r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5223
Expires: Fri, 02 Dec 2022 08:29:30 GMT
Date: Fri, 02 Dec 2022 07:02:27 GMT
Connection: keep-alive
aecid.bo/dqui/COR3.zip
192.185.71.137302 Moved Temporarily 0 B IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /dqui/COR3.zip HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Moved Temporarily
Date: Fri, 02 Dec 2022 07:02:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: http://aecid.bo/portal/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4231
Cache-Control: max-age=103156
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:27 GMT
Etag: "63888270-1d7"
Expires: Sat, 03 Dec 2022 11:41:43 GMT
Last-Modified: Thu, 01 Dec 2022 10:31:12 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 06:18:11 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2656
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2963
Expires: Fri, 02 Dec 2022 07:51:50 GMT
Date: Fri, 02 Dec 2022 07:02:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 78kDWkZyIY2+saGUdDEX/TyIFWHqO6qDvEwzBXNoPTkiS0ZgPPAalXgroN8jKlrqegdFozr+uoU=
x-amz-request-id: 6AXAEFJE1WERQE9R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 06:46:36 GMT
age: 951
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
aecid.bo/portal/
192.185.71.137301 Moved Permanently 0 B IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/ HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 07:02:27 GMT
Server: Apache
X-Redirect-By: WordPress
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Location: https://aecid.bo/portal/
Content-Length: 0
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 06:11:15 GMT
cache-control: public,max-age=3600
age: 3072
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7f9bcc713c2aaf365e1abbaa15f9f693
81e131711e1d01dbfe333916cb3a353c49bda4ec
a60b54ecc2625e8409e5887510118653d848ea98b99905b6ccb2b1c3ff7de93b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A60B54ECC2625E8409E5887510118653D848EA98B99905B6CCB2B1C3FF7DE93B"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21531
Expires: Fri, 02 Dec 2022 13:01:18 GMT
Date: Fri, 02 Dec 2022 07:02:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4227
Cache-Control: max-age=98089
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:27 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:17:16 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aecid.bo/portal/wp-content/themes/modernize/stylesheet/layout-responsive.css
192.185.71.137200 OK 2.4 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/layout-responsive.css
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 43c7c7cf8d7b2c9a265e78da76f9ad64
457205d26b2e3956f811e178d710dfd6371b062d
ca1310a7e227030aec1206c05872b11ff7208cf0d4922fdb300f3980c12dc5c3
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/layout-responsive.css HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2352
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?key=AIzaSyBFKUI50uuZ5rixU9FDRccwqlDO3tDl3N0&language=es&ver=1.11.7
142.250.74.106200 OK 54 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBFKUI50uuZ5rixU9FDRccwqlDO3tDl3N0&language=es&ver=1.11.7
IP 142.250.74.106:0
File type ASCII text, with very long lines (2432)
Hash 26b626a1520447f76f90aad13ad95b4c
368d4e5cf3f56411d5dcf4ffa48b0d2d322f357b
968a69358a8c3e3069768cf1fcb83c206f4a3c09622233ccfd4e5006bd3e9ec2
GET /maps/api/js?key=AIzaSyBFKUI50uuZ5rixU9FDRccwqlDO3tDl3N0&language=es&ver=1.11.7 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 53700
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=22
date: Fri, 02 Dec 2022 07:01:52 GMT
expires: Fri, 02 Dec 2022 07:31:52 GMT
cache-control: public, max-age=1800
content-type: text/javascript; charset=UTF-8
age: 36
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/stylesheet/gdlr-woocommerce.css?ver=6.1.1
192.185.71.137200 OK 6.0 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/gdlr-woocommerce.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (890)
Hash a422e00d5d94b1516c4dfad22e7cec98
c23bf64a0ac684d50166a81b7de08a233bcd9432
0a7f676e43d6ea1f16024b3d662162e0193cc00645e6275dd2d1a42c20c102aa
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/gdlr-woocommerce.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5975
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/style.css
192.185.71.137200 OK 14 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/style.css
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (493), with CRLF line terminators
Hash ea9c2be01bc13e5119fc670c59e08140
0a42694787d0c4ce1f4366fe8e81220a87fadfc6
78864f39541f2011639f2a04a42a0d550653a49a9e6c953cb617d34b5ff0c9e9
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/style.css HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 13686
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
192.185.71.137200 OK 3.7 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (1009), with CRLF line terminators
Hash e0c454ed6db14457c6c9f475ae929723
b269b42cd89440d6acf99f222d7ec9327fc7882b
a389db7b1e167bfccf08b320f878c258836df43b980dce4b7de9e315431307a2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 20:42:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3694
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/css/layerslider.css?ver=7.0.7
192.185.71.137200 OK 5.7 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/css/layerslider.css?ver=7.0.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash daac43fe18ad03961f15c9067f7fc37e
0216525ee151fb1daf1453019afd9c8fa638940c
0542b49a871c1c95e9683ca5d57d5d5bf4cff51571616b5a60e34afcbaedfe83
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/layerslider/assets/static/layerslider/css/layerslider.css?ver=7.0.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:01:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5704
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/css/classic-themes.min.css?ver=1
192.185.71.137200 OK 189 B URL HTTP/2 aecid.bo/portal/wp-includes/css/classic-themes.min.css?ver=1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 25 Oct 2022 13:45:16 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/css/style.css?ver=6.1.1
192.185.71.137200 OK 1.1 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/css/style.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a4a6225caf7d7e76ad8b53c61ddcfb4f
37937d1ae6b6eee091eb3b31aa942970f9ee75cd
793dec1991811a32313d1e781102ee0ffafc911750b893f612d6a5d7b81cd328
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/css/style.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1080
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/stylesheet/superfish.css?ver=6.1.1
192.185.71.137200 OK 684 B URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/superfish.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash e2a80a842255bc9ebb3b68b323bdb496
5f0c579c2518cc6bb3b53cdfafccd0cf9e58b69b
a2f64be75c46202e29cdb9eae944c1006fddacd817a587a3e95b92f47f910238
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/superfish.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 684
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 05917f7542a781275c12d43562be1507
1ea730e7e2b5a84fb0341ef9a64b141a4dd469b3
2f24492a077b583bd9dfe049c16c60b219d950712879f187ff2160214df9bd0e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.166.172.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.166.172.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: cPjpTn4TW//AWx8APOkN0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8SlMgPuitO3hjb0TVoWRhw5t2eg=
aecid.bo/portal/wp-content/themes/modernize/stylesheet/skeleton-responsive.css
192.185.71.137200 OK 3.3 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/skeleton-responsive.css
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 2fcd14beebd5640a82dea20b61b602be
e4738b0488d6bd86b0f8dfcf39577116a8ae8609
cabae9462e5c6835c0e7cd18f73b472e36a165303f9e0844a74b594f3556c0a6
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/skeleton-responsive.css HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3329
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.css?ver=6.1.1
192.185.71.137200 OK 1.7 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4f805e483d6ad9f49fc5b5fef33bd5a1
f8f38111cb54d86cc279aeb872ce4678e0bcc543
21c702649a01bb90bee0bd47453b5ab678608977d3522b11eab2d921d54a4ad6
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1656
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.css?ver=6.1.1
192.185.71.137200 OK 303 B URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3260ac6239e307b11c6cc222bb8f0fb8
85df155cb527d1406002dd5e59b773b7e3185432
463b628150320f377b92ca36eafd12b8cca875e7a0512c6bb6847798f7273553
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 303
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/css/core.gmap.css?ver=1.11.7
192.185.71.137200 OK 1.2 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/css/core.gmap.css?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 3cf42cc014ae0fd94d160e7b85ede54d
6008518a1dd3563610562f50aac7107e0f6f2261
d445e9922afcd9262572663ca8f2b260afa786bb9e6ed4a8fe01ec1a10f01ef2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/modules/gmap/css/core.gmap.css?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1177
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/hoverIntent.js?ver=1.0
192.185.71.137200 OK 1.4 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/hoverIntent.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash ad396a31bcae4ec87897b99c609cac85
6bbe34d7a6aa0969a8545fd4a5b1a2183a528400
c1f35ee944d6300ec4fd83b824d26a7d98c006c2ef9aaf79a7bf2594168be29b
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/hoverIntent.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1368
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
192.185.71.137200 OK 4.6 kB URL HTTP/2 aecid.bo/portal/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1
192.185.71.137200 OK 930 B URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 651e3acc0de57a604343b01a1e58376e
e82f59e033cc1d448d5c1835623bf377acf1f25f
01943d4a7da119072b775cfbc5bc603eed42fa3e6120152678d22b0209b9f2b7
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 930
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/stylesheet/flexslider.css?ver=6.1.1
192.185.71.137200 OK 1.2 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/stylesheet/flexslider.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 8f54d93a3bda8c39e4a12a761a17d168
fa5b2d21b778a08b6d06f976070f84743ffe9137
bd62a7da952bc9260f0c5b79423f761ac8c27e351782615a47f268fd0b4b4612
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/stylesheet/flexslider.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1192
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/js/comment-reply.min.js?ver=6.1.1
192.185.71.137200 OK 1.5 kB URL HTTP/2 aecid.bo/portal/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (2946)
Hash 92712acce6ce836d0a929b1800b4f9d6
8157d1380bb1d6dadfd85565dd464bb5b0ed06bd
2f82d181a2cadadf7d898d7f5ea2eb527106fb6413044b55fbfa4fb0081a2e09
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 08 Apr 2022 20:07:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1477
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/js/frontend.gmap.js?ver=1.11.7
192.185.71.137200 OK 1.7 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/js/frontend.gmap.js?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 4acefe65265c379119e035b7ed0fc68b
ff8adcabfa565de18d4099914e9dd6a6a00d1dd0
45eed4dfa447fad81bd99e6c11fb5139a7d1013f5d8940753218a506b36d98b1
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/modules/gmap/js/frontend.gmap.js?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1695
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/superfish.js?ver=1.0
192.185.71.137200 OK 1.5 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/superfish.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 9e812077ac40d5ff9416f49e002d5920
cfc125597d92e28f0ff15a492e3db7ef672ce108
3a46d03d5f4bf6c564cd8b548a2f5c90601ef043ca81f8913cfb5161acadb8e2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/superfish.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1535
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.js?ver=1.0
192.185.71.137200 OK 1.6 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e497bd1fbd58567aa278bb22a365662a
d456ae9263de2664f5fd5d0ca5bb474876cc0d4a
e7b3833bc02f644f46f8c6221b8d6ece7e5971df0c2559106ceb36f6d18c567c
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-thumbs.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1597
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.transitions.js?ver=7.0.7
192.185.71.137200 OK 3.6 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.transitions.js?ver=7.0.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 text, with very long lines (21440)
Hash ca6cd80d169444ace9a1b6b1d825cc1a
ce7447563f4eee9558776836da664aa883e3b3ca
ea09702d9b7a4e371ef5737add7e6c0eda74237409b8dd701fd1fd865fcfe5db
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.transitions.js?ver=7.0.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:01:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3604
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/gdl-scripts.js?ver=1.0
192.185.71.137200 OK 2.0 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/gdl-scripts.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 5920f6ca08e0f1fdb13cde63f1025ef1
6be19e99dd8002b87de237d65ce5188a479f9b48
da429ff4e3f15ff88b7d1d9bff582d873e45dda8dcddb7d3a3d7839259e10528
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/gdl-scripts.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1990
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/supersub.js?ver=1.0
192.185.71.137200 OK 1.6 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/supersub.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 9973eef31e28f09461ee55677b3a65a9
fba7d3658b124f5876fcbbda26366be3543d9573
6e86a6bdf427987670dab7297df281b04ea0408fd515ff69b44b347e55419b80
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/supersub.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1641
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-media.js?ver=1.0
192.185.71.137200 OK 2.1 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-media.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 733fa04ec3f525a0940cf3a8a6072c0f
4f701e75fa37845d24db9f57aa16c1581634e423
710ceebdffbdb3d0dc5e231b48548202c27c59b3cd2f1d8d27007256e8665b51
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox-media.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2105
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.easing.js?ver=1.0
192.185.71.137200 OK 2.8 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.easing.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash c83da02390e45784265672fcb6727ea6
77f304601e4596d3b601b2d5ffc5c6cb159b6c69
7fa285366097fb7f1ab9c79ac628545349d4753a28e81e9a4856bad1729044ac
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/jquery.easing.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2775
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/js/rotating_tweet.js?ver=1.9.10
192.185.71.137200 OK 3.9 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/js/rotating_tweet.js?ver=1.9.10
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (335), with CRLF line terminators
Hash 8b375f77c17adb9c30db5ce5aee64bbf
76de05b71d16dcdbb70d7d3e3e2799cd45c82a1e
58b93e52b5f94a0fafc1a79aa571adc865a08d2c311d24d92bda07bac87ee380
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/js/rotating_tweet.js?ver=1.9.10 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3940
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/images/retweet_on.png
192.185.71.137200 OK 1.1 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/images/retweet_on.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ae08480d4a413f1d3f68c506b882358a
1ae08a2862118ea14d355a1dbbf2afffb5917973
a31024be2dd669b182d0a0d3a42c25a2a9961469ebfeda11168bbaaf57866d05
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/images/retweet_on.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
content-length: 1096
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/marker/js/core.marker.js?ver=1.11.7
192.185.71.137200 OK 4.1 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/marker/js/core.marker.js?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash a15c1f7181d6c0f450c41227c08621fd
7cc17b9ac7d343b5e5d87fe9ff50b5dc3411f163
d4ecd3a36c0e559f94d28e3c8f488af953570589da6fc92a4bff3d95aa1134d2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/modules/marker/js/core.marker.js?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4058
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/images/retweet.png
192.185.71.137200 OK 1.1 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/images/retweet.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 3283aa38cda3d284a9e66872bb1d0f78
4dde37b711d980dcbed8c6b0295f409dda0dd047
0a07e633a0eca3e0bc7febeecb53d42e621c2dcf33c0eac8ece54d2adc203129
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/images/retweet.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
content-length: 1095
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/images/reply.png
192.185.71.137200 OK 1.2 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/images/reply.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 826bf84787cb8611b3badc6ef382a93d
c199fac6d3815c1b7bed5fd95186d92236631650
858f0f5593d377a0ddd169664bea43bf0f45b59134d4ee1bf16a0017d38d56ed
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/images/reply.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
content-length: 1153
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/js/core.js?ver=1.11.7
192.185.71.137200 OK 4.5 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/js/core.js?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash 6c573c5494c55526e143519d4690c7d1
f0cfcde2d71d3ffc6bba8dba1b52b32aa835a13f
f8326e1fcdd8cf2956215979814400c8a7a2d9a7797c13b756fd61489b3dca9b
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/js/core.js?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4474
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/rotatingtweets/images/favorite.png
192.185.71.137200 OK 1.3 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/rotatingtweets/images/favorite.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 55937859ef0363132a804361533af9e6
8fd91c396c39658da94a35589e047848762cf0dc
54e3c614f79d9df7e397208de9c69dfa1bbfcfe05c0bc127582285fce2de78e9
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/rotatingtweets/images/favorite.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:46:46 GMT
accept-ranges: bytes
content-length: 1329
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/facebook.png
192.185.71.137200 OK 3.1 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/facebook.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 4b010f72263ca0107e50dff95ab21706
3241cc45535642db5d16321bc8e4ed1eb053f7e8
99be9815f1ece2a0c2dd8fe03a12e384fe4b15079256939481a9c5a3b55e15c4
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/social/facebook.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3103
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/flickr.png
192.185.71.137200 OK 3.1 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/flickr.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash cb1bcbe9b4716e047aa6588f7c8ec180
89b16caef37f44c558813b4efe8f8869008fbc09
82a7127b62945a9334f4919b3ac6f8a94a4e85399e281414c992c51db582a6b2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/social/flickr.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3145
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/twitter.png
192.185.71.137200 OK 3.2 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/social/twitter.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash b4726b10962a5f20c6208d94302f150a
a5b49944166deaf856cd4f7c5746a6715683705b
e612ccb554d9a65724e96f0dfcdd2b53230528023702e654ce805c317f422810
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/social/twitter.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3162
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/uploads/2022/12/logo_header_aecid.png
192.185.71.137200 OK 25 kB URL HTTP/2 aecid.bo/portal/wp-content/uploads/2022/12/logo_header_aecid.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 503 x 85, 8-bit/color RGB, non-interlaced\012- data
Hash b18daf51213c7060484a41278d24dd2e
66617439fc137f0f5517e9e6eca601a82dff94c1
a893e124daebf35a99fd3301e8d3faaee69c4788127ee4da812977e9679af65f
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/uploads/2022/12/logo_header_aecid.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:44:30 GMT
accept-ranges: bytes
content-length: 24644
content-type: image/png
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.nivo.slider.pack.js?ver=1.0
192.185.71.137200 OK 7.9 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.nivo.slider.pack.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (386), with CRLF line terminators
Hash 48045fdf08d9f25e21d2f7083db5efec
b62b27b153d7bef0086ed83a464f2f5c39027372
69a713f8c30f4ba5c4b89e7214c9a3547580b562a89338187583e61808feee7a
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/jquery.nivo.slider.pack.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7857
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/js/common.js?ver=1.11.7
192.185.71.137200 OK 8.2 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/js/common.js?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (3365), with CRLF line terminators
Hash 68d36cb8ce9bc2d9d9fa1a7ce7e447f4
ed27aa33b2a4b4e95cf0f5bcdd9d2c07d15bc535
701d62acbdbda3838d814180d8dbed9872719da8d34143ebe239832daba12c26
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/js/common.js?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 8208
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/js/core.gmap.js?ver=1.11.7
192.185.71.137200 OK 9.1 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/gmap/js/core.gmap.js?ver=1.11.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with CRLF line terminators
Hash 78ad1db5b613d155e294ab156c273728
b0d8515ba0f32fb72ff79197a860c26ec51f7aa5
7331ec6b437df03130f21d94325af3f40baee685b34bcec783d1e4db1b28ccc2
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/modules/gmap/js/core.gmap.js?ver=1.11.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 9089
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/
192.185.71.137200 OK 41 kB IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash b4749c6e7dd240bc140be70a9dbf38d2
181bd4d288290dc8d2de258f24bc0d51f7613232
499576cc7b4d1061fd78563c6e66459bddd1c7535240d8cff8d801f7cd024952
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/ HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
link: <https://aecid.bo/portal/wp-json/>; rel="https://api.w.org/", <https://aecid.bo/portal/wp-json/wp/v2/pages/9>; rel="alternate"; type="application/json", <https://aecid.bo/portal/>; rel=shortlink
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 07:02:27 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.pack.js?ver=1.0
192.185.71.137200 OK 11 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.pack.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (645)
Hash 787ae599c58c7aa647cc69ce072d15c8
6901947addfb2a768761a70f160310a8a6cda4fc
29694f6e24ca212b83213b8d6a20b1d9a6056c6c2480718199fddf1fd10c250f
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/fancybox/jquery.fancybox.pack.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 11038
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.flexslider.js?ver=1.0
192.185.71.137200 OK 13 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.flexslider.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash d835f4064316cef10075b93991a88347
1a0c032d84095105de86b29aef5cb1af3784dc36
7dc5e701513d87472c605fa9e4f95d2d50590230ce96986837c15d3a0d5960aa
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/jquery.flexslider.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12703
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.fitvids.js?ver=1.0
192.185.71.137200 OK 1.2 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/javascript/jquery.fitvids.js?ver=1.0
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document, ASCII text, with CRLF line terminators
Hash 280fdeff83d1a633149e10fb1c4e7069
e4116ec170e4e9fc6852a69a54684eb57c403a13
252840593ad03447f7cf0f99ee23969990e80474bf342d4049cc8ec1f230c8a7
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/javascript/jquery.fitvids.js?ver=1.0 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1163
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
192.185.71.137200 OK 5.3 kB URL HTTP/2 aecid.bo/portal/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (15660)
Hash 710f8b142ea44c0682dc2c30f318f065
49144e9b3a76d3d383b1d4359cf7a25e947f4233
708bb5819879a2a2c7670abc20a58cca68a415ffd621011cbc4c3c9d82dddc50
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 12 Apr 2022 05:56:23 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5321
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
216.58.207.227200 OK 32 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 31760, version 1.0\012- data
Hash fda4d0b623999af43148ba34c3b1ff73
ca5496af89720cc3e94e6279132f252b7cd471a6
33befdbbb24930584f5ac94ea3117adcd56518f20ab1619d05de83ffd1821d38
GET /s/montserrat/v25/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 31760
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:26 GMT
expires: Fri, 01 Dec 2023 12:29:26 GMT
cache-control: public, max-age=31536000
age: 66783
last-modified: Mon, 11 Jul 2022 18:54:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.227200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:30:11 GMT
expires: Sat, 02 Dec 2023 06:30:11 GMT
cache-control: public, max-age=31536000
age: 1938
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/find-17px.png
192.185.71.137200 OK 1.3 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/find-17px.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash e1e4f8def7a7f93348df2a871ce21556
e0e32e5e4ef411028242aea67d8058c74cf4f610
05aeefea4245f5b8229c090085dca514564037b60f7c883a9dc9cf5c5388c095
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/find-17px.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 1260
content-type: image/png
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/loading.gif
192.185.71.137200 OK 1.7 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/loading.gif
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 16 x 16\012- data
Hash dd6b7b0bf5c3af22499abc0a9ee1e1b2
e8c0018145d616fac4deb460d9c1d9c9dd4d3302
0eddaab3b8cb0b15d81d62e5ae5960329c3e576ea78dc321b20734ab20271847
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/nivo-slider/loading.gif HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 1737
content-type: image/gif
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/gradient-top-gray-40px.png
192.185.71.137200 OK 2.9 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/gradient-top-gray-40px.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 08721e422e2e5ef28f304eb570f6f6e9
6f16c316a7d2822cb8dbe8def1ff289232410168
9ed50538cc3aaced660d94b5d9a59c76cafba821660b762a0e254d534f1caecb
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/gradient-top-gray-40px.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 2855
content-type: image/png
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 27002fde234e78c7bde340bc621e933f
1bdbe4f1861601b9300101a1e6b3c143ce077e03
48d453fd9ded729e4775519885c13140e44421fe5a8c07fc464c9a354a04ef8f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/calendar.png
192.185.71.137200 OK 2.9 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/calendar.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 23db285360480c2077d8e4c1c49e7f3b
f4784833d0646fe1b997f79767d037c65f7120fa
2b9d20e184b3c52f145e6f969399119de85c4562b45b3f279b77c81298688175
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/calendar.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 2910
content-type: image/png
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/icon/light/comment.png
192.185.71.137200 OK 3.0 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/icon/light/comment.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 61de5c3d21b14d7d27a44a81e43df991
17e1940cc918f815c3afca108814fbdd8d06877d
1ca34c2dba7de75df98090777dd58b87ead3c013717f215daf99a779c5de69ac
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/icon/light/comment.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/style-custom.css?ver=6.1.1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3006
content-type: image/png
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/gradient-top4-32px.png
192.185.71.137200 OK 967 B URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/gradient-top4-32px.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 2 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c3add8ac07055714cb9275cd520fb7b
b2f558ec01cdc3bdd9add5b3ed690e9f14fd2bad
69cf4a8598c042936b08b26bf0fca3f239ea13e1fbb5e01fa56f1b6655a99c38
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/gradient-top4-32px.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 967
content-type: image/png
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f7e3.svg
192.0.77.48200 OK 113 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f7e3.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash d5705ac7e416d39813ddf63c8d396102
3e4174e850aba5b16781620c51e49867541b596f
00eb4fd626a45406019ccd498762d5ab0872c525bf9289f3a3775e8040504be3
GET /images/core/emoji/14.0.0/svg/1f7e3.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 113
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/27a1.svg
192.0.77.48200 OK 242 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/27a1.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 464b4ad3ec906581bdc288c42780b3c9
7fd81bf366663e16e9f0a60216adc18561a4d50f
8ab75b37e150efe65cdfd300029b88de8355d72c7bbb5d2055f902aeaec3c14d
GET /images/core/emoji/14.0.0/svg/27a1.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 242
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
192.0.77.48200 OK 563 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f449.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (563), with no line terminators
Hash 032d907ff49a63e0757cadd5f36ab216
e6620a7b4e00326c5b527ceae7d3c62b6b243059
41578770d740012d57be1d400db47fdba90631e27363a4877af6cc54a032ad10
GET /images/core/emoji/14.0.0/svg/1f449.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 563
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f447.svg
192.0.77.48200 OK 558 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f447.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (558), with no line terminators
Hash 985bb2d2398be71e1b68bc7e2103c993
b80d789cda8d53693bee8a83bb8a921a3978895e
ea5cb5c192a3478fe2766d2401fa6bd46a6fe23b9bfc2034d0a54c9fd3088a39
GET /images/core/emoji/14.0.0/svg/1f447.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 558
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f91d.svg
192.0.77.48200 OK 3.0 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f91d.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2982), with no line terminators
Hash 721f98d2ad64bc9a005819bddc2eb322
a04d286b0ccf434f410838d350bedac75f80f55c
41fabf139814bb8c223b4b2c45187ad55c92515cc4c63659deaaf7f8775e4a0c
GET /images/core/emoji/14.0.0/svg/1f91d.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 2982
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/25b6.svg
192.0.77.48200 OK 231 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/25b6.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 9fa9d42fbc4405fdca021e2fe9e5c4e2
ddc7d76a620e89affd881c33d019c20a4633bdd6
68596af11fc8972afb0ae7a3651cee7ea872da5db4dd918cc3237a8a53d18cda
GET /images/core/emoji/14.0.0/svg/25b6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 231
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4f8.svg
192.0.77.48200 OK 496 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4f8.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (496), with no line terminators
Hash 0c57febf44dbbb019c6fd75b05837495
e69232cd76bda7b07df3a18e1e0de85101c556e0
5df9c9de7a24e3fdcd2d08744ba586a66a4b138b63cdef6979dda1852f8e5039
GET /images/core/emoji/14.0.0/svg/1f4f8.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 496
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4f0.svg
192.0.77.48200 OK 908 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4f0.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (908), with no line terminators
Hash 51cd8436fb99a6f12257db34780fb7a7
33e45ff7c99a3aeb80a86e3579f61b9603eeb2f5
7ff1e31926a41d521fdb51e948fc39747e4a3ded2344c1692a052acd880fed37
GET /images/core/emoji/14.0.0/svg/1f4f0.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 908
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f4fd.svg
192.0.77.48200 OK 1.6 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f4fd.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1552), with no line terminators
Hash 654212b1a4cdf391b4a8bb37faf7d18c
31e6fcefe104e400438bd649ac5e576bf5fa1b82
15d9d17262094fc2c8cce65e84432d729b468c01ae605ec65787fb1aedc33dee
GET /images/core/emoji/14.0.0/svg/1f4fd.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 1552
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/32-20e3.svg
192.0.77.48200 OK 618 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/32-20e3.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (618), with no line terminators
Hash eb29ce5fcf54bc3b23ff77039a4ecf3c
038bae67766ab35039d936a701d5651a59c3eacf
4fcefc30ccef0288ff52fdb3b45219eeac803bb2d9b3d245a11abd1051d86777
GET /images/core/emoji/14.0.0/svg/32-20e3.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 618
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/30-20e3.svg
192.0.77.48200 OK 471 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/30-20e3.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (471), with no line terminators
Hash d10eead5823437c08b5287cf93bd5223
89b8b742e769621d58d2cc5549562a5ddab8043e
0d46e3990eed5505001f77658b98c0d1519db944e35f81ea4c3add1c8ad1f6f2
GET /images/core/emoji/14.0.0/svg/30-20e3.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 471
last-modified: Tue, 12 Apr 2022 03:50:59 GMT
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f3c6.svg
192.0.77.48200 OK 1.2 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f3c6.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1237), with no line terminators
Hash 0a00e865c445d42dfb9f64bedfab8cf8
c3e6f7072f6ea090ef6883110b23ea426266a8d7
7510cc92013c2cd6c8271e3435539d9870044945e4a50151a50b18e61ee4ba83
GET /images/core/emoji/14.0.0/svg/1f3c6.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 1237
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f48c.svg
192.0.77.48200 OK 1.2 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f48c.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1151), with no line terminators
Hash cf61cc6cbb5934d4d0e9c426f5b17d8a
8b99ce1bef8623447f0aabec1301eff50e211038
2a71dbb62dd1fd47aca9ad674d313194d5103ad8cd09ec68b9f2b228df397cfc
GET /images/core/emoji/14.0.0/svg/1f48c.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
content-length: 1151
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
accept-ranges: bytes
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f5de.svg
192.0.77.48200 OK 51 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f5de.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2381), with no line terminators
Hash 20681bd8c374d1312cc36bb891614482
27517102376f1ee755fcf9b9b38097e40195274f
306d4374df83b47287d5cc10c31d365025698773fc8aadfd94c12870254ce73c
GET /images/core/emoji/14.0.0/svg/1f5de.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:50 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
142.250.74.78200 OK 99 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (679)
Hash a9a95fc3a85fc2904a0cffd12ff9b01c
b3db5cd9996da5ffa51fe22a57898a79abfe32df
2ef638f9e81beb63874104df180f7d1de54c01d6e22857f39e16c1581a3f3f7e
GET /s/player/dab28f34/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/k4C_KcOg-Fg?wmode=transparent&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:45 GMT
expires: Fri, 01 Dec 2023 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 54044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f31f.svg
192.0.77.48200 OK 594 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f31f.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1288), with no line terminators
Size 594 kB (594522 bytes)
Hash e4535c03224964bd4ab11fd142c448fe
d8bd84cd737344346a154daa69aef0a51a7f6ee6
b47559a87e251066a22218982696fc7cbf4404909b165b236e4a504282f88d7f
GET /images/core/emoji/14.0.0/svg/1f31f.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:50:38 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 33266
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.78200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.78:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/dab28f34/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/k4C_KcOg-Fg?wmode=transparent&rel=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:45 GMT
expires: Fri, 01 Dec 2023 16:01:45 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 54044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a6ad57d839c4b452d7118cf2052f9d35
50afdbe46f04c7611c1a0111bce3a76775e50272
4c5c20573601bde0f5c3567e02d02d74ab22d4ffe12f632e1def1b87dc86ad3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 51706
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.78200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.78:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 02 Dec 2022 06:46:55 GMT
expires: Fri, 02 Dec 2022 08:46:55 GMT
cache-control: public, max-age=7200
age: 934
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:02:29 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.w.org/images/core/emoji/14.0.0/svg/1f1e7-1f1f4.svg
192.0.77.48200 OK 2.2 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f1e7-1f1f4.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (5913), with no line terminators
Hash afc8efdbb0a8aa8391b0291915f24420
62fc0e5cf9315258a90ddc4ec5d1d5602a8f18e8
611634b4f3ef43a382c704c0ff81a03f0fd6811a865d5a98ab7c263503dde6af
GET /images/core/emoji/14.0.0/svg/1f1e7-1f1f4.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1432987458694746115/MDoxVTHx_normal.jpg
151.101.244.159200 OK 1.8 kB URL HTTP/2 pbs.twimg.com/profile_images/1432987458694746115/MDoxVTHx_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 0931c6e8a6e7146227ceeb38a26c3647
d042b79a35342fa96b6a614cd194dd2c6aad79db
cdfd78dadf6a98dd303cb65ae1308d87365a15c26f2707cccf49f13fbc01a366
GET /profile_images/1432987458694746115/MDoxVTHx_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 01 Sep 2021 08:41:28 GMT
x-transaction-id: 13f7fc5bd2b0bc44
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7357-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1807
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:02:29 GMT
Connection: keep-alive
s.w.org/images/core/emoji/14.0.0/svg/1f1ea-1f1f8.svg
192.0.77.48200 OK 2.0 kB URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f1ea-1f1f8.svg
IP 192.0.77.48:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (629), with no line terminators
Hash 78a9ee5351ab4ba2591ae8a761c8a98d
8fa1caeccc2da793ab3719d27d5c468366112db9
2861f1de7dc3adb4e060b05a32e12409923524d2be41fe757f2189eaa40cfa04
GET /images/core/emoji/14.0.0/svg/1f1ea-1f1f8.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:53:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1566866712384999429/GxioTyeX_normal.jpg
151.101.244.159200 OK 2.1 kB URL HTTP/2 pbs.twimg.com/profile_images/1566866712384999429/GxioTyeX_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 26f5cf6750a630147c66005f9b20453d
a4978961aa089c7594d821028be5ecc6976b1564
0699bb7ef4a56e67c59bda219bd6f38e7a1ee792dd8329a4eaecb47656a4a6fb
GET /profile_images/1566866712384999429/GxioTyeX_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 05 Sep 2022 19:09:49 GMT
x-transaction-id: 7d6c0a783891969d
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7382-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2111
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7465
Expires: Fri, 02 Dec 2022 09:06:54 GMT
Date: Fri, 02 Dec 2022 07:02:29 GMT
Connection: keep-alive
pbs.twimg.com/profile_images/1543862998472826880/C7xw8DTg_normal.jpg
151.101.244.159200 OK 2.3 kB URL HTTP/2 pbs.twimg.com/profile_images/1543862998472826880/C7xw8DTg_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash cbf637b69c882a6ba7cdb8d84d04c3a2
6080579a7405ca6bc203b679426a3acca7ec984b
720280a64c1803b5d1d6157e0f1b805cba543703e06cb4e6de0f868dff9282c4
GET /profile_images/1543862998472826880/C7xw8DTg_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 04 Jul 2022 07:41:17 GMT
x-transaction-id: 646a9a2a05b98417
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7358-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2263
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 60ccdde4ce64b4a3fe6fc2a059b3bde1
5ce119089f4a4cd139b523889b6cd84cd79191f4
2089225a6dc13845ab8e031416920d16952ae1461ca10d72c408ad001ed8f27b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb543a0f6-0efe-4518-9420-4eff88edf8e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4840
x-amzn-requestid: 6bc8fa91-5696-4bc6-b1e7-3c36b2c01801
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGxTFxyoAMFRzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e6e-3e85b78905aaa73726eef85a;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UraCGe--VISONXzaUBpA7vuLuD5l7zihtQIph7LVn1QsS8MjLBbvKw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:48:51 GMT
age: 33218
etag: "5ce119089f4a4cd139b523889b6cd84cd79191f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d08081e2dd562ef50e4e98ebc0136698
b5118bca37feda2ada3001199dc1d80ac6d2aacc
5160333e0cfd338b3887972d0a5c0f817ef88b70b7eb78e4e25d153a85e3478f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F937deb9c-e12c-486f-bf82-4833aed00836.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11443
x-amzn-requestid: 21469d81-ee4b-47f3-8877-b6658b3ea8b8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfHDHE4zoAMFvfw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891ee0-5b39eddd703ea04e6a1355f8;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:38:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: nPuZoyOu_QAqbZvTUaNy1J3BOqnR2ttrIhv9BwRmWnKeba-e6MZWKA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:55:34 GMT
age: 32815
etag: "b5118bca37feda2ada3001199dc1d80ac6d2aacc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1415302318531223556/hnnEzm7S_normal.jpg
151.101.244.159200 OK 1.8 kB URL HTTP/2 pbs.twimg.com/profile_images/1415302318531223556/hnnEzm7S_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash fcc7d925d4cc574df0e8b87250a69c47
ef7a734070d61c8f02043888465be47f7aa0f219
9c46017eae97ae6bced32645eead949aed6d94cebf4cbc91ac3dd7b3772de653
GET /profile_images/1415302318531223556/hnnEzm7S_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Wed, 14 Jul 2021 13:27:02 GMT
x-transaction-id: dcea9fafd9619ed8
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7344-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 1807
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1548915874014416896/n6F4G3hq_normal.jpg
151.101.244.159200 OK 2.1 kB URL HTTP/2 pbs.twimg.com/profile_images/1548915874014416896/n6F4G3hq_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash de57d797dbecfeb7570b381f6d70efb0
baa226785976713acb225f09a32241ff88dc6809
f64a10fdf95b70c1a77c4288ff3f3780053bd93742db3ae513531da63af70fa2
GET /profile_images/1548915874014416896/n6F4G3hq_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Mon, 18 Jul 2022 06:19:36 GMT
x-transaction-id: be23660d54201e5a
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr7369-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2111
X-Firefox-Spdy: h2
pbs.twimg.com/profile_images/1322198406983540739/pXtEgb-H_normal.jpg
151.101.244.159200 OK 2.2 kB URL HTTP/2 pbs.twimg.com/profile_images/1322198406983540739/pXtEgb-H_normal.jpg
IP 151.101.244.159:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 48x48, components 3\012- data
Hash 6a31a46cde3377bc0bf40b98fd59b3b7
27644402ff3759b9996a11592ff0a1d78b0f6535
144c62aabb751c5f77e2d55ede0bf63cbd34f33f5e2fde1c898683c3e82a7507
GET /profile_images/1322198406983540739/pXtEgb-H_normal.jpg HTTP/1.1
Host: pbs.twimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
perf: 7626143928
cache-control: max-age=604800, must-revalidate
last-modified: Fri, 30 Oct 2020 15:25:20 GMT
x-transaction-id: f9c8be7b4789f088
timing-allow-origin: https://twitter.com, https://mobile.twitter.com
strict-transport-security: max-age=631138519
access-control-allow-origin: *
access-control-expose-headers: Content-Length
x-content-type-options: nosniff
content-type: image/jpeg
accept-ranges: bytes
date: Fri, 02 Dec 2022 07:02:29 GMT
x-cache: HIT, HIT
x-tw-cdn: FT
x-served-by: cache-lhr6623-LHR, cache-hel1410025-HEL, cache-tw-ZZZ1
server-timing: x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length: 2187
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fw6nrporwF27NW0-vXpaolW79nDXLF2RyS-lqhhp1osHt7q98VpI3g==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:49:56 GMT
age: 33153
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:43:11 GMT
age: 83958
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
aecid.bo/favicon.ico
192.185.71.137200 OK 1.2 kB IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 54602b564ed270e6cf6c6ebd62612ff2
6eda3cbf68548765c2c2d40ebaa0907ffed08e5e
b642936bd6b6a0079fe443b69d4d6b86774b2177539af18b4af420d0121a0eff
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 16:20:24 GMT
accept-ranges: bytes
content-length: 1150
cache-control: max-age=604800
expires: Fri, 09 Dec 2022 07:02:29 GMT
content-type: image/x-icon
date: Fri, 02 Dec 2022 07:02:29 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 8cd876589951719c94a6d49d1494bdbd
01600c8bb95fac543696e509b3e452b90d844572
e03942321526a2303220b1abd51f82f1d4cf80e0dd22a2582cf809b8bd729521
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 379a4a1b95d3aa3c5a4f8e7f9abb030f
d45dceb3dc58a07197aa5077582b5b1cd2ff791a
1b92dec5bf90beffbcd9060052b8788f08645dd4ba34219f7ddb2d40bbd2d151
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F864be807-d5f6-42e3-bd58-f7641a256b9a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7732
x-amzn-requestid: 3781c2b7-082a-468a-a186-f7483494e749
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoEq3IAMFnKg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-679fe9f905e07abf4e6a812c;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FhCtGsjgnq83-zRNBH-y9BHUh2IRaN0ahO-BCUw7bTWU8jAanBqdlA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:35 GMT
age: 32934
etag: "d45dceb3dc58a07197aa5077582b5b1cd2ff791a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 07:20:09 GMT
age: 85340
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44486744-1&cid=1163153473.1669964548&jid=627716343&gjid=1996637495&_gid=1229837279.1669964548&_u=IGBAgAABAAAAAEAAI~&z=1455123914
108.177.14.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44486744-1&cid=1163153473.1669964548&jid=627716343&gjid=1996637495&_gid=1229837279.1669964548&_u=IGBAgAABAAAAAEAAI~&z=1455123914
IP 108.177.14.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-44486744-1&cid=1163153473.1669964548&jid=627716343&gjid=1996637495&_gid=1229837279.1669964548&_u=IGBAgAABAAAAAEAAI~&z=1455123914 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://aecid.bo
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 02 Dec 2022 07:02:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49a9684674e0f1b3974c6427c5354fe4
c201e61bcda9cc91369f0c57f8236fcdd3db26c6
27b8d50242836a45aca1fcd0cb58e7f685011c1f93b57d0e3ea9a02400f8d801
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maps.gstatic.com/mapfiles/openhand_8_8.cur
142.250.74.3200 OK 326 B URL HTTP/2 maps.gstatic.com/mapfiles/openhand_8_8.cur
IP 142.250.74.3:0
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @8x8\012- data
Hash feff9159f56cb2069041d660b484eb07
0d0a08cf25a258511957f357b89d3908f3c5e6e3
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
GET /mapfiles/openhand_8_8.cur HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/bmp
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-length: 326
date: Fri, 02 Dec 2022 07:02:30 GMT
expires: Fri, 02 Dec 2022 07:02:30 GMT
cache-control: private, max-age=31536000
last-modified: Tue, 18 May 2021 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/id
172.217.21.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 02 Dec 2022 07:02:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.doubleclick.net/instream/ad_status.js
142.250.74.134200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.134:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 06:51:04 GMT
expires: Fri, 02 Dec 2022 07:06:04 GMT
cache-control: public, max-age=900
age: 686
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash da32e4b24f4f95e4e807cff2459f54c3
02db1c6d628b2f51fa0b46fcb79a71178780bc47
4d6ff368a64dc83f4a637fbf44b2256523ca7c43b824022f8f6428de6cfae368
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 315873c315af2be891e63f8b421bae65
5277bb0c4fea2b036c6faf28d66395c96166ffd2
3f6657d352a42f8257409f2ed365a3fb928ac3eb74a34a2c74a433290182cc92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
142.250.74.132200 OK 14 kB URL HTTP/2 www.google.com/js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js
IP 142.250.74.132:0
File type ASCII text, with very long lines (36106)
Hash 7fc7e22ecccb0cfd0ae897bb40a58efe
5d46470a711120793c362235105836fe49e699a4
1907005cab41fbd6d1d67df3b25586f3232e053a261c9e2b2503459f4980b1c5
GET /js/th/_mW_2QmsfiHfHQzuwJJjeV3lvrJQS7bChqYqZLie29Q.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14302
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 10:09:03 GMT
expires: Mon, 27 Nov 2023 10:09:03 GMT
cache-control: public, max-age=31536000
age: 420807
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/k4C_KcOg-Fg?wmode=transparent&rel=0
142.250.74.78200 OK 28 kB URL HTTP/2 www.youtube.com/embed/k4C_KcOg-Fg?wmode=transparent&rel=0
IP 142.250.74.78:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (58643)
Hash fe7e88a32f5e798fc6bb8f37d3320faf
2d447ec06274ce59b706d42b8148e89586e87623
24a0a7581d67bdb382778eb805af58a4579313e8793c21d7b0b0657429aa8e20
GET /embed/k4C_KcOg-Fg?wmode=transparent&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 07:02:29 GMT
strict-transport-security: max-age=31536000
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=oLVwxoYFZB4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=AIgho6sfqF8; Domain=.youtube.com; Expires=Wed, 31-May-2023 07:02:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+862; expires=Sun, 01-Dec-2024 07:02:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/bg_control_nav_custom.png
192.185.71.137200 OK 3.4 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/bg_control_nav_custom.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 13 x 39, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a64343d946ff0901a78e71e9c1a5653
bc3d9f3e229ee34b5fc7216f0faf7f01916a18b4
add9a7c8f0cb12379ab38731b71b2a51aa1af66b8907be6d5703e5b55572dfa8
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/nivo-slider/bg_control_nav_custom.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1
Cookie: _ga=GA1.2.1163153473.1669964548; _gid=GA1.2.1229837279.1669964548; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3445
content-type: image/png
date: Fri, 02 Dec 2022 07:02:30 GMT
server: Apache
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/HrlAo7xhgX8/default.webp
142.250.74.182200 OK 2.4 kB URL HTTP/2 i.ytimg.com/vi_webp/HrlAo7xhgX8/default.webp
IP 142.250.74.182:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 120x90, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3a96dc516de9b3e7bf5dd7b40acdcd56
f75b60b2345a2dd01d122396407d162837bd308e
d0f4faf729e31bc29ca1ea1efad91772b66f97d52f911ea4570a762b134ebbab
GET /vi_webp/HrlAo7xhgX8/default.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2388
date: Fri, 02 Dec 2022 07:02:31 GMT
expires: Fri, 02 Dec 2022 09:02:31 GMT
cache-control: public, max-age=7200
etag: "1665593404"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/bg_direction_nav_custom.png
192.185.71.137200 OK 4.0 kB URL HTTP/2 aecid.bo/portal/wp-content/themes/modernize/images/nivo-slider/bg_direction_nav_custom.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 76 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash c2a36872ecb4f7c277fca8e86457f98d
8edcfce48947c5a511419667a11a3c6994068bab
11f1f60a72ab2991f01f6b70fc3760f9edad32f2ea82914ea32dd7b577952b54
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/themes/modernize/images/nivo-slider/bg_direction_nav_custom.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/wp-content/themes/modernize/stylesheet/nivo-slider.css?ver=6.1.1
Cookie: _ga=GA1.2.1163153473.1669964548; _gid=GA1.2.1229837279.1669964548; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:00:48 GMT
accept-ranges: bytes
content-length: 3964
content-type: image/png
date: Fri, 02 Dec 2022 07:02:30 GMT
server: Apache
X-Firefox-Spdy: h2
i.ytimg.com/vi/k4C_KcOg-Fg/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARh_ICMoJjAP&rs=AOn4CLC3LOACw_jxiRQnsglI3XoqQV79iA
142.250.74.182200 OK 2.4 kB URL HTTP/2 i.ytimg.com/vi/k4C_KcOg-Fg/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARh_ICMoJjAP&rs=AOn4CLC3LOACw_jxiRQnsglI3XoqQV79iA
IP 142.250.74.182:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data
Hash 5ac6e5d7d585663f9cff2f283975210d
7ca9c39f91b9c112466f9f3bf8fbe2526aa36366
45cfa4e8857d99d448a155c69be3694db06d1243110f793cb7306f1802eaca01
GET /vi/k4C_KcOg-Fg/default.jpg?sqp=-oaymwEkCHgQWvKriqkDGvABAfgB_gmAAtAFigIMCAAQARh_ICMoJjAP&rs=AOn4CLC3LOACw_jxiRQnsglI3XoqQV79iA HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 2411
date: Fri, 02 Dec 2022 07:02:31 GMT
expires: Fri, 02 Dec 2022 09:02:31 GMT
cache-control: public, max-age=7200
etag: "1666643435"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0a7b2c025a2920fe089ddebaf876d45d
f189d6c447af2b5405fd62036e2a42d15fcdccf6
752b233c690105130d22c8d7df624c97b21e9864e7ae140987ecf04d153c0dfa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AMLnZu89tG2CKjsYxgDf-WbkPtjw-qJP7zVcqramBw=s68-c-k-c0x00ffffff-no-rj
142.250.74.161200 OK 1.2 kB URL HTTP/2 yt3.ggpht.com/ytc/AMLnZu89tG2CKjsYxgDf-WbkPtjw-qJP7zVcqramBw=s68-c-k-c0x00ffffff-no-rj
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 68x68, components 3\012- data
Hash fd2af6618604d0c3dfe60699b36f7692
2edc53fcf2a2262cf2b3a7c39e505239c400d2b8
c4c956e96d36f83067e7287402693c177349fc7c9c10e7d3d850c32665c3a49c
GET /ytc/AMLnZu89tG2CKjsYxgDf-WbkPtjw-qJP7zVcqramBw=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 1193
x-xss-protection: 0
date: Fri, 02 Dec 2022 07:01:57 GMT
expires: Sat, 03 Dec 2022 07:01:57 GMT
cache-control: public, max-age=86400, no-transform
content-type: image/jpeg
age: 34
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ebd276a987cbfec50bf95ce593a6dbc6
0b03e0bb38915c84e23d9369d7f2947d6d73bafb
de4074bc2d166b559380d23f3d9e70e7eda87fd0fef61d5104db6d2ba221f45c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 07:02:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/icons/icons_files/def_icons/bblue.png
192.185.71.137200 OK 2.7 kB URL HTTP/2 aecid.bo/portal/wp-content/plugins/google-maps-easy/modules/icons/icons_files/def_icons/bblue.png
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 32 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash af9a93238043e148f207831acd21ab85
4dd94a8f46b8d7c6feffba6c6fb037e6f5175912
087a4c0ea9587b1ebc504764721b0cb397376e635332d6ba5f05280ceb0396ee
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/google-maps-easy/modules/icons/icons_files/def_icons/bblue.png HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Cookie: _ga=GA1.2.1163153473.1669964548; _gid=GA1.2.1229837279.1669964548; _gat=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 19:49:46 GMT
accept-ranges: bytes
content-length: 2667
content-type: image/png
date: Fri, 02 Dec 2022 07:02:31 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 127718
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 127697
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://aecid.bo
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 127716
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0fc684e61682c4078a82ee3d901ae52
ea65ad98933ec58afa3fa5c7642491d77db7e6c2
5e953012dba2b85cfda5befe2448ab87fbc2432a071e11a33b44be4f5148a4a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1250c1e7-37f4-4697-8233-d05f398cb066.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6752
x-amzn-requestid: f398ce98-353e-4783-aa42-dbf1ad036ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGepE6roAMF4zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-0753d209291e197e7c6422a6;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yQ2Oc2viJ7EoRW4QSMG30tsGK73zxYQsXKKcWP3vleI0CTBVRfB1Fg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 22:31:16 GMT
age: 30680
etag: "ea65ad98933ec58afa3fa5c7642491d77db7e6c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/HrlAo7xhgX8?wmode=transparent&rel=0
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/HrlAo7xhgX8?wmode=transparent&rel=0
IP 142.250.74.78:0
GET /embed/HrlAo7xhgX8?wmode=transparent&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 07:02:29 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tskXrFueLWw; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=F7sTe_4mhf8; Domain=.youtube.com; Expires=Wed, 31-May-2023 07:02:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+263; expires=Sun, 01-Dec-2024 07:02:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/CMGYAjyHWVc?wmode=transparent&rel=0
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/CMGYAjyHWVc?wmode=transparent&rel=0
IP 142.250.74.78:0
GET /embed/CMGYAjyHWVc?wmode=transparent&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 07:02:29 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=tDYCxF9be7w; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=t67v1QprOTU; Domain=.youtube.com; Expires=Wed, 31-May-2023 07:02:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+919; expires=Sun, 01-Dec-2024 07:02:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Montserrat%3A300%2C300italic%2C400%2C400italic%2C700%2C700italic&subset=latin&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Dec 2022 07:02:28 GMT
date: Fri, 02 Dec 2022 07:02:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=7.0.7
192.185.71.137200 OK 0 B URL HTTP/2 aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=7.0.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=7.0.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:01:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
s.w.org/images/core/emoji/14.0.0/svg/1f30e.svg
192.0.77.48200 OK 0 B URL HTTP/2 s.w.org/images/core/emoji/14.0.0/svg/1f30e.svg
IP 192.0.77.48:0
GET /images/core/emoji/14.0.0/svg/1f30e.svg HTTP/1.1
Host: s.w.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 07:02:29 GMT
content-type: image/svg+xml
last-modified: Tue, 12 Apr 2022 03:47:26 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-encoding: br
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn 1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
192.185.71.137200 OK 0 B URL HTTP/2 aecid.bo/portal/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 19 Sep 2022 14:16:24 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.utils.js?ver=7.0.7
192.185.71.137200 OK 0 B URL HTTP/2 aecid.bo/portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.utils.js?ver=7.0.7
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-content/plugins/layerslider/assets/static/layerslider/js/layerslider.utils.js?ver=7.0.7 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 01 Dec 2022 17:01:14 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2
www.youtube.com/embed/CMGYAjyHWVc?wmode=transparent&rel=0
142.250.74.78200 OK 0 B URL HTTP/2 www.youtube.com/embed/CMGYAjyHWVc?wmode=transparent&rel=0
IP 142.250.74.78:0
GET /embed/CMGYAjyHWVc?wmode=transparent&rel=0 HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 02 Dec 2022 07:02:29 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=rH6vQfXwh5s; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=GL44G232BgA; Domain=.youtube.com; Expires=Wed, 31-May-2023 07:02:29 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+266; expires=Sun, 01-Dec-2024 07:02:29 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
aecid.bo/portal/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
192.185.71.137200 OK 0 B URL HTTP/2 aecid.bo/portal/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 192.185.71.137:0
ASN #46606 UNIFIEDLAYER-AS-1
Analyzer Verdict Alert quad9 Sinkholed
GET /portal/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: aecid.bo
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://aecid.bo/portal/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 11 Nov 2022 14:56:45 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Fri, 02 Dec 2022 07:02:28 GMT
server: Apache
X-Firefox-Spdy: h2