r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Wed, 21 Dec 2022 19:48:10 GMT
Date: Wed, 21 Dec 2022 15:57:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10874
Expires: Wed, 21 Dec 2022 18:58:37 GMT
Date: Wed, 21 Dec 2022 15:57:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 21 Dec 2022 15:45:56 GMT
content-type: application/json
age: 687
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f4b32de26d9af2cba6afcdcf716d3fb8
644ead4436a8f2fc1f0dd25e4484b64f6ed63347
525123034cb53d750d5ebd487015911452d2cd3c34301e6628f2f52f3f0bfc88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "525123034CB53D750D5EBD487015911452D2CD3C34301E6628F2F52F3F0BFC88"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14096
Expires: Wed, 21 Dec 2022 19:52:19 GMT
Date: Wed, 21 Dec 2022 15:57:23 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dwRMNrNLdF1Ha2Ply+G6WU+YGa2aPledOlvGNwpQAw+k0JQkY+o3TmbAScsNx5EFkc1Xb/SCCyXhaPcxaKtcNw==
x-amz-request-id: 9HW5WJR5EBAH1FCF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Dec 2022 15:29:54 GMT
age: 1649
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/peliculas-online/depredador-la-presa-online-gratis-en-cuevana/
172.67.204.56200 OK 18 kB URL HTTP/1.1 cuevana3.nu/peliculas-online/depredador-la-presa-online-gratis-en-cuevana/
IP 172.67.204.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 15d041d1f2d07e6b797b8a56b3865f3a
9988bc573763de340f24b84360045a73b1e46c0b
4a7033108c8b178bb14017d0b5f7ec02d188acbd13334b77336ecf7b54d649bf
GET /peliculas-online/depredador-la-presa-online-gratis-en-cuevana/ HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 15:57:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-dns-prefetch-control: on
x-pingback: https://cuevana3.nu/xmlrpc.php
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/", <https://cuevana3.nu/?p=86841>; rel=shortlink
x-litespeed-cache: hit
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NstpOWDoCpluMjHGsL%2FdPGzZV0TlrqRhtm0KIUC9D1XkPb0acfDsFUJ6oIx8PwwWADTCiuAf4h7WU1pzUy1rlPszRlIoeWJV3xaM2azjBFyXsu4FNSN6WCA7iP3krQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 77d1d02c78e5b518-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
IP 172.67.204.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
cf-cache-status: HIT
age: 543408
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nqla78u%2F1vKx6Soh6HkyPlfW2EG3eH%2BbZL0nSa%2FYZEdpgL2PSuLa%2Bo6fbKDFMlwDnYjzkwVxSrt%2F%2BqjGAzd4tMIGixqlzD4T6ftrNSXtVe5K8YxZEXTtaOgYwK20lw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d0307ff70afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
172.67.204.56200 OK 770 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/loading.gif
IP 172.67.204.56:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash 8ae1afcd44a2a3ea3c8f86bc74702b05
4f605e49a1ce94999619beef3f92dd923ca63b6d
561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
GET /wp-content/plugins/wp-postratings/images/loading.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/gif
content-length: 770
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 14:55:20 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 522124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=efHFQma0htrGCQ83rf7vfNu9Iy7iuFoqOBJOLMr7%2F0YzLughTRm6iyONKGOqsBarraenKvZzp7SG8jJmjY1oAIRdOaYWrcSw7V%2Bm%2FWMGNUDl047T3%2B3AUJeCn3MMyA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d0307ffa0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
172.67.204.56200 OK 523 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_on.gif
IP 172.67.204.56:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash cf853fb872bf743ae8556423ec0259ee
646fdebf47dfd354ece7ad18f6ff041059e4cd58
cbd3ada90ee6d7f06fc267fd393252b2e4e56e4d7a106ed8fcf3de8c294db136
GET /wp-content/plugins/wp-postratings/images/stars/rating_on.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/gif
content-length: 523
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 19:19:20 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 506285
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rEGdyIED0WSfssS5hueARVubURhYDugkzPLCc%2FPkhd0Anb%2BOyOxeubk%2BYXvauhy9bL3FPcjrRHIQIZ%2BsiaeN1Al%2Bk9E7njbog1cfIJZIcDpvdBB64vo9H6EDTtsLjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d0307ff80afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
172.67.204.56200 OK 326 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/images/stars/rating_off.gif
IP 172.67.204.56:0
File type GIF image data, version 89a, 12 x 12\012- data
Hash 7d99a060172d832e2a0586a9284765b7
a8db3d3a28f670f172c933d783e0865119ed54a7
b2726e47d619f403a00a7ebf8d9bf5b5b65a214d14d40eaa36cddc8163ecb38e
GET /wp-content/plugins/wp-postratings/images/stars/rating_off.gif HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/gif
content-length: 326
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 19:53:56 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 504208
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQLrr15naOGfYYtBI4v5cZlI9Iaqe%2F%2FQpHCw5e2OzTTm1MzwJyb0wr5zcdZ%2FBn%2FDmUm%2BWyJkQZ7zXVoNOA%2B5i%2FgCpKNC2EMSJPFsqMCAU%2F2Q9Na9yVE3TbbdevOOlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d0307ff90afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
172.67.204.56200 OK 4.7 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
IP 172.67.204.56:0
File type PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/png
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 543409
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=46Yf%2BN3i7vemR4OoaIo9T1PLh63JWc4ECG%2FSr0l8rKQAGMN9USG1qAGBj%2FUmVSesCnVImTibwiL1RoFv3P1HA%2BGVyb0%2Ffqfeb32BgTgtF8SbBaTiYAsgICoIuJm83g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d0307ffc0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/08/49ldE9yPMkYCrTLEpdhJgqlQXYK-200x300.jpg
172.67.204.56200 OK 12 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/08/49ldE9yPMkYCrTLEpdhJgqlQXYK-200x300.jpg
IP 172.67.204.56:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Hash d89b88840da970d175770e71b047e223
8a7a1b3fb6d1fd963396bacfeb0125c24d8596bc
260caf6c19385c5ca4f075ff9cd678623586867d003a8697d4d9ecd94e227e02
GET /wp-content/uploads/2022/08/49ldE9yPMkYCrTLEpdhJgqlQXYK-200x300.jpg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/jpeg
content-length: 12419
cache-control: public, max-age=604800
expires: Fri, 23 Dec 2022 19:13:40 GMT
last-modified: Fri, 30 Sep 2022 02:06:46 GMT
cf-cache-status: HIT
age: 420224
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0iaXKPUw0krN29Tt0UCr3tE51gAEGZQbF1JhSN46JvvhdCM%2BH1S7f%2FcIy8UwzOOHBWoWvOLNew04PfKWCvNtTn8fUt1xHiycHJcioWzhfUgi7XHIXsMMGoyb7mYQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d03088010afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
IP 69.16.175.10:0
File type ASCII text, with very long lines (32030)
Hash f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPP1jJ0GEocBCiQ3OWZhZjllMy0wOGQyLTQyOGQtYTRiZi05MmYyZDYxYmRmOGQQ+OiCoKvU+wIaBgjj2YydBiIMOTEuOTAuNDIuMTU0KNSvAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkODFhYTFiNDUtZTc5MS00MDM3LTlhMDYtMzdmOWEzYjIyNzM3GPbqASIYCAISFGNkczAxMC5zazEuaHdjZG4ubmV0.p0tflWOn4AzNHXnz/hyXVLPa7cI4Gpv0SWsIoB84eac=
x-hw: 1671638243.dop018.sk1.t,1671638243.cds238.sk1.hn,1671638243.cds010.sk1.c
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/got.png
172.67.204.56200 OK 133 kB URL HTTP/1.1 cuevana3.nu/wp-content/uploads/2022/03/got.png
IP 172.67.204.56:0
File type PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced\012- data
Size 133 kB (133044 bytes)
Hash 6d6e76818f4b8c2dee0705158aaa6085
e681d2bdc33948723ea64828dee68941dbdda191
4ad36073c73561428856b74ae6eb08ce5a845bab365e4a1602edecaa2bb6ab23
GET /wp-content/uploads/2022/03/got.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/peliculas-online/depredador-la-presa-online-gratis-en-cuevana/
HTTP/1.1 200 OK
Date: Wed, 21 Dec 2022 15:57:23 GMT
Content-Type: image/png
Content-Length: 133044
Connection: keep-alive
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
CF-Cache-Status: HIT
Age: 543408
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8E0Wvf9YVB2V%2BIltr8fJfsIciDT7xCFqzQC3JCVlGj6g72VBZHWIm6keZNH2RI4m0fayGj5c0COuTsL4%2Fk4HSDAQQIJGwYoGHlaSm8LCz7CWa4F%2FnvH8MXKBTc8t3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 77d1d0309f48b518-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d30907d8b4e8f5c7644a5f3ade244746
b4897a3b75cde46af816f8edf2ad1238739c15cf
054586891a1e335abf433826d90fae3f561874d3ae9bf27587d5706d34d1d3af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 78047f28889db00b63c6efb1c8437bb5
03b58fadb9e687e6646a217b272ecade247fa1bf
60c59869c2b3696861aa2b469589142805b6107b0f3746db2f2b7dd69b1ecebb
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:23 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
whairtoa.com/5/4907445
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (64292), with no line terminators
Hash 11ff2a76afdf05f386b1ab5a549bc403
4517e42739e6a4bca18e343dab26ab47fd02140d
b82932b0e9ff1e767af73011dde0a81e0264f3c419c43f499e312c7a4a90e413
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4907445 HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:23 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f117eaa98655cafe817a713fdd84663e
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:23 GMT; path=/
oaidts=1671638243; expires=Thu, 21 Dec 2023 15:57:23 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-209818749-2
172.217.21.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209818749-2
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 54e171d81aabcac45d8097c5ccf40448
ca6ee18fbae76f2bed33b2db971ebb7080943cae
9655c293227b99cb953f4c21c1ce1b0ad21a3ca14a627b99d9477686fb453c7f
GET /gtag/js?id=UA-209818749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Dec 2022 15:57:23 GMT
expires: Wed, 21 Dec 2022 15:57:23 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Dec 2022 15:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43570
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 859d899d982bb69df5fb16b8393fa119
580215f1d4f81cda04012c0889cfd9b18ba11863
38159dd549e94d45798b614efa5f968de7b74830c845220d1b6c1435f3940a94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1468
Cache-Control: max-age=149634
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Etag: "63a2ccaa-1d7"
Expires: Fri, 23 Dec 2022 09:31:18 GMT
Last-Modified: Wed, 21 Dec 2022 09:06:50 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d30907d8b4e8f5c7644a5f3ade244746
b4897a3b75cde46af816f8edf2ad1238739c15cf
054586891a1e335abf433826d90fae3f561874d3ae9bf27587d5706d34d1d3af
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 21 Dec 2022 15:33:24 GMT
age: 1440
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
95.101.11.115200 OK 345 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fece36f880c92cbec36e5d442f82b943
6a2af34de572aabe046e3e3f11995833d705aa54
556f58e6bfeba136ac3a4540b7095e236b4808dc014c5aefca7b557b14e8a470
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "556F58E6BFEBA136AC3A4540B7095E236B4808DC014C5AEFCA7B557B14E8A470"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4252
Expires: Wed, 21 Dec 2022 17:08:16 GMT
Date: Wed, 21 Dec 2022 15:57:24 GMT
Connection: keep-alive
omfiydlbmy.com/lv/esnk/1955965/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955965/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash 8e071b355acf972affc65c1e14d86bf3
25739150a9e599cb7e679c25558bb05acdd0507f
709b37ed5aa0a8a0210e1353628b44f8c794d06d48772e8c33337a4acb985851
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1955965/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:24 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 09:38:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a2d427-1a75a"
X-JS-AB1: var19
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
omfiydlbmy.com/lv/esnk/1955964/code.js
62.122.171.6200 OK 45 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955964/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (64945)
Hash d7e3e3052ded80a9bd1d761197188990
f137dc6498ad076f439557d9b6340457e04f4b97
9ac41671051dd353cce47d7f57c614d78d26fb351f23afb5f91fb954887db671
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1955964/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:24 GMT
Content-Type: application/javascript
Last-Modified: Wed, 21 Dec 2022 09:40:54 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a2d4a6-1aad7"
X-JS-AB1: var20
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
172.67.204.56200 OK 501 B URL HTTP/2 cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.204.56:0
Hash 03db1bd55278031d4e202c99edb551f8
0e14a88b139d5d1ad07726ff073b6ad9ffcfd02c
ff9dadd63cc60f81998c3c1c2ff37c81a701525899e585990c714bc2945f1d4b
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Sun, 13 Nov 2022 01:43:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 543409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YKO7gvffrLc3StFeZwzWgKzCXal0CTbZvSnJnJr5MCmd4NW1GCuVYhE0oKA8175Sw5JDR7Z264Gus5M6K35OpuEpMDrwcKE7hk5bS3UbCtRoud7UljP9vbkCVveKkw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d03088050afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
172.67.204.56200 OK 38 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
IP 172.67.204.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (10689), with no line terminators
Hash a2d0fecf49f9db5afe4ee87b752d1284
8eb75ac17dcc040dfda25c61b74628ffcd5bd293
47b9bd4bd39aefb1d1de685f8fbdc83b3ceaec195602d1da9977b43b78f3f9f1
GET /wp-content/themes/cuevana/assets/img/latino.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 14:55:20 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 522124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UtaOiXcY3tLcEqQUDp8RcykcIrYFry3LA7JsYVgYdHrBFXrI6PD2He4fgEluPLvnnbUXFOD3Z%2FFgllVFQ1UjWMD%2BuuB9YHODwCNM6Oq0lbzhZDWwVPfjczRkTpdTgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d03088020afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JDLrsrDQtcFAi9DidysWrw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dKVNKTNQftbJ5OAfZdeZu4vAFNM=
threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
173.233.137.44200 OK 21 kB URL HTTP/1.1 threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
IP 173.233.137.44:0
File type HTML document, ASCII text, with very long lines (60129), with no line terminators
Hash 3681913a8ccdb5a4d2a9c70a4c0c5ae2
26575371fbc500607aafd61eb5404d6c7f1a658f
c40187db8d69cd8cc77d55c0c97e5d84faac218c584f79c1051c75fa5cc87a37
GET /ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js HTTP/1.1
Host: threatenedorientalavailable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 21 Dec 2022 15:57:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9536f8df668fd6babb90dd927fe2c51e
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 97216d9347c0d3c1bab297df919688d5
61eca83749fd58d5ce753bf65419435d522c2ce5
7277b81f23f6516aa706c00202e0705421837431095d5b1f7fb0f283ab5736ff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5b61a02065766f06474648fce53e22c3
4f44f79ecbacef728182206adab682c3fe9902f3
59c16153ee6b7ffe42afa5a16468c99f019be0ec47ac498177edad480ffc3302
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5880
Cache-Control: max-age=164849
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Etag: "63a2f6dd-116"
Expires: Fri, 23 Dec 2022 13:44:53 GMT
Last-Modified: Wed, 21 Dec 2022 12:06:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.99355000%201671638040
172.67.204.56200 OK 84 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.99355000%201671638040
IP 172.67.204.56:0
File type Unicode text, UTF-8 text, with very long lines (1538)
Hash c6870f6bbd61fa08de51bd1b909f488d
603398bd80de1076441e5895527abf7d296dad3c
aaf49433ae9a2d2ca5f330e9de6fcff0245aa0f02e620eedfb2942c92bb2a593
GET /wp-content/themes/cuevana/assets/js/main.js?ver=0.99355000%201671638040 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 05:11:57 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6vLIrVFv1%2FGY49kgxh53%2B65urNqOjkqvQkOz5fXohVXEJVaKJ07xj7TeFd6QV6RTjSDSMN%2BhnGN7PppplJxbZOkrW3O6N8L0%2F8FMpArpIPclrzxNmosJ2io5G2mx4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d0307ff50afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 5b61a02065766f06474648fce53e22c3
4f44f79ecbacef728182206adab682c3fe9902f3
59c16153ee6b7ffe42afa5a16468c99f019be0ec47ac498177edad480ffc3302
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5880
Cache-Control: max-age=164849
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Etag: "63a2f6dd-116"
Expires: Fri, 23 Dec 2022 13:44:53 GMT
Last-Modified: Wed, 21 Dec 2022 12:06:53 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4a04e9f03228bbe6d343e3e66a44d462
5af77c662e1783844d899f7ecadb23611df6e1af
aeca834b24dd5a208afc85fa5ee8e70b6035a5a6647163edab2d239665eb74b8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 276569e720bad12bf56aa27d65ab1a45
07586e8af42083adaf9e8b8f355e002f7764c68d
e4a0bb2006e4a9e13bd41765b247de4afba35f8cf8b16445c4c0cc8378cafcc6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=168466
Date: Wed, 21 Dec 2022 15:57:24 GMT
Etag: "63a30a99-1d7"
Expires: Fri, 23 Dec 2022 14:45:10 GMT
Last-Modified: Wed, 21 Dec 2022 13:31:05 GMT
Server: ECS (nyb/1D08)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GZ9eB4Y0t3JLtTYm8ZzmeK8Jlc_9pM53qTLUeoggRMkI2Z3mKsdKbg==
Age: 4445
nanouwho.com/1?z=5014433
139.45.197.242200 OK 6.8 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (16471)
Hash 4bae374eb13543c4418f37cd36f28a91
278a22e5a1658744079e8420dd3480ff33b65eee
a06a117f67a7fb1d819b8a3d2b058a4c2ba069e708add8179206e91aa7749e4a
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5014433 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:24 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: 5d843091c56c46d8534bf4f1407dc9a2
Access-Control-Expose-Headers: X-Sc
X-Sc: xMhWpMO__-yte3hROEIwgC0MovTUXnaApOvmoJLnnxA27xahFunCxgWz4k9I-6-jWWb_ZIH5L5XPTyDZO-tZegy5CSs=
Set-Cookie: scm=1; expires=Thu, 21 Dec 2023 15:57:24 GMT; secure; SameSite=None
OAID=799a058491fc4dc69246dfaaf633f614; expires=Thu, 21 Dec 2023 15:57:24 GMT; secure; SameSite=None
oaidts=1671638244; expires=Thu, 21 Dec 2023 15:57:24 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash db12c305e68ba8457ce5eea61ae2e713
b2d7468c394a7fa6f2dbec852357e8fa939a603c
9ec629f8feea19c4999d0fafd3bbc52e7a375b78f1285ab22df8bfdfee5c7e7a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9EC629F8FEEA19C4999D0FAFD3BBC52E7A375B78F1285AB22DF8BFDFEE5C7E7A"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17606
Expires: Wed, 21 Dec 2022 20:50:50 GMT
Date: Wed, 21 Dec 2022 15:57:24 GMT
Connection: keep-alive
simplewebanalysis.com/stats
3.71.139.39200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 3.71.139.39:0
File type ASCII text, with no line terminators
Hash 54f70d187448c60e3fbbfc7526735d48
bcd5b66755babbe35bb4a20a9357736cbdd31c8d
cc4b986ab48283bc52cca4ddb1b091171390db4a1267b477d8e0e49172ef4b1a
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://cuevana3.nu
access-control-allow-credentials: true
set-cookie: uid_id2=aa5dc3d1-af4c-4688-9d5f-0c5a24380dbe:1:1; expires=Sat, 18 Dec 2032 15:57:24 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=5eabb90206fd4573baaba502ae73417b
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=5eabb90206fd4573baaba502ae73417b
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash f1a295a6ffc19b91cf66bdcb50b9a287
8d6094e971f97e401d76b9f9a58e6b70e078e71c
140b1b1cbc44267047242fc20fd0ff4126f68117a4cb8f2c7be355be152857b8
GET /gid.js?userId=5eabb90206fd4573baaba502ae73417b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:24 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/ingles.svg
172.67.204.56200 OK 31 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/ingles.svg
IP 172.67.204.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5704), with no line terminators
Hash 587994a3c852b12e244dc18151f8eb8d
6a0ac99608882d6d196f99115e0935ef03f7a9bd
b7d938a16df72fb0c114067739a2a9a2ed388b03e85cf494995c30f1e1b2f51f
GET /wp-content/themes/cuevana/assets/img/ingles.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 14:55:20 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 522124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOlHk2Cf46ziJHWhgAXiOUaSLossg4iSFnGKhK3zzBWnW%2Fh6Kx%2FXHTG1%2BJeDyHOkUrXf3no1mD9hcRnclNOSOS24CxKxoltWmdJMcbFMKk3EcwufMU9%2B71utaOLTpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d03088030afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash c802989c57820295e73e6bdf5558b546
fbf95a229f933a0e55d8d142dc1c4a95b80bcba5
3c34b10b915f69bfc896c9f0671efa89c653ea4f274ad922a72632775548a938
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C34B10B915F69BFC896C9F0671EFA89C653EA4F274AD922A72632775548A938"
Last-Modified: Mon, 19 Dec 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=104
Expires: Wed, 21 Dec 2022 15:59:09 GMT
Date: Wed, 21 Dec 2022 15:57:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c14eaa18a58422d4894245bb7d362bd8
df9f8bf6eb43802c901e88c886909f34fc886832
a8a90858e8db5b1247853e37c15e2aac3239c7e9aba5fda8f8465b89ad108efe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6284
Cache-Control: max-age=95034
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Etag: "63a1e493-118"
Expires: Thu, 22 Dec 2022 18:21:19 GMT
Last-Modified: Tue, 20 Dec 2022 16:36:35 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_clkf7xvvve4kyyfshy45ao&nojs=0&ix=0&abvar=19&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205777229635211
62.122.171.6200 OK 1.2 kB URL HTTP/2 omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_clkf7xvvve4kyyfshy45ao&nojs=0&ix=0&abvar=19&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205777229635211
IP 62.122.171.6:0
Hash d2320ab26b447fc81bbe1f31ed70cb62
35e0d093c82aff8e6e21c25ec2e31726a0fd5509
e270f2cb218e14e58439259143122ebd94fe73c8a3ef1ca90baef93209d60021
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955965?zoneid=1955965&jp=_clkf7xvvve4kyyfshy45ao&nojs=0&ix=0&abvar=19&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3205777229635211 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212211057131e397976e84601b6310d477c; Path=/; Expires=Thu, 21 Dec 2023 15:57:24 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/331/f6d/d17/331f6dd17192b5bfa089dcf03f35c71470833e9f.png
104.22.14.198200 OK 105 kB URL HTTP/2 cdn.bncloudfl.com/bn/331/f6d/d17/331f6dd17192b5bfa089dcf03f35c71470833e9f.png
IP 104.22.14.198:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 105 kB (105318 bytes)
Hash 24ddd1c3a937b433356dde15dbe1cbaf
b259b40f1b39c10f538481ababd3e2ae454bd9f8
2a3b8b7f243c8202a2a3a7887d5541df89915d51637ec6b1de85667c859fbfa3
GET /bn/331/f6d/d17/331f6dd17192b5bfa089dcf03f35c71470833e9f.png HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/webp
content-length: 105318
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=171026
content-disposition: inline; filename="331f6dd17192b5bfa089dcf03f35c71470833e9f.webp"
etag: 5956d8dcb2ed3256e4f1ce1e6acbd8ce
expires: Fri, 23 Dec 2022 08:42:47 GMT
last-modified: Thu, 04 Feb 2021 15:38:34 GMT
vary: Accept
x-openstack-request-id: tx1b3d16644a6848cdb89f1-0061b08775
x-proxy-cache: HIT
x-timestamp: 1612453113.91599
x-trans-id: tx1b3d16644a6848cdb89f1-0061b08775
cf-cache-status: HIT
age: 26078
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 77d1d037e91e1c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c14eaa18a58422d4894245bb7d362bd8
df9f8bf6eb43802c901e88c886909f34fc886832
a8a90858e8db5b1247853e37c15e2aac3239c7e9aba5fda8f8465b89ad108efe
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6284
Cache-Control: max-age=95034
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Etag: "63a1e493-118"
Expires: Thu, 22 Dec 2022 18:21:19 GMT
Last-Modified: Tue, 20 Dec 2022 16:36:35 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 280
urimnugocfr.com/solid.gif?z=1955969&abvar=21
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=21
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=21 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 972666cfe4392a3e5fb1c3e42512f0cc
259ccb782f64d7456b1bad968571c521324d6aea
91150d6ed15c0517c627a2193e3801722c380096d98584a271dbb1e830024baf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91150D6ED15C0517C627A2193E3801722C380096D98584A271DBB1E830024BAF"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17774
Expires: Wed, 21 Dec 2022 20:53:39 GMT
Date: Wed, 21 Dec 2022 15:57:25 GMT
Connection: keep-alive
urimnugocfr.com/solid.gif?z=1955969&abvar=21
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=21
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=21 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/chicken.gif?z=1955965&pb=2928ad222170fb94876a85991e83937c1671645444&psp=MbKfabhG5bOktQOLBM_cNqeOpGZRu5yOasSvH70q61Cr_ByfNvwXNn5FMNClLs2wQJkW8pRANYJTOvjVSbuG_slxKgkIkm2_rPj9ZrR7hZw4O2ONADBg6fS38A1WiQT9YOtETlLNM0U69XKyOHlx-KZkIMeYi-j3oTXUuQO7FyHZFtC7Pfo__eovVOMzB47VtaehbXbLD8v7jYtJHrGS4hrTDkSOBTaxCKgifYrFQjHGP-Jr5MZaoJMhTIIKCYvv_pwCkUQvkKGpKMe4Jac6KPgbu74wQZof1_i-f7Ukqo-wZUBavTgTZSrwIQee6iC7ARPT8fb_2vq0CfMc9yIg2_4NC8fdhayabZZB-eUVYaLODvQdRYIPmFQiGJDOTTmxDXerLkEk7GfNGZQ6hCqLdli9_rsRBPHvU2MGtHcHuqZrTvO2bdmQ3u2sMXggC2xr_cVQOAtoaQ_djtbhaSUDKJDKCLE-eR49lzNd0m7VDyIu&abvar=19&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955965&pb=2928ad222170fb94876a85991e83937c1671645444&psp=MbKfabhG5bOktQOLBM_cNqeOpGZRu5yOasSvH70q61Cr_ByfNvwXNn5FMNClLs2wQJkW8pRANYJTOvjVSbuG_slxKgkIkm2_rPj9ZrR7hZw4O2ONADBg6fS38A1WiQT9YOtETlLNM0U69XKyOHlx-KZkIMeYi-j3oTXUuQO7FyHZFtC7Pfo__eovVOMzB47VtaehbXbLD8v7jYtJHrGS4hrTDkSOBTaxCKgifYrFQjHGP-Jr5MZaoJMhTIIKCYvv_pwCkUQvkKGpKMe4Jac6KPgbu74wQZof1_i-f7Ukqo-wZUBavTgTZSrwIQee6iC7ARPT8fb_2vq0CfMc9yIg2_4NC8fdhayabZZB-eUVYaLODvQdRYIPmFQiGJDOTTmxDXerLkEk7GfNGZQ6hCqLdli9_rsRBPHvU2MGtHcHuqZrTvO2bdmQ3u2sMXggC2xr_cVQOAtoaQ_djtbhaSUDKJDKCLE-eR49lzNd0m7VDyIu&abvar=19&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955965&pb=2928ad222170fb94876a85991e83937c1671645444&psp=MbKfabhG5bOktQOLBM_cNqeOpGZRu5yOasSvH70q61Cr_ByfNvwXNn5FMNClLs2wQJkW8pRANYJTOvjVSbuG_slxKgkIkm2_rPj9ZrR7hZw4O2ONADBg6fS38A1WiQT9YOtETlLNM0U69XKyOHlx-KZkIMeYi-j3oTXUuQO7FyHZFtC7Pfo__eovVOMzB47VtaehbXbLD8v7jYtJHrGS4hrTDkSOBTaxCKgifYrFQjHGP-Jr5MZaoJMhTIIKCYvv_pwCkUQvkKGpKMe4Jac6KPgbu74wQZof1_i-f7Ukqo-wZUBavTgTZSrwIQee6iC7ARPT8fb_2vq0CfMc9yIg2_4NC8fdhayabZZB-eUVYaLODvQdRYIPmFQiGJDOTTmxDXerLkEk7GfNGZQ6hCqLdli9_rsRBPHvU2MGtHcHuqZrTvO2bdmQ3u2sMXggC2xr_cVQOAtoaQ_djtbhaSUDKJDKCLE-eR49lzNd0m7VDyIu&abvar=19&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212211057131e397976e84601b6310d477c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABslmQAAAAAAAAAB; Path=/; Expires=Fri, 20 Jan 2023 15:57:25 GMT; Secure; SameSite=None
OACIBLOCK=ABslmQAAAABjopLQ; Path=/; Expires=Fri, 20 Jan 2023 15:57:25 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Thu, 22 Dec 2022 15:57:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/chicken.gif?z=1955964&pb=2928ad222170fb94876a85991e83937c1671645444&psp=HeGoNZLIoZFCVTUpmmpASSLbZjE8o9KGaTyusf8-1N190Dc-64QQBUA2OF3B8J7QOCQskJhVLrXvNgyt6wwfXaBikGe9BkG3A3iSOI0HFCjhq2rJIt-h-amlimWBl46Nxa6zfXRoHrpvnMOcqk8IKHR1CVtHCy7ghdkVe6y1mGRdoY1vDpmXs5tb9lk0SimdSzWa1NMvwXd903Dkd6PTr0e4sYsBZjLsglvqsLozxtSjVKN5s3kitWO4CqPV7r16pzdImSgGjIZrh_Ud818AATp5jPocPaUoCiCPPSul8UUpm8DYp5bv_O6KC9vtOSSd5ndH8Y-41SODtMlSpXufED6-TNuEBlT_v5zjydyiYC7oJfQCK8LksNzYfSgzjRSmdC0y6weSDhQ3LYAoJv-y7JqFvYIitY-_vfL_VrpzqjaQhUfyJn5haEbYz2SybtcGT4ckZTHlpaUUfQeabnaWGarWfM2zZ1T_YEmAJy0w9ANZ2hhSniAHyTHfNvDWU4_5_mP-XwRjeUaS_556FeT6y7N5no5O8gZIUngwY3mJOwlJeDBvyRoKKyXdRw2jCagUzfx7NoqyumM=&abvar=20&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955964&pb=2928ad222170fb94876a85991e83937c1671645444&psp=HeGoNZLIoZFCVTUpmmpASSLbZjE8o9KGaTyusf8-1N190Dc-64QQBUA2OF3B8J7QOCQskJhVLrXvNgyt6wwfXaBikGe9BkG3A3iSOI0HFCjhq2rJIt-h-amlimWBl46Nxa6zfXRoHrpvnMOcqk8IKHR1CVtHCy7ghdkVe6y1mGRdoY1vDpmXs5tb9lk0SimdSzWa1NMvwXd903Dkd6PTr0e4sYsBZjLsglvqsLozxtSjVKN5s3kitWO4CqPV7r16pzdImSgGjIZrh_Ud818AATp5jPocPaUoCiCPPSul8UUpm8DYp5bv_O6KC9vtOSSd5ndH8Y-41SODtMlSpXufED6-TNuEBlT_v5zjydyiYC7oJfQCK8LksNzYfSgzjRSmdC0y6weSDhQ3LYAoJv-y7JqFvYIitY-_vfL_VrpzqjaQhUfyJn5haEbYz2SybtcGT4ckZTHlpaUUfQeabnaWGarWfM2zZ1T_YEmAJy0w9ANZ2hhSniAHyTHfNvDWU4_5_mP-XwRjeUaS_556FeT6y7N5no5O8gZIUngwY3mJOwlJeDBvyRoKKyXdRw2jCagUzfx7NoqyumM=&abvar=20&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955964&pb=2928ad222170fb94876a85991e83937c1671645444&psp=HeGoNZLIoZFCVTUpmmpASSLbZjE8o9KGaTyusf8-1N190Dc-64QQBUA2OF3B8J7QOCQskJhVLrXvNgyt6wwfXaBikGe9BkG3A3iSOI0HFCjhq2rJIt-h-amlimWBl46Nxa6zfXRoHrpvnMOcqk8IKHR1CVtHCy7ghdkVe6y1mGRdoY1vDpmXs5tb9lk0SimdSzWa1NMvwXd903Dkd6PTr0e4sYsBZjLsglvqsLozxtSjVKN5s3kitWO4CqPV7r16pzdImSgGjIZrh_Ud818AATp5jPocPaUoCiCPPSul8UUpm8DYp5bv_O6KC9vtOSSd5ndH8Y-41SODtMlSpXufED6-TNuEBlT_v5zjydyiYC7oJfQCK8LksNzYfSgzjRSmdC0y6weSDhQ3LYAoJv-y7JqFvYIitY-_vfL_VrpzqjaQhUfyJn5haEbYz2SybtcGT4ckZTHlpaUUfQeabnaWGarWfM2zZ1T_YEmAJy0w9ANZ2hhSniAHyTHfNvDWU4_5_mP-XwRjeUaS_556FeT6y7N5no5O8gZIUngwY3mJOwlJeDBvyRoKKyXdRw2jCagUzfx7NoqyumM=&abvar=20&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212211057131e397976e84601b6310d477c
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Thu, 22 Dec 2022 15:57:25 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w1280//keBPoGFL8iTJWvJ28CqaGYR92BX.jpg
89.187.169.47200 OK 23 kB URL HTTP/2 image.tmdb.org/t/p/w1280//keBPoGFL8iTJWvJ28CqaGYR92BX.jpg
IP 89.187.169.47:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Hash d2a5549779a06f0dd1db426f810d0d27
a601ce71eaad0e039b5d20754647924aabc44b08
2bd1d9cd15194eca470aba1d2a1abdb5038cb444d20d10a0b0b195e1d8a748d8
GET /t/p/w1280//keBPoGFL8iTJWvJ28CqaGYR92BX.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: image/jpeg
content-length: 23398
server: BunnyCDN-DE1-756
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31919000
etag: "62af6fd0-5b66"
last-modified: Sun, 19 Jun 2022 18:49:52 GMT
cdn-storageserver: NY-266
cdn-requestpullsuccess: True
cdn-fileserver: 262
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/19/2022 14:25:15
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: a2ce1fb212fca0dda7f426fcdedeaef6
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.99355000%201671638040
172.67.204.56200 OK 15 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.99355000%201671638040
IP 172.67.204.56:0
File type ASCII text, with very long lines (44174)
Hash 395de94767f4f4f5c124418a8438fcb7
57fa566ef3104f64c97301c9b7e5b385f2b3bc81
3480fcc38cbf589c5ab911404415b03da38d6257244a463579cc097597956b60
GET /wp-content/themes/cuevana/assets/js/b.js?ver=0.99355000%201671638040 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 05:11:57 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DmgPuKdaMb9EYErUNBhM1M9UFaAIqn66Myyk0w29VAzx6zLvhsR%2FKutKHbN7K4rEXhZy1JrP5NzKWtWUtg3QiLo3IoH7NP0P9vWySlrQdvX1J7jIfGcd6oqqagIMBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d0307ff40afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
whairtoa.com/?rb=vzbTwxkKRlPhT5rdeJhF4-BhmHj2Cntk96zeyvYe7hku2L0Jnb1PkO206fPo2dUsvts7RrD6dee4WSdzhOk0FEtC2HR1M50Tj_FTqoXoR9fglR0nFvHUgYGkRjZXLm6QTVNU1XFK3efhFIUxWNLae5dOy1RI0NIRf5PJ4xyD-TScc_OVE-aiQc-6L-UJaRA_H8pkBcD8Bw9gZ0ybWnpi6kDiGccK_KtU78tBf-fWxOM%3D&request_ab2=96002&zoneid=4907445&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=7&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=12c8738a-eff7-4323-b041-8e84abe98073&userId=5eabb90206fd4573baaba502ae73417b&m=link
139.45.197.238200 OK 1.4 kB URL HTTP/1.1 whairtoa.com/?rb=vzbTwxkKRlPhT5rdeJhF4-BhmHj2Cntk96zeyvYe7hku2L0Jnb1PkO206fPo2dUsvts7RrD6dee4WSdzhOk0FEtC2HR1M50Tj_FTqoXoR9fglR0nFvHUgYGkRjZXLm6QTVNU1XFK3efhFIUxWNLae5dOy1RI0NIRf5PJ4xyD-TScc_OVE-aiQc-6L-UJaRA_H8pkBcD8Bw9gZ0ybWnpi6kDiGccK_KtU78tBf-fWxOM%3D&request_ab2=96002&zoneid=4907445&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=7&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=12c8738a-eff7-4323-b041-8e84abe98073&userId=5eabb90206fd4573baaba502ae73417b&m=link
IP 139.45.197.238:0
File type JSON data\012- , ASCII text, with very long lines (1879), with no line terminators
Hash bfa2d98b4fe23f5a0fb8b1fef0e7789d
7b89f01da9902b9945f60c38a4e979667e20338a
43277590ddbdb9ecbf3428510c6c1d32f3bef3f9da0af3bdb74f7a145df3dd77
Analyzer Verdict Alert quad9 Sinkholed
GET /?rb=vzbTwxkKRlPhT5rdeJhF4-BhmHj2Cntk96zeyvYe7hku2L0Jnb1PkO206fPo2dUsvts7RrD6dee4WSdzhOk0FEtC2HR1M50Tj_FTqoXoR9fglR0nFvHUgYGkRjZXLm6QTVNU1XFK3efhFIUxWNLae5dOy1RI0NIRf5PJ4xyD-TScc_OVE-aiQc-6L-UJaRA_H8pkBcD8Bw9gZ0ybWnpi6kDiGccK_KtU78tBf-fWxOM%3D&request_ab2=96002&zoneid=4907445&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=7&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=12c8738a-eff7-4323-b041-8e84abe98073&userId=5eabb90206fd4573baaba502ae73417b&m=link HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: c4cd78fcba5ba51e2ecf2d4466ebb5b0
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:25 GMT; path=/
oaidts=1671638245; expires=Thu, 21 Dec 2023 15:57:25 GMT; path=/
syncedCookie=true; expires=Wed, 28 Dec 2022 15:57:25 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
onvictinitor.com/?rb=bgsYG2_cgYFeLZ-UK353Qq5huPDKXx9pi0qk3mBS6Xy8UdU84QvQ_28rGVF7Akj4pNVi1t10VDLiQES5EmIvBea9WgEMSgczgdsf08g1PK7Z_vmEDNspqKNtBOuCxtwKEtBQlUguFbKKgLWQ6q9T1mqE0ht5TtSZGKfQwzSRDt3qLXBDINO_Qou1mg-rBaJYMv8MIy6sk_JNgpjRJIUDsFlakA6iCVFX_Zun1z8X5g0%3D&request_ab2=96001&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=472b8a94-3fe1-4981-aa89-c032e0f3eede&userId=5eabb90206fd4573baaba502ae73417b&m=link
139.45.197.238200 OK 1.5 kB URL HTTP/1.1 onvictinitor.com/?rb=bgsYG2_cgYFeLZ-UK353Qq5huPDKXx9pi0qk3mBS6Xy8UdU84QvQ_28rGVF7Akj4pNVi1t10VDLiQES5EmIvBea9WgEMSgczgdsf08g1PK7Z_vmEDNspqKNtBOuCxtwKEtBQlUguFbKKgLWQ6q9T1mqE0ht5TtSZGKfQwzSRDt3qLXBDINO_Qou1mg-rBaJYMv8MIy6sk_JNgpjRJIUDsFlakA6iCVFX_Zun1z8X5g0%3D&request_ab2=96001&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=472b8a94-3fe1-4981-aa89-c032e0f3eede&userId=5eabb90206fd4573baaba502ae73417b&m=link
IP 139.45.197.238:0
File type JSON data\012- , ASCII text, with very long lines (1887), with no line terminators
Hash 2aa3e8b1eaf1ad5fbf713fa05995f350
01bb437831a729ef5308a26246bc07ae95ee5750
05b410f8af970078b4b606e033dc73c70753032f63797a9d18c8b1f4aa7eca87
GET /?rb=bgsYG2_cgYFeLZ-UK353Qq5huPDKXx9pi0qk3mBS6Xy8UdU84QvQ_28rGVF7Akj4pNVi1t10VDLiQES5EmIvBea9WgEMSgczgdsf08g1PK7Z_vmEDNspqKNtBOuCxtwKEtBQlUguFbKKgLWQ6q9T1mqE0ht5TtSZGKfQwzSRDt3qLXBDINO_Qou1mg-rBaJYMv8MIy6sk_JNgpjRJIUDsFlakA6iCVFX_Zun1z8X5g0%3D&request_ab2=96001&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=9&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=472b8a94-3fe1-4981-aa89-c032e0f3eede&userId=5eabb90206fd4573baaba502ae73417b&m=link HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 15:57:25 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 1b04253d26090683b3855e288de593de
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:25 GMT; path=/
oaidts=1671638245; expires=Thu, 21 Dec 2023 15:57:25 GMT; path=/
syncedCookie=true; expires=Wed, 28 Dec 2022 15:57:25 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP 142.250.74.131:0
Hash d531716ccdb4df2f3c08a81b5e1cce74
d16fa59944f0edbb0f09dc234f7e79299bababf4
6d87039b6c52130d13bb536a8511313e4b43c79cd55f1bdd5cd8f4c82a1d80f8
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2212211057512a9607f4dc429a9ec3382bcc; Path=/; Expires=Thu, 21 Dec 2023 15:57:25 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cuevana3.plus/perversas.jpg
172.67.188.226301 Moved Permanently 7 B URL HTTP/2 cuevana3.plus/perversas.jpg
IP 172.67.188.226:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /perversas.jpg HTTP/1.1
Host: cuevana3.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Wed, 21 Dec 2022 15:57:24 GMT
location: https://cuevana3.nu/perversas.jpg
cache-control: max-age=3600
expires: Wed, 21 Dec 2022 16:57:24 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUG%2FYpMIXzs0DC2F3vkINbbuLZ5%2F6jTNjMljs3pvfxTzLD6eyZ0bDLj6yQHLM%2B1Bm0pfZjHOLGhFlRh%2BtqrKUxCwUPP8yQc%2FfdYeUGi2DVswH74MqMgMWHoeogvupK1E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d031dcc3b4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=2212211057ad3b9af82a7040c5afc55764d3; Path=/; Expires=Thu, 21 Dec 2023 15:57:25 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.61.227200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Wed, 21 Dec 2022 15:57:25 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 088bb95306f101ed1f30a7dc8d63ffa9
Strict-Transport-Security: max-age=0; includeSubdomains
limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=2212211057512a9607f4dc429a9ec3382bcc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=bYt6q8DllvwWUd0yOrW_KANJ_Jdn1mwaEGvItYL4vQVdphMTLP6efOrf8nkO9xzMk-LG5Z0W4Rxg0drco5cJAme45eFCPpM6xQWbJ2aJ_8FKLroS0CWnKhV2463BIA3I4huf1Ei1Wn4wdQVnCtL6Ez6GdThSzoF-zI4LX9xle_VK4edp_iSkrqYU8AvYmPGnMQmxLmBKQ1C203cJX5fCdfMpQSIMy8B0i22KPF7guO8AkuJCO2syKve-8fBQReK370Dez95adaE66hvnvl7fcVq2cZSq2lNsY6exVAH_KNpbOUwzLVktn9faom_RVgcdA0g2eR-QJtB8WzzYtHIXcCTrHoqG8CPEXNYS9hqrHDNLrDSnD31uefLjjly7MuF01TawWrIJgEx-boSTEn-KnfdyzgHgXuV9XCsjR3PGvhXiSHM-RXzxfg8Ybqu_cYmZSbhyz0olPLK5X0GbTPeQxq-yKS9S7QigABdMh8rk8yQiPkMu-68uBsGX7bjkP3aqOgxB1HkfI3OYHBWrnq5CLUEV-6VD3iOlnrMa0GReMg-njHGOBOO_ErNtGuVDFWpZV20Gi6Pdr400MmHhppJaskuCj3BmJBaUV4_0w6r0NVxJlJAEOhHLjToRqjSO9QGUKvZztUrvzly_KDEjntRPEWm9_LfntDyY1anYw8eWaUHqW3WhkAAkGd7No5zV6AtbQrRIw-_T6zgY0r84FY18w_ddbo5PM0NIhNX6sVa50v0DMA9dz9pyQ7PQoPys0zYHYNdLty53hiPOJlv9rM3wXh691Dozki1rpMRT4rEw4M90XCK81q-x1XZ7MsymPCka5XlGm_tJ3Uel&cb=_clb1mradqyo4rnlh2te897&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=2212211057ad3b9af82a7040c5afc55764d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clkz2zifh11lvg4mjmbpb4&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6302001973543992
62.122.171.6200 OK 1.6 kB URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clkz2zifh11lvg4mjmbpb4&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6302001973543992
IP 62.122.171.6:0
File type ASCII text, with very long lines (3844), with no line terminators
Hash 0cd01f261b5b19c6fa66f2507eb23282
e99574839f7929887333a1dcc7e21da7c45c7422
3ca7d305be4665ef50df43d1949926792a7dc523faba5ece0977feab0a733de7
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_clkz2zifh11lvg4mjmbpb4&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=6302001973543992 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221221105703917a6f26cd438fa998e60887; Path=/; Expires=Thu, 21 Dec 2023 15:57:25 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=5eabb90206fd4573baaba502ae73417b
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=5eabb90206fd4573baaba502ae73417b
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fdepredador-la-presa-online-gratis-en-cuevana%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=9&sah=1002&drf=&hil=1&ist=0&oaid=5eabb90206fd4573baaba502ae73417b HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 233
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 155db1a42ddcddf88b594726ca29d1ac
access-control-expose-headers: X-Sc
x-sc: 9G4G_ev-xC7xTglOLPdznD6NiSfLoOqewoSYyRrTKKP2QzqJw_uijwLWc8MRetHFZPLfllBERZJC2wtyPNZlDC5Gx4A=
set-cookie: scm=1; expires=Thu, 21 Dec 2023 15:57:25 GMT; secure; SameSite=None
OAID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:25 GMT; secure; SameSite=None
oaidts=1671638245; expires=Thu, 21 Dec 2023 15:57:25 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&o=86841
172.217.21.161301 Moved Permanently 490 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&o=86841
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (313), with CRLF, LF line terminators
Hash 299384a3e780afdedf9d998401961141
9c68d31799644047311cdb811a12b74da19028d9
4ca1c15d2eb05246de07e5e446b1e4d5050dadc576e3648a9a5dca14f315662e
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&o=86841 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 490
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://www.utorrent.com/
172.217.21.161301 Moved Permanently 338 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://www.utorrent.com/
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash da4fce3ead4eeb5c83eca89f2f94cdd2
ccc705f5eee4413c268ee0bc93df60fecb48a306
3a50dc0dc0f88fd1f7fbfe833be8f25de308e420a409dba4c1eb96b56fecbc50
GET /s2/favicons?domain=https://www.utorrent.com/ HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 338
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/UKcAiSIR
172.217.21.161301 Moved Permanently 342 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/UKcAiSIR
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a5ee734960013aa204c793a318dce153
ce2cda8235d30fd1b23ff75d8915a8d74a88dcf4
42bcd5fdcaab5f15f251f3ed5726bc41191e497f4dbdbc521a159950564d925c
GET /s2/favicons?domain=https://mega.nz/file/UKcAiSIR HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/UKcAiSIR&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt
172.217.21.161301 Moved Permanently 404 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 6cd7e7d8c8f9e71e6e712e8dfaf290f7
b1ca812099b942ba16856037eba6510dbe52f0a0
647379ceca6e7a022b94d4b25f1c579f3133266cf50c8c3fa1e76d2f8ac6a880
GET /s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 404
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://1fichier.com/?7r2zbfp2ax57v1ex89fb
172.217.21.161301 Moved Permanently 355 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://1fichier.com/?7r2zbfp2ax57v1ex89fb
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash e0baee9e389c9d96675592ca63feba67
ff2f43aaf5edc70a943ab65fbe085c8f4853e727
05618969029d234fd9e7286a23f426853ecb6b6f1c95e1d8aed63962ec5b83fd
GET /s2/favicons?domain=https://1fichier.com/?7r2zbfp2ax57v1ex89fb HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?7r2zbfp2ax57v1ex89fb&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 355
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/p3b2av6afwxs
172.217.21.161301 Moved Permanently 345 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/p3b2av6afwxs
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash fce03feb870aeaa8da84d8cddf6f65c8
c21e54117956301472e71a4f68c2b8a9cf74155c
ed78e19651c9c437b2e6fa06b1bb753058f33aca44079277936c81395871e6a6
GET /s2/favicons?domain=https://uptobox.com/p3b2av6afwxs HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/p3b2av6afwxs&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt
172.217.21.161301 Moved Permanently 403 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 7f011fd95090a869db745121ec8d85bb
ae06faea184ca45295b917492a1710fb24dcea60
f091689c98273e2f2af212e49630b851b33ae8e7cc7e28ab2e703929e2ef111b
GET /s2/favicons?domain=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 403
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvMkJObFRtVTBwVExU&o=86841
172.217.21.161301 Moved Permanently 386 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvMkJObFRtVTBwVExU&o=86841
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash dbae9e6e984f83ef3d69517eddae8e6f
20bbe21b04323efe1c7ef84dcbcf10cdf3f607df
763921e080b398de04ad735b47bf837eb7e36d176f42240c4cbd98c8d1ae6efc
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvMkJObFRtVTBwVExU&o=86841 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvMkJObFRtVTBwVExU&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
172.217.21.161301 Moved Permanently 446 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash b49007352221aeaab8c7c74622ab4841
a8c56bffc2a9c4bd75a1dd98187b09be5e638071
301aa4c2ee5015d29b90170f7e7e3569dd9c068bd13cd007a43467ebac80178f
GET /s2/favicons?domain=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /ssp/req/1955969/?pb=6bdab02787893ccaeff1de9ac09bdb9d1671645445&psp=zcXMT2EJWXYb_hf6J_UfMFRicflFQgAdMuC1aNfKO_3oRcAatuK3cs_bUOEBNoUYn7QqOq5OshF3O0WcmWP5wbxb9jORWvHLxxBuYnbziWjgY2OjyWOXhH-cKtXWENhx7NBeiKvCQtOP_gNTUPDvwIzVDK1WWvPB_5tK8iseursx5nx0CAmjfB2cfdHNEWGYHDc8dcE_t_K4FcbPBUHcT1ZvKjZc92mRHGt28G4iK5MIU1eXTmFj9ny5rwLSs-2x_uh1RXj_ihwJrRrb2BeKPNRL1pbTqmvKdCWSAdUnrSp7oGGOMxbvT5l5pUVOHqVyi7_6VGDxLm-a126S78TYQdfEN1p1ozbqMNq_BQSlMZOOAr3vkMokV7KDv4LoekLODPGjmwWGdwxrqsLMBXx2dbD3sZS-J6ihOwg9902SYHxERlDslD3LEIuZC3tIk2RXSzjjuLlzAOFT125NmiOwlJWK5EYKYHmYN2rg51cQFJTPgjIdwqQ5eWKVjhRxgkHrSytw71-ORAbVvpS67DLH2jLLf6OMYOVG_s9-2pp0wX6NxAIWMQr6uVkzkQOw0dBdzDW2YDskt3RQs96bFXm1eqkPM6aU_knK0ANvaPaJMW22gLKXIfeGhi1C6yaJn1CD4vswEhu2zUnU4fhk-S2jBCdzfHv50A863Xo4RpXr36bH3IaBv4pNVFp3wxeSLjelP_0x_6UNBhydy7v2AhYjTPqjO_gsvawQAhB410BncIY6OJMwP-hjbNh_21mAL636BAbn4Fgo_1ZW3FDEbx2U80bsFAW0fQFeZvtBmXn0DLuljo5GDs316gtjiKOuOrRviW9xrKZvFzRG&cb=_claw7h8e7yk3gpxv4boonq&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=2212211057ad3b9af82a7040c5afc55764d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&o=86841
172.217.21.161301 Moved Permanently 386 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&o=86841
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash d5116c1e539e3880d7edbf258604f91f
d3a4b2bb9db3d0f19a9a2a1576521530134c4f2e
916b4d460f7d9283baaa4944511ab6fc3a39fba5ffc4bcda5528b253c05b82f8
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&o=86841 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 386
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a4e09fbe8c7f13b5f2593bfb7b654f35
2f0ab877a5de8ede3d0cf8d47614e4f847f12cc1
ebf6a6c3c22bf48f663ced84746989c300b5a8268a980df2e0410bf060ff0e1f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL080QU93WnJCd01pN0QwL0RlcHJlZGFkb3ItX0xhX3ByZXNhXyUyODIwMjIlMjlfMTA4MHAuU1VCLUVORy5jaW5lY2FsaWRhZC5sb2wubXA0&o=86841
172.217.21.161301 Moved Permanently 486 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL080QU93WnJCd01pN0QwL0RlcHJlZGFkb3ItX0xhX3ByZXNhXyUyODIwMjIlMjlfMTA4MHAuU1VCLUVORy5jaW5lY2FsaWRhZC5sb2wubXA0&o=86841
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (309), with CRLF, LF line terminators
Hash f9ceb7416492ded59e0c65fe8d9b451c
2b8d9331abea7c2ac5010b8809ac342caa33c0d1
0eb120de8cb913035be03bdb289e213d919e6e93e91bfb7a21bb800cf22d8930
GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL080QU93WnJCd01pN0QwL0RlcHJlZGFkb3ItX0xhX3ByZXNhXyUyODIwMjIlMjlfMTA4MHAuU1VCLUVORy5jaW5lY2FsaWRhZC5sb2wubXA0&o=86841 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL080QU93WnJCd01pN0QwL0RlcHJlZGFkb3ItX0xhX3ByZXNhXyUyODIwMjIlMjlfMTA4MHAuU1VCLUVORy5jaW5lY2FsaWRhZC5sb2wubXA0&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 486
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
172.217.21.161301 Moved Permanently 446 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP 172.217.21.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash ce1922dc33664f83646763bb455de1c5
b9886735adcba256ff1db6a05814dee6522269ef
0d03bc46ef41b084dbac73cd786c77c36d16454a9293a80ec2afb7d24308496f
GET /s2/favicons?domain=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:25 GMT
expires: Wed, 21 Dec 2022 16:27:25 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 15:51:04 GMT
expires: Wed, 21 Dec 2022 16:06:04 GMT
cache-control: public, max-age=900
age: 381
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0db78f2c1efa6cc900592d0f8912a55d
686b1ec4aafa7b78a6c7203695527adbec314611
940be1b544a531e6c0dc8900250c1b4be0becf471d9d3d8d1749bdb148cd08be
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
142.250.74.34302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Wed, 21 Dec 2022 15:57:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 80fefa4e0a7e3acbce76a9e7f57a8eab
0612504d0ae9664127c3eafd43867ae57b75a832
dffec6e9deab94fb10ba4f22908241fc2d27f629421ef6ad12a90b4ee02ca7a0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d5518b05926e5fc608ad00c4abf3e01
273178a68589773d7c28a2360e64685937a5caa6
c0401c937edee3f05e3e41ab2b09af061962bcfa8471f2d0a0d91c3fe732843d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a677501b4490b3352220a1d60a3b88bf
9a5339c0bd6f3e1ae8af0116362efb71426807fc
4dea04acde2396c347e04123c6f97d0efc70695facc6a615a731b6dee801be18
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9280942f48b6d8af0882ac1f9a684dae
1998f517eb03d75b98b81b8fcc3de69b57faaad9
43e916ba35470cee4a823db0332214b20948fedd09350f83aa0376d902a4926b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id?slf_rd=1
142.250.74.34200 OK 120 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id?slf_rd=1
IP 142.250.74.34:0
Hash 54137b83e9deafa84ea6d9e8455556ee
452877d7ae176d9b66f107f2fdf4da338824de40
ffb8770d2a2a5c6a09b61eed77908dec39d9d73f440378eea520505e59513b2d
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Wed, 21 Dec 2022 15:57:25 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b3a38d8057f8c59aa4db5a405d1004c
3c25e79903c1854f482800c6649da26764730a90
910fbf0b154d2cb38f02f87065f7e94f0aa98a11ffd1c87b04eecf80975d4a51
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5895
Expires: Wed, 21 Dec 2022 17:35:40 GMT
Date: Wed, 21 Dec 2022 15:57:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5895
Expires: Wed, 21 Dec 2022 17:35:40 GMT
Date: Wed, 21 Dec 2022 15:57:25 GMT
Connection: keep-alive
code.jquery.com/jquery-3.6.0.slim.min.js
69.16.175.10200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65241)
Hash ae3ffbb71d763d2a1ca869e4866b23ae
22723a163afd77efe96e92eaca712583612b3e73
29dda737fcaf96a8a4ea6d0dd66c6e379a4c98cf3374647388650ee6e48a462c
GET /jquery-3.6.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:25 GMT
content-encoding: gzip
content-length: 24587
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11ab4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPX1jJ0GEocBCiRlNmI0YmQyOC04NGNmLTRmODMtYTJjYi1kMzc0Yjc0NjExOWIQ+OiCoKvU+wIaBgjl2YydBiIMOTEuOTAuNDIuMTU0KNSvAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNmZmYzQ4NzgtNjJkZS00NGMzLTkxZmEtYzYwMjgyZGIyMWZhGIvAASIYCAISFGNkczI1OC5zazEuaHdjZG4ubmV0.jCmVzNaKT44Z4ZMp6ByCMWO3XLM3pTV/fQthd8+0vYE=
x-hw: 1671638245.dop018.sk1.t,1671638245.cds238.sk1.hn,1671638245.cds258.sk1.c
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: MiX_AJgXGldkYjkeHO1OUPzraljox6v7B1M54cJPBdmfUZ7QETowOw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 548adcda884eed02304ba5d6a1d7f514.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:55:36 GMT
age: 64909
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.42200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 065f4ed444f6732695fa5bb0ada0ec30
0450850c6e0459c2791e2f6a933a56c3c0e4ec91
e9cd2ab86c15232d9aa2896a2690beb5c659ffa4238a1376555c894f34033a08
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Dec 2022 15:57:25 GMT
server: ESF
cache-control: private
content-length: 30912
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36106)
Hash 7fc7e22ecccb0cfd0ae897bb40a58efe
5d46470a711120793c362235105836fe49e699a4
1907005cab41fbd6d1d67df3b25586f3232e053a261c9e2b2503459f4980b1c5
GET /js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 18 Dec 2022 14:32:25 GMT
expires: Mon, 18 Dec 2023 14:32:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 264300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: EFtrPmVeBdwlINxF0wQq0671EksYsi6nsyFd5E4SCSH4_bQyGaNQHQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 07:54:35 GMT
age: 28970
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b263902026f824265dafc8635785fc65
684efdc99b2b6243fd8a0e94a5ba9cc2147d7591
4c4198f2c893eddf2340ec6bc103f2b06dd4b5a588b81afb2fc0790a2ba148dc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9917118c-5972-401b-b285-5393790dd2a9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10082
x-amzn-requestid: af563ab2-2bec-4393-89ed-c39d35dbb8ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_CGMWoAMFw1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-3f4fba7229f46d9f0356d9fd;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: VcyyaKnSAMh1uTLQWTg5mDlYLj-8zL-8rLx_tw84vDRvhBfEmTrcbA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:22 GMT
age: 66003
etag: "684efdc99b2b6243fd8a0e94a5ba9cc2147d7591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe10e1948eda329f8af1bb3549282c3d
68bc80d4e1cf43094452a666950d44788c6e561b
af172978ad005988e99eba1625443b87a287ae5bf371c1637c2fbc926adefa83
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffa7b189-c1d5-4440-b415-f3188b6a0f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15929
x-amzn-requestid: 5464c25f-83e6-446d-8809-47f2b016432c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dKcIqG95oAMFvqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639a73d0-2d68c5222d56e6ce6fc14b56;Sampled=0
x-amzn-remapped-date: Thu, 15 Dec 2022 01:09:36 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: RBW6zF1yDdhEe4venG9tUgHAQx7KObjYI5wFN3mNCVyo4Lw02wEPuw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e11ee4e3208082d534c251b36bbee268.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 23:54:53 GMT
age: 57752
etag: "68bc80d4e1cf43094452a666950d44788c6e561b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f5b2e482a0944dfc0de3a69659fa002
64dd897d9163a6eceadc0c5460cdd135d323abb3
feb1a63a27859b88257d50c3c8723131978fd1f363a6f9e1297b91549b4aed9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 981a0010-ec53-4659-818b-4cfa39fa8cd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbuhqGUbIAMF_QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a15e0a-65b084547c4d2b4414236f84;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 07:02:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -AR7jIQqHV2XWDLH1W7rybyRGcDQ4oSGQsneAScw7MHK3nwjYYkjWg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 07:05:45 GMT
age: 31900
etag: "64dd897d9163a6eceadc0c5460cdd135d323abb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5894
Expires: Wed, 21 Dec 2022 17:35:40 GMT
Date: Wed, 21 Dec 2022 15:57:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3bd6359db3b908389343275ee839466b
9094f8e9275252a8e9d5e65fd3e87851b2f80bd7
7380590a93f8a21907c39ddce2f51c599161f219522df4099e9c1a82bcd1e40e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9069
x-amzn-requestid: 103b5caf-fa82-4d66-97e6-99c77027f759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_DG_hoAMFoKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-1a4accb80dbf5e9f2f696c85;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: D8V_RlBCxL1RHxtCyWkX7_IsCCrOdv2o1Wdic0N_aUz0qguhANp88A==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:22 GMT
age: 66004
etag: "9094f8e9275252a8e9d5e65fd3e87851b2f80bd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP 142.250.74.131:0
Hash d531716ccdb4df2f3c08a81b5e1cce74
d16fa59944f0edbb0f09dc234f7e79299bababf4
6d87039b6c52130d13bb536a8511313e4b43c79cd55f1bdd5cd8f4c82a1d80f8
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 9d5518b05926e5fc608ad00c4abf3e01
273178a68589773d7c28a2360e64685937a5caa6
c0401c937edee3f05e3e41ab2b09af061962bcfa8471f2d0a0d91c3fe732843d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/UKcAiSIR&size=16
142.250.74.68200 OK 454 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/UKcAiSIR&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b47dc0281a58eb5dcbefb21f7d9f2f8b
9ca10c8524a596da424cfe4ad62902b6c3107172
3bb219a803b2aafd036cd2c0133a3b41c9e97d6f22c48c5884aad12b9a8b4c89
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/UKcAiSIR&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://mega.nz/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 454
date: Wed, 21 Dec 2022 15:57:26 GMT
expires: Wed, 28 Dec 2022 15:57:26 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&size=16
142.250.74.36200 OK 270 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9zdHJlYW10YXBlLmNvbS9lL1laMnJtUVB5ZHdDdjkyZS9EZXByZWRhZG9yLV9MYV9wcmVzYV8lMjgyMDIyJTI5XzEwODBwLmR1YWwtbGF0LmNpbmVjYWxpZGFkLmxvbC5tcDQ=&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Wed, 21 Dec 2022 15:57:26 GMT
expires: Wed, 28 Dec 2022 15:57:26 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt&size=16
142.250.74.68200 OK 270 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.SUB-LAT.srt&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.dog/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Wed, 21 Dec 2022 15:57:26 GMT
expires: Wed, 28 Dec 2022 15:57:26 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 51dc1104789a132a0c4aa80127392583
c58e511c9f9a170afe423b63bdf9b50d52cbc2d9
671d4bd8d038642d76e8fae793f75175e4fb1da35e61909cf08d1a7cf0f750a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "671D4BD8D038642D76E8FAE793F75175E4FB1DA35E61909CF08D1A7CF0F750A7"
Last-Modified: Tue, 20 Dec 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11276
Expires: Wed, 21 Dec 2022 19:05:22 GMT
Date: Wed, 21 Dec 2022 15:57:26 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&size=16
142.250.74.68404 Not Found 726 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:26 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&size=16
142.250.74.36200 OK 270 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly93YWF3LnRvL2YvRTFKamIyRVRrUzhk&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Wed, 21 Dec 2022 15:57:26 GMT
expires: Wed, 28 Dec 2022 15:57:26 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&size=16
142.250.74.36404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=R29XMjlVY09GclZQYTFYejJLZDJSb05MM3lKTVdTRVdxdjZLZUo2VFEvMUJRY3FteWQvRm9qMFlUZ1hCL2hmVw&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Wed, 21 Dec 2022 15:57:26 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt&size=16
142.250.74.68200 OK 270 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt&size=16
IP 142.250.74.68:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash b09b837ca4b197aebeade8a2560d9fb2
afd2cc6572334ace938f25c0ca0314d30e1e812a
f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.rip/wp-content/uploads/2022/08/Depredador-La-presa-2022-1080p.FORZADOS.srt&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://cuevana3.dog/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Wed, 21 Dec 2022 15:57:26 GMT
expires: Wed, 28 Dec 2022 15:57:26 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Wed, 21 Dec 2022 15:57:26 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash eadadfec0a65bce69128230cfa49f936
1ae7fbb4969315fc2d13cf0a63d1909c499147db
bbd8831dd832214747d09faca8a7092b1e72dbaec35ee513bf6663caaea3e488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 262ab960b9c7a7e0406e5a7aec04fe55
6d2022c15425b88acc2d29415f678750c71f38ed
7d2818b8e8e70b0f9ceddb23c6a87d22733f11b09596c618ef8b3dfda4f122cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 15:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.42200 OK 114 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.42:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6796032e498af983ca8f74951d81413
cc4d40ea5cbf8b8638196c7eb9f9c9075065ff83
3461b977b454b15624aef3ae68e05885267d099bc734c43436ec4d6afecbf9d4
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1348
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Wed, 21 Dec 2022 15:57:26 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=0a6254a2d39a469db54a07270da87def
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=0a6254a2d39a469db54a07270da87def
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash f1a295a6ffc19b91cf66bdcb50b9a287
8d6094e971f97e401d76b9f9a58e6b70e078e71c
140b1b1cbc44267047242fc20fd0ff4126f68117a4cb8f2c7be355be152857b8
GET /gid.js?userId=0a6254a2d39a469db54a07270da87def HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playercine.cinestart.net
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Cookie: ID=5eabb90206fd4573baaba502ae73417b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:26 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://playercine.cinestart.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:26 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
playercine.cinestart.net/play_white.png
104.21.58.88200 OK 2.2 kB URL HTTP/2 playercine.cinestart.net/play_white.png
IP 104.21.58.88:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 586c4a0da292bad6d6303d86f9170a49
782ccb8658663e83b265c1a3d469e16682d5b2ee
a5fae08174aebfda56f78b7913082f4a72d52282faef978478ad943cd1db6329
GET /play_white.png HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:26 GMT
content-type: image/png
content-length: 2209
cache-control: public, max-age=604800
expires: Wed, 28 Dec 2022 15:57:27 GMT
last-modified: Sun, 14 Aug 2022 23:11:47 GMT
access-control-allow-origin: *
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BDK7nRE0zosnfjlSfmi%2B%2B2ROKtzg70RjnmzW7%2FluvSRQX1xOU4zi3qyIZfYkB5uN0ayCmp8CNxgQPzg6qNUtM87pi2rzQzJXpzqjr58jm9MDjg3caCS8KZFemY62x0qw7mSgh17NC%2BLEjXI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77d1d03cca10b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
104.21.58.88200 OK 0 B URL HTTP/2 playercine.cinestart.net/player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP 104.21.58.88:0
GET /player.php?id=Ujl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FkAGV%2BdfdVRuegSgqhX7LW0AeJJrmty4HzDVQGrrzVP5jGvrVvTPyIl30%2FQpiwhf0u86k7FvEv2e6kziuvaU6NNOjTI8fUObRFCpfr%2B03Wznol59kvhD%2BG2eu6gs690VMbwlxwnQUUFhvv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d0394d61b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waisheph.com/5/5508024
139.45.197.245200 OK 0 B IP 139.45.197.245:0
GET /5/5508024 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:26 GMT
content-type: application/javascript
x-trace-id: 9f099f44ef86df531833ef5ff2f4bb43
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=0a6254a2d39a469db54a07270da87def; expires=Thu, 21 Dec 2023 15:57:26 GMT; path=/; secure; SameSite=None
oaidts=1671638246; expires=Thu, 21 Dec 2023 15:57:26 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
waisheph.com/?rb=aqoPGG9lPeTr0h3v2z4wDNr1CjjvFOJYZYGeDXfuvbbS0k_c1VNNAvBkvGydeb5sEVm4cV6O3b7PXiwflaqcgZOtv7B5VQ3DO3O0wgORXRY4fYfy5Dm13xtrI5a4FgfXz0s1Y4YtoZzELkS5C3BQRTd3gxuqS7w0_pLnkmTw7ghMNzRGlGhfCN6y9nKlYPE3PSR0QXL6i8PBZNVukn_mZ8K1LuECYyFvvC4rSeJcbq4I6ip_xkyf6HqBZRLmLymk&request_ab2=96001&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=9&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DUjl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=0bca7263-c130-43ed-9613-d4e45ed78a05&userId=5eabb90206fd4573baaba502ae73417b&m=link
139.45.197.245200 OK 0 B URL HTTP/2 waisheph.com/?rb=aqoPGG9lPeTr0h3v2z4wDNr1CjjvFOJYZYGeDXfuvbbS0k_c1VNNAvBkvGydeb5sEVm4cV6O3b7PXiwflaqcgZOtv7B5VQ3DO3O0wgORXRY4fYfy5Dm13xtrI5a4FgfXz0s1Y4YtoZzELkS5C3BQRTd3gxuqS7w0_pLnkmTw7ghMNzRGlGhfCN6y9nKlYPE3PSR0QXL6i8PBZNVukn_mZ8K1LuECYyFvvC4rSeJcbq4I6ip_xkyf6HqBZRLmLymk&request_ab2=96001&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=9&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DUjl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=0bca7263-c130-43ed-9613-d4e45ed78a05&userId=5eabb90206fd4573baaba502ae73417b&m=link
IP 139.45.197.245:0
GET /?rb=aqoPGG9lPeTr0h3v2z4wDNr1CjjvFOJYZYGeDXfuvbbS0k_c1VNNAvBkvGydeb5sEVm4cV6O3b7PXiwflaqcgZOtv7B5VQ3DO3O0wgORXRY4fYfy5Dm13xtrI5a4FgfXz0s1Y4YtoZzELkS5C3BQRTd3gxuqS7w0_pLnkmTw7ghMNzRGlGhfCN6y9nKlYPE3PSR0QXL6i8PBZNVukn_mZ8K1LuECYyFvvC4rSeJcbq4I6ip_xkyf6HqBZRLmLymk&request_ab2=96001&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=9&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DUjl2N1dqNjVoWUd1QklVOHkvM2hZMGR5cVd5R0dmcU9OLzZ6Rk52NHd0MWFpNUVreWsvUHVpSVhzT1pUSXc4dw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=0bca7263-c130-43ed-9613-d4e45ed78a05&userId=5eabb90206fd4573baaba502ae73417b&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://playercine.cinestart.net/
Origin: https://playercine.cinestart.net
Connection: keep-alive
Cookie: OAID=0a6254a2d39a469db54a07270da87def; oaidts=1671638246
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:26 GMT
content-type: application/json
x-trace-id: 482c636a898630ff5bad42a3baf195a0
access-control-allow-origin: https://playercine.cinestart.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=5eabb90206fd4573baaba502ae73417b; expires=Thu, 21 Dec 2023 15:57:26 GMT; path=/; secure; SameSite=None
oaidts=1671638246; expires=Thu, 21 Dec 2023 15:57:26 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Wed, 28 Dec 2022 15:57:26 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
IP 172.67.204.56:0
GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 543409
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHD6%2B%2FnAvwkvSiGZdxOm1IR1ecZqYZHkhIq4L7xoyoTQ4w7wS0waqBKM3T3tc5Gx%2B0qkbwwaM1ehFveiT0xnTjvoqEZcep8fHEZOT8qXxbgwEWKhNXRY8xQbjZ82NA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d0306fe90afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clrrh9zi3haxxe918e3tsa&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205777229732984
62.122.171.6200 OK 0 B URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clrrh9zi3haxxe918e3tsa&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205777229732984
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_clrrh9zi3haxxe918e3tsa&nojs=0&ix=0&abvar=21&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3205777229732984 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212211057b3d45c8878444e39851a9f52cc; Path=/; Expires=Thu, 21 Dec 2023 15:57:25 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.99355000%201671638040
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.99355000%201671638040
IP 172.67.204.56:0
GET /wp-content/themes/cuevana/style.css?ver=0.99355000%201671638040 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Tue, 27 Dec 2022 05:11:54 GMT
last-modified: Tue, 06 Dec 2022 13:00:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEaEhQFVEpwE64OzP4n%2BBWMh0imtblCCEYcYqlnj%2BTV%2Bk5nc7qLi1WnUmktAqoZKIMekaK%2FRiSnPovAbYVHx8sEa%2B7aTXvzKkZN4ShKYpxiJ88SkGrJrhG%2FUUhgyBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d03088060afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_cl0b6l378qyoem3sk3xjjc&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953977415945957
62.122.171.6200 OK 0 B URL HTTP/2 omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_cl0b6l378qyoem3sk3xjjc&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953977415945957
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955964?zoneid=1955964&jp=_cl0b6l378qyoem3sk3xjjc&nojs=0&ix=0&abvar=20&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953977415945957 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:24 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212211057980278ca0257461581ef29f70c; Path=/; Expires=Thu, 21 Dec 2023 15:57:24 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/aas/r45d/vki/1955969/tghr.js
62.122.171.6200 OK 0 B URL HTTP/2 urimnugocfr.com/aas/r45d/vki/1955969/tghr.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /aas/r45d/vki/1955969/tghr.js HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 15:57:25 GMT
content-type: application/javascript
last-modified: Wed, 21 Dec 2022 09:43:14 GMT
vary: Accept-Encoding
etag: W/"63a2d532-12ddc"
x-js-ab1: var21
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
IP 172.67.204.56:0
GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 21 Dec 2022 15:57:23 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 22 Dec 2022 09:00:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 543408
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khucnVM8IJMfNYx72YeTENBF2SGBakGqOyvZT%2FpqE21soDY6lI4rPYgn3SdoLpmkggoWcvd5hNBBL7qPqoxUSjwV1YImosL1l0UfSCixgD3Vxn2haMuQYeN8rFb%2BpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d1d0307ff20afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.youtube.com/embed/LMlCN6_vUvs?autoplay=0&autohide=1
216.58.207.206200 OK 0 B URL HTTP/2 www.youtube.com/embed/LMlCN6_vUvs?autoplay=0&autohide=1
IP 216.58.207.206:0
GET /embed/LMlCN6_vUvs?autoplay=0&autohide=1 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 21 Dec 2022 15:57:24 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=kbsEZcUuWjo; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8JeS4rwm7mA; Domain=.youtube.com; Expires=Mon, 19-Jun-2023 15:57:24 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+253; expires=Fri, 20-Dec-2024 15:57:24 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2