5d0a9e671210b99d8794503de18e7bd28ebace21b1512009b079c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:36:11 GMT
Expires: Fri, 07 Oct 2022 23:36:11 GMT
ETag: "bb7f075e28767e83728c92f721499280363cc02e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
200 OK 2.1 kB URL HTTP/1.1 creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1146)
Hash da4a06a653cfdb81830a498082ad0639
874645142e64d539cebbd7fdddff13776023bed4
ac3f6ebbfb4404363e95ab6991af118fdfc7a30cfadc5a32bec87024002e398b
GET /f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/xml
Content-Length: 2106
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 16:12:50 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 709
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/4ece5ef8-3eff-4ff5-9cde-e11eff196004/4ece5ef8-3eff-4ff5-9cde-e11eff196004.xml
200 OK 2.5 kB URL HTTP/1.1 creatives.sunmedia.tv/4ece5ef8-3eff-4ff5-9cde-e11eff196004/4ece5ef8-3eff-4ff5-9cde-e11eff196004.xml
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (1526)
Hash 962ea6238c35c7ece73250758691b6c9
eb5044653dcd95702b4508f42840cdf326f88da1
f4c0bd0ba98232c51929fec7ebef0676ab072ff9e5fd379d38732275c818f51b
GET /4ece5ef8-3eff-4ff5-9cde-e11eff196004/4ece5ef8-3eff-4ff5-9cde-e11eff196004.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/xml
Content-Length: 2486
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 15:49:30 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: desktop
Accept-Ranges: bytes
Age: 709
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
ocsp.godaddy.com/
200 OK 1.8 kB IP
Hash 65d230f137b2cd5a8c59c1e68da453fe
bb7f075e28767e83728c92f721499280363cc02e
22a66acf7d5d0a9e671210b99d8794503de18e7bd28ebace21b1512009b079c4
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Thu, 06 Oct 2022 23:36:11 GMT
Expires: Fri, 07 Oct 2022 23:36:11 GMT
ETag: "bb7f075e28767e83728c92f721499280363cc02e"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=82959342&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&t=T13
200 OK 9.5 kB URL HTTP/2 es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=82959342&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&t=T13
IP
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (65497)
Hash fe97799ffb342622fe94ed1dcc7540c3
8a974f8fff76278e586f1ef25908f0a02f0e1df4
94d281f4e1fbe6cf7f51718539f2407b4ce65d2b6f75bcc118ab7544a51610fe
GET /proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=82959342&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent=1&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,b55a4985-9dee-4903-bf12-bd44dbbdeb6e,1,,,&t=T13 HTTP/1.1
Host: es-sunelespanol.videoplaza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:24 GMT
access-control-allow-origin: http://cuptowebrapp.webcindario.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: pid=1fb1b969-4667-11ed-89e6-9aa25704f615; Path=/; SameSite=None; Expires=Sat, 07-Oct-2023 17:40:24 GMT; Max-Age=31536000; Secure
x-cluster-name: prod-ew1-edge-1
content-type: text/xml;charset=utf-8
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
304 Not Modified 0 B URL HTTP/1.1 creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 29 Sep 2022 16:12:50 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/xml
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 16:12:50 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 709
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
304 Not Modified 0 B URL HTTP/1.1 creatives.sunmedia.tv/f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f37b6e6b-bf37-4ab2-8493-8762b8457f7f/f37b6e6b-bf37-4ab2-8493-8762b8457f7f.xml HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Thu, 29 Sep 2022 16:12:50 GMT
HTTP/1.1 304 Not Modified
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/xml
Connection: keep-alive
Last-Modified: Thu, 29 Sep 2022 16:12:50 GMT
Cache-control: max-age=0, s-maxage=2592000
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
X-Device: mobile
Accept-Ranges: bytes
Age: 709
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
creatives.sunmedia.tv/vpaid_ssp_display/prebidadpjs6.29.3.js?v=v2022092901
200 OK 135 kB URL HTTP/1.1 creatives.sunmedia.tv/vpaid_ssp_display/prebidadpjs6.29.3.js?v=v2022092901
IP
File type ASCII text, with very long lines (65419)
Size 135 kB (135209 bytes)
Hash b67295b012d327b28c05b06e846f9d3d
80ff49b952049ba632d904686d1a0e23540a15e5
a0673462c80955f5b364a0b1ac0951a93d99014d6b75c59ef136473290fddcdd
GET /vpaid_ssp_display/prebidadpjs6.29.3.js?v=v2022092901 HTTP/1.1
Host: creatives.sunmedia.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 07 Oct 2022 17:40:24 GMT
Content-Type: application/x-javascript
Content-Length: 135209
Connection: keep-alive
Cache-Control: max-age=31536000
X-Device: mobile
Content-Encoding: gzip
Accept-Ranges: bytes
TCDN-edad: 709
Access-Control-Allow-Origin: http://cuptowebrapp.webcindario.com
TP-Cache: HIT
Access-Control-Allow-Credentials: true, true
theman-plus.com/static/manplus/v1/desktop/images/0d7031f695477d118534b61f079b31ad.svg
200 OK 0 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/0d7031f695477d118534b61f079b31ad.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/0d7031f695477d118534b61f079b31ad.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-2dee"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nBKBgcbCaXwbQegr7%2Fx6bNXYb6UeG%2BbZPzySeHCCbvH%2F5V7nLRIM%2FMtVef17uPxG1mcG7WfNFiIzjn5XkmvcvhwICNOsWrU4w8XNLFOR4ksa9n1yfcSEH3SAvxibhJ1EA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebdabfb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/884d8c72da5a1f77223aaabaa9ea6d41.jpg
200 OK 0 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/884d8c72da5a1f77223aaabaa9ea6d41.jpg
IP
GET /static/manplus/v1/desktop/images/884d8c72da5a1f77223aaabaa9ea6d41.jpg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/static/manplus/v1/desktop/css/index11411a506dda9c06aea6.css?11411a506dda9c06aea6
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/jpeg
content-length: 104362
cache-control: max-age=5184000
cf-bgj: h2pri
etag: "6321ba9f-197aa"
expires: Mon, 05 Dec 2022 21:55:25 GMT
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VFZVzx7IIiejjCD3iCembss7KF2zht5AxRBadMDVsSOLuqDJfvIn2yt6RCDHbJnupMnOSu77A42iQQekKEn9cxZ%2F%2FaKjfnX4mVbNTVUa2VK3ad0lfAV4Y4JESf%2FDjv9KDg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bed1c52b4ff-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Lato
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Lato
IP
GET /css?family=Lato HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 07 Oct 2022 17:40:22 GMT
date: Fri, 07 Oct 2022 17:40:22 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=589577017&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
200 OK 0 B URL HTTP/2 es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=589577017&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
IP
GET /proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=589577017&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13 HTTP/1.1
Host: es-sunelespanol.videoplaza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:24 GMT
access-control-allow-origin: http://cuptowebrapp.webcindario.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: pid=1fa890f0-4667-11ed-b329-4efd201b400f; Path=/; SameSite=None; Expires=Sat, 07-Oct-2023 17:40:24 GMT; Max-Age=31536000; Secure
x-cluster-name: prod-ew1-edge-1
content-type: text/xml;charset=utf-8
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
200 OK 0 B URL HTTP/2 sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
IP
ASN #24940 Hetzner Online GmbH
GET /DF2886F390D432DF0C8E98D69702ED6F/ HTTP/1.1
Host: sync.richaudience.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
theman-plus.com/static/countries/en.json?_=1665164423313
200 OK 0 B URL HTTP/2 theman-plus.com/static/countries/en.json?_=1665164423313
IP
Analyzer Verdict Alert fortinet Phishing
GET /static/countries/en.json?_=1665164423313 HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: application/json
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-26f3d"
expires: Tue, 06 Dec 2022 17:40:23 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7GxObWIjG7Q3b4uevi%2BgHhU%2FX41anr5cqxcAJ72azghdLsP6WDY%2F2LNkPyZ5jtPUlLejy5aKbyexqhzi8WAHSZLjAEiUyboSOA0pzr07Y6qQpwGiXhVajTwYQO65OBsNqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686befa83bb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=144239988&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
200 OK 0 B URL HTTP/2 es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=144239988&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
IP
GET /proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=144239988&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13 HTTP/1.1
Host: es-sunelespanol.videoplaza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:24 GMT
access-control-allow-origin: http://cuptowebrapp.webcindario.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: pid=1fa6951a-4667-11ed-8a00-52ea82164a25; Path=/; SameSite=None; Expires=Sat, 07-Oct-2023 17:40:24 GMT; Max-Age=31536000; Secure
x-cluster-name: prod-ew1-edge-1
content-type: text/xml;charset=utf-8
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=573249568&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
200 OK 0 B URL HTTP/2 es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=573249568&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13
IP
GET /proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=573249568&pf=fl_11&dcid=pc&xpb=1&gdpr=0&gdpr_consent={gdpr_consent}&ru=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&vht=315&vwt=420&cp.schain=1.0,1!sunmedia.tv,4d851cea-6c8f-4489-8844-9e29bfd95489,1,,,&t=T13 HTTP/1.1
Host: es-sunelespanol.videoplaza.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:24 GMT
access-control-allow-origin: http://cuptowebrapp.webcindario.com
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT
cache-control: no-cache, must-revalidate
set-cookie: pid=1fa81bfe-4667-11ed-b7ee-82e2818c1c54; Path=/; SameSite=None; Expires=Sat, 07-Oct-2023 17:40:24 GMT; Max-Age=31536000; Secure
x-cluster-name: prod-ew1-edge-1
content-type: text/xml;charset=utf-8
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/7afc381d046c6eaa74dc6031ea228537.svg
200 OK 0 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/7afc381d046c6eaa74dc6031ea228537.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/7afc381d046c6eaa74dc6031ea228537.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-cc5"
expires: Wed, 23 Nov 2022 14:31:26 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 1134537
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lKiov4%2BjjPW2rkOGld5GW8cmNb7U8uVRgc%2F%2Fo0rnmVyeR0LUW7lTMejN%2FIecMooDN7onuaP7KIMcGdvVA8D8k4QxiNLOChR7fbxOqrUDAe2fFuBmnLJiIQmGoAiBmE3Y3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebcaafb4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/images/424becb58881139188b694dd49b05a7b.svg
200 OK 0 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/images/424becb58881139188b694dd49b05a7b.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/images/424becb58881139188b694dd49b05a7b.svg HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-49fe"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpkRoKW8cV5%2BoO4FOu7CDV7%2Bi5E%2FeAWKow0St%2BcCnn6zYVM5QHPm3IuJZmVjlPqzgP6imVZQH3oZaw98cbXXKoDNLOD7o6g1J%2BQIMwMu4tHgDYGUlB0a0B%2Bd3NOBBZ1V3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75686bebcab1b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
200 OK 0 B URL HTTP/2 sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
IP
ASN #24940 Hetzner Online GmbH
GET /DF2886F390D432DF0C8E98D69702ED6F/ HTTP/1.1
Host: sync.richaudience.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
pandg.tapad.com/tag?gdpr=0&gdpr_consent=%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Business%22%7D
200 OK 0 B URL HTTP/2 pandg.tapad.com/tag?gdpr=0&gdpr_consent=%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Business%22%7D
IP
GET /tag?gdpr=0&gdpr_consent=%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Business%22%7D HTTP/1.1
Host: pandg.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s.richaudience.com/vid/MP_06EhCbcfZK/534241691/?hasConsent=0&consentString={gdpr_consent}&dem=outstream&fp=300
200 OK 0 B URL HTTP/2 s.richaudience.com/vid/MP_06EhCbcfZK/534241691/?hasConsent=0&consentString={gdpr_consent}&dem=outstream&fp=300
IP
ASN #24940 Hetzner Online GmbH
GET /vid/MP_06EhCbcfZK/534241691/?hasConsent=0&consentString={gdpr_consent}&dem=outstream&fp=300 HTTP/1.1
Host: s.richaudience.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuptowebrapp.webcindario.com
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.14.2
date: Fri, 07 Oct 2022 17:40:24 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
access-control-allow-origin: http://cuptowebrapp.webcindario.com
access-control-allow-credentials: true
access-control-max-age: 86400
content-encoding: gzip
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:21 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
expires: Fri, 14 Oct 2022 17:40:21 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
theman-plus.com/static/manplus/v1/desktop/js/index.js11411a506dda9c06aea6.js?11411a506dda9c06aea6
200 OK 0 B URL HTTP/2 theman-plus.com/static/manplus/v1/desktop/js/index.js11411a506dda9c06aea6.js?11411a506dda9c06aea6
IP
Analyzer Verdict Alert fortinet Phishing
GET /static/manplus/v1/desktop/js/index.js11411a506dda9c06aea6.js?11411a506dda9c06aea6 HTTP/1.1
Host: theman-plus.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://theman-plus.com/offer/manplus/v1/?uid=b8e34c45-91c9-47d9-a753-cc3adba28d7a
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Wed, 14 Sep 2022 11:27:27 GMT
etag: W/"6321ba9f-539af"
expires: Mon, 05 Dec 2022 21:55:25 GMT
cache-control: max-age=5184000
strict-transport-security: max-age=15768000
cf-cache-status: HIT
age: 71098
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHX1PeHk1%2BNqaHrymlmfr6SUllfEMYtvKfLfWpz9IA4mJqIZR7x2i6WLZSPpmRV103tbmE8pi1SC0Sd0iakW560ncjw%2F4oMVbRprxpfoye2RdiDZEe2nhSeWIU9S0mToDA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75686bec1b04b4ff-OSL
content-encoding: br
X-Firefox-Spdy: h2
pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
200 OK 0 B URL HTTP/2 pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
IP
GET /tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fcuptowebrapp.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&initiator=js&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D HTTP/1.1
Host: pandg.tapad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuptowebrapp.webcindario.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 07 Oct 2022 17:40:23 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
5.57.226.202
34.117.237.239
141.94.109.48
3.69.110.240
23.36.77.24
51.89.64.207
158.69.52.117
109.234.34.118
0.0.0.0