r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8216
Expires: Fri, 30 Sep 2022 04:45:54 GMT
Date: Fri, 30 Sep 2022 02:28:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 30 Sep 2022 02:16:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CsQ9djawx3sP5mXpn3QZf2a21_1MwhEytPZ2R6Qc2Wy-ISYAUeXQMA==
Age: 774
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -fFJqjNeDvzFGnQPvR7cwfD4S6IRlKhLIH8vIewNiiytESC1SCOWog==
age: 75631
X-Firefox-Spdy: h2
cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
75.102.57.149301 Moved Permanently 0 B URL HTTP/1.1 cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
IP 75.102.57.149:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php HTTP/1.1
Host: cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
x-redirect-by: WordPress
location: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
content-length: 0
date: Fri, 30 Sep 2022 02:28:58 GMT
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 30 Sep 2022 02:28:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 30 Sep 2022 01:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 30 Sep 2022 01:37:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JRYvDyyJoixlye1Sc-KLaMu-GyZfvK5rAO0hfyDhD-EplZM6rstS9A==
Age: 3566
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4072
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:28:59 GMT
Last-Modified: Fri, 30 Sep 2022 01:21:07 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
75.102.57.149404 Not Found 16 kB URL HTTP/1.1 www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
IP 75.102.57.149:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 893ab5e6a786d4f48fe5bdf072ab43b4
e21ee92a945b27f5c858c0c340d133ca8efa3394
f701eaef3dfd91ec10c40d811aa2ddf7a42436aa1094ba6025d3f3bf6e4aaa4d
Analyzer Verdict Alert fortinet Phishing
GET /sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.cuscoinkasfeat.com/wp-json/>; rel="https://api.w.org/"
content-length: 16311
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 30 Sep 2022 02:28:58 GMT
push.services.mozilla.com/
44.237.51.86101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.51.86:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pqVbu6K9m383rR2FBsYMWA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: a0JUSerkdWZbq/CjeI5P6pcoQYo=
www.cuscoinkasfeat.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1658026073
75.102.57.149200 OK 4.7 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/chaty/css/chaty-front.min.css?ver=1658026073
IP 75.102.57.149:0
File type ASCII text, with very long lines (20627), with no line terminators
Hash 7b1cdaaac4568ae2503fcdfc416acba2
99318cdad0623f15ec0bc7a1acd099daacc1ee4d
d23a0271f9268fec6b45d7f2fb4e29a77b2c7176ac6796df3fd4df8744a28d9d
GET /wp-content/plugins/chaty/css/chaty-front.min.css?ver=1658026073 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Fri, 15 Jul 2022 04:44:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4713
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
75.102.57.149200 OK 972 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1
IP 75.102.57.149:0
Hash e355e7e30d2cbeebefa6977790886c3a
eccf1c43237a1de702ae36722813fa10d580dd4e
49d452b612934ceb8ce12bfadb85dac2f573d458337a9ae0da76705a8ae8b018
GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.1 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Tue, 19 Jul 2022 22:18:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 972
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
75.102.57.149200 OK 2.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6
IP 75.102.57.149:0
File type ASCII text, with very long lines (7609)
Hash ad6e74a0c8866c083bd11d99e52f5de0
aef33b6a6edf70ef3a855a8c6810a393b5d026e4
561511f2462956915dc9f24fe91fff79af56c324eb617491dc98d71d91179c15
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/sumoselect.min.css?ver=3.4.6 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 01:43:01 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2080
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
75.102.57.149200 OK 4.0 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5
IP 75.102.57.149:0
File type ASCII text, with very long lines (42839), with no line terminators
Hash 2dfe22d6084a7d2f894f520c361d9159
86d60eafb21be2d7e05f5ebc80dd2c89da251969
93f6b1a6c9cd230bdc9f05023f25ee9e557429ae1e7963e69aef5bd684292778
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/jquery.mCustomScrollbar.min.css?ver=3.1.5 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 01:43:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3979
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.6.10
75.102.57.149200 OK 7.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.6.10
IP 75.102.57.149:0
File type ASCII text, with very long lines (45363), with no line terminators
Hash 87a67fd58f3ff0bbbf1d11b372aa0011
20a4a2b7cf95c2463c634643dd079962e35e1edc
a4bebb3a206b3b262713b08345028917509d95331576df1ca0d44a0a28c30494
GET /wp-content/plugins/photo-gallery/css/styles.min.css?ver=1.6.10 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 01:43:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7072
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
75.102.57.149200 OK 884 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1
IP 75.102.57.149:0
Hash fbd3cb84e1194d91c4eb572a7f5842c3
18231875f66f767084a8b1eee5732380a5602db0
6e5012861ffeb56456543a0b0adfd71a5e562bd478998e40374f536a35793d4c
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/css/bwg-fonts/fonts.css?ver=0.0.1 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 11 Jul 2022 01:43:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 884
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/social_widget.css?ver=6.0.2
75.102.57.149200 OK 505 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/social_widget.css?ver=6.0.2
IP 75.102.57.149:0
Hash 4c6decc0204c9ac878ffa9c9cf7e9661
ecd633e778bc38b8225ec21acd6182a69be676ec
499d5dd15e75983a1cde5781d885892db604fd724348e90a1ef282c40a26732f
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/social-media-widget/social_widget.css?ver=6.0.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Fri, 14 Jul 2017 20:47:54 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 505
date: Fri, 30 Sep 2022 02:28:59 GMT
www.tripadvisor.com.pe/img/cdsi/img2/branding/150_logo-11900-2.png
23.38.201.85200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com.pe/img/cdsi/img2/branding/150_logo-11900-2.png
IP 23.38.201.85:0
File type PNG image data, 150 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ef4dc95536816412fe4cba02308d5fc
9979817bfca34de65ffe2d857cd8e3c33208ceea
0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95
GET /img/cdsi/img2/branding/150_logo-11900-2.png HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Fri, 30 Sep 2022 14:28:59 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/png
content-length: 2349
date: Fri, 30 Sep 2022 02:28:59 GMT
set-cookie: TADCID=9y_UH4Gn0agsA7T6ABQCFdpBzzOuRA-9xvCxaMyI13CIAS7HrqstvKfqGdB3ftGMsj4aDHL8Xqh5nHwBzpxPf1EZS5DBHrnM4zk; Domain=www.tripadvisor.com.pe; Expires=Mon, 27-Sep-2032 02:28:59 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3Ak%2FYNam9JuW3k7nWhzVPS6vln53cgl0ayf%2FVH9%2B5rnm42jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Sun, 29-Sep-2024 02:28:59 GMT; Path=/; HttpOnly
__vt=0bp8o04GECSZNt8YABQCIf6-ytF7QiW7ovfhqc-AvSBlocHvNnQwxyqPioOz7Y2jgNnZvlBgfnkx4Iq46NQFHlAe4VMRRlurgAYN1doQ2Gjl7nFZx4K_TAFpPbex-OZ0g7NHsOjbWM-Gy1vgDt7Hp-hkmYI; Domain=www.tripadvisor.com.pe; Expires=Fri, 30-Sep-2022 03:28:59 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.B6C4D0BFC48FC88E4470849BCEA332CE*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com.pe; Path=/
ServerPool=T; Domain=.tripadvisor.com.pe; Path=/
TACds=A.1.11900.2.2022-09-29; Domain=.tripadvisor.com.pe; Expires=Tue, 29-Nov-2022 02:28:59 GMT; Path=/
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css?ver=2.1.2
75.102.57.149200 OK 1.8 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css?ver=2.1.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (7098), with no line terminators
Hash 300d16ff6206d9f04700160ea58e37e0
ca8bf761a63f9155b16492122a69c5ed58393e37
321b7f120a8581cd1dd5a8f8c0fc52ec28d2444b36c3e367ef6ee769a0d34be6
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/css/google-maps-builder.min.css?ver=2.1.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Fri, 14 Jul 2017 23:40:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1752
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/uploads/maxmegamenu/style_en_us.css?ver=59698a
75.102.57.149200 OK 5.6 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/maxmegamenu/style_en_us.css?ver=59698a
IP 75.102.57.149:0
File type ASCII text, with very long lines (1140)
Hash 62a5c2aace0ed1c0d3875c8ddf408265
e618868fa2e94e0b981b810ce35e7ee7313927a7
6c5b8726fb36362306058400c865e0e5197696a4d4a0d1f51133427558a9fa3b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/maxmegamenu/style_en_us.css?ver=59698a HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Thu, 28 Jul 2022 00:48:53 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5565
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css?ver=2.1.2
75.102.57.149200 OK 2.7 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css?ver=2.1.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (3883)
Hash e1cb9cfe401aabeb00289db43a786b2c
1b44327155820cea6c198e9714c80a235b5ffe34
0d63292af08176a861a8755093ce30acb2194d6ab9c3772eeb9f4783e018bfa7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/css/map-icons.css?ver=2.1.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Fri, 14 Jul 2017 23:40:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2707
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
75.102.57.149200 OK 10 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
IP 75.102.57.149:0
File type Unicode text, UTF-8 text, with CRLF, LF line terminators
Hash 947d66c536c163fbc8382634bc6d9777
90a680e693e2f3fe08844f10cd9826b3a36275f8
6078d177f271feba1226cfbf6f749d24cc009940a0068cf7d857bb494d4b7d2e
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Sat, 11 May 2019 22:49:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 10534
date: Fri, 30 Sep 2022 02:28:59 GMT
www.jscache.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
151.101.86.83301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
IP 151.101.86.83:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
accept-ranges: bytes
date: Fri, 30 Sep 2022 02:28:59 GMT
via: 1.1 varnish
x-served-by: cache-bma1656-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1664504940.639490,VS0,VE214
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 707ae9fcdd83ff2684b843a21df14785
b32e881855867f5436205cca76f1f75062dbedf0
9b8c1f6775cc9961816ab6c78a406036ff4e1278141f3950868bc6dfc87fe3fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cuscoinkasfeat.com/wp-content/uploads/masterslider/custom.css?ver=34.5
75.102.57.149200 OK 1.7 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/masterslider/custom.css?ver=34.5
IP 75.102.57.149:0
File type ASCII text, with very long lines (13675)
Hash 653c60532d4e18364c6846a497dcb753
0d8ad7b20e56688a1289a00bf773076daa6afe0f
173a4e4f4c186068eb543795a136347981fa28a7b5a44aff9b6f42b5f8cd7ea8
GET /wp-content/uploads/masterslider/custom.css?ver=34.5 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 13:51:10 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1654
date: Fri, 30 Sep 2022 02:28:59 GMT
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=6.0.2
142.250.74.42200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=6.0.2
IP 142.250.74.42:0
File type ASCII text, with very long lines (2599)
Hash 925f75ec58e74c4632d92fae587b141e
5e8d726426c8efbb62daeb72cc2b2f6bfec62482
a77cb7b4f34389be5601cee29c43d36426f909e3f286b46c8a4022122a0e1c57
GET /maps/api/js?v=3.exp&libraries=places&ver=6.0.2 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Fri, 30 Sep 2022 02:28:59 GMT
expires: Fri, 30 Sep 2022 02:58:59 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56296
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=11
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-includes/css/dashicons.min.css?ver=6.0.2
75.102.57.149200 OK 36 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/css/dashicons.min.css?ver=6.0.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (58981)
Hash 57daffc76b4eaf9a7deb7c0e03a61f85
7b028ad43294b75d4b241239bb0190c7ab9c5273
00ab13c2e8718e6804d864984db327ff9d83c04292849c09861c73bc9020241d
GET /wp-includes/css/dashicons.min.css?ver=6.0.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Thu, 15 Apr 2021 21:53:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 35599
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
75.102.57.149200 OK 4.2 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (11126)
Hash c41f3a82e911de81a1817131069bc7d2
1e883290a0b794916cead41e5f0705716fd77b89
e9791f24770f098ea30bb4d25e2e10bdedb97132d0bbf7d2bd79eedac22efa27
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Thu, 19 Nov 2020 09:31:12 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4168
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
75.102.57.149200 OK 7.9 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6
IP 75.102.57.149:0
File type ASCII text, with very long lines (1518)
Hash b3e61133de7a6fedbdb9f4c0a8573e7e
fab0297c0433ea1cf1baa18866582286f2ec8ecd
9ce32819eb5fc8489530a6d205cc64050dec7e3027374a7fc51766d87549745f
GET /wp-content/plugins/photo-gallery/js/jquery.sumoselect.min.js?ver=3.4.6 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:07 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7912
date: Fri, 30 Sep 2022 02:28:59 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 707ae9fcdd83ff2684b843a21df14785
b32e881855867f5436205cca76f1f75062dbedf0
9b8c1f6775cc9961816ab6c78a406036ff4e1278141f3950868bc6dfc87fe3fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:28:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
23.38.201.85200 OK 285 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
IP 23.38.201.85:0
File type ASCII text, with very long lines (340)
Hash 258fdf0bd570342ff39c9ae6199a0649
23df6e4e40826f4fa67449c4891541b148ea3957
81b334c113038b21e6af48dae1913a113178ff76787a6ce00cce04aaf129d518
GET /wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
x-datadome: protected
content-encoding: gzip
content-length: 285
date: Fri, 30 Sep 2022 02:29:00 GMT
set-cookie: TADCID=VD6pZAsOM4-UQjr9ABQCFdpBzzOuRA-9xvCxaMyI13CIAUCIhPaNUkX6ibGuOAot6QNXgwHHnMbKgGgVw1v8lZxn8BosFp1Zy6A; Domain=www.tripadvisor.com; Expires=Mon, 27-Sep-2032 02:28:59 GMT; Path=/; Secure; HttpOnly
__vt=YH0dpJGzYXWe5f4bABQCIf6-ytF7QiW7ovfhqc-AvSBloWnwe8yBFCM_nfyD093zkTa93YmzKie-XmjwgZYBLUQc2Xi2PvZqr5iMRN4LfuYHaqkYLaK3U_VPnydHyhU0klqLGJEjC51QVp1J_o-lzp_g; Domain=www.tripadvisor.com; Expires=Fri, 30-Sep-2022 03:28:59 GMT; Path=/; Secure; HttpOnly
datadome=1bDMIZXF7g2WnOg~XxVfNIWIndp4lfiHbFGXRDSGHCIXZBQ0xm73wdnMpS4NFqoGwrrHTzjqZon9WI9F4OZPta3WvJswAfJ9ZYVgeitwEIEOrp7lS-upxPlrwKs7tW_; Max-Age=31536000; Domain=.tripadvisor.com; Path=/; Secure; SameSite=Lax
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
75.102.57.149200 OK 13 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5
IP 75.102.57.149:0
File type ASCII text, with very long lines (32001)
Hash 4e984e0202e9b65d480accaae56c10c3
2ea0a495257943f723a74625c984da4d8df088a7
e54d1b45e86d6f8bef173873919f720a74e10d01ed2dfc90ec2d49c6891046e7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.mCustomScrollbar.concat.min.js?ver=3.1.5 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:07 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12951
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
75.102.57.149200 OK 31 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
IP 75.102.57.149:0
File type ASCII text, with very long lines (65447)
Hash 554969c8ed0e4b5eece1261c4e1e9cd0
3b514b21c2e26b2caa15054e43ed00184a8ebc38
4a10709ca76c5112fbaf69e065b4ef93dd37bcffd4ae39b351e56d40c9322123
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Sat, 16 Jul 2022 11:24:06 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30969
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
75.102.57.149200 OK 2.2 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0
IP 75.102.57.149:0
File type Unicode text, UTF-8 text, with very long lines (5661)
Hash 34365ec780a618c875bc74e42d3912fd
a96df8ee7d76c02a764c4328fa418a26960a0309
14e21865cf9796833b9f0366b98fe7667187019ed1d5166ef11a735e83d6ef87
GET /wp-content/plugins/photo-gallery/js/jquery.fullscreen.min.js?ver=0.6.0 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:07 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2185
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=8.0
75.102.57.149200 OK 2.4 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=8.0
IP 75.102.57.149:0
File type ASCII text, with very long lines (607)
Hash 1bf17989e27a159985bddf3baadbee4d
1fd282e63fc0dba67eabe92497a712223c277023
e95b22022a0c06f86efe380901dd17d8e8392d3ae0303dd069764343c204eddb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarouselskins.js?ver=8.0 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Fri, 14 Apr 2017 02:42:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2420
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.6.10
75.102.57.149200 OK 34 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.6.10
IP 75.102.57.149:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash be2c2053fdfd7be7c1397229113b86f6
aa10f2f5fc9b08af8531259eb3dd58fc84083d6e
27dd57dc30333fdf1b39ac264c2c41ed8f25f6bb3cc7e266ea885ff1ceb59cee
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/scripts.min.js?ver=1.6.10 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:07 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 34050
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=8.0
75.102.57.149200 OK 26 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=8.0
IP 75.102.57.149:0
File type ASCII text, with very long lines (933)
Hash 50acfca5c0ab6e69e3035c830ff0cfff
757771b7ac6a46895a59da53ea64be56636ba6f8
dfe61957f73fc30e046ee8ad8f3a972056f763bb12c39a02a596b7deb42f6ab7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/wonderplugin-carousel/engine/wonderplugincarousel.js?ver=8.0 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Fri, 14 Apr 2017 02:42:14 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 26310
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/style.css
75.102.57.149200 OK 4.3 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/style.css
IP 75.102.57.149:0
File type ASCII text, with very long lines (357)
Hash 09f190702a81ed0b30dc8b79d99bdd53
87be4b47da45ca46d94f87340799a585b0ca86dc
8bc40b505171c0dbcf1b8ba3b654a802a755bef97b40971c13f64d52278438a1
GET /wp-content/themes/CuscoInkasFeat/style.css HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Wed, 20 Jul 2022 15:52:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4328
date: Fri, 30 Sep 2022 02:28:59 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/picker/css/default.css
75.102.57.149200 OK 1.3 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/picker/css/default.css
IP 75.102.57.149:0
File type ASCII text, with CRLF, CR line terminators
Hash d97cbd8a42e9e49ec525d9d465b3dcc6
28cb9186b81fddc3ed451823f1bdefb15d80d8f0
1fd5c4e58df473b44c81ea911f3a3a5102e4b5dbf5c2f0aac2912f4ef99273c0
GET /wp-content/themes/CuscoInkasFeat/js/picker/css/default.css HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Mon, 17 Apr 2017 23:48:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1255
date: Fri, 30 Sep 2022 02:28:59 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 1.0 kB IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 3b8593c21f4fc1199a9161c36d0c5f5f
a0866cadf37768a4a9c9c9ea17a8329ec692eb69
52e2cf5ecab710df4b4201e3bf949070744c99ce2343f4829d84b3d2b4ef5d32
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 809 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 2f5ac689d531ba9efbe9aa27c810936e
66b4303b81fb3f1e7570b548bd753f8e889c2a54
df3edb106addca964801202978c52e1f3027cffa6c059f94669abd9c4bfc1569
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/css/owl.theme.css
75.102.57.149200 OK 618 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/css/owl.theme.css
IP 75.102.57.149:0
File type ASCII text, with CRLF line terminators
Hash be05adb78174dff749e5b92802c2dfc4
7233f52dca0064507074952745a092ad2805f29e
55e6b20a1742d79f6ba9c4c60df8ccb94a50fc4d979fa92426358ed2ee959001
GET /wp-content/themes/CuscoInkasFeat/css/owl.theme.css HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Sat, 01 Apr 2017 00:49:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 618
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/css/owl.carousel.css
75.102.57.149200 OK 544 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/css/owl.carousel.css
IP 75.102.57.149:0
File type ASCII text, with CRLF line terminators
Hash 205501b6076d2cd5189d3280b4960403
5e1695c18773d0d4ce7a8d934d6ae027797ceeeb
f2d82817b91bc360195ac6e156854779b662c591836cbe28ebafe80efc5e2554
GET /wp-content/themes/CuscoInkasFeat/css/owl.carousel.css HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Sat, 01 Apr 2017 00:49:16 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 544
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
75.102.57.149200 OK 12 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (43771)
Hash 9f76c05d4aec8a23bbb9131800060916
ba854132574f3add765c016ff6cef2a30bddc5e0
c73bcff8e403046219e8f9dfb99e029b8d58099b8c5fb5f6508127702fd1b275
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: text/css
last-modified: Sat, 16 Jul 2022 11:23:55 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11658
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
75.102.57.149200 OK 9.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5
IP 75.102.57.149:0
File type HTML document, ASCII text, with very long lines (25075)
Hash 91b165b14cf3a9dc06289b7ec1a9d861
a11b7af632aab6e10c7881c090df84763dac78b0
725264b9a6c39b7d73b519dbf3f849a8ba60f923ba4327c377cfb593a00d157a
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/photo-gallery/js/jquery.mobile.min.js?ver=1.4.5 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:07 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9140
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1658026073
75.102.57.149200 OK 14 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1658026073
IP 75.102.57.149:0
File type ASCII text, with very long lines (55160), with no line terminators
Hash ad2819985f7552a2c97c2463dc827bd8
b7757adc6442f217896494cad07d1d634bf4be83
2d3626e2f65eb982783a611a2bd226183d8f8a7dbdb19b3df732ba67d89d4c52
GET /wp-content/plugins/chaty/js/cht-front-script.min.js?ver=1658026073 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Fri, 15 Jul 2022 04:44:43 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14364
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
75.102.57.149200 OK 2.4 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 75.102.57.149:0
File type ASCII text, with very long lines (6475), with no line terminators
Hash 9939da8da9b306b91ddc5c68ea402d66
4cd4ea5f2dcd09fec713c36cb1c1c31ace0373b5
63b97ebb1748143ca6093d63ccdb14b2748f002df4caddfaa15c1173cb2c4942
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Sat, 16 Jul 2022 11:24:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2439
date: Fri, 30 Sep 2022 02:28:59 GMT
www.skynetcusco.com/images/skynetcusco.png
172.67.163.26301 Moved Permanently 0 B URL HTTP/1.1 www.skynetcusco.com/images/skynetcusco.png
IP 172.67.163.26:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /images/skynetcusco.png HTTP/1.1
Host: www.skynetcusco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
HTTP/1.1 301 Moved Permanently
Date: Fri, 30 Sep 2022 02:29:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Fri, 30 Sep 2022 03:29:00 GMT
Location: https://www.skynetcusco.com/images/skynetcusco.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNSj0IeezzSBsZDdoQavMZIAUdU%2B8LFygz9cDiJ0ZK%2BKF%2BP9QGOXYDMSn6O8YI95KZ1kWmLCP73sgahBrYpbZXqdlR74lTq1MkIQyNMklFAQkdlku7JAnJzzJCNtfLbZJs1BX077"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75298745c9230b59-OSL
alt-svc: h2=":443"; ma=60
www.cuscoinkasfeat.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
75.102.57.149200 OK 7.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 75.102.57.149:0
File type Unicode text, UTF-8 text, with very long lines (19138), with no line terminators
Hash a0798e1907e23a55c0f4ffebabb1fd48
aae64554a44eb45ae03b497cacfbb56b30cedade
5eb6c2a3b9c101ee2806a07fbd9177c4480db87871bef7d6a760a26dff1bd12b
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Sat, 16 Jul 2022 11:24:02 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7098
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js?ver=2.1.2
75.102.57.149200 OK 5.3 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js?ver=2.1.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (24526), with no line terminators
Hash 9e3ea9e65b8696d694c4aa2be512f9e3
f1bc43c89ebf3b12da3dac7ab95d8721aae4f2fa
51b765af54c8499264b6503ec2288a08b3753c48c416578e8808d0995a51183b
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/plugins//gmb-infobubble.min.js?ver=2.1.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Fri, 14 Jul 2017 23:40:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5261
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js?ver=2.1.2
75.102.57.149200 OK 3.2 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js?ver=2.1.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (10176), with no line terminators
Hash af08b9daf0e33a6d4b613a37f6890b49
8c073def5bdfe94cdf77f77a26c0e09bf545aef5
655666b9010be21ba292eb24761cf6cdeef3c60d81004635c5b4c2ff7aef94a9
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/assets/js/frontend/google-maps-builder.min.js?ver=2.1.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Fri, 14 Jul 2017 23:40:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3212
date: Fri, 30 Sep 2022 02:28:59 GMT
www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js?ver=2.1.2
75.102.57.149200 OK 2.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js?ver=2.1.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (976)
Hash 602b2b7cf51e177e013972c6396a71c4
876ddade634f82e62d1d4b916050537003d22693
3a2e3703291ac61af96c2590f239ffd36e888beb42d1980f8260b96cbce84857
GET /wp-content/plugins/google-maps-builder/vendor/wordimpress/maps-builder-core/includes/libraries/map-icons/js/map-icons.js?ver=2.1.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Fri, 14 Jul 2017 23:40:18 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2113
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
75.102.57.149200 OK 704 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/hoverIntent.min.js?ver=1.10.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (1464)
Hash 8a17c6b2e72d8f5e956b6dc951cad954
5ab730e86399c4e5897248b6d45bc31a6cceb81a
54923b4fd0ecc397f9c1b6a40eab70315d82edc4f5cf8dc3343e76977317771a
GET /wp-includes/js/hoverIntent.min.js?ver=1.10.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Sat, 16 Jul 2022 11:23:59 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 704
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7
75.102.57.149200 OK 4.9 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7
IP 75.102.57.149:0
File type ASCII text, with very long lines (315)
Hash a727814cbe98e2de033d15a95b5f4a05
bf95933136346683f3c3b8c385d2e24a16a0599f
ce3d30da055056766c1e94a613af0ca495b1e3c40706019d20ea04957745b88d
GET /wp-content/plugins/megamenu/js/maxmegamenu.js?ver=2.9.7 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Mon, 11 Jul 2022 01:43:19 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 4877
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14
75.102.57.149200 OK 1.9 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14
IP 75.102.57.149:0
File type Unicode text, UTF-8 text, with very long lines (3601)
Hash ac7e285d1c743f3e6f1fbf711db277cd
7c9069b68f67d20377fe2f2f19d7617addb027c3
e7f33bad76c63e9334177f862b3fad89269b6939b1dcf8a111c7319944bdc29e
GET /wp-content/plugins/masterslider/public/assets/js/jquery.easing.min.js?ver=3.2.14 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Wed, 17 Jun 2015 23:26:30 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1889
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14
75.102.57.149200 OK 36 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14
IP 75.102.57.149:0
File type Unicode text, UTF-8 text, with very long lines (32272)
Hash bf2a37b66fe58d7bf23426d2c314f846
65d47e11a23ad301b92167ad602952f3236271a2
f4044916606c6b9ed1165bd3d2dc6c7f35279ae555f26dff749fe689812cd058
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/masterslider/public/assets/js/masterslider.min.js?ver=3.2.14 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Sat, 11 May 2019 22:49:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 36007
date: Fri, 30 Sep 2022 02:29:00 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6ac97060c75238244bfa94c6c6f63e40
9a640270fe62b82a8d971472f28a150e23f3a0c2
f7c0b8dc16c4a08e73772eadf8303a509768acf9d70f132c1c1db899534d4bab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/picker/zebra_datepicker.js
75.102.57.149200 OK 7.2 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/picker/zebra_datepicker.js
IP 75.102.57.149:0
File type ASCII text, with very long lines (22846), with no line terminators
Hash 7ab126a7797f68d1a10db36bab6dbb63
0fa83e09c783be5f5b3318924f1b168a2a8786ee
f1d206fdfb73a4ff2d6f4b43cdf9551afa66f312e36055267fdcd1f35277a2b7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/CuscoInkasFeat/js/picker/zebra_datepicker.js HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Mon, 17 Apr 2017 23:48:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7152
date: Fri, 30 Sep 2022 02:29:00 GMT
www.googletagmanager.com/gtm.js?id=GTM-KCWTMKC
142.250.74.72200 OK 59 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-KCWTMKC
IP 142.250.74.72:0
File type ASCII text, with very long lines (2039)
Hash 665172bfed3c0c7029bdf48af6d4bc0b
abf6dce7426e977b185b05577ddc96df54ed6840
1bf220ac06ff87cce655af079eac3ee9253549b58b1d6158154ac2c738eb25ce
GET /gtm.js?id=GTM-KCWTMKC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 30 Sep 2022 02:29:00 GMT
expires: Fri, 30 Sep 2022 02:29:00 GMT
cache-control: private, max-age=900
last-modified: Fri, 30 Sep 2022 00:17:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 58577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tripadvisor.com.pe/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true
23.38.201.85200 OK 3.9 kB URL HTTP/2 www.tripadvisor.com.pe/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true
IP 23.38.201.85:0
File type Unicode text, UTF-8 text, with very long lines (373)
Hash 4699df9b235dd7f05f3644fa3c2d7765
6bca9b72673e17adc2dcbf51ea2994acf71bf6c0
16b67e8b05a5fed2a8de46a6f1d649dd590e122ae2aef38028070ae2c5689ac3
GET /WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
content-language: es-PE
vary: User-Agent,Accept-Encoding
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/javascript;charset=UTF-8
x-datadome: protected
accept-ch: Sec-CH-UA,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-Device-Memory
content-encoding: gzip
content-length: 3946
date: Fri, 30 Sep 2022 02:29:00 GMT
set-cookie: TADCID=ym5zQ3sNgvWFYJbuABQCFdpBzzOuRA-9xvCxaMyI13CIAp_cVnsxrd2-G_y4_DgvhLFLX9KvxHfg_yN-T9NUtjVTv4dHTbV5Jas; Domain=www.tripadvisor.com.pe; Expires=Mon, 27-Sep-2032 02:29:00 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3A57KubAv3KYDk7nWhzVPS6vln53cgl0aytNOr%2FX5eiD82jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Sun, 29-Sep-2024 02:29:00 GMT; Path=/; HttpOnly
__vt=JxdMKQ_dCbraltk5ABQCIf6-ytF7QiW7ovfhqc-AvSBlopbAuPkd0ZzjubdrotX6jSHDi7tUTzenmkQtR7y2aJnwDBKUVK0HXVigQb0Mpwp_iMxFomQWvrvSynG-Jxfocx1VCo_4k7mXqJKh5HzqV0jm; Domain=www.tripadvisor.com.pe; Expires=Fri, 30-Sep-2022 03:29:00 GMT; Path=/; Secure; HttpOnly
TASSK=enc%3AANsU9vSg18QVWyFi12sGgHgfV45qObBnaQFbA5lH9e%2BukpvyVvmfNQlo2r7g49sqgBEdO72fd2%2Bzm3RFsfwtkZpHA6G34vUEgOs3AJBsxFbRJXnSUpb4WYu4F4R2NPOQDg%3D%3D; Domain=www.tripadvisor.com.pe; Expires=Wed, 29-Mar-2023 02:29:00 GMT; Path=/; HttpOnly
TASession=V2ID.96D0096672E64453BBA48E7954EF5DDF*SQ.1*LS.WidgetEmbed-selfserveprop*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*DF.0*TRA.true; Domain=.tripadvisor.com.pe; Path=/
SRT=TART_SYNC; Domain=www.tripadvisor.com.pe; Expires=Fri, 30-Sep-2022 02:59:00 GMT; Path=/
ServerPool=A; Domain=.tripadvisor.com.pe; Path=/
PMC=V2*MS.11*MD.20220929*LD.20220929; Domain=www.tripadvisor.com.pe; Expires=Sun, 29-Sep-2024 02:29:00 GMT; Path=/; Secure; HttpOnly
TART=%1%enc%3A5O51oc1T0urCsbh5mZdhUFa%2FhdILBlZoGaplW6Z%2BAWMk27nvbvW4W%2BgQipA53MI%2FW1JxtpsONWQ%3D; Domain=www.tripadvisor.com.pe; Expires=Wed, 05-Oct-2022 02:29:00 GMT; Path=/; HttpOnly
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RS.1; Domain=.tripadvisor.com.pe; Expires=Fri, 14-Oct-2022 02:29:00 GMT; Path=/
TAUD=RDD-1664504940589-2022_09_29; Domain=.tripadvisor.com.pe; Expires=Fri, 14-Oct-2022 02:29:00 GMT; Path=/
TASID=96D0096672E64453BBA48E7954EF5DDF; Domain=www.tripadvisor.com.pe; Expires=Fri, 30-Sep-2022 02:59:00 GMT; Path=/; Secure
datadome=M~28tl4SHNPD.9XvQ9aLlk2kAsZxtEKoYiD26N3TC~5ilEnXyxeNi4_rxZ2yL0o_8U-SkmDTlDZ_S72ME0VKEg8jru_wKVxU~SkERWD7Yxe0YtdngFYc1k7EmyLypiu; Max-Age=31536000; Domain=.tripadvisor.com.pe; Path=/; Secure; SameSite=Lax
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/owl.carousel.min.js
75.102.57.149200 OK 6.5 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/themes/CuscoInkasFeat/js/owl.carousel.min.js
IP 75.102.57.149:0
File type ASCII text, with very long lines (635)
Hash e3879a4994645e6dc119e8ba6e77b848
450bc4dd4fd45220d8197ebaed251d506ba3cdb1
1fbae09ccc00bc99dc6db037525215ba7d8db1521e3bcb696d5a40cb1cd1a0b0
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/CuscoInkasFeat/js/owl.carousel.min.js HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Tue, 13 May 2014 08:48:58 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6474
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
75.102.57.149200 OK 5.0 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
IP 75.102.57.149:0
File type ASCII text, with very long lines (15660)
Hash 848f9aadf194f3d024a2a90dbd11e3b5
aecd4b03b5a7829c6ca015d926798dc95e4fa912
36ff79b2f6827e46be1df95ff739e536718c0ee4fc09462678b32d7abd60fc6c
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.0.2 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: application/javascript
last-modified: Sat, 16 Jul 2022 11:24:08 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5021
date: Fri, 30 Sep 2022 02:29:00 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 6ac97060c75238244bfa94c6c6f63e40
9a640270fe62b82a8d971472f28a150e23f3a0c2
f7c0b8dc16c4a08e73772eadf8303a509768acf9d70f132c1c1db899534d4bab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rumraisin/v20/nwpRtKu3Ih8D5avB4h2uF3iCyg.woff2
142.250.74.163200 OK 21 kB URL HTTP/2 fonts.gstatic.com/s/rumraisin/v20/nwpRtKu3Ih8D5avB4h2uF3iCyg.woff2
IP 142.250.74.163:0
File type gzip compressed data, max compression\012- data
Hash cd56b316f0e5aae8aef9630be65ff202
72799140529de4911d3ff207f1860048e105f9ce
8f4df51e04b4cab64cdf7bb5badc47f6bcc02635d8d8ea0fb0ccd068bdc5ddab
GET /s/rumraisin/v20/nwpRtKu3Ih8D5avB4h2uF3iCyg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20828
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 06:07:28 GMT
expires: Fri, 29 Sep 2023 06:07:28 GMT
cache-control: public, max-age=31536000
age: 73292
last-modified: Wed, 27 Apr 2022 16:28:00 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
142.250.74.163200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:29:11 GMT
expires: Thu, 28 Sep 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 111589
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/facebook.png
75.102.57.149200 OK 634 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/facebook.png
IP 75.102.57.149:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 82378b10a9b16af6fc2e089037660e4b
3b41821a2c28b414a727e477484d6f8ab219705c
81480cebe2ddeedde1af2e2a6f9eab352094abd78c75464705be2bcbb6e91b54
GET /wp-content/plugins/social-media-widget/images/default/32/facebook.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Fri, 14 Jul 2017 20:47:54 GMT
accept-ranges: bytes
content-length: 634
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/youtube.png
75.102.57.149200 OK 1.7 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/youtube.png
IP 75.102.57.149:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash a7f629359e02e7f5486c0a3d0de2bc2d
62a7ebd75d59a0fa06341a51be2f0836e98ccb18
78b5e23c32c684bc9079e0cadb39fd15335ad90e2cca9b3109d6aed244a3ab97
GET /wp-content/plugins/social-media-widget/images/default/32/youtube.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Fri, 14 Jul 2017 20:47:54 GMT
accept-ranges: bytes
content-length: 1715
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/instagram.png
75.102.57.149200 OK 1.8 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/social-media-widget/images/default/32/instagram.png
IP 75.102.57.149:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash a5c6fbcd9cb98158d0b0a724322e0af4
3f6cbd2b1c297c695918f60005f820c2d9f09dc2
c0a55b6bcc810d94bf80ca5be172b6df680e5a83d656da3281fa2f4fda95f1c6
GET /wp-content/plugins/social-media-widget/images/default/32/instagram.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Fri, 14 Jul 2017 20:47:54 GMT
accept-ranges: bytes
content-length: 1833
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2017/09/trip-advisor.jpg
75.102.57.149200 OK 2.6 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2017/09/trip-advisor.jpg
IP 75.102.57.149:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 50x50, components 3\012- data
Hash 4ed5d6af3878314350a450090de9802d
ae26d2163af2932df3e41d31de91f535241f3226
8e173e25b06b76550107fd691aeadc95726c2fe8127c67f2b40dfb3926ebe36f
GET /wp-content/uploads/2017/09/trip-advisor.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/jpeg
last-modified: Wed, 20 Sep 2017 18:28:10 GMT
accept-ranges: bytes
content-length: 2562
date: Fri, 30 Sep 2022 02:29:00 GMT
static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
151.101.86.83200 OK 4.9 kB URL HTTP/2 static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
IP 151.101.86.83:0
File type ASCII text, with very long lines (13794)
Hash 6b5b20d72c899450ae89def8afda6dcf
dc7b92350e476c7a34b844681b97972b0639abae
31f92617fe2e93cb6ad7b054bb9db186464030b0d3dd000097a28f8600adb725
GET /js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Thu, 04 Nov 2021 09:27:29 GMT
cache-control: max-age=31536000, immutable
expires: Thu, 17 Nov 2022 23:42:11 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/x-javascript
content-encoding: gzip
accept-ranges: bytes
date: Fri, 30 Sep 2022 02:29:00 GMT
via: 1.1 varnish
age: 27312409
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 17708
x-timer: S1664504941.745811,VS0,VE0
vary: Accept-Encoding
content-length: 4929
X-Firefox-Spdy: h2
static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
151.101.86.83200 OK 6.4 kB URL HTTP/2 static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
IP 151.101.86.83:0
File type ASCII text, with very long lines (35043)
Hash 733a7edf9894fe75f2a33c300a4a6809
295cf39de3e8d710ecacd24c31ca72cae293944f
4203dd56fb4cc67a9eefe964ae0a64436fc1e18a4a0206df78d70f63770a9f36
GET /css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Sat, 24 Sep 2022 11:29:35 GMT
cache-control: max-age=31536000, immutable
expires: Wed, 27 Sep 2023 03:25:41 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
date: Fri, 30 Sep 2022 02:29:00 GMT
via: 1.1 varnish
age: 255799
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 114
x-timer: S1664504941.746043,VS0,VE0
vary: Accept-Encoding
content-length: 6358
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
142.250.74.163200 OK 35 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:28:55 GMT
expires: Thu, 28 Sep 2023 19:28:55 GMT
cache-control: public, max-age=31536000
age: 111605
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/uploads/2017/05/inca-trail-en.png
75.102.57.149200 OK 8.3 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2017/05/inca-trail-en.png
IP 75.102.57.149:0
File type PNG image data, 308 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash a895ba90b383d4cade1d0dc5870afa8a
deeb1f6ba43f94ec48dbd295352efc4f5f92e101
e638bc2e73e1f721f743c6e731497f2846e4951748cce16618b5a40e451d21b0
GET /wp-content/uploads/2017/05/inca-trail-en.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Wed, 10 May 2017 18:48:04 GMT
accept-ranges: bytes
content-length: 8328
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
75.102.57.149200 OK 2.7 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif
IP 75.102.57.149:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 214f3c5ef3de8b01b2fe67da6ccfc7e7
e3839756e2515361eb5bedaed9919d4ca53f7b8f
014e4b61c8d6dbafa792dbccb03d65d38675a32a8bde54f45a6e00b6805dd57a
GET /wp-content/plugins/masterslider/public/assets/css/common/loading-2.gif HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/gif
last-modified: Sat, 11 May 2019 22:49:48 GMT
accept-ranges: bytes
content-length: 2707
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/blank.gif
75.102.57.149200 OK 43 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/blank.gif
IP 75.102.57.149:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /wp-content/plugins/masterslider/public/assets/css/blank.gif HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/gif
last-modified: Sat, 11 May 2019 22:49:48 GMT
accept-ranges: bytes
content-length: 43
date: Fri, 30 Sep 2022 02:29:00 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4929
Expires: Fri, 30 Sep 2022 03:51:09 GMT
Date: Fri, 30 Sep 2022 02:29:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 139d64e28724086d1d5ab6d2f534ff25
2c717905e83564a17bd8ca61dd934133416f629b
a37afafc8ee712ae7ae935d3ed564f3cf46dd09005debbc5e2650f8b434d1e00
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A37AFAFC8EE712AE7AE935D3ED564F3CF46DD09005DEBBC5E2650F8B434D1E00"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4929
Expires: Fri, 30 Sep 2022 03:51:09 GMT
Date: Fri, 30 Sep 2022 02:29:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25b92064116b129f71965069f247c50c
59c648aefd1049ce6fc899262ee3aadb16cb18d3
672a701dbd5bb1c2a0ead5940425c43245c50a2f473a3436bc533038a555af84
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24cef79d-42ec-48b2-836a-cadc1834ec49.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5928
x-amzn-requestid: 12165671-e125-4a12-812d-6de3a5caf393
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPegcGENIAMFy6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361135-26257c394a1b2c315a721720;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:42:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1-qHCG-GfLqZIXBO9NI8eJnHv3VwDljUdVkasRG8g_Y5BQv2xspdXQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:02:44 GMT
age: 15976
etag: "59c648aefd1049ce6fc899262ee3aadb16cb18d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da2bb5dc3c41d9956752c2e7a72c6eb6
d9c7b0dea148896017492aad6c02ca6fadf17ebb
28b08565a224d8bd81e3cbb65f2e70a9025d67af5e4cff9cbd673aa416de8aa7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F95b5f6af-0368-4914-a31b-9637ad00feda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5754
x-amzn-requestid: dfa32296-9f66-4237-b8fe-9353a1920f71
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZaGpZoAMFjcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-0a6fed7e2f3a80cd7579de93;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 1CYVveZybLOpAwvniJLvUxJJOil9CA1b6hut46pxcB6p_iqvmQTwoA==
via: 1.1 2ecd59b4298afe9d7bb9266870458a74.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 22:21:09 GMT
age: 14871
etag: "d9c7b0dea148896017492aad6c02ca6fadf17ebb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:42:04 GMT
age: 17216
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d21d2bdcedbd619a80017054076319f9
86dd3bf133e9eddf8852f39e1ee695ee599ac886
fc5672d5a8e9c6a5ec531f7ba05b65c192af37edf6c3a48105df3685de44ec0d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98c23448-09e3-4c05-86c5-dafbe6ca8a0e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8059
x-amzn-requestid: f8bb9e4b-9f3c-47ba-8524-de16155e536d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZNepwHAVoAMFvNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633544a4-5d884e29378635b60592b618;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 07:09:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NMiKZSkokVXNTV76vsVJ7VEu6YFfT9MqL7tHtT8CwZq0BwTbXOpm6Q==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 07:14:42 GMT
age: 69258
etag: "86dd3bf133e9eddf8852f39e1ee695ee599ac886"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b8d0a19bc0a56bb40a975c5c71af05a
3248ca3a8b88efd5be8499898fce957d096cf211
da44d6dd845dc400b0b76f19c67e5a79d9359ce24fe5e4490477f195b23203b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe12af206-9f17-40de-9764-14d3cdcb4d2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: 6aca2e04-02b4-4e42-8bba-9bbe2ace1ed0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPeLrGq1oAMFuAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610b0-65b0664d0233107029ef0157;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: AJBSzj2-oh3i6UOpOUtGTcsdTFfHlZhIQchgvcnIeF-4mnNKRly5HQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:47:14 GMT
etag: "3248ca3a8b88efd5be8499898fce957d096cf211"
content-type: image/jpeg
age: 16906
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92adf4a1167591fe092a2ee8871df6cf
2a6ac7433a03249398daa4b2cba3359e8d35f8f8
d01207d858c49c41779c64221cae37855c70ffe3dd9c0fab299bf20e23cd2cce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7bce41c-9706-4324-8a06-1509b48a771d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6616
x-amzn-requestid: 40a8fe67-c47d-4337-a262-5ae47883b224
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPePpHJVIAMF8Bw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633610ca-51c57d2247517e3a71a2917c;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:40:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _0Wt5ZQYsLS2tTdpdnmxxAiogPG9g_rGkdTisLB8AIdmTRyI5FRvYw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:43:42 GMT
age: 17118
etag: "2a6ac7433a03249398daa4b2cba3359e8d35f8f8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/common/grab.png
75.102.57.149200 OK 189 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/common/grab.png
IP 75.102.57.149:0
File type PNG image data, 16 x 16, 2-bit colormap, non-interlaced\012- data
Hash d717e2539bf1249f1cab65404f7dc8b9
3b096b6e5c09b0438ca6d38f34b754de3ae8c826
31eb6ff40a2336987e2e67319b0a130a8e48475f626f533ebd29fef1ef4b2599
GET /wp-content/plugins/masterslider/public/assets/css/common/grab.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Sat, 11 May 2019 22:49:54 GMT
accept-ranges: bytes
content-length: 189
date: Fri, 30 Sep 2022 02:29:00 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2017/04/LOGOINCAS2.png
75.102.57.149200 OK 92 kB URL HTTP/2 www.cuscoinkasfeat.com/wp-content/uploads/2017/04/LOGOINCAS2.png
IP 75.102.57.149:0
File type PNG image data, 490 x 111, 8-bit/color RGBA, non-interlaced\012- data
Hash 9a95355a6c2ea43923f7e6c54b2cd4ba
b1ba2af92967235c1640adb5d8475c826612f175
fe627f307bdd5cb8b9a7117bcb1171cb97f7152ca1f9cc5ed473e3ef28284d55
GET /wp-content/uploads/2017/04/LOGOINCAS2.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Thu, 08 Feb 2018 18:21:28 GMT
accept-ranges: bytes
content-length: 92024
date: Fri, 30 Sep 2022 02:29:00 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png
75.102.57.149200 OK 1.1 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png
IP 75.102.57.149:0
File type PNG image data, 152 x 225, 8-bit colormap, non-interlaced\012- data
Hash 039ea27b7f656c4cc6074f9f2abd6e02
9ecdfed048f103b61a6a786a43e5a2b2e5d1bab9
c0672a790b2a9eada03bc26b0eaf3d9aaeb0e627dd7bcf30d82cf9350e8c5282
GET /wp-content/plugins/masterslider/public/assets/css/skins/light-skin-1.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/wp-content/plugins/masterslider/public/assets/css/masterslider.main.css?ver=3.2.14
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Sat, 11 May 2019 22:49:54 GMT
accept-ranges: bytes
content-length: 1082
date: Fri, 30 Sep 2022 02:29:00 GMT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdd6cc32fbdb5603995e45c2cba3bd60
3e5338633410c2714fa9c44ef5528c9a4cfa59c9
103af480989f65c65190deee9d9af15a94b98d040858b50647e694e628cfef4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 768
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Last-Modified: Fri, 30 Sep 2022 02:16:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdd6cc32fbdb5603995e45c2cba3bd60
3e5338633410c2714fa9c44ef5528c9a4cfa59c9
103af480989f65c65190deee9d9af15a94b98d040858b50647e694e628cfef4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 768
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Last-Modified: Fri, 30 Sep 2022 02:16:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/es_LA/sdk.js
31.13.72.12200 OK 1.7 kB URL HTTP/2 connect.facebook.net/es_LA/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (1961)
Hash 56cf93866e7c676dd380dc82982d7d0b
7858863c2cc249b521350f0279f9945e56fdc2e0
5c6d82ea7a6c3bbbe615640eb69d1dc467c430af30140a08ba630f79762e610e
GET /es_LA/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 637a9ae2fbd5a454bdea95e492a5b765
etag: "790f2759a42dbb48a0d61669e22882aa"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Fri, 30 Sep 2022 02:34:23 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: Vs+Thm58Z23TgNyCmC19Cw==
x-fb-debug: IOFJNwgmvQKvxQx55XReYd94P9Phnirg8BeZFeKFTz2abt1HEzQEiw7QARSAQqZV0RGRU/7/ydN0aRY7SJn9hA==
priority: u=3,i
content-length: 1686
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Fri, 30 Sep 2022 00:41:09 GMT
expires: Fri, 30 Sep 2022 02:41:09 GMT
cache-control: public, max-age=7200
age: 6472
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 254cce7ebdf47f4c681ad3d5e22fee04
21ef3d38029b8c76262a70ff813dccce63434eda
a316352726e25710020ff342d7d907ee2a39d3f643a00e52b88b4b8cabbca9bf
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e1327a02d76346c7e23d114e4e508b30
195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3
331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 82vvn/6pi68J3raXw7/nlFt8zcCYbO1WwdUk3y+rr7Qc23s1N7ojaRwBh0JVXZXgFB3VRiXgaOg/FWhKET76xg==
content-length: 26840
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 8766c5a801f08afceca9b66ff9097e6a
ce7640d1d166eddeb9d40be642ec34652f790713
f448f99b4ad9a9b50daa9c38054cf16ab2b9fcb5d83ddad60571fb6a8a432a99
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 30 Sep 2022 02:29:01 GMT
expires: Fri, 30 Sep 2022 02:29:01 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 17557423932572341828
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15187
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash bdd6cc32fbdb5603995e45c2cba3bd60
3e5338633410c2714fa9c44ef5528c9a4cfa59c9
103af480989f65c65190deee9d9af15a94b98d040858b50647e694e628cfef4f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 768
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Last-Modified: Fri, 30 Sep 2022 02:16:13 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 68332d861224030707a1e197a1851d3b
8f94bee805e1d462bd22ff076890500aea641650
9dcf9756d49b596989a5025b18b21f105184acda7060f7f8556c5531b74789f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/es_LA/sdk.js?hash=f1afc21f77676262690cfd7be7c0d54c
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/es_LA/sdk.js?hash=f1afc21f77676262690cfd7be7c0d54c
IP 31.13.72.12:0
File type ASCII text, with very long lines (13260)
Hash 73ba6610517456afeb0d0c322ac26f22
1e2d66e6379fcab765ba79feaa09a123211dee5b
d5ce40eb964fb46fafa4245b77a94264e3decf2d4bcc696ab71b7febf941c9b6
GET /es_LA/sdk.js?hash=f1afc21f77676262690cfd7be7c0d54c HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 13fe214e139195f92ee8c11444817007
etag: "2ea0b19ed6b0623525ab1123ba93a760"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sat, 30 Sep 2023 00:54:11 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: c7pmEFF0Vq/rDQwyKsJvIg==
x-fb-debug: 8VnYDuTuhAZEUkysVgw0Cs2ilS6ygbbRZxrFKEs5Xw0JRb7onMmM+2HLZpFyxorO/2A427kXyVlsfocdnrma2w==
content-length: 87414
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:01 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 02:29:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 02:44:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
142.250.74.98200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1
IP 142.250.74.98:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&fmt=3&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&ct_cookie_present=1&async=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 02:29:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 30-Sep-2022 02:44:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e45ed0e014d302b7e4d21520228f1ef
86e935f08f4217126f75d13a516ac049f23637a8
22366c353b6dbdd94f0efdf1163318b4e12476c8d7360c70e56b58650004a84c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e45ed0e014d302b7e4d21520228f1ef
86e935f08f4217126f75d13a516ac049f23637a8
22366c353b6dbdd94f0efdf1163318b4e12476c8d7360c70e56b58650004a84c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-conversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1664504938598&cv=9&fst=1664504938598&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 02:29:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
142.250.74.3200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP 142.250.74.3:0
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1664504938593&cv=9&fst=1664504938593&num=1&value=1&label=mOgjCNXnj3UQiPuLjgM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2wg9s0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat%20Cusco%20Inkas%20Feat&auid=403215090.1664504938&hn=www.google.com&bttype=purchase&gcp=1&sscte=1&ct_cookie_present=1&async=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 02:29:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash ecbbfb2f255dc4b33f85b26000dfe7ff
d764f67263f72988d44442c80adc72f25bebd02b
d523bf0d71f08c9bde753eecf562f997169b07401ad15c061a8b87447675d285
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6e45ed0e014d302b7e4d21520228f1ef
86e935f08f4217126f75d13a516ac049f23637a8
22366c353b6dbdd94f0efdf1163318b4e12476c8d7360c70e56b58650004a84c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=776777652494694&ev=PageView&dl=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&rl=&if=false&ts=1664504938850&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664504938849.1175871926&it=1664504938607&coo=false&rqm=GET
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776777652494694&ev=PageView&dl=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&rl=&if=false&ts=1664504938850&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664504938849.1175871926&it=1664504938607&coo=false&rqm=GET
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776777652494694&ev=PageView&dl=http%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F0b206d7dab7698e0264cbedbcd0ec9dc%2Fenterpassword.php&rl=&if=false&ts=1664504938850&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1664504938849.1175871926&it=1664504938607&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Fri, 30 Sep 2022 02:29:02 GMT
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen4.png
75.102.57.149200 OK 2.6 MB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen4.png
IP 75.102.57.149:0
File type PNG image data, 1920 x 699, 8-bit/color RGBA, non-interlaced\012- data
Size 2.6 MB (2593989 bytes)
Hash a73b7383de163edd818d3f8ce0524445
cb215948f6bc8c2ddbdadd5ab2feb853c6a9ec13
6e1149afca0d85f708594eec68b14afd22aec1d3ea1d8aeaf64defff0a9b7bb9
GET /wp-content/uploads/2022/07/imagen4.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:00 GMT
content-type: image/png
last-modified: Tue, 12 Jul 2022 05:09:40 GMT
accept-ranges: bytes
content-length: 2593989
date: Fri, 30 Sep 2022 02:29:00 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4cac07a6b43c2c45dbdd3dcbf8856e4
985130ebc2d64abc30a0673061e6f73e5a4f02a4
8945a690f41c23b6411950f9bbdb51becf8c48e363a715af38984d45085f9904
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-104113785-37&cid=1729437903.1664504939&jid=289986406&gjid=178312311&_gid=657051911.1664504939&_u=YEBAAAAAAAAAAC~&z=1792288648
64.233.165.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-104113785-37&cid=1729437903.1664504939&jid=289986406&gjid=178312311&_gid=657051911.1664504939&_u=YEBAAAAAAAAAAC~&z=1792288648
IP 64.233.165.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-104113785-37&cid=1729437903.1664504939&jid=289986406&gjid=178312311&_gid=657051911.1664504939&_u=YEBAAAAAAAAAAC~&z=1792288648 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://www.cuscoinkasfeat.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 30 Sep 2022 02:29:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.tacdn.com/css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023
151.101.86.83200 OK 26 kB URL HTTP/2 static.tacdn.com/css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023
IP 151.101.86.83:0
File type Web Open Font Format (Version 2), TrueType, length 26252, version 1.0\012- data
Hash 2d0c909fe09ed8ef77056363d8963d2e
f81b7dc1acf5a2c25e46a893be5fe09622716d70
b182c7fce760e8851d7e91095237ff86a4f7036c78ddf4107ead869ff2f3502a
GET /css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023 HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://static.tacdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Wed, 14 Sep 2022 11:30:34 GMT
cache-control: max-age=2592000, immutable
expires: Thu, 27 Oct 2022 23:14:18 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/font-woff2
accept-ranges: bytes
date: Fri, 30 Sep 2022 02:29:02 GMT
via: 1.1 varnish
age: 184484
x-served-by: cache-bma1656-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664504942.179402,VS0,VE1
vary: Accept-Encoding
content-length: 26252
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f4cac07a6b43c2c45dbdd3dcbf8856e4
985130ebc2d64abc30a0673061e6f73e5a4f02a4
8945a690f41c23b6411950f9bbdb51becf8c48e363a715af38984d45085f9904
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 30 Sep 2022 02:29:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tripadvisor.com.pe/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
23.38.201.85200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com.pe/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
IP 23.38.201.85:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bf29758e41903e1fabdc4a19c89bac9b
1ff70aca18e5d207268b7888d56ab2a897909ff8
6936f35bf6375797c7d4a526dd6bfdf2a5f3d0dfb4e4d1e9e292ce31bc45702c
GET /img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Fri, 30 Sep 2022 14:29:02 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/svg+xml
content-encoding: gzip
vary: Accept-Encoding
content-length: 2315
date: Fri, 30 Sep 2022 02:29:02 GMT
set-cookie: TADCID=So7WrjrfZ2QbOP2wABQCFdpBzzOuRA-9xvCxaMyI13CIAgcDluPjEhmoxawCmLkYSq6nj_utBFvYenPGc7JNDoBU4B5SV7Q-DAI; Domain=www.tripadvisor.com.pe; Expires=Mon, 27-Sep-2032 02:29:02 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AiaRSkOpNxdHk7nWhzVPS6vln53cgl0ayzB4KQCXWUd42jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Sun, 29-Sep-2024 02:29:02 GMT; Path=/; HttpOnly
__vt=YBSlKxhFD5vvhAFZABQCIf6-ytF7QiW7ovfhqc-AvSBlohw0lbZKkF2jAu7fkSucHlEHhrTplJBmtzvXCMagc23hokEQ6anh8oWyzUez8TPB0_rbBub4FZqHw0UzHxili67qfxQ7QWh2adNKRkJfRTrv0g; Domain=www.tripadvisor.com.pe; Expires=Fri, 30-Sep-2022 03:29:02 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.083AFF86E375FC80924F53CD6F2FF689*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com.pe; Path=/
ServerPool=X; Domain=.tripadvisor.com.pe; Path=/
TACds=A.1.11900.2.2022-09-29; Domain=.tripadvisor.com.pe; Expires=Tue, 29-Nov-2022 02:29:02 GMT; Path=/
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/SzA6h5SgI0d.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 5.2 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/l/0,cross/SzA6h5SgI0d.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4093)
Hash 98473014608fc6a36d9a1c68adadda79
e6fa9bf8314c7ae0647de97f23899ceab893cc4f
40f9a6768668c831cae579259562b366ebad8dac30cf8ddc1acb23bceabfb6b1
GET /rsrc.php/v3/yx/l/0,cross/SzA6h5SgI0d.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 15:26:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: mEcwFGCPxqNtmhxora3aeQ==
x-fb-debug: kYNtTUp2qMKdv5ONHzeNw0PZZ1ufnc/HN5ypjIJZl7irwajfstMYyboaimtCZIryqf2dKjm9Di7i0hHtq42LxQ==
content-length: 5244
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sun, 17 Sep 2023 02:34:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: yHaVsWKUn5XaCek7JWQWqBHp73k4n7rZGOKYjUAlCOgsl3pJ5HBerO7+9gE7Ns+HF/UbPGzI6RNEuJW+jkzCFw==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yg/r/qWyuKHkWMI_.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yg/r/qWyuKHkWMI_.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (18678)
Hash 650d14c26a3a94de9cae92a15b991b26
6377ad99590550d3a7a18852304cb79e6969e99e
223295fd2b578b9e87a6cd8053257739a6de618661b056288b5344fba5a4331c
GET /rsrc.php/v3/yg/r/qWyuKHkWMI_.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Sep 2023 03:21:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: ZQ0Uwmo6lN6crpKhW5kbJg==
x-fb-debug: AlZxSNC7kXDEbZCF9rpOzgG4zdc2yn5i91U7Gz0IV5tkID4YjzCU2s5tWiU6DXKb+rD5tmX4ElVUaAw2SqBXIw==
content-length: 91390
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2052)
Hash 883efc20b86990fd486fab545ffc08f4
da322dda14a98744e03655dcf0da9482b4b1e1d0
e207751970ef4bf6e0a64da5e9480ab3b1ee86408a7904796e2f6e225f8ee612
GET /rsrc.php/v3/yL/r/DJIek1tT3RT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 02:25:51 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: iD78ILhpkP1Ib6tUX/wI9A==
x-fb-debug: bGdyRilnGVbI9X9ilWbzNRvdZd52GMMetGx3v/WO4Ts2nqYzQb/RAtlXGsemltVNAZYBqB8iPbG+PolGcIjgvQ==
content-length: 1689
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yi/r/gh6KD81CRwR.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yi/r/gh6KD81CRwR.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (5610)
Hash 38acdbd9bc64721ebf58dbf8738ece4c
6a74ec70f2ac9668bd8df1e92046d876ee9e4577
e22b3ef7264486b7e1b11d876e47ff36459544a181500d05291abcba1f6d4f36
GET /rsrc.php/v3/yi/r/gh6KD81CRwR.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 01:10:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: OKzb2bxkch6/WNv4c47OTA==
x-fb-debug: srFczQcAeLag39fXT7KYszTbMcBcIOQG1I13/WKGynoNJwWOq2xgZPreD5sG+gF3p6KzZ/PQz1LgZfU9ThV6Aw==
content-length: 12347
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yj/r/dRhHItuNxnM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yj/r/dRhHItuNxnM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type C source, ASCII text, with very long lines (8328)
Hash 97a7d07de1ce26959be1d867464c5f0f
dbfc78d440f77fe48f54a8f271eb27a370ce1b2c
376b0a3b88be4dbe96010ca88ffc6c0cdb5df8ad4bc70e8ee3e5986005ca3e6e
GET /rsrc.php/v3/yj/r/dRhHItuNxnM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 01:10:34 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: l6fQfeHOJpWb4dhnRkxfDw==
x-fb-debug: OiKnoYmruk5C83kRCLCXF1gAPHnXpPgy7lxEUOgyY5GFG0cOWRadqROsKlOchofi9FOJ35DCidc02CNhflzJSw==
content-length: 16277
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yh/r/5tfudSq88QM.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 9.0 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yh/r/5tfudSq88QM.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (9954)
Hash 9aa4bfb7b1054d0b9d485ca4d9eecfdb
8ea4f7d9233e45e13466b5a4a0b8c0de5952e381
71383964c4bba690dfabd879592947e781a82d140f81c4b3794cbe9526e36d2d
GET /rsrc.php/v3/yh/r/5tfudSq88QM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 27 Sep 2023 00:02:40 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: mqS/t7EFTQudSFyk2e7P2w==
x-fb-debug: TMNGIQxzQVpt8xNahgHpzobU2HvlCRtIz7cNdhMGsNEL04GbCgc+ObQNPcem2e/HZU/FEjBgHYyr/yl3WO8ZuA==
content-length: 9041
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iLA-4/yQ/l/es_LA/eSSgSlla1PA.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 8.5 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iLA-4/yQ/l/es_LA/eSSgSlla1PA.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (2973)
Hash ec153d2bbcd24602f76b55b3ab6dd3f1
7891633e2ecdc2994b05c4149534f063cd28679b
473e25b9aa2f90342e7f84717bce899b8331bbef12d30847b8f4966f81fc5b53
GET /rsrc.php/v3iLA-4/yQ/l/es_LA/eSSgSlla1PA.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 29 Sep 2023 02:25:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7BU9K7zSRgL3a1Wzq23T8Q==
x-fb-debug: 1LbaoQKRECWH7Rb9jAAqz8PgPDqNecBNA6ZFkfUE8kJVSM8QuRrI7JL45aETxWlrcnuikfMEk1WiTosNeTaaSA==
priority: u=3,i
content-length: 8455
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 336 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (325)
Hash f82d8f615a2484f0c5c4e4e0f55e8b5d
c1c8ea5d697e2286b0a2bac7b3515a29b7f4cb28
91041f394721520d4dd5a33b28525d50da16e0fda08e102d971148fef1609dd2
GET /rsrc.php/v3/y8/r/SixM03AXEw8.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 21 Sep 2023 14:33:25 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +C2PYVokhPDFxOTg9V6LXQ==
x-fb-debug: PL/1v7u2zeUJCPtR5Fqkb+oliCSU8wChqZvaW8uoaDsaAGOw07YaNclMGsQlbxRKtpNFy3uDnmKGh4k1xHEY3g==
priority: u=3,i
content-length: 336
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iWO94/ye/l/es_LA/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 23 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iWO94/ye/l/es_LA/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (42122)
Hash b03bdbbe05ef4077543cd6d56a07d6d1
3be43a931c31d91fe114f6a6c509437bdf92b72d
89daff6568679f2e3ab232a1945c07ee021fb75eae24e439dbf6f16090370a66
GET /rsrc.php/v3iWO94/ye/l/es_LA/DFz2q585Cjs.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 21 Sep 2023 16:49:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: sDvbvgXvQHdUPNbVagfW0Q==
x-fb-debug: TZUJ9ukI20b5yN0muVGo/3Re7gJOMl2+zvzn3yTEyjl42jUffH5Irn9ZTLmg8ElwXzZ6zRQsTV2lriPARDboNA==
content-length: 23449
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz
31.13.72.12200 OK 7.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz
IP 31.13.72.12:0
File type ASCII text, with very long lines (4129)
Hash d9b4301abe1b60a35b4d2ceff6a63f38
cbd680fb7b1618610b5c82a54ecf9bc328ed4cef
8613497153ce25fae5e92250807b1526f10adb670fb7ea13c2dad89cbe375f18
GET /rsrc.php/v3/y3/r/cPcKznvPj72.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 20 Sep 2023 13:44:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 2bQwGr4bYKNbTSzv9qY/OA==
x-fb-debug: SoJa+Ca4BCOnrW0d733NpsaiDnN1wC3lth4CBhW7gh8Ba0Y0HvauW075bq63F/BUlhSjRUWZ1oWoU3gPTE/xjA==
priority: u=3,i
content-length: 7308
x-fb-trip-id: 1904183273
date: Fri, 30 Sep 2022 02:29:02 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/uploads/2017/04/machu-picchu-cusco-inkas-feat.jpg
75.102.57.149200 OK 404 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2017/04/machu-picchu-cusco-inkas-feat.jpg
IP 75.102.57.149:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1920x700, components 3\012- data
Size 404 kB (403592 bytes)
Hash bda6b23011005269e4b694b9f025da48
9b0fb9a8f5d50ab1ff1ca0ee45094afa0704224c
4622214efb2d6221de8562f6678dceb79f30838736aa1c58b6c69d47824ec484
GET /wp-content/uploads/2017/04/machu-picchu-cusco-inkas-feat.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:02 GMT
content-type: image/jpeg
last-modified: Thu, 13 Apr 2017 22:00:14 GMT
accept-ranges: bytes
content-length: 403592
date: Fri, 30 Sep 2022 02:29:02 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen1.png
75.102.57.149200 OK 2.9 MB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen1.png
IP 75.102.57.149:0
File type PNG image data, 1920 x 699, 8-bit/color RGBA, non-interlaced\012- data
Size 2.9 MB (2859627 bytes)
Hash 094a4545afe3cfdf433981878ef66d91
022f9c4d85cb9d125de6c3f29bd7df05672be270
d8c13e01418403656e45ef7c49edd909aeb8fbef634605f6a9280416e8567814
GET /wp-content/uploads/2022/07/imagen1.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:02 GMT
content-type: image/png
last-modified: Tue, 12 Jul 2022 05:11:41 GMT
accept-ranges: bytes
content-length: 2859627
date: Fri, 30 Sep 2022 02:29:02 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-PATA.jpg
75.102.57.149200 OK 1.0 MB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-PATA.jpg
IP 75.102.57.149:0
Size 1.0 MB (1048940 bytes)
Hash 9ee97029d3c176336d1e69422392fd71
87392a3140dcaac3fd0a6d1222769811a2485090
d2ef383ab46f6e42efa778017e8ba5ed54a14a6eb7024592ff4413e0cb887f66
GET /wp-content/uploads/2019/09/BANNER-PATA.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:02 GMT
content-type: image/jpeg
last-modified: Wed, 04 Sep 2019 23:27:04 GMT
accept-ranges: bytes
content-length: 1048841
date: Fri, 30 Sep 2022 02:29:02 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-P2.jpg
75.102.57.149200 OK 1.2 MB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-P2.jpg
IP 75.102.57.149:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3\012- data
Size 1.2 MB (1240096 bytes)
Hash c7804551bf2130787e5069afd54b6c36
8572281d733250123a6db27c0f257405d901607d
1744999069a6acdf3b9f79a2e14fd05062141e329cd799bc38331f1e22aeb51b
GET /wp-content/uploads/2019/09/BANNER-P2.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:03 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2019 23:46:32 GMT
accept-ranges: bytes
content-length: 1240096
date: Fri, 30 Sep 2022 02:29:03 GMT
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/302153006_3192952191018803_941306633874363146_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=q5c1Ju9n3BkAX_jLwqX&_nc_ht=scontent-lhr8-2.xx&oh=00_AT8EevojrsGvECLozG_ajKxSG6RanGQYS1DqQg9WkzflBw&oe=633A5C3D
157.240.214.11200 OK 5.9 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/302153006_3192952191018803_941306633874363146_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=q5c1Ju9n3BkAX_jLwqX&_nc_ht=scontent-lhr8-2.xx&oh=00_AT8EevojrsGvECLozG_ajKxSG6RanGQYS1DqQg9WkzflBw&oe=633A5C3D
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x147, components 3\012- data
Hash 7d978bb012779638bb96f098466f4d33
9c184f206470c5ecf079a623876407c4db0cf47d
28f68abc75cdd2d264939c3e9405d91f1cb12cdcc995df67e76e3cb97d31a253
GET /v/t39.30808-6/302153006_3192952191018803_941306633874363146_n.jpg?stp=dst-jpg_p110x80&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=q5c1Ju9n3BkAX_jLwqX&_nc_ht=scontent-lhr8-2.xx&oh=00_AT8EevojrsGvECLozG_ajKxSG6RanGQYS1DqQg9WkzflBw&oe=633A5C3D HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 29 Aug 2022 08:29:29 GMT
x-haystack-needlechecksum: 2676316879
x-needle-checksum: 1913359608
content-type: image/jpeg
content-digest: adler32=1920768182
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 5924
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9CZ_2Zxx-VLzEojygAW3wFijD74aLE6SFEmMViGb3W4Q&oe=633AE6B8
157.240.221.16200 OK 31 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9CZ_2Zxx-VLzEojygAW3wFijD74aLE6SFEmMViGb3W4Q&oe=633AE6B8
IP 157.240.221.16:0
File type JPEG image data, baseline, precision 8, 352x640, components 3\012- data
Hash 990e9323cba76e5d92009ca2c7ff0725
f4752de44d4ba7311c5697409f270e44d14e9740
7271e7f889d07ae665b48cfc48e0af59f277414142213130bc217301588bb224
GET /v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?_nc_cat=103&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9CZ_2Zxx-VLzEojygAW3wFijD74aLE6SFEmMViGb3W4Q&oe=633AE6B8 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:49:59 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 2245871325
x-needle-checksum: 607417271
content-digest: adler32=607417271
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 30852
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/302076533_3192951991018823_2128080056388991779_n.jpg?stp=dst-jpg_s240x240&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=NVSs9avUwhcAX84u4FG&_nc_ht=scontent-lhr8-2.xx&oh=00_AT80_lz2dOTVj-FPV1VnLulGaQ1FdS3GpEg0jpd5uzEmZQ&oe=633A96BA
157.240.214.11200 OK 7.4 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/302076533_3192951991018823_2128080056388991779_n.jpg?stp=dst-jpg_s240x240&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=NVSs9avUwhcAX84u4FG&_nc_ht=scontent-lhr8-2.xx&oh=00_AT80_lz2dOTVj-FPV1VnLulGaQ1FdS3GpEg0jpd5uzEmZQ&oe=633A96BA
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 108x240, components 3\012- data
Hash 436a8a8bdf2a14d65b73ed2a7b3dd7d1
3195ddc80fb4813e454cf4f7904b50d7c2d60004
5febaa0128ec5b254b3f9d60bcf371ed94fbce3be1b2645c4ea78649fbb358bf
GET /v/t39.30808-6/302076533_3192951991018823_2128080056388991779_n.jpg?stp=dst-jpg_s240x240&_nc_cat=104&ccb=1-7&_nc_sid=110474&_nc_ohc=NVSs9avUwhcAX84u4FG&_nc_ht=scontent-lhr8-2.xx&oh=00_AT80_lz2dOTVj-FPV1VnLulGaQ1FdS3GpEg0jpd5uzEmZQ&oe=633A96BA HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 29 Aug 2022 08:29:16 GMT
x-haystack-needlechecksum: 1278794560
x-needle-checksum: 456220280
content-type: image/jpeg
content-digest: adler32=979179705
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 7415
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/304518113_3194789034168452_7808893748297006244_n.jpg?stp=dst-jpg_p235x165&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=l8sdgS_MBFEAX_hlugB&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-vTGJMek0UpoUavy8ZstzEbZGfLHdm-2m7iGaSJb-56A&oe=633AB0DF
157.240.221.16200 OK 10 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/304518113_3194789034168452_7808893748297006244_n.jpg?stp=dst-jpg_p235x165&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=l8sdgS_MBFEAX_hlugB&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-vTGJMek0UpoUavy8ZstzEbZGfLHdm-2m7iGaSJb-56A&oe=633AB0DF
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 293x165, components 3\012- data
Hash 80c7085d63d48a69064580728fdf87f9
8868e4ec47b6257509abed45181ee2f27efe7f84
506c9ddb562b6200890b415bc5d6bcc4aa6aacf989c962aceff37f0bc5ef93ab
GET /v/t39.30808-6/304518113_3194789034168452_7808893748297006244_n.jpg?stp=dst-jpg_p235x165&_nc_cat=100&ccb=1-7&_nc_sid=110474&_nc_ohc=l8sdgS_MBFEAX_hlugB&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-vTGJMek0UpoUavy8ZstzEbZGfLHdm-2m7iGaSJb-56A&oe=633AB0DF HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 31 Aug 2022 17:50:42 GMT
x-haystack-needlechecksum: 3087779680
x-needle-checksum: 3679096715
content-type: image/jpeg
content-digest: adler32=1468774831
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 10215
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?stp=dst-jpg_s526x395&_nc_cat=102&ccb=1-7&_nc_sid=08861d&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9xBH7YbeTojpZKcv-jW3FsZNNzh1-U-DE19vOlkvuY9w&oe=633B9874
157.240.214.11200 OK 16 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?stp=dst-jpg_s526x395&_nc_cat=102&ccb=1-7&_nc_sid=08861d&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9xBH7YbeTojpZKcv-jW3FsZNNzh1-U-DE19vOlkvuY9w&oe=633B9874
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 217x395, components 3\012- data
Hash aa794f1df37bd2544cedfebac1fb1290
4e8df768edb8e3382e1909929b205336e97500d5
715160ddb349493fe9efa2e0131fbc7ec9cd3ace361a35d3eb0a62ade0a8a03f
GET /v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?stp=dst-jpg_s526x395&_nc_cat=102&ccb=1-7&_nc_sid=08861d&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9xBH7YbeTojpZKcv-jW3FsZNNzh1-U-DE19vOlkvuY9w&oe=633B9874 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:50:01 GMT
x-haystack-needlechecksum: 3604015441
x-needle-checksum: 1194864041
content-type: image/jpeg
content-digest: adler32=1191297194
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 15725
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302885645_3194788987501790_2444424756544458094_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=1IqHgweg_HgAX_pRvjF&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-NYZPcOQvms-cvUf7FJiBzkckIHVbOZp-zrCynJjBPkQ&oe=633BFF03
157.240.221.16200 OK 17 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302885645_3194788987501790_2444424756544458094_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=1IqHgweg_HgAX_pRvjF&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-NYZPcOQvms-cvUf7FJiBzkckIHVbOZp-zrCynJjBPkQ&oe=633BFF03
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 197x350, components 3\012- data
Hash a9152e46ffaf61750617b7a13d024ad1
b9585208f2a4d4c4eb45e2bfb4e8d62f6103ba3e
4a4bb2f07fd7807554df87ff98310c5cf0a57ef6f3a88fd5dbfa890906ef3588
GET /v/t39.30808-6/302885645_3194788987501790_2444424756544458094_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=1IqHgweg_HgAX_pRvjF&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-NYZPcOQvms-cvUf7FJiBzkckIHVbOZp-zrCynJjBPkQ&oe=633BFF03 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 31 Aug 2022 17:50:39 GMT
x-haystack-needlechecksum: 2553408240
x-needle-checksum: 4172059461
content-type: image/jpeg
content-digest: adler32=201117037
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 16743
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302854423_3194789064168449_8657378660702157458_n.jpg?stp=dst-jpg_p235x165&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=eF5FuXAeqSAAX-CyGj0&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8lrBwgzK_uDeCiYwoF76lSJN1A7jczjinQ39Gj_ynFWg&oe=633B286D
157.240.221.16200 OK 11 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302854423_3194789064168449_8657378660702157458_n.jpg?stp=dst-jpg_p235x165&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=eF5FuXAeqSAAX-CyGj0&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8lrBwgzK_uDeCiYwoF76lSJN1A7jczjinQ39Gj_ynFWg&oe=633B286D
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 293x165, components 3\012- data
Hash 9ce9086239d80c71facb458c8af7f4f6
fc6037790d9180fcd5b326ae46caf43d36cde0ec
3a4cb10d9dfca70f9113c106b28f918e0d011e97b849014b5c2ac54de0bc9658
GET /v/t39.30808-6/302854423_3194789064168449_8657378660702157458_n.jpg?stp=dst-jpg_p235x165&_nc_cat=108&ccb=1-7&_nc_sid=110474&_nc_ohc=eF5FuXAeqSAAX-CyGj0&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8lrBwgzK_uDeCiYwoF76lSJN1A7jczjinQ39Gj_ynFWg&oe=633B286D HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;sc_p:200:WSE_NOT_SET
last-modified: Wed, 31 Aug 2022 17:50:45 GMT
x-needle-checksum: 1248420033
content-type: image/jpeg
content-digest: adler32=2315556460
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 10750
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/306605629_519265533531958_1827113209778065583_n.jpg?stp=dst-jpg_s235x350&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=lNF_rB0ztuQAX-thoe8&_nc_ht=scontent-lhr8-2.xx&oh=00_AT--5xJydDeAJyuXiF58uSu3jfikV1WkiVdZJoDu-MIYjg&oe=633B7ED1
157.240.214.11200 OK 16 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t39.30808-6/306605629_519265533531958_1827113209778065583_n.jpg?stp=dst-jpg_s235x350&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=lNF_rB0ztuQAX-thoe8&_nc_ht=scontent-lhr8-2.xx&oh=00_AT--5xJydDeAJyuXiF58uSu3jfikV1WkiVdZJoDu-MIYjg&oe=633B7ED1
IP 157.240.214.11:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 163x350, components 3\012- data
Hash 779ea3cd4bc52cc0d663dd30a25e541c
b36375dd84c4bcc50b86ff0ad1df023454446f5a
78d526ea70630455090b3330e63197463e25974f320a4be14630ce57cc1eed54
GET /v/t39.30808-6/306605629_519265533531958_1827113209778065583_n.jpg?stp=dst-jpg_s235x350&_nc_cat=105&ccb=1-7&_nc_sid=110474&_nc_ohc=lNF_rB0ztuQAX-thoe8&_nc_ht=scontent-lhr8-2.xx&oh=00_AT--5xJydDeAJyuXiF58uSu3jfikV1WkiVdZJoDu-MIYjg&oe=633B7ED1 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:46:54 GMT
x-haystack-needlechecksum: 851596180
x-needle-checksum: 2995626852
content-type: image/jpeg
content-digest: adler32=1943551901
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 15599
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-2.xx.fbcdn.net/v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9K-rzSkur8s87UkUwFp4e4RK3SNI6TPK-NhLZ3Rm3ARA&oe=633B9874
157.240.214.11200 OK 27 kB URL HTTP/2 scontent-lhr8-2.xx.fbcdn.net/v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9K-rzSkur8s87UkUwFp4e4RK3SNI6TPK-NhLZ3Rm3ARA&oe=633B9874
IP 157.240.214.11:0
File type JPEG image data, baseline, precision 8, 352x640, components 3\012- data
Hash 7a79cfb644f17f9eb1aa2165a53be212
511050147f633ab78c62e8b2f40fcf19225652ce
501282cfd927a5ab13b6dbb04d83682b663817c61c3dc8d98130b7eaf21525c5
GET /v/t15.5256-10/306678190_2163813607130292_2016720331291312394_n.jpg?_nc_cat=102&ccb=1-7&_nc_sid=f2c4d5&_nc_ohc=VV5cdpWzIXAAX9oCAP2&_nc_ht=scontent-lhr8-2.xx&oh=00_AT9K-rzSkur8s87UkUwFp4e4RK3SNI6TPK-NhLZ3Rm3ARA&oe=633B9874 HTTP/1.1
Host: scontent-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:50:01 GMT
content-type: image/jpeg
x-haystack-needlechecksum: 3604015441
x-needle-checksum: 1194864041
content-digest: adler32=1194864041
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 26594
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302527556_3192952151018807_2065675819457074865_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=g1o2hBkaIYkAX83_9AK&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8ST9dUdSURd4A1-ZKo7an08Dr9HyWgx5FFtZgLVg7ycQ&oe=633B9E4E
157.240.221.16200 OK 33 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302527556_3192952151018807_2065675819457074865_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=g1o2hBkaIYkAX83_9AK&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8ST9dUdSURd4A1-ZKo7an08Dr9HyWgx5FFtZgLVg7ycQ&oe=633B9E4E
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 513x225, components 3\012- data
Hash b0d043d988fdcbcd507fe7dd33d665f6
b1491ddbea45bbd0e997fcd2effaf5bcc6d0da4b
d56b069e674500159740b87b958cdf6e858642b0386a04a003f32eb0353e84dd
GET /v/t39.30808-6/302527556_3192952151018807_2065675819457074865_n.jpg?stp=dst-jpg_p75x225&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=g1o2hBkaIYkAX83_9AK&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8ST9dUdSURd4A1-ZKo7an08Dr9HyWgx5FFtZgLVg7ycQ&oe=633B9E4E HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 29 Aug 2022 08:29:26 GMT
x-haystack-needlechecksum: 1672008726
x-needle-checksum: 3319539147
content-type: image/jpeg
content-digest: adler32=3679848276
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 32885
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=783&byteend=862
157.240.221.10200 OK 80 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=783&byteend=862
IP 157.240.221.10:0
Hash 0217e50509c3fbe3bad6dcb23f132eb6
7119934c4112894115fac5e7ae43ac6ca32c35b7
40a8f6cde3192efcceee78db38049d21c3566f79a4f1b43096ed2b2297e0ece2
GET /v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=783&byteend=862 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:50:03 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3188314992
x-needle-checksum: 2768310837
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2768310837
content-length: 80
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-1/305770631_515665223891989_46788893102940612_n.jpg?stp=c28.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=TLwPVlMubv4AX_UKAkU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_IxbflqZCjMoW0dvPo1mEPmS9D2H_y0L9DztZqOxXshA&oe=633B034F
157.240.221.16200 OK 1.7 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-1/305770631_515665223891989_46788893102940612_n.jpg?stp=c28.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=TLwPVlMubv4AX_UKAkU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_IxbflqZCjMoW0dvPo1mEPmS9D2H_y0L9DztZqOxXshA&oe=633B034F
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x50, components 3\012- data
Hash 17889d6e41c3bfab60055e84e8eea7c9
4df0932cc6c70480213da5da5cd25ed3d635397b
c22cb57b398d1759b973737e5933436a0ecd8f2d3ff3dfd4f24cbe01a0cca99a
GET /v/t39.30808-1/305770631_515665223891989_46788893102940612_n.jpg?stp=c28.0.50.50a_cp0_dst-jpg_p50x50&_nc_cat=107&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=TLwPVlMubv4AX_UKAkU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_IxbflqZCjMoW0dvPo1mEPmS9D2H_y0L9DztZqOxXshA&oe=633B034F HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Fri, 09 Sep 2022 13:33:37 GMT
x-haystack-needlechecksum: 345384465
x-needle-checksum: 2931961587
content-type: image/jpeg
content-digest: adler32=1487096120
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 1682
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302102259_3192952037685485_6079087479219516817_n.jpg?stp=dst-jpg_s240x240&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=QeR6SuODERoAX_Z6oqU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-JIaAp8RR6locyjnAmtBDH9u95UmfkY3GCXVQlUnrqeA&oe=633BC532
157.240.221.16200 OK 6.3 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/302102259_3192952037685485_6079087479219516817_n.jpg?stp=dst-jpg_s240x240&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=QeR6SuODERoAX_Z6oqU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-JIaAp8RR6locyjnAmtBDH9u95UmfkY3GCXVQlUnrqeA&oe=633BC532
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 108x240, components 3\012- data
Hash c99440d96707b0ecb5e2273647b4628c
a1d48605d86e97ca90baa3dfdb06d90d88659210
a11f06ef0e391c29c0bd7543e9eaade424394d30a5e9cc99979e99f1ec8fe9e8
GET /v/t39.30808-6/302102259_3192952037685485_6079087479219516817_n.jpg?stp=dst-jpg_s240x240&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=QeR6SuODERoAX_Z6oqU&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-JIaAp8RR6locyjnAmtBDH9u95UmfkY3GCXVQlUnrqeA&oe=633BC532 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 29 Aug 2022 08:29:19 GMT
x-haystack-needlechecksum: 2671617602
x-needle-checksum: 4089478871
content-type: image/jpeg
content-digest: adler32=3979934691
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 6270
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=863&byteend=17124
157.240.221.10200 OK 16 kB URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=863&byteend=17124
IP 157.240.221.10:0
Hash 465b7da3dfd78f6a787200203abe1b3a
df8a2bf1d169f8ffa85f365041a75a399f4eb419
85ffffc252d522533d333c9d3d5daf8082fa1c4621d333fc4deb2926141318f2
GET /v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=863&byteend=17124 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:50:03 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3188314992
x-needle-checksum: 2768310837
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2768310837
content-length: 16262
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306628423_519265563531955_255497855444346503_n.jpg?stp=dst-jpg_p110x80&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hTkHb46Dm48AX8oKojm&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_djPIz0mfIxcQ_Khvp9M4iJvuA7HWtYCaHTACcK3pJLg&oe=633B1671
157.240.221.16200 OK 6.5 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306628423_519265563531955_255497855444346503_n.jpg?stp=dst-jpg_p110x80&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hTkHb46Dm48AX8oKojm&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_djPIz0mfIxcQ_Khvp9M4iJvuA7HWtYCaHTACcK3pJLg&oe=633B1671
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x236, components 3\012- data
Hash 375ee6ad595147c922b250db3ddfcbdf
68236ea04f0fa8e4dcefbea9bdcd86429b3e57d0
34a4fd00f50310bfc32e15e1149a7b6f0b89e1ab3313f5a3ad1cabb17bd829af
GET /v/t39.30808-6/306628423_519265563531955_255497855444346503_n.jpg?stp=dst-jpg_p110x80&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=hTkHb46Dm48AX8oKojm&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_djPIz0mfIxcQ_Khvp9M4iJvuA7HWtYCaHTACcK3pJLg&oe=633B1671 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:46:57 GMT
x-haystack-needlechecksum: 3559319399
x-needle-checksum: 656975569
content-type: image/jpeg
content-digest: adler32=3888601194
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 6485
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=841&byteend=884
157.240.221.10200 OK 44 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=841&byteend=884
IP 157.240.221.10:0
Hash 75e4f7e077fef82e601a283364753a24
08e7f821f9e8e79848cc07eba2d210f469778e5b
686add90caf74efe1cac49da482e9685b15c30e57981b8a4781627bcfa0c7692
GET /v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=841&byteend=884 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Sat, 17 Sep 2022 20:35:47 GMT
content-type: video/mp4
x-haystack-needlechecksum: 75613373
x-needle-checksum: 3270747894
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3270747894
content-length: 44
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306352441_519265630198615_1362356246310493931_n.jpg?stp=dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=LSb0CFjl_j0AX-ilH-1&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9GL6Adb2IhoVta6SzmjAMyUx8kRlO6ej4o9fgSzzSb9g&oe=633B71DA
157.240.221.16200 OK 6.5 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306352441_519265630198615_1362356246310493931_n.jpg?stp=dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=LSb0CFjl_j0AX-ilH-1&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9GL6Adb2IhoVta6SzmjAMyUx8kRlO6ej4o9fgSzzSb9g&oe=633B71DA
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x236, components 3\012- data
Hash ef908e24ee9157da82a6b3faeabede34
0bcc7a677a83b0bc436d5f5ec9bb225608f23517
a134f98b7f8a05014fde12a8d3229d28f63219441a549a361c0f957e332caf82
GET /v/t39.30808-6/306352441_519265630198615_1362356246310493931_n.jpg?stp=dst-jpg_p110x80&_nc_cat=109&ccb=1-7&_nc_sid=110474&_nc_ohc=LSb0CFjl_j0AX-ilH-1&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9GL6Adb2IhoVta6SzmjAMyUx8kRlO6ej4o9fgSzzSb9g&oe=633B71DA HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:47:00 GMT
x-haystack-needlechecksum: 2341454344
x-needle-checksum: 2084156353
content-type: image/jpeg
content-digest: adler32=2528351035
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 6510
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=844&byteend=959
157.240.221.10200 OK 116 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=844&byteend=959
IP 157.240.221.10:0
Hash 08f0c0eb400545f5e1a8b38630a319f0
7fe795592a7588330b47b6613fb9f85e0caca631
bc207760aaa5edfd3d2a8b7ab8ddc77ec39e5985255913bf87ba4df95576b419
GET /v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=844&byteend=959 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:10 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2319417413
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2319417413
content-length: 116
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306986753_519265673531944_5250589362646327014_n.jpg?stp=dst-jpg_p110x80&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=aQoUW_mxl-0AX-LLXgo&_nc_oc=AQkQE9Lw9XynXvCzntIpA33e2XXuMP9Oox-1jnsLbofmZGbNUYLZY4u1tQgW1Jf8ZdQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-hHCOmeKAtBGtrVxiPRCRNjMV_wn8BSUzB675LjDxPTQ&oe=633AE44C
157.240.221.16200 OK 5.6 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306986753_519265673531944_5250589362646327014_n.jpg?stp=dst-jpg_p110x80&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=aQoUW_mxl-0AX-LLXgo&_nc_oc=AQkQE9Lw9XynXvCzntIpA33e2XXuMP9Oox-1jnsLbofmZGbNUYLZY4u1tQgW1Jf8ZdQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-hHCOmeKAtBGtrVxiPRCRNjMV_wn8BSUzB675LjDxPTQ&oe=633AE44C
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x236, components 3\012- data
Hash 3b9c1a5bd316f854712eacdb1e3492b9
10724e14b126c6d3f630f6f0039369c8bc733b63
becc4c410fdf56e74904f1e5677c371743daa57e277f8c7dcb73b4314eba5c0c
GET /v/t39.30808-6/306986753_519265673531944_5250589362646327014_n.jpg?stp=dst-jpg_p110x80&_nc_cat=106&ccb=1-7&_nc_sid=110474&_nc_ohc=aQoUW_mxl-0AX-LLXgo&_nc_oc=AQkQE9Lw9XynXvCzntIpA33e2XXuMP9Oox-1jnsLbofmZGbNUYLZY4u1tQgW1Jf8ZdQ&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-hHCOmeKAtBGtrVxiPRCRNjMV_wn8BSUzB675LjDxPTQ&oe=633AE44C HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:47:04 GMT
x-haystack-needlechecksum: 1541209250
x-needle-checksum: 2956389826
content-type: image/jpeg
content-digest: adler32=765190084
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 5623
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=0&byteend=840
157.240.221.10200 OK 841 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=0&byteend=840
IP 157.240.221.10:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 6a94a56110cf327cd5105a832fa4c8c8
a3c3e94c05e18e6e4f571eb9233c99ea7662b8ba
74da1125d7178ff648f6a6e1760a9c2f7850961c38135f6c373912a121da986f
GET /v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=0&byteend=840 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Sat, 17 Sep 2022 20:35:47 GMT
content-type: video/mp4
x-haystack-needlechecksum: 75613373
x-needle-checksum: 3270747894
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3270747894
content-length: 841
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306848694_519271216864723_5730369435817364774_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=MWCDxKn-sKIAX_pytQj&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_AWHdQSvrggF1YlWNMan-c6fCpauiRdBAbrwwwF7Oa7A&oe=633A55FC
157.240.221.16200 OK 5.5 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306848694_519271216864723_5730369435817364774_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=MWCDxKn-sKIAX_pytQj&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_AWHdQSvrggF1YlWNMan-c6fCpauiRdBAbrwwwF7Oa7A&oe=633A55FC
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x236, components 3\012- data
Hash 92e0e14a38646b505b24d179a1b44ba5
85b5151bd92704c6e34cd6be2bdbdadf5f02840f
d7b6f3b20781a1fbc517182b0a3e16b18316835cf2aa70b01c5dc93c753ee61b
GET /v/t39.30808-6/306848694_519271216864723_5730369435817364774_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=110474&_nc_ohc=MWCDxKn-sKIAX_pytQj&_nc_ht=scontent-lhr8-1.xx&oh=00_AT_AWHdQSvrggF1YlWNMan-c6fCpauiRdBAbrwwwF7Oa7A&oe=633A55FC HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:55:46 GMT
x-haystack-needlechecksum: 2126175143
x-needle-checksum: 3224789913
content-type: image/jpeg
content-digest: adler32=3196759665
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 5515
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=0&byteend=782
157.240.221.10200 OK 783 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=0&byteend=782
IP 157.240.221.10:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash ef4d5ea2fb03b38ea40e89fa75e4820b
00332114087e018b4c962a73cac566eaaf89b280
6960343bfef14ae1c9787cec72b4f491196bb7159ec90fbc4c15d6ddbdbc4b29
GET /v/t42.1790-2/306771484_1674253166287965_3617212718848828723_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=0RBaJLYyLiUAX9-Qyog&_nc_ht=video-lhr8-1.xx&oh=00_AT-35TEiA7VWtSiP82Rnaepek9x6BZncvDvVZ6PvIMBSvg&oe=63367B82&bytestart=0&byteend=782 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:50:03 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3188314992
x-needle-checksum: 2768310837
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2768310837
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306824185_519271873531324_8597381406415958708_n.jpg?stp=dst-jpg_s261x260&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=9s86EewMYRcAX9lvfBt&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-ZFx1WZLS9ysC30Oj9lTsBuTSzCCUtLoN4ke1I2xgZdQ&oe=633A8DD8
157.240.221.16200 OK 12 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306824185_519271873531324_8597381406415958708_n.jpg?stp=dst-jpg_s261x260&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=9s86EewMYRcAX9lvfBt&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-ZFx1WZLS9ysC30Oj9lTsBuTSzCCUtLoN4ke1I2xgZdQ&oe=633A8DD8
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 261x115, components 3\012- data
Hash 85c60974f1551c7d233a8a8fdb56b8b4
ca0c2469ba3c8b214efbd539cef6a9484d785bfa
fbbe17cc6ee4e37bd8238dab6b3167783566d0d7620d2f658aab8fe78f36bc63
GET /v/t39.30808-6/306824185_519271873531324_8597381406415958708_n.jpg?stp=dst-jpg_s261x260&_nc_cat=107&ccb=1-7&_nc_sid=110474&_nc_ohc=9s86EewMYRcAX9lvfBt&_nc_ht=scontent-lhr8-1.xx&oh=00_AT-ZFx1WZLS9ysC30Oj9lTsBuTSzCCUtLoN4ke1I2xgZdQ&oe=633A8DD8 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:57:18 GMT
x-haystack-needlechecksum: 3565657664
x-needle-checksum: 3381442442
content-type: image/jpeg
content-digest: adler32=101299884
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 11611
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306130149_519265493531962_8807931769331595728_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=yYKR9PB0SzsAX8dTXCa&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9t7RGgsb9fUxrSt14P9ZLxYjwtjrHu1U_ITPdHLhNz0A&oe=633B2DA4
157.240.221.16200 OK 10 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t39.30808-6/306130149_519265493531962_8807931769331595728_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=yYKR9PB0SzsAX8dTXCa&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9t7RGgsb9fUxrSt14P9ZLxYjwtjrHu1U_ITPdHLhNz0A&oe=633B2DA4
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 163x350, components 3\012- data
Hash fb36b79fd94b7d364d9984962f93c2a4
d026b4cebde55ba153d02c921abac0b76929db9d
babfc63b4edd742a9c2c88669f12d7aa392a78c97a79f90084c2cd43d4fc7e70
GET /v/t39.30808-6/306130149_519265493531962_8807931769331595728_n.jpg?stp=dst-jpg_s235x350&_nc_cat=110&ccb=1-7&_nc_sid=110474&_nc_ohc=yYKR9PB0SzsAX8dTXCa&_nc_ht=scontent-lhr8-1.xx&oh=00_AT9t7RGgsb9fUxrSt14P9ZLxYjwtjrHu1U_ITPdHLhNz0A&oe=633B2DA4 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 21:46:50 GMT
x-haystack-needlechecksum: 3474373608
x-needle-checksum: 3224789913
content-type: image/jpeg
content-digest: adler32=102305871
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 10377
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/302140767_400553765536519_2993659619751281482_n.jpg?stp=dst-jpg_s350x350&_nc_cat=107&ccb=1-7&_nc_sid=08861d&_nc_ohc=oMzrJHh5yQsAX-9zD4u&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8KbZeiXJrk2-BIH3MuBRhG13aoUdKzjO91fOnXn4oxtw&oe=633AF349
157.240.221.16200 OK 20 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/302140767_400553765536519_2993659619751281482_n.jpg?stp=dst-jpg_s350x350&_nc_cat=107&ccb=1-7&_nc_sid=08861d&_nc_ohc=oMzrJHh5yQsAX-9zD4u&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8KbZeiXJrk2-BIH3MuBRhG13aoUdKzjO91fOnXn4oxtw&oe=633AF349
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x193, components 3\012- data
Hash 146babba07f3646647827ff2291442e2
93e09d42c71ba5f5eed31c15136c48eb12b48c63
9fc6c397a0e2c424344c4ad4511ef5efdf3ad51bd09298dedce905253a8ce753
GET /v/t15.5256-10/302140767_400553765536519_2993659619751281482_n.jpg?stp=dst-jpg_s350x350&_nc_cat=107&ccb=1-7&_nc_sid=08861d&_nc_ohc=oMzrJHh5yQsAX-9zD4u&_nc_ht=scontent-lhr8-1.xx&oh=00_AT8KbZeiXJrk2-BIH3MuBRhG13aoUdKzjO91fOnXn4oxtw&oe=633AF349 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Wed, 31 Aug 2022 17:50:11 GMT
x-haystack-needlechecksum: 4221654432
x-needle-checksum: 3887287829
content-type: image/jpeg
content-digest: adler32=3266126563
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 20546
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=08861d&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT83n14YsGPdf11p_Pq-waJ-xiNopgdqURSFUdKW2o9Wag&oe=633AE6B8
157.240.221.16200 OK 6.4 kB URL HTTP/2 scontent-lhr8-1.xx.fbcdn.net/v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=08861d&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT83n14YsGPdf11p_Pq-waJ-xiNopgdqURSFUdKW2o9Wag&oe=633AE6B8
IP 157.240.221.16:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 110x200, components 3\012- data
Hash 8a0c6865d43821b03c10c9d90072e5cc
ddf4841900706c765e4f298fe42a21e25edee588
9407635a55ce0c3ee9b2fd7aa7200fddb8079e6776718bed974c3bc0e5ff4907
GET /v/t15.5256-10/306712551_785415849376092_4513216159592995806_n.jpg?stp=dst-jpg_p110x80&_nc_cat=103&ccb=1-7&_nc_sid=08861d&_nc_ohc=9Xef0E8TZSkAX8xhhRA&_nc_ht=scontent-lhr8-1.xx&oh=00_AT83n14YsGPdf11p_Pq-waJ-xiNopgdqURSFUdKW2o9Wag&oe=633AE6B8 HTTP/1.1
Host: scontent-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Tue, 13 Sep 2022 22:49:59 GMT
x-haystack-needlechecksum: 2245871325
x-needle-checksum: 607417271
content-type: image/jpeg
content-digest: adler32=714623628
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
content-length: 6396
x-fb-trip-id: 1679558926
date: Fri, 30 Sep 2022 02:29:03 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=0&byteend=782
157.240.214.18200 OK 783 B URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=0&byteend=782
IP 157.240.214.18:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash d7832ce7264cab72b1a38c26e742df49
7355d8f1779e147be104150d0ac58bd765737021
f43036e44f300e0e7ef386287c3e06dde45c68d087d7319514f550e017350526
GET /v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=0&byteend=782 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:36 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3721679922
x-needle-checksum: 294803275
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=294803275
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=0&byteend=839
157.240.214.18200 OK 840 B URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=0&byteend=839
IP 157.240.214.18:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 97a802e4aeadb318bd2b5b05fa80d752
b3f7f8a81c87195a792adafa5ae42440da064d3e
2856435df0077a8b8c83fbd163ace93016e3dcd65d9a7bb59f333c1313df78bf
GET /v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=0&byteend=839 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:02 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2206377880
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2206377880
content-length: 840
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=840&byteend=895
157.240.214.18200 OK 56 B URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=840&byteend=895
IP 157.240.214.18:0
File type BS image, Version 30820, Quantization 26995, (Decompresses to 0 words)\012- data
Hash a71cfb9bc8be7a12b987e88bc4bfdf53
ce70d5044d1926257660be7d233851855b9272a4
da8300ac2eba9854f0a6ceecc284c1b742fafe7b0449786a35e61825c5b09f2f
GET /v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=840&byteend=895 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:02 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2206377880
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2206377880
content-length: 56
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=0&byteend=843
157.240.221.10200 OK 844 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=0&byteend=843
IP 157.240.221.10:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash 54d210135e9a5dfedd28c5dc1291d793
b12b54b138afabb7c7b34aaa2a47eb6444fc075a
e4930a2a09635ea95ac114923c2856edf0e78b4d9ae04d92d3195c6abc1a21df
GET /v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=0&byteend=843 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:10 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2319417413
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2319417413
content-length: 844
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=0&byteend=782
157.240.221.10200 OK 783 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=0&byteend=782
IP 157.240.221.10:0
File type ISO Media, MP4 Base Media v5 \012- data
Hash da3ffd8ed346fde884801aaed9085c0a
5535e4f60d00626a30f3c7d895e79248a31896c5
a9efa33305be5368ec6a3a58764557f3237a8df6542d02c776464d09fce2f3c3
GET /v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=0&byteend=782 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:05 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3996236260
x-needle-checksum: 3315071128
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3315071128
content-length: 783
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=783&byteend=886
157.240.221.10200 OK 104 B URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=783&byteend=886
IP 157.240.221.10:0
Hash f2decf05d43f39d692db9d0d664378b6
315022429626b00000ef7e8fdb750d9b99f8ec9a
d24fac3408a71d8d34be6a750d705d9e9fc189862b5c7ce474db8fce4fe0124b
GET /v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=783&byteend=886 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:05 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3996236260
x-needle-checksum: 3315071128
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3315071128
content-length: 104
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=887&byteend=17342
157.240.221.10200 OK 17 kB URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=887&byteend=17342
IP 157.240.221.10:0
Hash e65a8d644e9b6df9f6cce7a7b0ecfc49
cc35d92655f4dfa10608ba8302c6940cf2f0623b
dcb02d9198970fb757601df256f2878b1e47e89111de753773658466109855e4
GET /v/t42.1790-2/306942375_832076178161182_1758939539167202056_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=B08pn-C4ZQIAX_oP_mH&_nc_ht=video-lhr8-1.xx&oh=00_AT-4-gyLhCA48vSINpNdSHK5q3g8IG65B38Tyx6Wb4xovQ&oe=633675B7&bytestart=887&byteend=17342 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:05 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3996236260
x-needle-checksum: 3315071128
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3315071128
content-length: 16456
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=783&byteend=1018
157.240.214.18200 OK 236 B URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=783&byteend=1018
IP 157.240.214.18:0
Hash 42ba4594f0aaf2d4f735e4ef1ff082d2
af299508f325942baa8dc4065d254416d265c475
013c47661eb223f0b664758e68a5638c98ea77c23da80f24f6189f620ada72ea
GET /v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=783&byteend=1018 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:36 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3721679922
x-needle-checksum: 294803275
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=294803275
content-length: 236
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=1019&byteend=17366
157.240.214.18200 OK 16 kB URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=1019&byteend=17366
IP 157.240.214.18:0
Hash 22744ed3c7b0a05ec9f09bb32efb512a
d38fcecfa7ab70b9d84ef7c0a80a7b85c73750b6
153f0804d1b4f6da8db857583e722a97757a60457a0b474d0c24a64dec869812
GET /v/t42.1790-2/302492985_1463355417460693_1342518168980883249_n.mp4?_nc_cat=102&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfYXVkaW9fYWFjcF82NF9mcmFnXzJfYXVkaW8ifQ%3D%3D&_nc_ohc=ahFo2J3_NNAAX-WMjfI&_nc_ht=video-lhr8-2.xx&oh=00_AT-UHWWzaRp3AUUYfPsXX3ax_xRqP3zYXVwmhKQpDOwraQ&oe=6336751B&bytestart=1019&byteend=17366 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:36 GMT
content-type: video/mp4
x-haystack-needlechecksum: 3721679922
x-needle-checksum: 294803275
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=294803275
content-length: 16348
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=885&byteend=1119055
157.240.221.10200 OK 1.1 MB URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=885&byteend=1119055
IP 157.240.221.10:0
Size 1.1 MB (1118171 bytes)
Hash 8069f7f5fdacfd227a4b604543d25a33
09086d424b10b9fe944c7204a96f9bd7e2700315
ebbde83abee29f500b6caec1d9384e7ef70f3d19ccde0f2b4d95a8992e62c694
GET /v/t39.25447-2/307297748_413461964209911_95939181422574758_n.mp4?_nc_cat=110&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfcjJfYXZjX2dlbjFhdmNfbGNfcTkwX2ZyYWdfMl92aWRlbyJ9&_nc_ohc=HL_AeL8eS7sAX-g-eV0&_nc_ht=video-lhr8-1.xx&oh=00_AT8BOliw80LS_wJ1rocNltrJ0Km7VLzBHOB9TKpan4cw6Q&oe=633BFD9E&bytestart=885&byteend=1119055 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ESUCCESS
last-modified: Sat, 17 Sep 2022 20:35:47 GMT
content-type: video/mp4
x-haystack-needlechecksum: 75613373
x-needle-checksum: 3270747894
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=3270747894
content-length: 1118171
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=960&byteend=994543
157.240.221.10200 OK 994 kB URL HTTP/2 video-lhr8-1.xx.fbcdn.net/v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=960&byteend=994543
IP 157.240.221.10:0
Size 994 kB (993584 bytes)
Hash d493fe0e6d7d62608c2bc66f94db1090
1e6c33e42b918c5d461640ab23bda0333093e6c5
700b8fa2e6d682a896a6d992a890a2bbfa76d841e09a1268378fd59b38cbfcf7
GET /v/t39.25447-2/300376913_1077569276452011_3163627742602509555_n.mp4?_nc_cat=108&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfdjRfcGFzc3Rocm91Z2hfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=Yde6SMem93kAX8jEdea&_nc_ht=video-lhr8-1.xx&oh=00_AT8p8mVOE-32-qWvak9b8_11kFiLWRR4aq4KnSNZ44en9g&oe=633BE7CE&bytestart=960&byteend=994543 HTTP/1.1
Host: video-lhr8-1.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Wed, 31 Aug 2022 17:50:10 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2319417413
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2319417413
content-length: 993584
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/uploads/2017/11/inka-jungle-web.jpg
75.102.57.149200 OK 258 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2017/11/inka-jungle-web.jpg
IP 75.102.57.149:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3\012- data
Size 258 kB (257789 bytes)
Hash 2b56b3a6679a561fbd26a93e18f20b47
7a6ca01aa7786d28a2bad0e5897d15a3e22a49fc
7a980749c98592a82be729fc4e8f3e8f7b672cb37df368262d9c82b051bbc19d
GET /wp-content/uploads/2017/11/inka-jungle-web.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:04 GMT
content-type: image/jpeg
last-modified: Sat, 18 Nov 2017 19:12:56 GMT
accept-ranges: bytes
content-length: 257789
date: Fri, 30 Sep 2022 02:29:04 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2017/11/lago-titicaca.jpg
75.102.57.149200 OK 61 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2017/11/lago-titicaca.jpg
IP 75.102.57.149:0
File type gzip compressed data, max compression\012- data
Hash 010a4c93e70c4e8d0fdb61e666cadf0f
c8d68d05240db807c7a2e97c38053bee62339eb5
1c181d0b27ff32bccc30193261c0267f2a3f8b65e1c46af03e8f34e86647df7d
GET /wp-content/uploads/2017/11/lago-titicaca.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:03 GMT
content-type: image/jpeg
last-modified: Tue, 14 Nov 2017 00:18:36 GMT
accept-ranges: bytes
content-length: 279124
date: Fri, 30 Sep 2022 02:29:03 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen3.png
75.102.57.149200 OK 3.3 MB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2022/07/imagen3.png
IP 75.102.57.149:0
File type PNG image data, 1920 x 699, 8-bit/color RGBA, non-interlaced\012- data
Size 3.3 MB (3283218 bytes)
Hash 08d38600a587d4055afb6120091624eb
4a5a70d3432915eacf92e7ea30ebbb97069ed22e
ecae9d9828ae54c6261c3354197ca4bcc2be8c8427c8ee50754f2f19b0fc9c7b
GET /wp-content/uploads/2022/07/imagen3.png HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:04 GMT
content-type: image/png
last-modified: Tue, 12 Jul 2022 05:12:30 GMT
accept-ranges: bytes
content-length: 3283218
date: Fri, 30 Sep 2022 02:29:04 GMT
www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-5.jpg
75.102.57.149200 OK 973 kB URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/uploads/2019/09/BANNER-5.jpg
IP 75.102.57.149:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x700, components 3\012- data
Size 973 kB (972623 bytes)
Hash 07fca4131c5034f82a551b711db98e84
128003efeaffed84df168307997ef4994fb2d9fb
fcff4508c04b71a418824d3e35d71b421d45a4aac1f5ce17886aaf84272d6175
GET /wp-content/uploads/2019/09/BANNER-5.jpg HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
Cookie: _gcl_au=1.1.403215090.1664504938; chatyWidget_0=[{"k":"v-widget","v":"2022-09-30T02:28:57.761Z"}]; activechatyWidgets=0; _ga=GA1.2.1729437903.1664504939; _gid=GA1.2.657051911.1664504939; _gat_UA-104113785-37=1; _fbp=fb.1.1664504938849.1175871926
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:29:05 GMT
content-type: image/jpeg
last-modified: Tue, 03 Sep 2019 23:55:26 GMT
accept-ranges: bytes
content-length: 972623
date: Fri, 30 Sep 2022 02:29:05 GMT
use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.1
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.1
IP 172.64.133.15:0
GET /releases/v5.15.4/css/all.css?ver=2.0.1 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 02:28:59 GMT
content-type: text/css
x-amz-id-2: nE6GTaWMCFhFpHVRA16nYx1+8UJfdxXhrq2oRZP5mE7fh8kmFB93vsxV3n+v0wvNRPobK8senrU=
x-amz-request-id: F0PZBVW0J1S1NA76
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29271961
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3ClKgWILDmEhXYDwBqyO%2FiMhmp5juJ0973G0A5ES4ZZTBgM5GK4kp6UrcnZyN6vwVr6ZCYlpAp%2BLPUZha%2Ftr6ZdWYeiCoynUXrij4m0xiQXXHvTOx9v74Sbqd%2Bx0I9%2B5bb1NyCz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752987405e14887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
75.102.57.149200 OK 0 B URL HTTP/1.1 www.cuscoinkasfeat.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1
IP 75.102.57.149:0
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.1 HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/sh/ZS/0b206d7dab7698e0264cbedbcd0ec9dc/enterpassword.php
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 07 Oct 2022 02:28:59 GMT
content-type: application/javascript
last-modified: Tue, 19 Jul 2022 22:18:03 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6553
date: Fri, 30 Sep 2022 02:28:59 GMT
www.skynetcusco.com/images/skynetcusco.png
172.67.163.26404 Not Found 0 B URL HTTP/2 www.skynetcusco.com/images/skynetcusco.png
IP 172.67.163.26:0
GET /images/skynetcusco.png HTTP/1.1
Host: www.skynetcusco.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Fri, 30 Sep 2022 02:29:01 GMT
content-type: text/html; charset=UTF-8
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: max-age=14400, must-revalidate
link: <https://www.skynetcusco.com/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLsO52i%2Fu8enqPbSFcjj%2BLF7RzK9QODWcVh6drAUilG%2Ft6vL23s%2F9JeVwlEPgK2Pq9epbKF0XZXBfbNdDQ%2F6Y7p6VoqeXPQ1pEKesF9hZTf4JB%2B1pdr%2BRIvtkZpZiXEQ15pyrIny"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7529874609f6b505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.1
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.1
IP 172.64.133.15:0
GET /releases/v5.15.4/css/v4-shims.css?ver=2.0.1 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 30 Sep 2022 02:28:59 GMT
content-type: text/css
x-amz-id-2: 8gVMALk6soBb3Gp4gPDkQ7sGryWl0HBr7HMbfOIi8xsl2vXJOXbEfIemMAo//M2nsg9rEs2nIAk=
x-amz-request-id: 2GD0QGZ81MKE65QM
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 25038105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ad3tvQlsBia1XVx3yl1EaR0s4owXnoZ0ryeTbsIClty3y%2FiCFQcYR96VDtSrpzUfC%2BBA5ZIosGmqiV92uB0nyWyfZNC4mRC0Qjgp5abFT7A9b7NE1YoZSfj0JeRXKgjOOypmOEU4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 752987405e1b887f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=896&byteend=304244
157.240.214.18200 OK 0 B URL HTTP/2 video-lhr8-2.xx.fbcdn.net/v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=896&byteend=304244
IP 157.240.214.18:0
GET /v/t39.25447-2/306948595_194858292975893_9033449713430701629_n.mp4?_nc_cat=105&ccb=1-7&_nc_sid=5aebc0&efg=eyJ2ZW5jb2RlX3RhZyI6ImRhc2hfaTRsaXRlYmFzaWNfNXNlY2dvcF9ocTFfZnJhZ18yX3ZpZGVvIn0%3D&_nc_ohc=HQr1HJu8J_oAX8sbuSo&_nc_ht=video-lhr8-2.xx&oh=00_AT-I6N8dKBBtTq7uw4opc5f_hLcdV7RGvDEyfxyCPZuSQQ&oe=633B9063&bytestart=896&byteend=304244 HTTP/1.1
Host: video-lhr8-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:206:HS_ERANGE_SUCCESS
last-modified: Tue, 13 Sep 2022 22:50:02 GMT
content-type: video/mp4
x-haystack-needlechecksum: 0
x-needle-checksum: 2206377880
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-digest: adler32=2206377880
content-length: 303349
accept-ranges: bytes
x-fb-trip-id: 207616858
date: Fri, 30 Sep 2022 02:29:04 GMT
cache-control: max-age=1209600, no-transform
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2