r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3749
Expires: Tue, 29 Nov 2022 18:53:09 GMT
Date: Tue, 29 Nov 2022 17:50:40 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4ed065cb23b5fca1a179dd73b3c5b7b2
4422eb24688f5e056fc1b18b127c7f63b1dbf5e0
b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3743
Cache-Control: max-age=150174
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:40 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 11:33:34 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 17:17:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1965
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9334
Expires: Tue, 29 Nov 2022 20:26:14 GMT
Date: Tue, 29 Nov 2022 17:50:40 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: necRkWyxVwUGJn2ueWRe6r/OoOUWAP1jZAGpEe91N06+NzgZizCPee6/xtUegknKdnG+VAx2qbU=
x-amz-request-id: XECQZ4TZT2N759YE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 17:44:54 GMT
age: 346
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/peliculas-online/el-gran-gatsby/
104.21.93.38200 OK 14 kB URL HTTP/1.1 cuevana3.nu/peliculas-online/el-gran-gatsby/
IP 104.21.93.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash adc61d21d06bd2c51b2840e4aac3a244
4c0fc215e95107c3ee1b9ad77b76e3fe5595c136
15f49c6372366659b9b65a787ba5876e705d09f690856a83a7f59f281389b30d
GET /peliculas-online/el-gran-gatsby/ HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 17:50:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-dns-prefetch-control: on
x-pingback: https://cuevana3.nu/xmlrpc.php
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/", <https://cuevana3.nu/?p=77763>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8APS3YwiR5zoMTX9qlfIt1Ki16r4kOg9e113DYIwWApbLyeScvJU5J%2FDITFEHkspfWoO9MHlntMrKQDlgjk3y3CrYoxxI5y5VrMbDABaTQcdXXKYiyzE2ojeqtKYOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 771d2fde6962b4e8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
104.21.93.38200 OK 4.7 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
IP 104.21.93.38:0
File type PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/png
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 468384
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p5FRIhkONtOOyY6iMT3L320WUvMR%2FmFO5G9CGBenz2FHBZqDKFGVl370QgJhE5nyxLn67NAkr0erFIvKqjXomAIv74EhJXruql952gbyEEsmFJq1psfzo8yfnUqNSA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d2fe20e4d1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
104.21.93.38200 OK 523 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
IP 104.21.93.38:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash cf853fb872bf743ae8556423ec0259ee
646fdebf47dfd354ece7ad18f6ff041059e4cd58
cbd3ada90ee6d7f06fc267fd393252b2e4e56e4d7a106ed8fcf3de8c294db136
GET /wp-content/plugins/wp-postratings/images/stars/rating_on.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/gif
content-length: 523
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 449518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AdaL250M1KC9IfMuNLD3Rm%2FcyuTY8uep%2F7pKUoJtVzn5e4%2FwDSe6fPtiZ%2FtZG8BlJ9ko4YBjT6zILO0Yk5c4%2FRUyyUYYz4NlIqTUGpGkdiFszPoPyD2YdQGhsnBeCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d2fe20e501bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
104.21.93.38200 OK 770 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
IP 104.21.93.38:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8ae1afcd44a2a3ea3c8f86bc74702b05
4f605e49a1ce94999619beef3f92dd923ca63b6d
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
GET /wp-content/plugins/wp-postratings/images/loading.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/gif
content-length: 770
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 449518
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMQcH4K9malN9opjlZi5Sjw1yLv2L%2Bti%2Bk1D4zohaDZUFK3ZuDhwUigf6Y9nQrYFXEsUygFBc7byfmMcA1PbiIVAu92WEWHa0pU%2FNDud0tdxjv0LNLG2U0dw8BFJGg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d2fe20e4b1bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
104.21.93.38200 OK 326 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
IP 104.21.93.38:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 7d99a060172d832e2a0586a9284765b7
a8db3d3a28f670f172c933d783e0865119ed54a7
b2726e47d619f403a00a7ebf8d9bf5b5b65a214d14d40eaa36cddc8163ecb38e
GET /wp-content/plugins/wp-postratings/images/stars/rating_off.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/gif
content-length: 326
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 18:13:59 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 430601
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DyL41yrWV3Cn%2BiBEJXFPSJUx4DrAlDfHE6Y1%2BnphjKjQX8r8szriNCsddXHIXTcrsDQYNo%2Bxq7id5dzGvllkriLpGgH8Lu7IpF%2FkZrRWmmoQuysllO7kLMSVAHbl%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d2fe21e531bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
IP 69.16.175.10:0
File type ASCII text, with very long lines (32030)
Hash f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:41 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669744241.dop017.sk1.t,1669744241.cds240.sk1.hn,1669744241.cds010.sk1.c
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690
104.21.93.38200 OK 156 B URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690
IP 104.21.93.38:0
Hash 3073b0c85ed8d136b7bea2188c29a02d
7068906017e2dbe1d7bbd5eeea1d64ca81180581
9c19f53dac12152651ce129341f4cbd1ff4263e9456bb10262620b2de56c639e
GET /wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 02:48:05 GMT
last-modified: Sat, 26 Nov 2022 02:48:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 313357
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YJ41obsjPRvGWtqeTe9lb0JMRyYtVXopNDYkcbU3iSa8dawMszQLlTs3WjQ%2F9SBW%2BkJ%2BGHpCx33eOqebaq1D1vBYI2UFQIQxc3qYxmHMo8uxIoYRsnge7TQVRX2hQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe20e4a1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/got.png
104.21.93.38200 OK 133 kB URL HTTP/1.1 cuevana3.nu/wp-content/uploads/2022/03/got.png
IP 104.21.93.38:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133044 bytes)
Hash 6d6e76818f4b8c2dee0705158aaa6085
e681d2bdc33948723ea64828dee68941dbdda191
4ad36073c73561428856b74ae6eb08ce5a845bab365e4a1602edecaa2bb6ab23
GET /wp-content/uploads/2022/03/got.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/peliculas-online/el-gran-gatsby/
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Type: image/png
Content-Length: 133044
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
CF-Cache-Status: HIT
Age: 468385
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVze8go8CishUAbxlJrE7T9MgvXhniNxbnBQnMc%2BagPEuhywP3E1SJPfttoTw%2BHOoItoO3usPNhQhV20%2FVsXPqmkeNrWP830ltlQFB1DD7tHNMXS6hjYIeWGhs91oA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 771d2fe26f19b4e8-OSL
alt-svc: h2=":443"; ma=60
whairtoa.com/5/4907445
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (63288), with no line terminators
Hash 9c8558c8f286915279c535db850b1e62
18821a3f0d64b1403cce00213a9b7ef5134b2e68
dfd0ac3e60748c8e2cdb11652e937cf44a314ca93e37a2ac3ece65e1a5719d1d
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4907445 HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 7cd555fb9966c6c96c924dece915510f
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:41 GMT; path=/
oaidts=1669744241; expires=Wed, 29 Nov 2023 17:50:41 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
image.tmdb.org/t/p/w342/j4lLlVyOLzNVlLcBz6UGsAvSG2V.jpg
54.230.111.103200 OK 51 kB URL HTTP/2 image.tmdb.org/t/p/w342/j4lLlVyOLzNVlLcBz6UGsAvSG2V.jpg
IP 54.230.111.103:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 342x513, components 3\012- data
Hash c5978a71710d284820d130c488e33ade
c9d689a1070c272bbbebca69b132f6fe33b9eb9e
906468f9701ef9d36659983604eed6ad659620f43960385471424eb711cfdbb2
GET /t/p/w342/j4lLlVyOLzNVlLcBz6UGsAvSG2V.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 51133
date: Sun, 20 Nov 2022 13:30:50 GMT
server: openresty
cache-control: public, max-age=31536000
etag: "c37f52f083b43e7a6400d39a8f292225"
last-modified: Fri, 22 Mar 2019 12:14:45 GMT
imagery: degrade=85, sample=2x2, difference=1.21
cache-tag: j4lLlVyOLzNVlLcBz6UGsAvSG2V
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: NBuDpMLPmMZY5gXi0mC5xYNwL2XD8slu-P4lBxRvZfJZ7JerW-HCOg==
age: 793191
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-209818749-2
142.250.74.40200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209818749-2
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash 26f2a6a8e57bedc330e645d731332bef
75a2b448d0eada27f9638025fe6fa515c3d67048
5977b8cdb0d1a84a6d2ffc286207bbeb0e43b26534725f0807276259fd50f92d
GET /gtag/js?id=UA-209818749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 17:50:41 GMT
expires: Tue, 29 Nov 2022 17:50:41 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 17:28:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d76415fdfd81d20db2cbc74187f3d39
fa77f818c8ab5a05cb1478fe3b9927e93225c80b
41ae84ec9bb289c7da6805963e6e4e9681391b0c927f15b2a35a0d3253343664
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "41AE84EC9BB289C7DA6805963E6E4E9681391B0C927F15B2A35A0D3253343664"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=377
Expires: Tue, 29 Nov 2022 17:56:58 GMT
Date: Tue, 29 Nov 2022 17:50:41 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash a662344087fe49fc5294aa81a5e71ae0
8871b46331911c1cbaf58d0e4c4dc2fe157fda3b
cc4c5c1bf33113a04d21c1e24e6589813146428f3e89d58c4a14fce16cbbd782
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86034
Date: Tue, 29 Nov 2022 17:50:41 GMT
Etag: "6384e962-1d7"
Expires: Wed, 30 Nov 2022 17:44:35 GMT
Last-Modified: Mon, 28 Nov 2022 17:01:22 GMT
Server: ECS (nyb/1D1A)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: wrOUVurZFVfBLMRnPZmJsya2NAoo7MdK40H7d5-WeazzdMc7yKPBNw==
Age: 2593
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d76415fdfd81d20db2cbc74187f3d39
fa77f818c8ab5a05cb1478fe3b9927e93225c80b
41ae84ec9bb289c7da6805963e6e4e9681391b0c927f15b2a35a0d3253343664
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "41AE84EC9BB289C7DA6805963E6E4E9681391B0C927F15B2A35A0D3253343664"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=377
Expires: Tue, 29 Nov 2022 17:56:58 GMT
Date: Tue, 29 Nov 2022 17:50:41 GMT
Connection: keep-alive
cuevana3.nu/wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b
104.21.93.38200 OK 35 kB URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b
IP 104.21.93.38:0
File type ASCII text, with no line terminators
Hash eef7e7eca0047023e46263befe2f9492
280be35442cc67054eb85a154a76cbba3a9be92a
89cc50b674f57972360e684e384a916590e00cf1108de9d73aad2f48868a63aa
GET /wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 03 Dec 2022 02:48:05 GMT
last-modified: Sat, 26 Nov 2022 02:48:04 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 313357
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=joAuX0QK68zJnFUTy4cmRSJoPHNKx2JoMOinOLGf2VYDa0kBihBEHB594Y%2BzegzreAw%2FZRdWAT1wO6U0hJBhtNzbfUKu%2BNjb%2FolWBSSJ7N0XBKahEgO9Vz63nJBqaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe22e661bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 17:08:56 GMT
cache-control: public,max-age=3600
age: 2505
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
173.233.137.52200 OK 21 kB URL HTTP/1.1 threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (60171), with no line terminators
Hash ded6c05caa73e9e3407489aa9b28888c
14de331dd9b3794e2dde56a76b02b2f54e6c4850
ba1d141f5e5c4dfa7b1432620cfc11e8106b7c658edd994994372fb35a61db04
GET /ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js HTTP/1.1
Host: threatenedorientalavailable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 72f48d4de61fb8b5501bdebad17e3a9a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4531
Cache-Control: max-age=145898
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 10:22:19 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 02ca4292c31c0c0caa2ed7401af8d5bd
16ced3b6956cea150f608c9848bfa2f31e0a3e18
e90eff9a37ae4b3dff3bf24081ff3f110c45619703129b1b3f3f8bd3e0df9da0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Last-Modified: Tue, 29 Nov 2022 16:50:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
addresseepaper.com/sfp.js
34.160.73.230429 Too Many Requests 298 B URL HTTP/1.1 addresseepaper.com/sfp.js
IP 34.160.73.230:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2d276fc22806d34e2355196fe7bea1f3
0f2c85ecd7a43e866345fd0eafe5e0fdd4aa7acf
9e522902dee04e1345219cee056a1a291ba4eca674870853ab05f3579875ff38
GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 429 Too Many Requests
Server: openresty
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Type: text/html
Content-Length: 298
ETag: "6382c3e0-12a"
Via: 1.1 google
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfd37ae2da5cc16d38d1d0ce5a3af6da
224117ab84ae9dbf57b1be06a30d21cc83dc9de8
2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5574
Cache-Control: max-age=144069
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Etag: "6385c070-117"
Expires: Thu, 01 Dec 2022 09:51:50 GMT
Last-Modified: Tue, 29 Nov 2022 08:18:56 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
172.64.132.15200 OK 79 kB URL HTTP/2 use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
IP 172.64.132.15:0
File type Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Hash 5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:41 GMT
content-type: font/woff2
content-length: 79100
x-amz-id-2: XtddmCJ6sw0+9n8661Zby1QPa94YR6r6ySUdsNrADctXdYYtnRLb/jxvpuiqdY6fRqKkDtTKOvE=
x-amz-request-id: G8JBY7JGS9QJ1KV0
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 25690
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A599VxU6J4Vcjcck7IVM318R%2FqCxWBgYdNa6p1u8WoqAffzPt13n46IQSoBOkW3Qt8GET5I1Cxb2fc%2Fe4170m%2B6ezR9TATJ3aXFXDT06TvJlFlOPui00CZZ9wg%2FZuHgX38C9sv9M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe77d4a76d7-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/1?z=5014433
139.45.197.242200 OK 6.8 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (16471)
Hash dc8df13e7d36e4b4bf4f0e612cf7d509
67c699dc4848677f5f8a088edc191f9db3c780b0
3a6611181bc3c4b7eeb8c334a47699c2a682360a8dd7e8da15e6b4080405a257
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5014433 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: 2e210efd5696ae31466e8636d2dd3b9a
Access-Control-Expose-Headers: X-Sc
X-Sc: Iei4J0Jql955IMswukesSz5CkOmW9FP7P-GKQzAK790IiNC1QNXCpBQL-bZrrOcZ_g1tA9GaBbzlzaQ84ct53ID0NZY=
Set-Cookie: scm=1; expires=Wed, 29 Nov 2023 17:50:41 GMT; secure; SameSite=None
OAID=20d6a0860b254ec6a210eaa78ab1cbc1; expires=Wed, 29 Nov 2023 17:50:41 GMT; secure; SameSite=None
oaidts=1669744241; expires=Wed, 29 Nov 2023 17:50:41 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=1276&rd=1276&fd=748&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=1276&rd=1276&fd=748&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1276&rd=1276&fd=748&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 17:50:41 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8744b420a10a2cf35bc5877b2dff9302
bf5ad501ac3e36bbed35695b59eced04d380b596
455bda3629e55c1730a67d5d82c68e4001f78f8019a755178225624e16076e80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "455BDA3629E55C1730A67D5D82C68E4001F78F8019A755178225624E16076E80"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7620
Expires: Tue, 29 Nov 2022 19:57:41 GMT
Date: Tue, 29 Nov 2022 17:50:41 GMT
Connection: keep-alive
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kCKguiIN3TbszU7y4KFiYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WkGXbiDaSvghDP9EGkG4Ee5xOLs=
cuevana3.nu/wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=ae1b2
104.21.93.38200 OK 52 kB URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=ae1b2
IP 104.21.93.38:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7f74a61cc8a39687d5a476bd1828d5e8
68a9135bd421881a82257072dc3ab1dfcdea400e
4d8d361ca22d38cdbb6d0b2c3f2c10794dfbef9bd573c30ca61a6b300e7c8b53
GET /wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=ae1b2 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:41 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 06 Dec 2022 17:50:42 GMT
last-modified: Tue, 29 Nov 2022 17:50:41 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdcsDfnqMyfmEYU3MCU1d28F0q3zNQpkcPcatg7MRZjQdlpvhVTcH55jdsV1JoIZxZ2FYJWjFGZIDdoWNLOV%2FOwfVHTIBebQ9jS6%2F2T4lgPnPJc7HL18%2B1fOKMurow%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe23e751bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 02ca4292c31c0c0caa2ed7401af8d5bd
16ced3b6956cea150f608c9848bfa2f31e0a3e18
e90eff9a37ae4b3dff3bf24081ff3f110c45619703129b1b3f3f8bd3e0df9da0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3592
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Last-Modified: Tue, 29 Nov 2022 16:50:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dfd37ae2da5cc16d38d1d0ce5a3af6da
224117ab84ae9dbf57b1be06a30d21cc83dc9de8
2f5c21e10be7edc1f944bec4d1b1036b975bcfd1cc17606fe95c2b00c9fb15e2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5574
Cache-Control: max-age=144069
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:41 GMT
Etag: "6385c070-117"
Expires: Thu, 01 Dec 2022 09:51:50 GMT
Last-Modified: Tue, 29 Nov 2022 08:18:56 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
my.rtmark.net/gid.js?userId=1e70dc40b3594555ac380f9d3c9caeb1
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=1e70dc40b3594555ac380f9d3c9caeb1
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 348e9719ac01e76e94ddacfeb250fa00
5aa935a870e816554b548c6340913add43cafe90
4e826cb65a5a28aac54ce4e123227cf35d1d64e011c6222c403fda4ccf7cc8ff
GET /gid.js?userId=1e70dc40b3594555ac380f9d3c9caeb1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:41 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:41 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 6d4aa81497d78e8890f1833dfd810f3b
1a661b0ea7a2272d32a364d110f8b2525a13a72a
c3127cd2765f7a80a75f4000fbbd0680b93a944448f0260b6c4a1dd6b041bbfa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159863
Date: Tue, 29 Nov 2022 17:50:41 GMT
Etag: "63860997-1d7"
Expires: Thu, 01 Dec 2022 14:15:04 GMT
Last-Modified: Tue, 29 Nov 2022 13:31:03 GMT
Server: ECS (nyb/1D34)
X-Cache: Miss from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CYc6YUqK3odS8gZ8_bbsPfEKrR01VoI2ySvfa8l87pKMLRmRKPEz5A==
Age: 2641
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash bb4f47b669e7b157662f7b75ae68b4de
0c84683b19aff468cd36e5751563b61dc8670de7
1903dd22314ebbf85199e5ea5f4e2e1cfd105c464701ed0706b1581150578e6e
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:41 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://cuevana3.nu
access-control-allow-credentials: true
set-cookie: uid_id2=cae22a44-7a44-4248-b188-1ed49fc6d21c:1:1; expires=Fri, 26 Nov 2032 17:50:41 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ae08e4ab68a9b974d100e32fb800900
4ce0f7cb3fe345a1e30a543b776520fe509578b2
e956d9afcbb5685fa484cd4fbb2a38dfbd84c888bec357e97c5b196d4ba4698b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E956D9AFCBB5685FA484CD4FBB2A38DFBD84C888BEC357E97C5B196D4BA4698B"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10518
Expires: Tue, 29 Nov 2022 20:46:00 GMT
Date: Tue, 29 Nov 2022 17:50:42 GMT
Connection: keep-alive
whairtoa.com/?rb=nbOtL0bd7f-AWSGe477zdXcB68W6y0x6wztEGNewez4Lw1LLtAb0JIuPGiq9pyyM4yxeBa1r4b3fuHnlBDguDMbtugXOhyILW-l9N7edHRcB927R2L1oyiZmmykgddV5iqxDSxL2c5k8dHVi9YI-VF1pn7Bi8I5LD0mDwhjITRLilOdbpCKNUpgvv40eVdBaTFlrYiciNCoJRQI2SFCMb9Hnf6kPD-ai75_P5qzzhac%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4aefd1de-13e4-499f-9594-39ed8b68d397&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
139.45.197.238200 OK 1.7 kB URL HTTP/1.1 whairtoa.com/?rb=nbOtL0bd7f-AWSGe477zdXcB68W6y0x6wztEGNewez4Lw1LLtAb0JIuPGiq9pyyM4yxeBa1r4b3fuHnlBDguDMbtugXOhyILW-l9N7edHRcB927R2L1oyiZmmykgddV5iqxDSxL2c5k8dHVi9YI-VF1pn7Bi8I5LD0mDwhjITRLilOdbpCKNUpgvv40eVdBaTFlrYiciNCoJRQI2SFCMb9Hnf6kPD-ai75_P5qzzhac%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4aefd1de-13e4-499f-9594-39ed8b68d397&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
IP 139.45.197.238:0
File type JSON data\012- , ASCII text, with very long lines (2233), with no line terminators
Hash b2093d6cd4c7c426dc25221c2e846c6f
27d385b95ab98cc3855b3e7ca9bba47c92e45623
f6d62108eec5ddb9efae94e32935c13271c11720d40e14cb8381a38d34a16120
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=nbOtL0bd7f-AWSGe477zdXcB68W6y0x6wztEGNewez4Lw1LLtAb0JIuPGiq9pyyM4yxeBa1r4b3fuHnlBDguDMbtugXOhyILW-l9N7edHRcB927R2L1oyiZmmykgddV5iqxDSxL2c5k8dHVi9YI-VF1pn7Bi8I5LD0mDwhjITRLilOdbpCKNUpgvv40eVdBaTFlrYiciNCoJRQI2SFCMb9Hnf6kPD-ai75_P5qzzhac%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=4aefd1de-13e4-499f-9594-39ed8b68d397&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 29 Nov 2022 17:50:42 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: fd241043057452a155d2413ed0b839ec
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/
syncedCookie=true; expires=Tue, 06 Dec 2022 17:50:42 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 081f27e87b02fb79b3453a116e731959
03e52819d86a0fa523e77ed24126e76e5369bd21
10283df9fce094267720532246e9d80b3c2061425f657497652e71de4c95de06
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 17:50:42 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 01:33:19 GMT
Expires: Tue, 06 Dec 2022 01:33:18 GMT
Etag: "03e52819d86a0fa523e77ed24126e76e5369bd21"
Cache-Control: max-age=545555,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 771d2fea3f78b4eb-OSL
datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
139.45.195.253200 OK 449 B URL HTTP/1.1 datatechonert.com/log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f
IP 139.45.195.253:0
Hash 41ab93def3990ec2a30e1991b690215b
a147e13e531680557ef9b74634bac655666be043
61ce0c66f2a0041ce58a3b6dade66d780bfd51876c7c9397336fc166ab0b40b6
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1
Host: datatechonert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 912
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 29 Nov 2022 17:50:42 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
banquetunarmedgrater.com/advertisers.js
192.243.61.227200 OK 1.7 kB URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash acf9b09510d9eb79a7796ff1acf0fbec
a89b368658e7e7e1f26688c4485abda53d04f210
53c2c6aab6459ffc22459d16d9278b17ddba846331a9be01dd2f13d9053c0fef
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 29 Nov 2022 17:50:42 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b7e5267c71a634394e75849c16eb01fd
Strict-Transport-Security: max-age=0; includeSubdomains
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fel-gran-gatsby%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 209
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: ff7d1c2119e47a7bbbd871671a198264
access-control-expose-headers: X-Sc
x-sc: s17WwvVS6y9PJy2W8s3RZZ0ALuOrYr5gJbYz7sPmuXumo75v3SInAM5fxzowM4ULLA4Cyg8g7sUWnMYH7ijKGBJHUeE=
set-cookie: scm=1; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo=&o=77763
142.250.74.97301 Moved Permanently 394 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo=&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash bf23615326fab0afcf9ac7b5cb4cb6d5
c222d5a6fde6ca15c1661feff8206cf85ca13ea3
c40edf85d1985398d4abe61f13959f4b9ef5975b359aa887b54d9db91b09f442
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo=&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo=&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://www.utorrent.com/
142.250.74.97301 Moved Permanently 338 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://www.utorrent.com/
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 16c55c4096c1952b241408279314389c
d98e47e7e7ed0248a89527e8c1bab4986321e208
4737e9b0b2727b3ab325915c9cafca4bf0859d01e1b3e2586227b85351ed6340
GET /s2/favicons?domain=https://www.utorrent.com/ HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 16:41:08 GMT
expires: Tue, 29 Nov 2022 18:41:08 GMT
cache-control: public, max-age=7200
age: 4174
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvMm5NaGR6OExjQm9meUc=&o=77763
142.250.74.97301 Moved Permanently 394 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvMm5NaGR6OExjQm9meUc=&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9eb13187917226c78312d08221319576
7cf8b9d491ce0ad647c7863463ad4797081a6c47
88bcc7b2624999e9ffc1032c3a8478b08828f59a46895502871b444c9f913e1d
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvMm5NaGR6OExjQm9meUc=&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvMm5NaGR6OExjQm9meUc=&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3425dad287464a3ab2f375565ef6f82f
94ebfdd730d64418e80ddb4f316cd047a14b2bea
a312e28c46a5387e937a74753dca1a79c595d9f6b8eb883b849bcbc4ecad24d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A312E28C46A5387E937A74753DCA1A79C595D9F6B8EB883B849BCBC4ECAD24D8"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4042
Expires: Tue, 29 Nov 2022 18:58:04 GMT
Date: Tue, 29 Nov 2022 17:50:42 GMT
Connection: keep-alive
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&o=77763
142.250.74.97301 Moved Permanently 414 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash f2c53d935b895cc07c8a88ad3a9d3907
206d88eb92ae8d8d501f24d288a730d5bee4c73e
e19a6571be49a30dc4db762fea9084710bd4ff59edfac4236b43747da1a58bc2
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&o=77763
142.250.74.97301 Moved Permanently 414 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 127638aa5c8a4ba32c53fa5d48837cb6
60211f65a4f8ad66ec89ac1490c9bc75e66c9e6a
892b6f490e3bf7d65ff8763ccd4dca52d9eeabe85e3265ed52b26e67205b8886
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYnBRMnpid3ZZdTFoakE=&o=77763
142.250.74.97301 Moved Permanently 394 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYnBRMnpid3ZZdTFoakE=&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash af813a47cbde14a4f1b6190f48aa1942
7cf4863329fd928c800f1565b69ea6ec0f5bbc57
987492cce3cdcc838ef3ce9e17a0de94b31328cad3a8fed7407e9f23161737da
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYnBRMnpid3ZZdTFoakE=&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvYnBRMnpid3ZZdTFoakE=&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&o=77763
142.250.74.97301 Moved Permanently 414 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&o=77763
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 71222ae5a7f67c56e8fe1e092d8d116a
b4e9aed65c86f2085f53f2f48963c99f1952ccd7
4cc8e1952fb60f2f5c1c06040ce46b5b60bcf2b89843a63cbc6dc2d27989a93a
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&o=77763 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 29 Nov 2022 18:20:42 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 79840cac9f5ae1a38c0faaaf59e7fe82
f76a3e50f566269c574e7f8904021640366dcc56
1f39ccbd6ad4a9c8fcc3e4d7d83c4c21f9e9fd9fd0d98c6b70cd1bbbdfeb7798
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
142.250.74.68200 OK 852 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash faf64e32ce748dabf3d57c6daa6a00f7
46317741e4d001feb10442fb300ac4876ac14bd9
0de27c32ce9d9a34eb1c3f57169cb4cc44869cb143a3a5c56b4ef491cd6be4d2
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 11:46:39 GMT
expires: Tue, 06 Dec 2022 11:46:39 GMT
cache-control: public, max-age=604800
last-modified: Fri, 23 Jul 2021 13:14:38 GMT
content-type: image/png
age: 21843
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&size=16
142.250.74.68200 OK 270 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9aMEpLY3pVNGJrSkhORXAwV210S0wwVjFWR05KWnowOQ==&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 06 Dec 2022 17:50:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&size=16
142.250.74.100200 OK 270 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9LM1psYzJOaldXOVJPRGRxTVZBMFprdFNWVGMyZHowOQ==&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 06 Dec 2022 17:50:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&size=16
142.250.74.132200 OK 790 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&size=16
IP 142.250.74.132:0
Hash b5c6f70338551c7de382f7bec19449ed
46e9cb0e01c838de2d9a83730af886fc079e7856
ac2814401aceb123a144ebf4083ebe64cdc304797ef398a70e2887f82d80e9fa
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9NR1JOTjI0d05WSlBiak55TUU0MmRsbEpibkYxUVQwOQ==&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Tue, 29 Nov 2022 17:50:42 GMT
expires: Tue, 06 Dec 2022 17:50:42 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 17:50:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
my.rtmark.net/gid.js?userId=6ec4d8b947c74aa1b65d376d606a5898
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=6ec4d8b947c74aa1b65d376d606a5898
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 348e9719ac01e76e94ddacfeb250fa00
5aa935a870e816554b548c6340913add43cafe90
4e826cb65a5a28aac54ce4e123227cf35d1d64e011c6222c403fda4ccf7cc8ff
GET /gid.js?userId=6ec4d8b947c74aa1b65d376d606a5898 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: ID=1e70dc40b3594555ac380f9d3c9caeb1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 079670ea961dbdab634dbf6218b08160
01fc7485370d8c6506e0cc5d1e57efc31d533d99
28525eeaccd7a0c758055844f4cec0d261b467b2bdb32586fb45492f7c104818
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28525EEACCD7A0C758055844F4CEC0D261B467B2BDB32586FB45492F7C104818"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11411
Expires: Tue, 29 Nov 2022 21:00:53 GMT
Date: Tue, 29 Nov 2022 17:50:42 GMT
Connection: keep-alive
onvictinitor.com/apu.php?zoneid=5487080
139.45.197.238200 OK 29 kB URL HTTP/2 onvictinitor.com/apu.php?zoneid=5487080
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash dd8af33f0fa3bfb66ac44d0e42a43b9e
82a7df63a1bdebb1171dc7e984a905cc525bd91e
b7afa32d0ae87ad3ef5fa5475b05276430fbb26865b10f1af7a9b1ce991ea29e
GET /apu.php?zoneid=5487080 HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/javascript
x-trace-id: c628ccb4f3475d3c83dc636f525eae75
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=b50c88c48d62437a88446bb430167277; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13512
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 17:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13512
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 17:50:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13512
Expires: Tue, 29 Nov 2022 21:35:55 GMT
Date: Tue, 29 Nov 2022 17:50:43 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cce27a1fe8c0222811a5ce0e7f89e1cb
28c165bac8cf68cd1b0763c311aece00672cb3a5
4530e34a47ef78c2c2b0d34a0511253a61f1927b192ab42f82361002ff10819e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc326607e-c0fa-4e9d-b8d4-1c9173793bed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9376
x-amzn-requestid: c52b3092-90d2-4289-b6e0-ab99c9d4710a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPmz3EVUoAMFWUw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382eb4b-39f46c89238eff696e9f2dba;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 04:44:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ofQEhaEiX1vE25a_1xHeab9Px9zgGpk8omlX_aHmLE1oN1aZTPzWxQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:09:32 GMT
age: 27671
etag: "28c165bac8cf68cd1b0763c311aece00672cb3a5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
nanouwho.com/9?z=5014433&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&wy=0&wx=0&ww=1280&wh=1024&cw=1092&wiw=1092&wih=618&wfc=1&sah=1002&drf=http%3A%2F%2Fcuevana3.nu%2F&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&wy=0&wx=0&ww=1280&wh=1024&cw=1092&wiw=1092&wih=618&wfc=1&sah=1002&drf=http%3A%2F%2Fcuevana3.nu%2F&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5014433&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&wy=0&wx=0&ww=1280&wh=1024&cw=1092&wiw=1092&wih=618&wfc=1&sah=1002&drf=http%3A%2F%2Fcuevana3.nu%2F&hil=1&ist=0&oaid=1e70dc40b3594555ac380f9d3c9caeb1 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 57
Origin: https://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: scm=1; OAID=1e70dc40b3594555ac380f9d3c9caeb1; oaidts=1669744242
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:43 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: f93e4f39ce31278b0ddfb10374c66c9d
access-control-expose-headers: X-Sc
set-cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:43 GMT; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:43 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 72229
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 823e92f62ff7b3c2093828817d7f2866
c501de9eaa581a10b0b5fce40b54bb10f57f7c29
7d89669e23682f167b2fe1eff9edc5939112ec66b6b4e6389ef8aec78ccbdfe5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3527eb28-888e-447d-90fd-1226d5b94433.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8921
x-amzn-requestid: 98baf100-c007-4c44-89aa-b9cf55fa3f94
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnwFYToAMFoWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852964-1227b5a9100c206e0c64f4b2;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ivu6pzZ6dbt3I4tuFMg4oHcuPVdyNS-F3k_lQdmKoXFkdCfSseAEwQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:55 GMT
age: 72228
etag: "c501de9eaa581a10b0b5fce40b54bb10f57f7c29"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83c1fedec73299637cc7dc47c48af758
2e3f7326aeea6be8a34bf2c39b34862c07bfdc41
1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 52352
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:49:50 GMT
age: 46853
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
whairtoa.com/5/4907445
139.45.197.238200 OK 33 kB IP 139.45.197.238:0
Hash 18d0b3f64bda9aca23feae58f238f3da
69553fea417949c9c023acc11a12ef932399d6c7
05a6878f740a94b8feaa81cf67eb4fe9d36a453d8dfbfe0988f77fd8249428ea
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4907445 HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/javascript
x-trace-id: 6171deda561ebe00b4269b2ec1566786
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=6ec4d8b947c74aa1b65d376d606a5898; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2
139.45.197.242200 OK 0 B URL HTTP/2 nanouwho.com/27/04ab1c44ee7c7870e42713e938fe14f2
IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /27/04ab1c44ee7c7870e42713e938fe14f2 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Mon, 28 Nov 2022 04:04:40 GMT
expires: Mon, 28 Dec 2082 04:04:40 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
IP 104.21.93.38:0
GET /wp-content/themes/cuevana/assets/img/latino.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 449518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4KzVJLH8wqOv4r4r%2B3BmZyRBTlRPsc%2Bb9NpiT61udW6qJLezkJ%2FxzOKpzgzTdvQMou57C%2FlIa2e%2F6vpwbENVLSaJ5PasW123ejxkhSFWkACVbAHmciq31tfVdPE0g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe20e4c1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.67.194.45200 OK 0 B IP 172.67.194.45:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:41 GMT
content-type: application/javascript
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 5651
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96ExwHdCfXTmlRauf5C2D0BihPwgSWIu%2Fj8ezWfKSVADpJOSonqpKFX1X0ET3VbA9assZ0oPbyYHbkqY4wmafzdrAMAvhllnonhhpAa4wTCASQvSLouLSj%2BKOjQcbw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 771d2fe7c93b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
nanouwho.com/1?z=5014433
139.45.197.242200 OK 0 B IP 139.45.197.242:0
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5014433 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: scm=1; OAID=1e70dc40b3594555ac380f9d3c9caeb1; oaidts=1669744242
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 3faf93665d5fe747dfb4d89b04e04894
access-control-expose-headers: X-Sc
set-cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/castellano.svg
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/castellano.svg
IP 104.21.93.38:0
GET /wp-content/themes/cuevana/assets/img/castellano.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:29:07 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 372093
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7NyRe9yYvEVmbk%2FKWwTDX5MuFj%2Fvh7GU%2BdY5N%2F7Ek4K%2F6NaBxjj0Ji5LtKrTtLCu9si4vcGCjbz%2FwT%2Fey%2FTe5eaz7e96y%2Fft85J%2FrDcNpaM%2BrU1L7Ebnxr8ZHOOAbA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe20e4e1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/ingles.svg
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/ingles.svg
IP 104.21.93.38:0
GET /wp-content/themes/cuevana/assets/img/ingles.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 17:50:40 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 449518
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36ePDLozPX5TaM5KJ6W4FXAAF3ML5y5p%2FtPUTpriEQZ%2BmEYpajkjMnyklkSy7syX9ZTnqk4CIB0DCquJkXH3EFl4ZyKHgbRoerda39lcbHniMpoUzza7vaCaEAgxSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 771d2fe21e551bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
onvictinitor.com/?rb=LjMRbcesZxPbN7xFmpHbsAb9cOlcZObXRMiM8yqcTu-LE02-O5jabYkJB_MbzDLWYy0dIJGiRL3KjBPLHmRyc8DIPmT9fr69NGgRZL-bv7soZXe4ZIvIynS2JofJ3E3sMD6oQJxTrgV71M6v-mwNfbByR41kWYOc5kF59E7Ttlqkicu6eiQKFsypltNo2NT9l0j8Hr6nD5rRiY1EDePwu5UhjQZQzzxzjGi3PlKE-mo%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=309a0e5a-49bd-4fae-8ad5-d5d8a3f4f905&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
139.45.197.238200 OK 0 B URL HTTP/2 onvictinitor.com/?rb=LjMRbcesZxPbN7xFmpHbsAb9cOlcZObXRMiM8yqcTu-LE02-O5jabYkJB_MbzDLWYy0dIJGiRL3KjBPLHmRyc8DIPmT9fr69NGgRZL-bv7soZXe4ZIvIynS2JofJ3E3sMD6oQJxTrgV71M6v-mwNfbByR41kWYOc5kF59E7Ttlqkicu6eiQKFsypltNo2NT9l0j8Hr6nD5rRiY1EDePwu5UhjQZQzzxzjGi3PlKE-mo%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=309a0e5a-49bd-4fae-8ad5-d5d8a3f4f905&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
IP 139.45.197.238:0
GET /?rb=LjMRbcesZxPbN7xFmpHbsAb9cOlcZObXRMiM8yqcTu-LE02-O5jabYkJB_MbzDLWYy0dIJGiRL3KjBPLHmRyc8DIPmT9fr69NGgRZL-bv7soZXe4ZIvIynS2JofJ3E3sMD6oQJxTrgV71M6v-mwNfbByR41kWYOc5kF59E7Ttlqkicu6eiQKFsypltNo2NT9l0j8Hr6nD5rRiY1EDePwu5UhjQZQzzxzjGi3PlKE-mo%3D&request_ab2=96002&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=309a0e5a-49bd-4fae-8ad5-d5d8a3f4f905&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana3.nu/
Origin: https://cuevana3.nu
Connection: keep-alive
Cookie: OAID=b50c88c48d62437a88446bb430167277; oaidts=1669744242
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:43 GMT
content-type: application/json
x-trace-id: 5422547cfa1649611044f2f1e6bcb246
access-control-allow-origin: https://cuevana3.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:43 GMT; path=/; secure; SameSite=None
oaidts=1669744243; expires=Wed, 29 Nov 2023 17:50:43 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 06 Dec 2022 17:50:43 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
whairtoa.com/?rb=CtWHtKKLf3FsS48Ng4mc-LgigmGZBStkY60OW4i2lap6UfPcXXBQGbY5Z4gNepBioXi5eq29lG1LxFrSlL-dxqXGWCpg76Ik-16rjUALbvmhPrFgYtEBg-4FyOWqzk6_PXEehpey6aPYJMMFK16p6h_1imsMYo1l74A5kOLlNW3mhjXteDTDBlf8Es6IqmmVnorho8BBUWOK0iF9jbmvV1ywBcJAA3TFlZjHuZDqutQ%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=87faac44-126e-40f1-acfd-62b985e643eb&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
139.45.197.238200 OK 0 B URL HTTP/2 whairtoa.com/?rb=CtWHtKKLf3FsS48Ng4mc-LgigmGZBStkY60OW4i2lap6UfPcXXBQGbY5Z4gNepBioXi5eq29lG1LxFrSlL-dxqXGWCpg76Ik-16rjUALbvmhPrFgYtEBg-4FyOWqzk6_PXEehpey6aPYJMMFK16p6h_1imsMYo1l74A5kOLlNW3mhjXteDTDBlf8Es6IqmmVnorho8BBUWOK0iF9jbmvV1ywBcJAA3TFlZjHuZDqutQ%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=87faac44-126e-40f1-acfd-62b985e643eb&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link
IP 139.45.197.238:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=CtWHtKKLf3FsS48Ng4mc-LgigmGZBStkY60OW4i2lap6UfPcXXBQGbY5Z4gNepBioXi5eq29lG1LxFrSlL-dxqXGWCpg76Ik-16rjUALbvmhPrFgYtEBg-4FyOWqzk6_PXEehpey6aPYJMMFK16p6h_1imsMYo1l74A5kOLlNW3mhjXteDTDBlf8Es6IqmmVnorho8BBUWOK0iF9jbmvV1ywBcJAA3TFlZjHuZDqutQ%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvQWQ2d2o4TWN6QUticEo%3D%26o%3D77763&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=87faac44-126e-40f1-acfd-62b985e643eb&userId=1e70dc40b3594555ac380f9d3c9caeb1&m=link HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana3.nu/
Origin: https://cuevana3.nu
Connection: keep-alive
Cookie: OAID=6ec4d8b947c74aa1b65d376d606a5898; oaidts=1669744242
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 17:50:42 GMT
content-type: application/json
x-trace-id: 1dcec00aab052cb2f57b88d211cfa671
access-control-allow-origin: https://cuevana3.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=1e70dc40b3594555ac380f9d3c9caeb1; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
oaidts=1669744242; expires=Wed, 29 Nov 2023 17:50:42 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Tue, 06 Dec 2022 17:50:42 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2