r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8133
Expires: Sat, 24 Dec 2022 01:49:26 GMT
Date: Fri, 23 Dec 2022 23:33:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3368
Expires: Sat, 24 Dec 2022 00:30:01 GMT
Date: Fri, 23 Dec 2022 23:33:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d6a971d765338f107fe9d2c67fa4bbdf
a72bdf191446a37fa0420cc9d7c087aaff757cd6
dc5291c136b0b81621a02679a31f6b7c852e2803429d54c2a9afcc8edf031328
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DC5291C136B0B81621A02679A31F6B7C852E2803429D54C2A9AFCC8EDF031328"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14588
Expires: Sat, 24 Dec 2022 03:37:01 GMT
Date: Fri, 23 Dec 2022 23:33:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 22:34:47 GMT
content-type: application/json
age: 3546
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: no+Hl9ckdhI4+NTeDZwwgSRGLBLA5+chy7xectDU4xp1JYuFsnvzoAUqzvHvOYIv5IikBvuw7ADwK5gc02jStw==
x-amz-request-id: YNNVETMAZJ1X8KNB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 22:56:22 GMT
age: 2251
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/ver-el-episodio/episodio-3-de-sean-eternos-campeones-de-america-temporada-1/
172.67.204.56200 OK 14 kB URL HTTP/1.1 cuevana3.nu/ver-el-episodio/episodio-3-de-sean-eternos-campeones-de-america-temporada-1/
IP 172.67.204.56:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 1ec9290339e043b76f908e8cac10ae93
c591d40fa4f26a754ce52c7d9be95465fc93aecd
c68da84b837918d6f977ce00f9e85d0368853db59092ba1115a7556120443a89
GET /ver-el-episodio/episodio-3-de-sean-eternos-campeones-de-america-temporada-1/ HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 23:33:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-dns-prefetch-control: on
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77e4e79d0d5bb529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
IP 69.16.175.42:0
File type ASCII text, with very long lines (32030)
Hash f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPGRmZ0GEocBCiQwMDJhYjVkOS1hOTk0LTQ2NzctOWM2Ni01NmQyY2E5MzlhMDcQ+OiCoKvU+wIaBgjh9ZidBiIMOTEuOTAuNDIuMTU0KLrBATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkNGNhMmEyN2YtNmYxYi00N2Q3LWE5ZTctYmU3NzgyZDc0ODcxGPbqASIYCAISFGNkczAxMC5zazEuaHdjZG4ubmV0.2K+F3vmeKKFA13QRAsaNPT3tFNePpwlpVobVGh0sy5U=
x-hw: 1671838433.dop214.sk1.t,1671838433.cds065.sk1.hn,1671838433.cds010.sk1.c
X-Firefox-Spdy: h2
whairtoa.com/5/4907445
139.45.197.238200 OK 24 kB IP 139.45.197.238:0
File type ASCII text, with very long lines (64291), with no line terminators
Hash 98b5775c9108d9972dce117135de5a49
afff3b34894c2e2c8b6a76a877fbf6e161940e64
7bef986c48d794cb04e726e39963a444bc31a38e318579cbbd9e688ca8ffd121
Analyzer Verdict Alert quad9 Sinkholed
GET /5/4907445 HTTP/1.1
Host: whairtoa.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 2feaaeb7780b0e6c94cb8613413dbc67
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:53 GMT; path=/
oaidts=1671838433; expires=Sat, 23 Dec 2023 23:33:53 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
omfiydlbmy.com/lv/esnk/1955964/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955964/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash a94f8b84db4f6d40f716e0c1604361fc
5b8df05aa642c98ccbe651926a1606d065617d94
5bedfb6066dd197239fecf2818e906b3f86a0862c6fa0c812ce84205532491eb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /lv/esnk/1955964/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:53 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 12:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a44ffc-1a5e1"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
omfiydlbmy.com/lv/esnk/1955965/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955965/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash 070f29a164e43e45efb4e94f9eb94cba
ca28bf443103cac8db40bd05f3843c6d059c5ec0
68dcc9caa9849a163638ff6b9c878a0b05ab0f8d9e0ee8f9a47302bda36cb43c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /lv/esnk/1955965/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:53 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 12:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a44ffc-1a5e1"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 49e097b3cc2fb89d982d02bafb135519
b00e6f445ccf23976b1725a0b23c5102116cc092
271fcf63372e68f83ad6d181963d9ce92b37a08e943c8eb0522138bdec033476
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 49e097b3cc2fb89d982d02bafb135519
b00e6f445ccf23976b1725a0b23c5102116cc092
271fcf63372e68f83ad6d181963d9ce92b37a08e943c8eb0522138bdec033476
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 49e097b3cc2fb89d982d02bafb135519
b00e6f445ccf23976b1725a0b23c5102116cc092
271fcf63372e68f83ad6d181963d9ce92b37a08e943c8eb0522138bdec033476
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 49e097b3cc2fb89d982d02bafb135519
b00e6f445ccf23976b1725a0b23c5102116cc092
271fcf63372e68f83ad6d181963d9ce92b37a08e943c8eb0522138bdec033476
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 142.250.74.131:0
Hash 49e097b3cc2fb89d982d02bafb135519
b00e6f445ccf23976b1725a0b23c5102116cc092
271fcf63372e68f83ad6d181963d9ce92b37a08e943c8eb0522138bdec033476
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuevana3.nu/wp-content/uploads/2022/11/jNW2KTGsQvF05zIsjyEWP1w8Kei-200x300.jpg
172.67.204.56200 OK 22 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/11/jNW2KTGsQvF05zIsjyEWP1w8Kei-200x300.jpg
IP 172.67.204.56:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 82", baseline, precision 8, 200x300, components 3\012- data
Hash 1e708c16acca56114c724a807dd7c7b3
9ca1d40cde581c3a6a2f3538012e5f162e421d68
265ae6fdbf1ed188c6a5238d622e71ea6f5bd1d5e1f7c483a72d343386335fe5
GET /wp-content/uploads/2022/11/jNW2KTGsQvF05zIsjyEWP1w8Kei-200x300.jpg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: image/jpeg
content-length: 22302
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 02:17:58 GMT
last-modified: Mon, 14 Nov 2022 07:46:37 GMT
cf-cache-status: HIT
age: 76557
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7a22f880b61-OSL
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Pragma, Last-Modified, Expires, Alert, Content-Type, Retry-After, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 23:08:02 GMT
age: 1551
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
IP 172.67.204.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
cf-cache-status: HIT
age: 137538
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7a22f870b61-OSL
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
172.67.204.56200 OK 4.7 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
IP 172.67.204.56:0
File type PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: image/png
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 137538
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7a22f950b61-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3654
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Last-Modified: Fri, 23 Dec 2022 22:32:59 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-209818749-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209818749-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 2b41e29c731412d1354db0a6c4f0cd40
c8cf76d635d314c23bf936232e86e458b09bc0d5
ac863f4d75e234db8688a8a7b28021f3a51d87732f9e277b271a068c0bca1b61
GET /gtag/js?id=UA-209818749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 23:33:53 GMT
expires: Fri, 23 Dec 2022 23:33:53 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43581
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
173.233.137.60200 OK 21 kB URL HTTP/1.1 threatenedorientalavailable.com/ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js
IP 173.233.137.60:0
File type HTML document, ASCII text, with very long lines (60132), with no line terminators
Hash f8ead40a604e5ab3a5b99083f64e8a89
efe8f4a73a6e3a99b4a3a488a0fb059d326b0827
6ea4f71da59a29d7ca3cf0f7a6fd7034a96166df22334190d388596408ef9f70
Analyzer Verdict Alert quad9 Sinkholed
GET /ea/4d/b7/ea4db7a0906f9808f09b5ff02c6aeb6a.js HTTP/1.1
Host: threatenedorientalavailable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 23 Dec 2022 23:33:53 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d5f0bdb637b36c46cf8639267fd1dfed
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 305e61785b6a439d62cc6d1eb782acf0
51c1e3e213b20326f9b0a6089a07d64559945d85
b04548c1d4e00ddc872aad4bd3b532cade0bf423138620e351a6d58a2e8f19fc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1d8bd1a083ee8e31cb240e1b77beb5e
7eb74381b2a771cb327658e3aefb5ff7665b0237
5db2bd1d721f4cb558abf3d0bf6fb04ff7668bb6690b53981438211a75e1325e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5DB2BD1D721F4CB558ABF3D0BF6FB04FF7668BB6690B53981438211A75E1325E"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9514
Expires: Sat, 24 Dec 2022 02:12:27 GMT
Date: Fri, 23 Dec 2022 23:33:53 GMT
Connection: keep-alive
cuevana3.nu/perversas.jpg
172.67.204.56200 OK 35 kB URL HTTP/2 cuevana3.nu/perversas.jpg
IP 172.67.204.56:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 95x95, segment length 16, baseline, precision 8, 600x150, components 3\012- data
Hash b5d56c3488bd24f579f3cdf85b34a98a
e22c9646584cd85c8f515ea34eaf7c3e7d8a9d5e
721b2723484bcda0eda62a4445cc5d7521b1b02001306e34c75a251dfc275a2c
GET /perversas.jpg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: image/jpeg
content-length: 34838
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:28:14 GMT
last-modified: Thu, 20 Oct 2022 23:18:47 GMT
cf-cache-status: HIT
age: 137139
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7a3b8710b61-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 344 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d1d8bd1a083ee8e31cb240e1b77beb5e
7eb74381b2a771cb327658e3aefb5ff7665b0237
5db2bd1d721f4cb558abf3d0bf6fb04ff7668bb6690b53981438211a75e1325e
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "5DB2BD1D721F4CB558ABF3D0BF6FB04FF7668BB6690B53981438211A75E1325E"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9514
Expires: Sat, 24 Dec 2022 02:12:27 GMT
Date: Fri, 23 Dec 2022 23:33:53 GMT
Connection: keep-alive
push.services.mozilla.com/
54.70.239.215101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.70.239.215:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hFu++v/+J3CsFTwFtsD7Vw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: zu9yjo5AhzQMERRNj4NMaLSqQiI=
cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.85097200%201671760869
172.67.204.56200 OK 15 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.85097200%201671760869
IP 172.67.204.56:0
File type ASCII text, with very long lines (44174)
Hash 3e61e82241a786b7030de8f11c7056c4
8708244119476e4e1ce375d217e85e037c890239
fac26c855b1ec3706a545e43e6878c5fcbe0313bb94ece08fc79f5ae8e601bb4
GET /wp-content/themes/cuevana/assets/js/b.js?ver=0.85097200%201671760869 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 16:13:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77e4e7a24fa10b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 810592c65d8c565282eba38fc1fdb080
e7014d0079558a136c376e29a01f4efc6f323282
fa1ae835056a3d9564de19ce142b5b48edb669848492319e91330e83d8977576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1290
Cache-Control: max-age=132865
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:54 GMT
Etag: "63a599d9-117"
Expires: Sun, 25 Dec 2022 12:28:19 GMT
Last-Modified: Fri, 23 Dec 2022 12:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 79 kB URL HTTP/2 use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Hash 5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: font/woff2
content-length: 79100
x-amz-id-2: kUpcCpgI1Uwlps23C6Cl2pKTXNXNujJ0eUkFMow6JxpQSBPsxNoryS7OHImzDBNoK6dGzwzk2YGXHRkeXr01CA==
x-amz-request-id: KX5KX4C8KR596P3R
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 689737
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uek%2BQfpTYJckYoX%2Fv7KLCq%2BLQaoZXviuxvNWabscGmMehC91sW4cwrC6%2Bud41pPsku9pJolsGw1aCaPKNjSfOrN1lgab5YZUS01mJA8EYEN7st4e7ZkNaTNQ4EfaZp%2B4fJqbHzbw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e4e7a6d9afd170-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 810592c65d8c565282eba38fc1fdb080
e7014d0079558a136c376e29a01f4efc6f323282
fa1ae835056a3d9564de19ce142b5b48edb669848492319e91330e83d8977576
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1290
Cache-Control: max-age=132865
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:54 GMT
Etag: "63a599d9-117"
Expires: Sun, 25 Dec 2022 12:28:19 GMT
Last-Modified: Fri, 23 Dec 2022 12:06:49 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
holdsoutset.com/pixel/purst?dl=0&th=0&sc=0&rs=964&rd=964&fd=426&bv=22.10.v.9&tmpl=70
192.243.59.20200 OK 0 B URL HTTP/1.1 holdsoutset.com/pixel/purst?dl=0&th=0&sc=0&rs=964&rd=964&fd=426&bv=22.10.v.9&tmpl=70
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=964&rd=964&fd=426&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: holdsoutset.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 23 Dec 2022 23:33:54 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
nanouwho.com/1?z=5014433
139.45.197.242200 OK 6.8 kB IP 139.45.197.242:0
File type ASCII text, with very long lines (16471)
Hash 0bad64e38a49be6ca3ce351ba2cb7829
2d1f0bd6ba140e0e5b01902d1b9b0ca0ecb8be60
92aefd50b14c57cec9905085363e16c8a01030b14d8b68ee0aa9f77fc406718c
Analyzer Verdict Alert quad9 Sinkholed
GET /1?z=5014433 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:54 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: d842f8cc9d20e09a70ee1aabc51ff9dc
Access-Control-Expose-Headers: X-Sc
X-Sc: qs5ICvFgiktWANK_2a2u2JMHJlOYK8t6rwyqZEiEYYiiSYuC1suCGlC6U6iDSVAHBU4k1kqQuZ8F_c6btyK2X9yhF6M=
Set-Cookie: scm=1; expires=Sat, 23 Dec 2023 23:33:54 GMT; secure; SameSite=None
OAID=85867796fa754564a8291d494beeaaa1; expires=Sat, 23 Dec 2023 23:33:54 GMT; secure; SameSite=None
oaidts=1671838434; expires=Sat, 23 Dec 2023 23:33:54 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58ad5c6e3caf13013c7ec3a32fe8e033
d53bb5f6c3618a359bc4cf9ead378176a703c94a
71901bd1fc0c8175e1ca424c04d6b92745a962dbe4e4e5b5767d6a7166cff8f0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71901BD1FC0C8175E1CA424C04D6B92745A962DBE4E4E5B5767D6A7166CFF8F0"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6704
Expires: Sat, 24 Dec 2022 01:25:38 GMT
Date: Fri, 23 Dec 2022 23:33:54 GMT
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash ecf9c53462f414d9dd6a28eabfbe770a
0eaf9695c29d70da420d2618d996f27f6df2cf6c
9efece3d133705b3f9407c2bef5659d877244a227a18f41a8d964bc99df3ce14
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142679
Date: Fri, 23 Dec 2022 23:33:54 GMT
Etag: "63a5ad95-1d7"
Expires: Sun, 25 Dec 2022 15:11:53 GMT
Last-Modified: Fri, 23 Dec 2022 13:31:01 GMT
Server: ECS (bsa/EB21)
X-Cache: Miss from cloudfront
Via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s6EeIA1dRXC9T3xc-aPOZjq-MJoZDW9Ud1Or9ZiBL3tsfYczDA_I6w==
Age: 6052
cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.85097200%201671760869
172.67.204.56200 OK 25 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/style.css?ver=0.85097200%201671760869
IP 172.67.204.56:0
File type ASCII text, with very long lines (439)
Hash 8b2b7701246fe14ef93b6d653db604d5
1f750429ee2bfe5518330c707fcd82c550c51282
8ec8e9b2efb2fb940f10448ff480c51436c9282f7996fee16ea7b3456e70bbb6
GET /wp-content/themes/cuevana/style.css?ver=0.85097200%201671760869 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 16:13:06 GMT
last-modified: Tue, 06 Dec 2022 13:00:45 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77e4e7a22f960b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
onvictinitor.com/apu.php?zoneid=5487080
139.45.197.238200 OK 30 kB URL HTTP/1.1 onvictinitor.com/apu.php?zoneid=5487080
IP 139.45.197.238:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash f6b2a5cb68d31ff81dda7b908a34b873
2cb4a5d85442c69e54f7fdaef4ea57e75fc69e0f
88c0b6b78c48da78226df963fcf8ebb74b0925f98466a34b2e19621f6b18d5a7
GET /apu.php?zoneid=5487080 HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 47720fb9658affd95e3ca218d52bf234
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=9e29d7cfaaa345f88e4d87e57132a6d9; expires=Sat, 23 Dec 2023 23:33:54 GMT; path=/
oaidts=1671838434; expires=Sat, 23 Dec 2023 23:33:54 GMT; path=/
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
my.rtmark.net/gid.js?userId=89ced2651f3045e8978ff5850f1ebbd6
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=89ced2651f3045e8978ff5850f1ebbd6
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 2645644a8693726c5975044d8588da59
fa41289c84d5931b3c6b6cd827926d5b38e61fb7
cd031966e181d6f6747299a885d6752ce25dc84817a55a5b3c70d9d24f7cd737
GET /gid.js?userId=89ced2651f3045e8978ff5850f1ebbd6 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:54 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a2647a644eb2c54095726e365fffa952
f84d4e3091d343b3a8ba66aa565d388a6a7cd29e
9c4831fe3457548b9b1f7cc1443ea6e320bf5aa3260f32a35e8cd2fd1d7a4aa5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4831FE3457548B9B1F7CC1443EA6E320BF5AA3260F32A35E8CD2FD1D7A4AA5"
Last-Modified: Thu, 22 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6785
Expires: Sat, 24 Dec 2022 01:26:59 GMT
Date: Fri, 23 Dec 2022 23:33:54 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 21308aa7c5ac8a4fb861e537434d7fcb
71f925bc8d91c635b8a15a6af23b489244ad4620
c5f9126cd0baaaa47f259b1bac7035b78896eadbb83c4947cc8bc640b78f328b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:54 GMT
Last-Modified: Fri, 23 Dec 2022 21:56:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
cuevana3.plus/perversas.jpg
104.21.89.109301 Moved Permanently 1.1 kB URL HTTP/2 cuevana3.plus/perversas.jpg
IP 104.21.89.109:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 579d0821fab57e6c6b174ff52b6b2f1c
89b66af2c17b55a77a3525f98cb1cef560be0358
1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb
GET /perversas.jpg HTTP/1.1
Host: cuevana3.plus
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Fri, 23 Dec 2022 23:33:53 GMT
location: https://cuevana3.nu/perversas.jpg
cache-control: max-age=3600
expires: Sat, 24 Dec 2022 00:33:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qJQ4Vqk2xEVjy74G3VqqugodpCM6DfjmGEjCySvKOM%2FN5fz1LGab4Dn0QKC9L5O9EbBNxzFJ9M73DJUbo005YJnytyPUiJjqrfrUZgl%2FjcmHtftoQsF1q8CslG0YCshf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7a3a86a0b61-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.pncloudfl.com/pn/c05/c68/c51/c05c68c51ebc23dde12a35127ecb8c73d326606e.png
172.67.25.161200 OK 7.3 kB URL HTTP/2 cdn.pncloudfl.com/pn/c05/c68/c51/c05c68c51ebc23dde12a35127ecb8c73d326606e.png
IP 172.67.25.161:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1fde0e817889da709ff8cae45c5adb1d
ecdde9c02670c88f48e415c343850aaf2aa217ae
09517835290fdc299eed4b3cf96c7fe28d0598fcbe2531a3854b61bdf6335844
GET /pn/c05/c68/c51/c05c68c51ebc23dde12a35127ecb8c73d326606e.png HTTP/1.1
Host: cdn.pncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/webp
content-length: 7318
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=11847
content-disposition: inline; filename="c05c68c51ebc23dde12a35127ecb8c73d326606e.webp"
etag: 4437b4fc63304022bffebf6860abdd41
expires: Sat, 24 Dec 2022 19:42:17 GMT
last-modified: Wed, 08 Apr 2020 13:54:04 GMT
vary: Accept
x-openstack-request-id: tx8629a474314b4bff995b7-0061b0bba7
x-proxy-cache: HIT
x-timestamp: 1586354043.15786
x-trans-id: tx8629a474314b4bff995b7-0061b0bba7
cf-cache-status: HIT
age: 100297
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 77e4e7a85a83b52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP 142.250.74.131:0
Hash 6214b247965b0560777c21930118eccf
d5f2480f98828ecf87f04b2b479f1a735d69ebd2
7dced27ec0b6b9f007cff738028d8893b96785f15657fe0e8376083d62662626
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:54 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 21308aa7c5ac8a4fb861e537434d7fcb
71f925bc8d91c635b8a15a6af23b489244ad4620
c5f9126cd0baaaa47f259b1bac7035b78896eadbb83c4947cc8bc640b78f328b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5862
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:54 GMT
Last-Modified: Fri, 23 Dec 2022 21:56:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278
urimnugocfr.com/solid.gif?z=1955969&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/solid.gif?z=1955969&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/chicken.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22122318335c6088c39cad40ac9b3866b473
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABslmQAAAAAAAAAB; Path=/; Expires=Sun, 22 Jan 2023 23:33:54 GMT; Secure; SameSite=None
OACIBLOCK=ABslmQAAAABjpTXQ; Path=/; Expires=Sun, 22 Jan 2023 23:33:54 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 24 Dec 2022 23:33:54 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/whob.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/whob.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1955965&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=Op7Jt6bCJAwfXYrCdTiZjNwRfz152WFl4B1YjQ8CRQhpDsVSZi-JA-yK94T2wMFlzTj5TchjOieVQ1dP0qZexLAt2qOcHfK6qC1-53GVoeM0UEpUimbaFd94TUMb5nz5Cbs9gailxZtb5sJxQS1EurO0lo8OZ1-bUe76SOn9N6dVFqSotJ46i3Za6CBBwXAiRU2HtO3Oh0OV8yR9Kc5fhqnaqohmoZc20mX9byMWmqDIeX7uiKkfADt5tVBA306v8ncvHn-L-z6igIPaUVftZ9A1mwjdXvJ_gqxa-I_wQje66SdR7HkIs6HS_Ti8A5DwURMRm79nVpsdiDwkKX487bt-9a-6Bu-6bG_PRYbbFBJN10uo-Ji_iwFqgjharAfYep1lnGRWkIoNvjgErYyxYq8D1nQv_m2-Y78XszXTkkmwsOLvs7tvGVk0CaEfL_09KovXGYfRAb6kjxPDrE9eQGya4IcBs6vGBaT9p7KX8AEeR3nhBVkz2ppjUnLUloPc-0kExRVVqYy7vfBcrHtII54mY1TF7msjiNkGkA3oGeUTn65Ea-CjXcVb9Y6DdtSb14UjneHmfl-prxnGpZGVAttEzbrIgniagmr4oujvV52Z_TFcnx29Edx3Lp45SryoLNKc_SXoE2o=&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22122318335c6088c39cad40ac9b3866b473
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/chicken.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22122318335c6088c39cad40ac9b3866b473
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABWVjAAAAAAAAAAB; Path=/; Expires=Sun, 22 Jan 2023 23:33:54 GMT; Secure; SameSite=None
OACIBLOCK=ABWVjAAAAABjpTXQ; Path=/; Expires=Sun, 22 Jan 2023 23:33:54 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 24 Dec 2022 23:33:54 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/whob.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/whob.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1955964&pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=1Unh8DaUTxWe3a8H0cPX6xyULmmbknaH4CwstJwL1L1d458LnLxAN1DJRUWvZWvA5sWJqdqJ-4ErnWxvn0_jjdPclwet7BIW73XBBgQlQtri6qdC-9Uzqs4OyIlpkcYqmDuTYcL8_fVI5KFD5Fz0XSLi9pdkFpbLtv7IHvynVMc37EK5qosh-r22qWaR-qPMNfq1XeTwzXDuamzloa-rq9Qwn1i4O186UZXDERFplx53IExdOx_3h_VH32tgbqspdMqsHbcTYw92KdEttx4bIWbZo5Xtg8pmPNXyNhshltZA-ZhGNrYIJvT-QoER5oVW6lnos__MVe0958_UBd8pD9yU0jR1RZKOrbe0cWBz2I1MOqzPmM3Jm7o047eyc3hUFz9iExmyFUgA4RlTM70boqwR0hpueudfnjYq9IVAm30Dk3q2gcD3wSgUO7KHlgl6yOSzSs5FUTwXOL5VQzHe8Tb5NNJmQJpCLXzmGuBZWWpR4sJ5KO_H48H4qF-oSFHO7zJOl3cw3x81rKxqUuA8hcYCgpE8vaM-bZjrJNEzSRqpyrQFZ9hWygaJgG4C5ZlV1K2qb3B96p95IrZUAMO_-Qb395rUo5stkO4jstcnzF-nF9sx4-kBCQ_FEDrBDPDHCeDbHwBXwB44R166-siM-jYm5tXytA==&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=22122318335c6088c39cad40ac9b3866b473
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
onvictinitor.com/?rb=-d2JGX1lG2_GVIW_dmf35gC02659ngMbJu9DgT7_7re3HIuMZ0rsdBXFrxoMdd0P2dEbsaQnjAztrQgFxNM5GjeWccAC3BbT7_lN2uChTym3TiHmDdNQlM3psEu-dPDGSqwYFy1BFcnQIqS_CbONbdlPa05xdCPG6sytqLs3-Q9YulVMQzhEs7CwESaemSLtr1AWKqdxvnjcEsslOGq_5jx87Zjfto5z7NDr2afKeO4%3D&request_ab2=96003&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=542f491b-0a0a-493b-a691-a11e2c6b8394&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link
139.45.197.238200 OK 1.5 kB URL HTTP/1.1 onvictinitor.com/?rb=-d2JGX1lG2_GVIW_dmf35gC02659ngMbJu9DgT7_7re3HIuMZ0rsdBXFrxoMdd0P2dEbsaQnjAztrQgFxNM5GjeWccAC3BbT7_lN2uChTym3TiHmDdNQlM3psEu-dPDGSqwYFy1BFcnQIqS_CbONbdlPa05xdCPG6sytqLs3-Q9YulVMQzhEs7CwESaemSLtr1AWKqdxvnjcEsslOGq_5jx87Zjfto5z7NDr2afKeO4%3D&request_ab2=96003&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=542f491b-0a0a-493b-a691-a11e2c6b8394&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link
IP 139.45.197.238:0
File type JSON data\012- , ASCII text, with very long lines (1907), with no line terminators
Hash 1031f33c51963445a907a1435e89e9fb
c921bb1ffef48a8c925a4459c96e233f72023190
7a225247ac61c751c37b02adedc5e6269008252891d28187cb054f3a9099b220
GET /?rb=-d2JGX1lG2_GVIW_dmf35gC02659ngMbJu9DgT7_7re3HIuMZ0rsdBXFrxoMdd0P2dEbsaQnjAztrQgFxNM5GjeWccAC3BbT7_lN2uChTym3TiHmDdNQlM3psEu-dPDGSqwYFy1BFcnQIqS_CbONbdlPa05xdCPG6sytqLs3-Q9YulVMQzhEs7CwESaemSLtr1AWKqdxvnjcEsslOGq_5jx87Zjfto5z7NDr2afKeO4%3D&request_ab2=96003&zoneid=5487080&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.464.1&bs=542f491b-0a0a-493b-a691-a11e2c6b8394&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link HTTP/1.1
Host: onvictinitor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 23:33:54 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: ea3f506eab5127343f8713a10eae14ea
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:54 GMT; path=/
oaidts=1671838434; expires=Sat, 23 Dec 2023 23:33:54 GMT; path=/
syncedCookie=true; expires=Fri, 30 Dec 2022 23:33:54 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 33fb5c75f65d473e95a6f6b6d3d63228
a03a9a782ce82b19b7330c8611941c526fbeec9c
8e13077c13d955e3cef2e2aabb4188c5bcff769ef0421a2c7e957e9830f51815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E13077C13D955E3CEF2E2AABB4188C5BCFF769EF0421A2C7E957E9830F51815"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2897
Expires: Sat, 24 Dec 2022 00:22:11 GMT
Date: Fri, 23 Dec 2022 23:33:54 GMT
Connection: keep-alive
image.tmdb.org/t/p/w1280//pb8Z3Ef6CFjpm87hKW3DfdUge3J.jpg
138.199.36.9200 OK 228 kB URL HTTP/2 image.tmdb.org/t/p/w1280//pb8Z3Ef6CFjpm87hKW3DfdUge3J.jpg
IP 138.199.36.9:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1280x720, components 3\012- data
Size 228 kB (228358 bytes)
Hash 24091259854c2ef339d61c5d06ea42a4
5ec01ddc112432449a33f8766fd20128151132d1
5b8e6766e0f1731763628a79706965736b50712c86364827de680d5fe11199eb
GET /t/p/w1280//pb8Z3Ef6CFjpm87hKW3DfdUge3J.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/jpeg
content-length: 228358
server: BunnyCDN-DE1-1049
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "63641d16-37c06"
last-modified: Thu, 03 Nov 2022 19:57:10 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-cachedat: 11/25/2022 22:37:59
cdn-edgestorageid: 865
cdn-status: 200
cdn-requestid: f5cf0fdbb4156cfc0b304c5682ff289f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clfx64g65zqrut5gl27fya&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=5739065137817166
62.122.171.6200 OK 1.7 kB URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clfx64g65zqrut5gl27fya&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=5739065137817166
IP 62.122.171.6:0
Hash 2e8e495f8dcb5e2ba52d13deac56254a
9ef6ed3daa84bcee76fc50d595b88fd49d101c92
22ccf5baa6140f1961c87f5fb536900dead442c4870ef52b0f6cce41973ee3e5
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_clfx64g65zqrut5gl27fya&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=5739065137817166 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212231833d6babc9bfa5d4f6491a93d911e; Path=/; Expires=Sat, 23 Dec 2023 23:33:54 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clh96d6t9v67up1nho3et8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7427914998058597
62.122.171.6200 OK 1.7 kB URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clh96d6t9v67up1nho3et8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7427914998058597
IP 62.122.171.6:0
Hash 70f78024266668dee64918f777a5cb99
e9363c067a2a87ba4d536abb65629602a3929b43
2ea8c2507cd40eec07758e4d124acb751413d25878652cef557d5409191bb018
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_clh96d6t9v67up1nho3et8&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7427914998058597 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212231833337d11c4baa041acb950c5f893; Path=/; Expires=Sat, 23 Dec 2023 23:33:54 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.61.227200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 23 Dec 2022 23:33:54 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ea36afaec7f9d2f7d726b7538307161f
Strict-Transport-Security: max-age=0; includeSubdomains
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6
139.45.197.242204 No Content 0 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6
IP 139.45.197.242:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
OPTIONS /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6
IP 139.45.197.242:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
POST /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=89ced2651f3045e8978ff5850f1ebbd6 HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 264
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: application/javascript
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 8e97e8651ffcb79834ded3ef66f7d72b
access-control-expose-headers: X-Sc
x-sc: VQOCGx1MlMx2SW2qPS8EQiSM8W4s80gXFjTH8Sl-CkXXr1MRxpHHEKFWmpeULfodlZreny6kuEVZ-2Bkcjk4RLLhN6c=
set-cookie: scm=1; expires=Sat, 23 Dec 2023 23:33:55 GMT; secure; SameSite=None
OAID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:55 GMT; secure; SameSite=None
oaidts=1671838435; expires=Sat, 23 Dec 2023 23:33:55 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122318333791d2932ca742d7a843387a06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=c982e7bd9ea4a47d2693b601451e689d1671845634&psp=NINcTjTyJVE1YAnawZ7weK_cb9RcJC57BkExtofPq2Y2RB3Bou1KTB0qxE9_0Rr7zCNxO4hQbEIPuoc4RxpVRKG4JrPwbD-JezaT7aU2X-I9mL5i5btW6pQQ0GEoiwayFGrSsYcUzHxmO3mdY3cXt58GINOyXgIv29fSe596iV8tX82PCQEv0nHPH3T583yXZWG1BqAsQD2VyP7dpKgdGI28TvxUreSNAn26KkQcVNcZxISPHfNL2Uj6HLKOF9QU03zm78Fu2bFw0YHrMYRdVzvb8V9nK-WBhSZBfWLzqDHBWERXBl0_qgOFPKp3leIxYECDMBT0bT7_UoFiZaQkV5xzkqJkzSagrwUsZXuDe8XG_PZTaoez3VJBeiqmpX--sMJFVGLrAv5DcokP7frQetXN77nL23mqCNYZZJdPvWb4KKeEmlnIH-3lwKrVkqemAd2wcWa-5QfuYBbrcYIZOiTWVGd4pY-bdXbYczhAirW4qWndOUGro1K_ovGoS9zQK-Jxrl-56avPxfWL3dvpa5UnGhtQNjIIqAtnKiElxgdkcbVh6k51gXdJZhF2SMBDR2tYhEPcobuP6QWr3FB_cdu1PJhZvm2IklCulgwoMzPYkKNPj2b3onyZnj4nrO62-9XIAKGDriRLtpDJ-GATlRuUTBTfwEoMZBRRbdkbfZKCSA5yloVgthLVDGqRRfSaAVTmAOjgx3S96bhOW-YpdsASSE7_foOmI6ZonfqK_HgG7Rz48MFPUpD2ZpKAvPPk6dmq_F6tsOGMPHeuus02WPLtBa7pzod-lqXkYKqvhqTYTElfOeBqWJspWIhhTtBBKKV_qHS0oATwcyp3jA==&cb=_clvlrqlqnynnt93plkgyan&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122318333791d2932ca742d7a843387a06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
nanouwho.com/27/baab65ddfb564e5587a7baa428aef61b
139.45.197.242200 OK 7 B URL HTTP/2 nanouwho.com/27/baab65ddfb564e5587a7baa428aef61b
IP 139.45.197.242:0
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
Analyzer Verdict Alert quad9 Sinkholed
GET /27/baab65ddfb564e5587a7baa428aef61b HTTP/1.1
Host: nanouwho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Wed, 21 Dec 2022 09:23:50 GMT
expires: Wed, 20 Jan 2083 09:23:50 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
172.67.204.56200 OK 11 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
IP 172.67.204.56:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 34176e1c965cccf95234e8b686666b02
3305aadccc29cfddbfd3602c415f44b72d15ec3b
208e1ae8cbf78aaa61b40092b0b087e3a796ca6b6171ba77dd7c2cdf30606ba1
GET /wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: image/png
content-length: 10784
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:28:28 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 137127
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7abdd330b61-OSL
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1.png
172.67.204.56200 OK 6.3 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1.png
IP 172.67.204.56:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f927a2fdc7103e8b411ee7be4456c5d4
db3fe792c3b6867145bccb4c476911610e2281a9
f6b7f7bda983115d684ba375a45241182b2321c4d20175986a4322cc9d3bb80a
GET /wp-content/uploads/2022/03/favicon-cuevana-1-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: image/png
content-length: 6324
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 00:08:56 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 170701
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7abdd320b61-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuevana3.nu/wp-content/themes/cuevana/assets/img/twitter.svg
172.67.204.56200 OK 2.0 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/twitter.svg
IP 172.67.204.56:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4507), with no line terminators
Hash 8ffdb2f8fd83bdc6fa6ae0855496934e
0f8c7b14b3d85ba1a3ebd4b4706c57a0e90e1b4a
c9117b3d1ac4510de0a57106f881a03f8a7cee39c3d207a1511aabec1ac0c109
GET /wp-content/themes/cuevana/assets/img/twitter.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 11:17:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 130606
server: cloudflare
cf-ray: 77e4e7a86b210b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/dme4t3ze3412
142.250.74.97301 Moved Permanently 345 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://uptobox.com/dme4t3ze3412
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 5b03ba74a7f9082087ddbcb7eee608b7
5caa0bcaf872a7739be98d882f9df278747a40bc
b0c309c1e2c5cc26f5de201fc881922768b501a4d6d38049669c0890eaaa6c3d
GET /s2/favicons?domain=https://uptobox.com/dme4t3ze3412 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/dme4t3ze3412&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 22:41:11 GMT
expires: Sat, 24 Dec 2022 00:41:11 GMT
cache-control: public, max-age=7200
age: 3164
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4
142.250.74.97301 Moved Permanently 423 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1db67e6a023117cb4805416670a59f8c
1ac0f3f1e25c3191cbbcfb3c085dad163546776a
5a68fb068179a41f932452a2160429a4955df93913b1bbe11aa8157f5b5656ed
GET /s2/favicons?domain=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4 HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10309
Expires: Sat, 24 Dec 2022 02:25:44 GMT
Date: Fri, 23 Dec 2022 23:33:55 GMT
Connection: keep-alive
s2.googleusercontent.com/s2/favicons?domain=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb
142.250.74.97301 Moved Permanently 356 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a7a770f6d47e1142ceb55a6f8b49a140
d7c1b9d9717935b8e9ef3f463275dc114ee01e74
db752e89214a805353a7697fe8827fc9992e7ac3d16c889101667450ed71967d
GET /s2/favicons?domain=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.slim.min.js
69.16.175.42200 OK 25 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.slim.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (65241)
Hash ae3ffbb71d763d2a1ca869e4866b23ae
22723a163afd77efe96e92eaca712583612b3e73
29dda737fcaf96a8a4ea6d0dd66c6e379a4c98cf3374647388650ee6e48a462c
GET /jquery-3.6.0.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:55 GMT
content-encoding: gzip
content-length: 24587
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-11ab4"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CPORmZ0GEocBCiRmNDZlNGQxNS05Mjc3LTRmNjMtODBhMy0zNzM5ZDRlMTM5MDQQ+OiCoKvU+wIaBgjj9ZidBiIMOTEuOTAuNDIuMTU0KLrBATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkN2YyMGNiMDMtZjY5Mi00NDA0LTgyZTUtOGMwYmU2ZjViY2Y1GIvAASIYCAISFGNkczI1OC5zazEuaHdjZG4ubmV0.puyiX2nrKJz0pfjGiQjKwG5coHo3yPEAkTTyR3emi+o=
x-hw: 1671838435.dop214.sk1.t,1671838435.cds065.sk1.hn,1671838435.cds258.sk1.c
X-Firefox-Spdy: h2
playercine.cinestart.net/play_white.png
104.21.58.88200 OK 2.2 kB URL HTTP/2 playercine.cinestart.net/play_white.png
IP 104.21.58.88:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 586c4a0da292bad6d6303d86f9170a49
782ccb8658663e83b265c1a3d469e16682d5b2ee
a5fae08174aebfda56f78b7913082f4a72d52282faef978478ad943cd1db6329
GET /play_white.png HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: image/png
content-length: 2209
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 11:56:27 GMT
last-modified: Sun, 14 Aug 2022 23:11:47 GMT
access-control-allow-origin: *
cf-cache-status: HIT
age: 128248
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYPYreLQ2rA6sHMm%2FMie30nJl0id5XXpE3qepMq%2FeBrKIHgg%2BpSjkc16iOp6UupeYvOF1FMJmBSXocaetAsqpSH%2FCZMvmTx6cKZ9PrDPdu7epD1f5h5qPfmwAK672xtL1XPm0y1hbFJ4TqY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 77e4e7ac8aa11bfe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j
142.250.74.97301 Moved Permanently 363 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash a8df217e1b00c592d25a07724d7eb218
9e9b33c16e373469fdf237222b915c654d2d3795
a59a3750a309f2c78553cccf5c6ee694f768e411a42c608b0628093ace9c1500
GET /s2/favicons?domain=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 363
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
142.250.74.97301 Moved Permanently 446 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 9059d93d75a9f575ec4092c9a7820fbd
893020dd304b05bbc5ce0221c6ca813de5894177
6b6278f2fe9c9611c85293dae9c0d797c2a6a56ec989248e1bcd085b374937b5
GET /s2/favicons?domain=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 446
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/facebook.svg
172.67.204.56200 OK 792 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/facebook.svg
IP 172.67.204.56:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash faf19dcdc38270052a6b2a087613472c
41cca61654f26db714e2fa2b53eb33ec57471e95
8d10f5f97b3fd86105679a9649ecbe428f0f58571ddf0199df41ac81283ca183
GET /wp-content/themes/cuevana/assets/img/facebook.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 11:17:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 130606
server: cloudflare
cf-ray: 77e4e7a86b1f0b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/hKFUURaa
142.250.74.97301 Moved Permanently 342 B URL HTTP/2 s2.googleusercontent.com/s2/favicons?domain=https://mega.nz/file/hKFUURaa
IP 142.250.74.97:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 21a53270f1af9e1d2ab4f9ca34e8d405
017506f7ab3fc76eaf6c945614a1dd760d353495
f75228b42ea97511d62393cf6064851168817dd48c947a6c9cae844abed77692
GET /s2/favicons?domain=https://mega.nz/file/hKFUURaa HTTP/1.1
Host: s2.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/hKFUURaa&size=16
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Sat, 24 Dec 2022 00:03:55 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b92387330acabeb3e5475a52f789314e
c27aa6c638e130063905e556d5d2213dcadb690f
b67e7688d3ed7d4a7aaa9bae8c083f296ed9f52986e8bddbcc93ac13ae02a6af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9bbf0437-e3f8-4c0c-ac43-11a9d84659cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4576
x-amzn-requestid: 81468234-ef31-40ad-b003-2d22e8fd2ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnpAGi8oAMFXBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fd3-0ddf619f2677a5a134334202;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: k0iAdchmYKi0_s5TLmEUA6zgrkAwv5VOylgHbHt0vnnMfwJHpvUuGg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:45:56 GMT
etag: "c27aa6c638e130063905e556d5d2213dcadb690f"
content-type: image/jpeg
age: 6479
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=304622890&t=pageview&_s=1&dl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&ul=en-us&de=UTF-8&dt=Mira%20el%20epidosio%203%20de%20Sean%20eternos%3A%20Campeones%20de%20Am%C3%A9rica%20%7C%20Temporada%201%20online%20gratis%20en%20Cuevana%203&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=692366500&gjid=1005231534&cid=2054460243.1671838434&tid=UA-209818749-2&_gid=477794798.1671838434&_r=1>m=2oubu0&z=1902036305
216.239.32.178200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=304622890&t=pageview&_s=1&dl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&ul=en-us&de=UTF-8&dt=Mira%20el%20epidosio%203%20de%20Sean%20eternos%3A%20Campeones%20de%20Am%C3%A9rica%20%7C%20Temporada%201%20online%20gratis%20en%20Cuevana%203&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=692366500&gjid=1005231534&cid=2054460243.1671838434&tid=UA-209818749-2&_gid=477794798.1671838434&_r=1>m=2oubu0&z=1902036305
IP 216.239.32.178:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=304622890&t=pageview&_s=1&dl=http%3A%2F%2Fcuevana3.nu%2Fver-el-episodio%2Fepisodio-3-de-sean-eternos-campeones-de-america-temporada-1%2F&ul=en-us&de=UTF-8&dt=Mira%20el%20epidosio%203%20de%20Sean%20eternos%3A%20Campeones%20de%20Am%C3%A9rica%20%7C%20Temporada%201%20online%20gratis%20en%20Cuevana%203&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=692366500&gjid=1005231534&cid=2054460243.1671838434&tid=UA-209818749-2&_gid=477794798.1671838434&_r=1>m=2oubu0&z=1902036305 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://cuevana3.nu
date: Fri, 23 Dec 2022 23:33:55 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 207ccd76f1cb9ad0bde74cc9441c518b
bcacbdc5dc63a1f016714de2a83c9c78e7913ac7
8a7934b7f0d20934e910f5ae50f76d23dc1c1e2ef298fa10884a2e3ddeea54aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7a3141db-c19d-4305-bc5b-a3a8f7e9bdd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9401
x-amzn-requestid: 6c3b78d2-034c-4579-b0f1-a3beaf911d76
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnqjFAeoAMFskg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fdc-023251092fc027c120416809;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:38:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bhH4HQqXVBhknSXqo2ovzbJFPdv8KsemiGuFxcDfTqdT4XLilInI7A==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:42:46 GMT
age: 6669
etag: "bcacbdc5dc63a1f016714de2a83c9c78e7913ac7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 50705ab69dfed4f096be357417729ea6
86b6a457d2eefd5104561d15a9557441f10804f2
30cc593e7bf3cf1af8977f7c7a22c12f5c4e859c55a4efffcd504b7e56c74dbf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2b7298a2-2f41-4b7e-a1c6-2819da4067a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12686
x-amzn-requestid: 5ff517eb-a8ea-4051-9277-7730c04003d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dhyVlH_toAMF-QA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3ca89-197af9f660f57fd11e178cd6;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 03:10:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: niapAUk39VyD6tjbfb91o8MoKBAEVV97AVmVIbC9qKRR_S8HbraMCQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:07:49 GMT
age: 69966
etag: "86b6a457d2eefd5104561d15a9557441f10804f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fc328f2e44d4ac962c03be665dbf6436
7ac1bb5dd0d42c9cb2e6a67b06b55934190691fe
7d7ced4a7da10564449ddec77f05d85557a2b2f7e8fe2a7d15541c7b52aee928
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7CED4A7DA10564449DDEC77F05D85557A2B2F7E8FE2A7D15541C7B52AEE928"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10309
Expires: Sat, 24 Dec 2022 02:25:44 GMT
Date: Fri, 23 Dec 2022 23:33:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7514aea8a6ecc6d2c4c4362719ec1f71
cb1cbae883c69fba75b584248c2ba79663175e66
0233fca45e85ea0fcd83083ce1c32084411067d01df99eb67ce15d00c361a16e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09ea23fe-7e38-4bc2-9a3c-0348db307737.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6663
x-amzn-requestid: 7a457075-fb06-4be7-be96-c9d5e176e39a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnPzGukIAMF1OA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f31-59b7441372a27f0f793c73e7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8jyYxcwtnu2wp4WRjfajYUxuPcDgqe04Ap6d8ELFbBLblXyM6mL-Hg==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:51 GMT
age: 6844
etag: "cb1cbae883c69fba75b584248c2ba79663175e66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d90b80ebad103c48c3043c8d5e4c3ca
ab36c9309ce13b2a3d075461c2445f76bfc582aa
2287a6db0a6a58c570930c1f94c3b36d7acf383b26cdfa42261eb254598fa7c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d8a813d-10ee-4216-bb6b-8bcd1d8141e4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7669
x-amzn-requestid: 4b35e79d-21c8-48d7-b11b-44bd820e29d2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnROG4UoAMFZdA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f3a-765739ad7e9063781ccb12b2;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:35:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lhQA2yVBNtJ04goTms0KXhX6Q4v86TEe4EUioQs3eJzzMsCxbVmykw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:39:58 GMT
age: 6837
etag: "ab36c9309ce13b2a3d075461c2445f76bfc582aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fae75097a9e461f59779e2725dd153d9
95b1e2797d9d047ca71f60851976937e83c804be
63981e99d995c1c79028f5e2205883a13ef9b1b96f3aa47cde2f4aa08ae6badb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f2370a8-14bd-40e5-9d9f-63e8b4b4e9f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10613
x-amzn-requestid: da298549-e2ce-47b1-9efa-ed817c6c416c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnniXE12oAMF-Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61fa8-2b396ad16595c0b349fdb450;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:37:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _C8_4MMvadzwCZt0X_zX1Ors5vXDfS3NUMZAYFYwMXwZZOhpwsBdhA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:46:08 GMT
age: 6467
etag: "95b1e2797d9d047ca71f60851976937e83c804be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&size=16
142.250.74.164404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&size=16
IP 142.250.74.164:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j&size=16
142.250.74.164404 Not Found 726 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j&size=16
IP 142.250.74.164:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b8a0bf372c762e966cc99ede8682bc71
2d7c9b60d1e2b4f4726141de2e4ab738110b9287
59bfe9bc385ad69f50793ce4a53397316d7a875a7148a63c16df9b674c6cda64
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://dood.re/e/yjnoj1qfifycmuscnasy4d0pmk23z79j&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
content-type: image/png
x-content-type-options: nosniff
date: Fri, 23 Dec 2022 23:33:55 GMT
server: sffe
content-length: 726
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/dme4t3ze3412&size=16
142.250.74.164200 OK 628 B URL HTTP/2 t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/dme4t3ze3412&size=16
IP 142.250.74.164:0
File type PNG image data, 16 x 14, 8-bit colormap, non-interlaced\012- data
Hash a025a7d0ad9c9dcb11225d8ff891e2ab
7e31fbedf07c440553337ef9ccede378ff1723c3
1475fd2e3e237b87f41c35f27cb33d944b63b847c34909129eec1d7a9bf99f6e
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/dme4t3ze3412&size=16 HTTP/1.1
Host: t0.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://uptobox.com/assets/images/utb.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Fri, 30 Dec 2022 23:33:55 GMT
cache-control: public, max-age=604800
last-modified: Wed, 27 Jun 2018 16:00:04 GMT
content-type: image/png
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d7dc6f29af0912baf33dc26771c4bda2
032fcf4f0dff6644aceadade92866c74937e6540
6dfcbb4b2403b85a352f8602c24e0555c4e66d77638e9f77d57c041651f6834e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d872150b0e3a2ecf47baf169f96667d0
be99b2d35103a5f609a40c8198312b41b746d881
15da97f20dd93cf2dd2b62692cf8703e848e3514b9396ffaa7859f8b7f546810
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "15DA97F20DD93CF2DD2B62692CF8703E848E3514B9396FFAA7859F8B7F546810"
Last-Modified: Thu, 22 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2793
Expires: Sat, 24 Dec 2022 00:20:28 GMT
Date: Fri, 23 Dec 2022 23:33:55 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b9643a377daeefa9e867de25d84d90a4
7ab8aade6752606edfa9a6e68248fdbdca76dae8
0265378147b5eaa4ad2c4f570790b2b71b1abe8386e674c565bf0885396c04d0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
142.250.74.100200 OK 852 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash faf64e32ce748dabf3d57c6daa6a00f7
46317741e4d001feb10442fb300ac4876ac14bd9
0de27c32ce9d9a34eb1c3f57169cb4cc44869cb143a3a5c56b4ef491cd6be4d2
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-location: https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 05:47:33 GMT
expires: Wed, 28 Dec 2022 05:47:33 GMT
cache-control: public, max-age=604800
age: 236782
last-modified: Fri, 23 Jul 2021 13:14:38 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?xob5yqi16mf3gc79uzoh&size=16
142.250.74.100200 OK 777 B URL HTTP/2 t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?xob5yqi16mf3gc79uzoh&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ea70b34ee38dc7e303778a47d2b46a13
58ae85c0048f4e0580992b0b8f5e5c3aa73fa499
62d589b58a50dbcc9fb91095fdddcde6a20574f085e60492b1fbbd2be693682a
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?xob5yqi16mf3gc79uzoh&size=16 HTTP/1.1
Host: t3.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://1fichier.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 777
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Fri, 30 Dec 2022 23:33:55 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb&size=16
142.250.74.36200 OK 208 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f0ab24d7db30da671378a612dea6d1b4
809ed7757e5ebcd0b92b8f088777985f2e4efeaa
9462480ba0ccf4874a47eef9474f7ee209ab23c00fc371098c0aa76dcaf06cc2
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://netu.cinecalidad.run/f/Naj6Iqo1XPjb&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: http://m.56.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 208
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Fri, 30 Dec 2022 23:33:55 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/hKFUURaa&size=16
142.250.74.36200 OK 454 B URL HTTP/2 t1.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/hKFUURaa&size=16
IP 142.250.74.36:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash b47dc0281a58eb5dcbefb21f7d9f2f8b
9ca10c8524a596da424cfe4ad62902b6c3107172
3bb219a803b2aafd036cd2c0133a3b41c9e97d6f22c48c5884aad12b9a8b4c89
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/hKFUURaa&size=16 HTTP/1.1
Host: t1.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://mega.nz/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 454
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Fri, 30 Dec 2022 23:33:55 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
104.21.58.88200 OK 1.2 kB URL HTTP/2 playercine.cinestart.net/player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd
IP 104.21.58.88:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 17baf7e963e342ab06ac9643bcbe8651
c5e456e9a7df51af69fdfd827987d94bcc10f55e
22e997adc3c8c3a0ce693ed5ea7420e66ea6dfa4e1a8eec5d5baf67716ee143c
GET /player.php?id=SjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw&token=TLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd HTTP/1.1
Host: playercine.cinestart.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDOxAs90A6BFfljd7Q2RbJq%2FK8ufh4mlRHie7qRtrmiS18FMwW6S1Q%2B%2FeUZSzhWLx5sNt043habfSRK6wS7AD8r0CIKE98k5p6Xc4eO1y7N94HcCeGXYzDoj%2FEK%2BK%2FJ%2B%2BWcDZXwNf%2Br1B%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77e4e7a8a81b1bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4&size=16
142.250.74.100200 OK 322 B URL HTTP/2 t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4&size=16
IP 142.250.74.100:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash ba302bf2d985656c246192711ecca2b1
a840bfe607d5e5e541f0bea815d05df854eb82da
7c6bd37c6a447079333906dd16c5ce4e33d2276ce8ce9d2e4c154e961d32ba92
GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://streamtape.com/e/LXdo8gJagmIyoJ/Sean.eternos.Campeones.de.America.S01E03.1080p.lat.cinecalidad.run.mp4&size=16 HTTP/1.1
Host: t2.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/png
content-location: https://streamtape.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 322
date: Fri, 23 Dec 2022 23:33:55 GMT
expires: Fri, 30 Dec 2022 23:33:55 GMT
cache-control: public, max-age=604800
last-modified: Sun, 03 May 2020 09:22:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?userId=8e3e61e4a04f46b88dac51161b10538a
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=8e3e61e4a04f46b88dac51161b10538a
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 2645644a8693726c5975044d8588da59
fa41289c84d5931b3c6b6cd827926d5b38e61fb7
cd031966e181d6f6747299a885d6752ce25dc84817a55a5b3c70d9d24f7cd737
GET /gid.js?userId=8e3e61e4a04f46b88dac51161b10538a HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://playercine.cinestart.net
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Cookie: ID=89ced2651f3045e8978ff5850f1ebbd6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://playercine.cinestart.net
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:55 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/pTOmYkE9h5w
IP 142.250.74.131:0
Hash 6214b247965b0560777c21930118eccf
d5f2480f98828ecf87f04b2b479f1a735d69ebd2
7dced27ec0b6b9f007cff738028d8893b96785f15657fe0e8376083d62662626
POST /s/gts1p5/pTOmYkE9h5w HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 23:33:55 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c5b0f55bf63a36fce0a246df2039a407
2970cf26ace931d06195838af978ae13b8ccd843
cf84f2b532bc16c028fc93c3d910e2431f989a3d8fe1ffcbc3c08122ec18fe65
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafc522eb-7237-4387-a813-3d8a7c2ad6cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: 10e24df4-2ac1-46cc-86ac-6fbbb25a2ece
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dnnbBHexIAMFX4Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a61f79-13279779115da25e040775f7;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 21:36:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: v_XlpT3Oy2lyDC3c0wjqIcD4oKjU0Ry9zSaly_xbX-62sF40OWXuhg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 21:56:20 GMT
age: 5862
etag: "2970cf26ace931d06195838af978ae13b8ccd843"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90
IP 172.67.204.56:0
GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:51 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137522
server: cloudflare
cf-ray: 77e4e7a22f840b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
waisheph.com/?rb=1jWQGUTI_ruGhThthLSHnmoGnKoPRSHwI6CzoZaYIgWwEkp1XLWdyb0MRxTQpaQRL-XErI84kTyYjkPTOJ2oYtR_9o8fbfqSoXtgweUBWjIEMMbo8UAVP0ojQNA1m4mzDUrHHLf2sK0LGTje7u5devIEM7lLieMyzPKhkvbUl0OkK4jD33vsIkmvOJwbCGljK0SJ5xHClsTouFkiE08H-DNuZpuIZt_0iaPnENJxhk4mxNLV4AVCzVrLj7C8i0a4&request_ab2=96003&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1044&wih=590&wiw=1044&wfc=6&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DSjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=d7563d72-446e-4639-b6fc-ce0cae3bd7f2&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link
139.45.197.245200 OK 0 B URL HTTP/2 waisheph.com/?rb=1jWQGUTI_ruGhThthLSHnmoGnKoPRSHwI6CzoZaYIgWwEkp1XLWdyb0MRxTQpaQRL-XErI84kTyYjkPTOJ2oYtR_9o8fbfqSoXtgweUBWjIEMMbo8UAVP0ojQNA1m4mzDUrHHLf2sK0LGTje7u5devIEM7lLieMyzPKhkvbUl0OkK4jD33vsIkmvOJwbCGljK0SJ5xHClsTouFkiE08H-DNuZpuIZt_0iaPnENJxhk4mxNLV4AVCzVrLj7C8i0a4&request_ab2=96003&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1044&wih=590&wiw=1044&wfc=6&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DSjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=d7563d72-446e-4639-b6fc-ce0cae3bd7f2&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link
IP 139.45.197.245:0
GET /?rb=1jWQGUTI_ruGhThthLSHnmoGnKoPRSHwI6CzoZaYIgWwEkp1XLWdyb0MRxTQpaQRL-XErI84kTyYjkPTOJ2oYtR_9o8fbfqSoXtgweUBWjIEMMbo8UAVP0ojQNA1m4mzDUrHHLf2sK0LGTje7u5devIEM7lLieMyzPKhkvbUl0OkK4jD33vsIkmvOJwbCGljK0SJ5xHClsTouFkiE08H-DNuZpuIZt_0iaPnENJxhk4mxNLV4AVCzVrLj7C8i0a4&request_ab2=96003&zoneid=5508024&js_build=iclick-v1.464.1&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1044&wih=590&wiw=1044&wfc=6&pl=https%3A%2F%2Fplayercine.cinestart.net%2Fplayer.php%3Fid%3DSjFiZGxyQWlwNFFUd1lWdlErK0l3eU1rMW1aRmd1YWxIT2UwWEtNdDVnd3Q3YmhMajIyUE0yUnpPc0IxVXV4Qw%26token%3DTLK4BJAiaU9NSYnpHky9vwL5IMX8QoFI2c0WsNn3aIlSvgwN242LhkES0edUXjJd&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.464.1&bs=d7563d72-446e-4639-b6fc-ce0cae3bd7f2&userId=89ced2651f3045e8978ff5850f1ebbd6&m=link HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://playercine.cinestart.net/
Origin: https://playercine.cinestart.net
Connection: keep-alive
Cookie: OAID=8e3e61e4a04f46b88dac51161b10538a; oaidts=1671838435
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: application/json
x-trace-id: 0e4d9767b34dbb9d0bf6a98655706620
access-control-allow-origin: https://playercine.cinestart.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=89ced2651f3045e8978ff5850f1ebbd6; expires=Sat, 23 Dec 2023 23:33:55 GMT; path=/; secure; SameSite=None
oaidts=1671838435; expires=Sat, 23 Dec 2023 23:33:55 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Fri, 30 Dec 2022 23:33:55 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.85097200%201671760869
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.85097200%201671760869
IP 172.67.204.56:0
GET /wp-content/themes/cuevana/assets/js/main.js?ver=0.85097200%201671760869 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 16:13:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77e4e7a22f860b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_cls7sxb7rtjqus83d4rots&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3768740300734181
62.122.171.6200 OK 0 B URL HTTP/2 omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_cls7sxb7rtjqus83d4rots&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3768740300734181
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955965?zoneid=1955965&jp=_cls7sxb7rtjqus83d4rots&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=3768740300734181 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212231833ee044c06c2034be0936b50cf5a; Path=/; Expires=Sat, 23 Dec 2023 23:33:54 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_cl9rlek2pilbisx9p33wib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953990533627946
62.122.171.6200 OK 0 B URL HTTP/2 omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_cl9rlek2pilbisx9p33wib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953990533627946
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955964?zoneid=1955964&jp=_cl9rlek2pilbisx9p33wib&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=953990533627946 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:54 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22122318335c6088c39cad40ac9b3866b473; Path=/; Expires=Sat, 23 Dec 2023 23:33:54 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
waisheph.com/5/5508024
139.45.197.245200 OK 0 B IP 139.45.197.245:0
GET /5/5508024 HTTP/1.1
Host: waisheph.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://playercine.cinestart.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 23:33:55 GMT
content-type: application/javascript
x-trace-id: b0931bc5935926a571852fc15f939fac
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=8e3e61e4a04f46b88dac51161b10538a; expires=Sat, 23 Dec 2023 23:33:55 GMT; path=/; secure; SameSite=None
oaidts=1671838435; expires=Sat, 23 Dec 2023 23:33:55 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.204.56:0
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:51 GMT
last-modified: Sun, 13 Nov 2022 01:43:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137522
server: cloudflare
cf-ray: 77e4e7a23f990b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/img/latino.svg
IP 172.67.204.56:0
GET /wp-content/themes/cuevana/assets/img/latino.svg HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: image/svg+xml
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 15:05:51 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 116883
server: cloudflare
cf-ray: 77e4e7a22f900b61-OSL
content-encoding: br
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
172.67.204.56200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
IP 172.67.204.56:0
GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 23:33:53 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:34 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 137539
server: cloudflare
cf-ray: 77e4e7a24fa40b61-OSL
content-encoding: br
X-Firefox-Spdy: h2