Report - www.cuevana.cool/pelicula/610253/halloween-kills

Report Overview

Submitted URL
www.cuevana.cool/pelicula/610253/halloween-kills
IP
172.64.205.29
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-16 22:28:46
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
12

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	662 B	1.4 kB	142.250.74.3
invaderannihilationperky.com	unknown	2022-09-20T16:08:34Z	2023-02-19T11:04:00Z	858 B	2.3 kB	192.243.61.227
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-09T13:53:17Z	361 B	21 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	56 kB	34.120.237.76
player.cuevana.biz	unknown			1.5 kB	4.9 kB	104.21.42.169
motivessuggest.com	unknown	2022-09-30T03:36:56Z	2023-03-09T13:41:32Z	433 B	467 B	173.233.137.44
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-09T11:23:24Z	800 B	695 B	3.66.118.16
banquetunarmedgrater.com	unknown	2022-08-04T17:12:50Z	2023-03-09T05:53:57Z	363 B	327 B	173.233.139.164
addresseepaper.com	18169	2021-11-01T22:11:31Z	2023-03-10T08:01:44Z	349 B	51 kB	104.21.234.254
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-09T05:14:34Z	2.0 kB	14 kB	23.36.76.226
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-09T13:40:16Z	374 B	43 kB	142.250.74.168
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	325 B	1.6 kB	143.204.55.36
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
applicantpoachmeat.com	unknown	2022-10-13T14:40:26Z	2023-01-16T01:41:53Z	391 B	21 kB	192.243.61.227
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	52.35.167.249
www.cuevana.cool	unknown	2019-01-29T15:25:02Z	2023-01-08T17:13:29Z	3.2 kB	53 kB	172.64.205.29
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	4.2 kB	61 kB	23.36.76.226
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-09T09:20:47Z	683 B	423 B	192.243.59.12
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	338 B	1.0 kB	143.204.42.158
negligentresponded.com	unknown	2022-10-07T20:38:49Z	2023-01-16T01:45:36Z	355 B	21 kB	192.243.59.13

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-16	medium	applicantpoachmeat.com	Sinkholed
2022-10-16	medium	motivessuggest.com	Sinkholed
2022-10-16	medium	banquetunarmedgrater.com	Sinkholed
2022-10-16	medium	invaderannihilationperky.com	Sinkholed
2022-10-16	medium	invaderannihilationperky.com	Sinkholed
2022-10-16	medium	unseenreport.com	Sinkholed

JavaScript (21)

	URL	Size	First Seen	Last Seen
	www.cuevana.cool/_next/static/chunks/webpack-d7b038a63b619762.js	1.5 kB	2023-03-08	2024-03-30
Pretty URL www.cuevana.cool/_next/static/chunks/webpack-d7b038a63b619762.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:40:39 Last Seen2024-03-30 23:43:45 Times Seen217 Hash 2e62f0d7e161c6c5fdb72a65107d22b5 062cada826d3717e30643d6245b6849d08b1eb14 385db9e6321a4d7a576cf28ae82f9637c3a7fce6f45c14b055c378d274cee24c Loading...

	www.cuevana.cool/_next/static/chunks/framework-4556c45dd113b893.js	141 kB	2023-03-07	2024-04-24
Pretty URL www.cuevana.cool/_next/static/chunks/framework-4556c45dd113b893.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-24 16:12:16 Times Seen15964 Hash 4af7a03f4bbda417f4968b58d996107d e7e1009cdbb87eb7c4c394b31ab39554011c7b58 f9dba7111aa9e260faaf5c755245a0ff6ad491d2e69d266b60d02024f63235c3 Loading...

	www.cuevana.cool/_next/static/chunks/124-7e403aefbfc8570d.js	33 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/124-7e403aefbfc8570d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 987a83551a8a83d6c851f0b8ad98db3c 87eedf6086a1f4030faf38df4fdb3a7333b8a087 1814368d7de9ea90683d0fcba8b09347b735384f8fbc067d482b8f221f682a96 Loading...

	www.cuevana.cool/_next/static/iH4t2o9lhl-JWKsbW5xJE/_buildManifest.js	4.7 kB	2023-03-10	2023-03-10
Pretty URL www.cuevana.cool/_next/static/iH4t2o9lhl-JWKsbW5xJE/_buildManifest.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:36:12 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 7b899b5f272a31369f90822ba6b07bb2 ec372da7815cc82c8697b70f730f68bde8005c8d 3f9135741a9267aece90a6c301770781eedfa8134336d2848856bf5d88181028 Loading...

	www.cuevana.cool/_next/static/chunks/pages/index-ddbcd45b109a6708.js	16 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/pages/index-ddbcd45b109a6708.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 1f32852a26c65d9bc271deae7027327d 5caa698dabed04140a54da6f19adb82da25b1f70 30edd8850a58dadd824a81c493ba8543f13c1d3fcef54222011a484affe1e7da Loading...

	player.cuevana.biz/play/player.php?h=yViZcjnk9l7gkYDnzRTTU6OSSBgJi42vD9wXeRNlnkIYdGARvS1EDjBIl9voZk2cqq4Mxf6G82apEbdTauiZMeshwoHbU20mPeXwzgZs2JklRZBawXzBZK9luPL1tLUypG4G2T6LhOThJJRHFDToIPY9IWn7Ia1zGlO2ICMdwZUsmh1tbrrgkPmARe.Hp4PN4cLBxYDn5aw6FKmSyVWpzyy9OzOQzPx1Zgd0JUTPwsNqN50aQP8sJgkEEYfjbC4z4t1hdf78K59TRtgKBS1pvtVN55noxPCHRoyqcFY_HXY-	486 B	2023-03-10	2023-03-10
Pretty URL player.cuevana.biz/play/player.php?h=yViZcjnk9l7gkYDnzRTTU6OSSBgJi42vD9wXeRNlnkIYdGARvS1EDjBIl9voZk2cqq4Mxf6G82apEbdTauiZMeshwoHbU20mPeXwzgZs2JklRZBawXzBZK9luPL1tLUypG4G2T6LhOThJJRHFDToIPY9IWn7Ia1zGlO2ICMdwZUsmh1tbrrgkPmARe.Hp4PN4cLBxYDn5aw6FKmSyVWpzyy9OzOQzPx1Zgd0JUTPwsNqN50aQP8sJgkEEYfjbC4z4t1hdf78K59TRtgKBS1pvtVN55noxPCHRoyqcFY_HXY- IP 104.21.42.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35:00 Last Seen2023-03-10 10:35:00 Times Seen1 Hash a098b35edfed004606cd74ca5dcc53dc d76e8e43f09563df6911231a6c389e54c2e39b99 7c5ab458de5afa7badeae0a733ec7acfd47c5f0f77b1cf98721995be813e4e61 Loading...

	applicantpoachmeat.com/96/bd/31/96bd31fed486055d6197aef4f5966c1d.js	59 kB	2023-03-10	2023-03-10
Pretty URL applicantpoachmeat.com/96/bd/31/96bd31fed486055d6197aef4f5966c1d.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35:00 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 19eef77efbc963c96d3d1d581459626a 32d6c30d669d64103c19be8779cdbb26f67daac9 ce27d3534071cd67dd9d5e44fa97c9b9f509f8cf606c3798191251ed7d1aa86e Loading...

	negligentresponded.com/f2/72/33/f2723342888002f043115e7320b9d968.js	59 kB	2023-03-10	2023-03-10
Pretty URL negligentresponded.com/f2/72/33/f2723342888002f043115e7320b9d968.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35:00 Last Seen2023-03-10 10:35:00 Times Seen1 Hash d32c01dd8aab1e5dddc4d8b0bd91b0df 88ced5cc910f4d3a360dda25bbfc399a80639920 1b04b8514a656e419b120edd4528a691e79538ef0f9dda2a24b8c8f7488a5180 Loading...

	www.googletagmanager.com/gtag/js?id=UA-138739455-1	109 kB	2023-03-10	2023-03-10
Pretty URL www.googletagmanager.com/gtag/js?id=UA-138739455-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 10:35:00 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 60a52c12c01a35627bfb187b1d3901c5 88b38e3eff43b60ee0b5cdc04a3fbfd44d42b133 d04390543f33f89749915067151e87496637586e7f46dbe70a515787ab3f6ecb Loading...

	www.cuevana.cool/_next/static/chunks/pages/_app-e51312601edb742d.js	9.8 kB	2023-03-10	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/pages/_app-e51312601edb742d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:36:12 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 1be9255f3099a9f04fd02625f37f7eb1 ad13c628dc0cf6127b40aec2b4379b1c1cd0161a ac1e44ca814412afce5be35a8c3ea589e5d1a553e60c513c6d1395201425f493 Loading...

	www.cuevana.cool/_next/static/chunks/195-f15280fafda9a410.js	26 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/195-f15280fafda9a410.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 500886a19b20d9240f3932406cf6bad9 3b0a477fccdd4ab9d2251f09a9221094e1524b7e fbeb60f52d7329ec4a4b401e8d71e9afcacbee2292d7b2b5ba04d39133fe6083 Loading...

	www.cuevana.cool/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-04-26
Pretty URL www.cuevana.cool/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 08:02:34 Times Seen43116 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	www.cuevana.cool/_next/static/chunks/86-e362c02a3c34815a.js	9.3 kB	2023-03-10	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/86-e362c02a3c34815a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:36:12 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 1f730d8b5a90af7edea15b850b71ae68 542eaaab12d6e90906f33a5a3a49e8a48621c9d5 3a030bacaa6db8b69605b060f63f2e1a454f2ba25833b59cb6b67c1289853e70 Loading...

	www.cuevana.cool/_next/static/iH4t2o9lhl-JWKsbW5xJE/_ssgManifest.js	1.1 kB	2023-03-08	2023-12-21
Pretty URL www.cuevana.cool/_next/static/iH4t2o9lhl-JWKsbW5xJE/_ssgManifest.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-12-21 15:18:19 Times Seen17 Hash 14daa184797066aa93943b5668a5549d d6623949e1ec7cabaf3a147646cc65723fbe3ec0 c63d692dcbf2926fb8aacc8993d8b6426a2b15f1423ca5724a270aa6013b0582 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.cuevana.cool/pelicula/610253/halloween-kills	224 B	2023-03-08	2023-08-17
Pretty URL www.cuevana.cool/pelicula/610253/halloween-kills IP 172.64.205.29 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-08-17 17:56:33 Times Seen26 Hash 340ef5313dc0663acdd7d4d7e989dac9 6a5408f32f0bdf190408b6441cdf66c784a41a7a a3040bc97783646b34e75daf4679a7ef69d3fbebc7cd176536a608fefe2d32b7 Loading...

	www.cuevana.cool/_next/static/chunks/main-f40da5c9785aa887.js	109 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/main-f40da5c9785aa887.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 21:42:21 Times Seen1 Hash dcacd016545bb27fbcdd62e7acba9d5c 8c5b6b7dd0ff220079337ef38cb46ebcca10b356 a93e26da47f171a274fd6f20b6ae6442fb13ca6343a6eb0d2a26448b2f1ea7c4 Loading...

	www.cuevana.cool/_next/static/chunks/pages/pelicula/%5Btmdb%5D/%5Bmovie%5D-aa643ff8123b8e13.js	8.0 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/pages/pelicula/%5Btmdb%5D/%5Bmovie%5D-aa643ff8123b8e13.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 28ba3f54c986afd0068c808f509b9803 a34105523d655420e55c0f27788fc4d3ba5e1d5c 1d7a7dae2563def59723b2c48ed4dcf0beb1140d9f58ad0ec0e0c7673f70c2bb Loading...

	www.cuevana.cool/_next/static/chunks/pages/genero/%5B...slug%5D-4af5737bc446dc88.js	3.4 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/pages/genero/%5B...slug%5D-4af5737bc446dc88.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash b4ad44aa994214ce3d360d2275e51a9d 7ae9b80d729a848da634e986b2f837347f25ac86 d23a9158685c16587849ef66c89a5ab58877dd6363580917624c106fb3ce23bf Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-04-26
Pretty URL banquetunarmedgrater.com/advertisers.js IP 173.233.139.164 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 10:42:11 Times Seen37089959 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.cuevana.cool/_next/static/chunks/735-a0466046506b2d61.js	10 kB	2023-03-08	2023-03-10
Pretty URL www.cuevana.cool/_next/static/chunks/735-a0466046506b2d61.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:36:18 Last Seen2023-03-10 10:35:00 Times Seen1 Hash 558a47ae228ef47bb470c7a4f93143aa da91fb505e6f01469399158da2f8480e6a5bad9f 847681cd9df206a5604c3bb60be526bdd502d4c7191f59990c003f3298948a5a Loading...

HTTP Transactions (55)

URL IP Response Size

www.cuevana.cool/pelicula/610253/halloween-kills

172.64.205.29

301 Moved Permanently

0 B

URL HTTP/1.1
www.cuevana.cool/pelicula/610253/halloween-kills
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pelicula/610253/halloween-kills HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sun, 16 Oct 2022 22:28:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 16 Oct 2022 23:28:35 GMT
Location: https://www.cuevana.cool/pelicula/610253/halloween-kills
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBVcrVk8mpR0OC%2BUZEL5duDOW%2BZUnj4PjT1zEL6ELhOTjlqA2hNrOMPE1Y6BQ%2BcV8duFT1tZ5W8luAzVsn4%2Bn0GmRPiOFFBLPBq1HUQI5Xn%2B8sNxZGL47gDaomaY2Oaahw3K"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 75b43a786956719c-LHR
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
07b3389fc24c0f8eb82a9d05b546d17e
02716741b8952e548b9a223adbb3f16204eef2b2
25e13458988115ae1f8176cb2328dbfebd612eabebf256b4af64594d5e23d6ca

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25E13458988115AE1F8176CB2328DBFEBD612EABEBF256B4AF64594D5E23D6CA"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7662
Expires: Mon, 17 Oct 2022 00:36:17 GMT
Date: Sun, 16 Oct 2022 22:28:35 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.36

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.36:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bdb8b66c705a7b996496d780f50c00b5
403ae92039fcc933870f51f913f78ccaf9652256
c923ed2539f4ce9f4d43743c402fbb2060a52a4cbedbf14c5f5742ab718073d6

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Content-Length, Retry-After, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 16 Oct 2022 21:50:45 GMT
Expires: Sun, 16 Oct 2022 22:35:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZWqyVwyZIE3EENg9b0yC0zJLaW1Hf1FPkOLCb9JWM35tBjfMwONkeA==
Age: 2270

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a57d0f62d9bd29668b94a513fa45d18e
d7cb263502e21f9235b4523a596e2138d22042ec
df7acd4fe34cc9c4945a5d83ef538105a73dfc1a8b485bc7a62488c5406b1294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF7ACD4FE34CC9C4945A5D83EF538105A73DFC1A8B485BC7A62488C5406B1294"
Last-Modified: Sat, 15 Oct 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2241
Expires: Sun, 16 Oct 2022 23:05:56 GMT
Date: Sun, 16 Oct 2022 22:28:35 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: cByxziEXAgOJ+fEAj0aPdDf//TpOBnJwbvtOYVIF2y5z7N93EpKr4niujUb2p5DXpPmQrY5+dJ0=
x-amz-request-id: 1BF3KHC33GNSVKK7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 16 Oct 2022 22:03:10 GMT
age: 1525
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0d081c8ab93346556944960bea07fe8e
a09b7a626d16f3e7d7fd85f46d1418d2b2d7097e
bcd062435b8b2ee387439398ed7dbfb2cb13cd36345a96d083666fab9aadc808

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BCD062435B8B2EE387439398ED7DBFB2CB13CD36345A96D083666FAB9AADC808"
Last-Modified: Fri, 14 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9628
Expires: Mon, 17 Oct 2022 01:09:03 GMT
Date: Sun, 16 Oct 2022 22:28:35 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
0d081c8ab93346556944960bea07fe8e
a09b7a626d16f3e7d7fd85f46d1418d2b2d7097e
bcd062435b8b2ee387439398ed7dbfb2cb13cd36345a96d083666fab9aadc808

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "BCD062435B8B2EE387439398ED7DBFB2CB13CD36345A96D083666FAB9AADC808"
Last-Modified: Fri, 14 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9628
Expires: Mon, 17 Oct 2022 01:09:03 GMT
Date: Sun, 16 Oct 2022 22:28:35 GMT
Connection: keep-alive

www.cuevana.cool/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcuevana3.01e819b6.png&w=256&q=75

172.64.205.29

200 OK

2.8 kB

URL HTTP/2
www.cuevana.cool/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcuevana3.01e819b6.png&w=256&q=75
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
2.8 kB (2813 bytes)
Hash
e8062f298e7aafdfd1eebad883c3fc16
e4ac1c894337b74c00552bd06649f8eaf820892c
c3a9c0aa4a57be18e2c338180af4339543f6ef417b4f2066ff3ff92abeedebd6

HTTP Headers

GET /_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcuevana3.01e819b6.png&w=256&q=75 HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/pelicula/610253/halloween-kills
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: image/avif
content-length: 2813
content-disposition: inline; filename="cuevana3.avif"
cache-control: public, max-age=315360000, immutable
vary: Accept,Accept-Encoding
x-nextjs-cache: HIT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
x-powered-by: Phusion Passenger(R) 6.0.15
etag: w6nAqkpXvhjiwzgYCvQzlUP270F7TyBm-z-5Kr7t69Y=
status: 200 OK
cf-cache-status: HIT
age: 189947
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8pCaAK0DoRv%2FJAOZ0QS81iYJJPrycWUDlbzvvcatuQaE9g6LwXb1XBQY10IySaLzmfpHha1THtZezLoC2mbUbKs1oWLbMhtnlKYPwM1PZ1rEY5qS1s7F%2FZm9%2F%2B4KP%2Fn01kpK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7c59a2e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.cuevana.cool/_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2FqEzLir8LN2nDSmvEbx9p3GOg6VF.jpg&w=256&q=75

172.64.205.29

200 OK

18 kB

URL HTTP/2
www.cuevana.cool/_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2FqEzLir8LN2nDSmvEbx9p3GOg6VF.jpg&w=256&q=75
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
18 kB (17889 bytes)
Hash
f1f286667fd76067b55565a9aa27d746
4ee40e5d76c8206fca473294d05f34016aeda96d
6ce996bceec7345024d0b50d434f8c98bc607f341d0af8e6f06cbd8dcef12567

HTTP Headers

GET /_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2FqEzLir8LN2nDSmvEbx9p3GOg6VF.jpg&w=256&q=75 HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/pelicula/610253/halloween-kills
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: image/avif
content-length: 17889
content-disposition: inline; filename="qEzLir8LN2nDSmvEbx9p3GOg6VF.avif"
cache-control: public, max-age=31919000, must-revalidate
vary: Accept,Accept-Encoding
x-nextjs-cache: HIT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
x-powered-by: Phusion Passenger(R) 6.0.15
etag: bOmWvO7HNFAk0LUNQ0+MmLxgfzQdCvjm8Gy9jc7xJWc=
status: 200 OK
cf-cache-status: HIT
age: 31327
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpAtbl3fSXaLixptFBGYre5U3Atu0CTtCv0ERt8r2%2BwPy3J72eDiGMPUL3bzHHgbmrCq357oI3%2BQfLqbvhZSgBty7Lp%2FxDVyEJCcpLcyGkIs5OnYm7o4Ycaob%2BqzQ37z6EmN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7c59a3e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.cuevana.cool/_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2F5P0PtxIneLNMq7m0crF1R9Sjzpv.jpg&w=640&q=75

172.64.205.29

200 OK

23 kB

URL HTTP/2
www.cuevana.cool/_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2F5P0PtxIneLNMq7m0crF1R9Sjzpv.jpg&w=640&q=75
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type
ISO Media, AVIF Image\012- data
Size
23 kB (22616 bytes)
Hash
809f0e867b4c5611274f5bd9efdfc41c
7838095a648f27553ca17e05f1bbb8688863b94a
a797f0d7756be30c23d2ddf91351b9f03b8cabcd99b446ee67133ca073438e98

HTTP Headers

GET /_next/image?url=https%3A%2F%2Fimage.tmdb.org%2Ft%2Fp%2Foriginal%2F5P0PtxIneLNMq7m0crF1R9Sjzpv.jpg&w=640&q=75 HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/pelicula/610253/halloween-kills
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: image/avif
content-length: 22616
content-disposition: inline; filename="5P0PtxIneLNMq7m0crF1R9Sjzpv.avif"
cache-control: public, max-age=31919000, must-revalidate
vary: Accept,Accept-Encoding
x-nextjs-cache: HIT
content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
x-powered-by: Phusion Passenger(R) 6.0.15
etag: p5fw13Vr4wwj0t35E1G58DuMq82ZtEbuZxM8oHNDjpg=
status: 200 OK
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YjOcgS3UgkJAHveDCw2PuUZNj%2FeFqnqLeTiFPUhTDImOCI5XA6dW0LgxKo%2BdTnUklLa2TcGrqynwI0oGLhMnLZvDTfPbmpfX81ptVeBECGcgAti7AXMBgeH9FFJ8HegZyusM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7c59a4e664-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6957964b3f5efec751d40b655e2dc04f
bf66ac956c890aa468c56c8ec26208805325d29e
a47bb88c9cda80efa2a27cb47e8f544b4a2f85776d021f30b2b3f9cdd797ed49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A47BB88C9CDA80EFA2A27CB47E8F544B4A2F85776D021F30B2B3F9CDD797ED49"
Last-Modified: Fri, 14 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17545
Expires: Mon, 17 Oct 2022 03:21:01 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

www.cuevana.cool/_next/static/css/06f655af8420a266.css

172.64.205.29

200 OK

3.4 kB

URL HTTP/2
www.cuevana.cool/_next/static/css/06f655af8420a266.css
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (733), with no line terminators
Size
3.4 kB (3445 bytes)
Hash
e00c062530163075511283b432edf727
7beaf24fb8033339c214f45c4f0ce3b66aaf2721
9a8d91ecfd8d3c1206ac941763606e513dd3037645d34f92de786e12e70015b3

HTTP Headers

GET /_next/static/css/06f655af8420a266.css HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/pelicula/610253/halloween-kills
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"2dd-183d7730d04"
last-modified: Fri, 14 Oct 2022 17:03:04 GMT
status: 200 OK
vary: Accept-Encoding
x-powered-by: Phusion Passenger(R) 6.0.15
cf-cache-status: HIT
age: 191899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kio8wjEWFOQv0JSC66CBmCvQUEUklQ%2F2NKfIMuVkJt0HAw1GwYxLm%2F1%2FykFgcs8iCX7H6xZI7YUaKMuYdFz9rcHsp5glBtl%2B0TjOPn49PkNRAI2FdfIAsNMw%2BBL4O6l64ZfS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7c59a1e664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
6957964b3f5efec751d40b655e2dc04f
bf66ac956c890aa468c56c8ec26208805325d29e
a47bb88c9cda80efa2a27cb47e8f544b4a2f85776d021f30b2b3f9cdd797ed49

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "A47BB88C9CDA80EFA2A27CB47E8F544B4A2F85776D021F30B2B3F9CDD797ED49"
Last-Modified: Fri, 14 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17545
Expires: Mon, 17 Oct 2022 03:21:01 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

player.cuevana.biz/play/player.php?h=yViZcjnk9l7gkYDnzRTTU6OSSBgJi42vD9wXeRNlnkIYdGARvS1EDjBIl9voZk2cqq4Mxf6G82apEbdTauiZMeshwoHbU20mPeXwzgZs2JklRZBawXzBZK9luPL1tLUypG4G2T6LhOThJJRHFDToIPY9IWn7Ia1zGlO2ICMdwZUsmh1tbrrgkPmARe.Hp4PN4cLBxYDn5aw6FKmSyVWpzyy9OzOQzPx1Zgd0JUTPwsNqN50aQP8sJgkEEYfjbC4z4t1hdf78K59TRtgKBS1pvtVN55noxPCHRoyqcFY_HXY-

104.21.42.169

200 OK

1.3 kB

URL HTTP/2
player.cuevana.biz/play/player.php?h=yViZcjnk9l7gkYDnzRTTU6OSSBgJi42vD9wXeRNlnkIYdGARvS1EDjBIl9voZk2cqq4Mxf6G82apEbdTauiZMeshwoHbU20mPeXwzgZs2JklRZBawXzBZK9luPL1tLUypG4G2T6LhOThJJRHFDToIPY9IWn7Ia1zGlO2ICMdwZUsmh1tbrrgkPmARe.Hp4PN4cLBxYDn5aw6FKmSyVWpzyy9OzOQzPx1Zgd0JUTPwsNqN50aQP8sJgkEEYfjbC4z4t1hdf78K59TRtgKBS1pvtVN55noxPCHRoyqcFY_HXY-
IP
104.21.42.169:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.3 kB (1288 bytes)
Hash
78567d82fb5634ae9644c69121a90524
0c1fff8f70dc961c9540b74a3cd4b798dfcbce7d
d95ab4e06688fec6f64d451c632e502ed78deece72e5dd7767b6ec65330969c0

HTTP Headers

GET /play/player.php?h=yViZcjnk9l7gkYDnzRTTU6OSSBgJi42vD9wXeRNlnkIYdGARvS1EDjBIl9voZk2cqq4Mxf6G82apEbdTauiZMeshwoHbU20mPeXwzgZs2JklRZBawXzBZK9luPL1tLUypG4G2T6LhOThJJRHFDToIPY9IWn7Ia1zGlO2ICMdwZUsmh1tbrrgkPmARe.Hp4PN4cLBxYDn5aw6FKmSyVWpzyy9OzOQzPx1Zgd0JUTPwsNqN50aQP8sJgkEEYfjbC4z4t1hdf78K59TRtgKBS1pvtVN55noxPCHRoyqcFY_HXY- HTTP/1.1
Host: player.cuevana.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:36 GMT
content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
vary: Accept-Encoding
x-cache: MISS
x-cache-hits: 0
last-modified: Sun, 16 Oct 2022 22:14:49 GMT
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W0VDkpul0oE0NokEkrw9U40qKiExHaN6oq05b0revedleLj9N7PdzKd3CotM4QEoObQ14ZRx3cYCPNsPIiS9oCg05CsTlLWz8mdhkSQixogqxgiOAqA%2FlCLVHFTiC2%2FRUjeVSR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7d4e4db4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

player.cuevana.biz/play/play.png

104.21.42.169

200 OK

1.4 kB

URL HTTP/2
player.cuevana.biz/play/play.png
IP
104.21.42.169:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Size
1.4 kB (1354 bytes)
Hash
68be6850d440e4d824a69b6cc1362891
0b9417f87435998365686f91f75dc14ff3fdc6ab
5591f30c0370a4c28da85fab6c48d378a3b4a72a7d8a34c76a3ea2bb266bd997

HTTP Headers

GET /play/play.png HTTP/1.1
Host: player.cuevana.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:36 GMT
content-type: image/png
content-length: 1354
cache-control: public, max-age=604800
expires: Wed, 19 Oct 2022 14:24:27 GMT
last-modified: Sat, 02 Apr 2022 12:13:10 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: HIT
age: 340575
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jkGANoJWjIZuBGRiGIOiUnmRPwukd7%2Br82%2FA2NctJKG9E4ePKBJt5%2F%2BFSEX%2Bzd%2BHYekMmqxuprfMuSeSmaXcXZ4Ro64i%2FY5jYjAhVVudXdZCNSKe2lQA7zoPGJ15V71dVb%2FnKOY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b43a7e0ee6b4fa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cfc92c8f6ee7599505d969732542ac42
7f4804d49c8ccd76ccffa6b72d41b1df611eb090
406c057a8392b9fa0ab09efa8b3222a58ec5fc17fa73f55a1f093e3d1092b0e4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4461
Cache-Control: max-age=125551
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 22:28:36 GMT
Etag: "634bbb97-1d7"
Expires: Tue, 18 Oct 2022 09:21:07 GMT
Last-Modified: Sun, 16 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ad7383dbb410a4bcb1d195ad2ef9abc8
20fefe7acec7f2e72660ed61b4491c9bafc7d3ef
b33fd50c48b95190530cf4c2529ac281e67c9dd2333b1db39ca41727ddf40bd0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B33FD50C48B95190530CF4C2529AC281E67C9DD2333B1DB39CA41727DDF40BD0"
Last-Modified: Sun, 16 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3796
Expires: Sun, 16 Oct 2022 23:31:52 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

applicantpoachmeat.com/96/bd/31/96bd31fed486055d6197aef4f5966c1d.js

192.243.61.227

200 OK

20 kB

URL HTTP/1.1
applicantpoachmeat.com/96/bd/31/96bd31fed486055d6197aef4f5966c1d.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59414), with no line terminators
Size
20 kB (20347 bytes)
Hash
13a4925cb5c0f74c1d75fadeb3eb2798
a7f2723f03feb721a40cb50928afb7ae059ac1e9
a3d77f90220fa64f761ca4e7840e0cf0aac787a325cd2b828118fa5e336a90c7

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /96/bd/31/96bd31fed486055d6197aef4f5966c1d.js HTTP/1.1
Host: applicantpoachmeat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 22:28:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7dc00896cfb1571ec4d232b494379316
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

push.services.mozilla.com/

52.35.167.249

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.35.167.249:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: k1PKtuN39HGwGRedyod1Wg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BFg8legCpZrWzObT4JF9XYnaaiM=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9efb886fc3a4ecf8c694832abf45b1e1
1e64203f1ab728bd23ff97efbeca21d71a67f22d
745a4d6aee18994adeccfc5c70cae3cd75d16126ba8ed8e8971b6b36a3651be3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "745A4D6AEE18994ADECCFC5C70CAE3CD75D16126BA8ED8E8971B6B36A3651BE3"
Last-Modified: Sat, 15 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1226
Expires: Sun, 16 Oct 2022 22:49:02 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

9.6 kB

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
9.6 kB (9550 bytes)
Hash
b6a5ab36cc3952e3fd2055c9ef029198
535129eabcc6b2a68034e7977fc027f42dc8a17d
1e59ca741e8bad14f97c89fe674c7c10257e6d8ee119784944f8a5e963cfdd88

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3292
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-138739455-1

142.250.74.168

200 OK

42 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-138739455-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1942)
Size
42 kB (42459 bytes)
Hash
9786628fa43c5658ebc61ce1a50cc6e1
3312fab71a1996e29060cf3e6959adfa502454c1
6324504288dc823c7d33e54398aea05bbd580c528d13e4ce6d26f81f92adb435

HTTP Headers

GET /gtag/js?id=UA-138739455-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 16 Oct 2022 22:28:36 GMT
expires: Sun, 16 Oct 2022 22:28:36 GMT
cache-control: private, max-age=900
last-modified: Sun, 16 Oct 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42459
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5f309b801fdcff49c832652cf9f67fed
f0b6a27d0995fd7fd40f23ee385f8fe1fd752c13
53663428a1b73aeee2fc68815b072ad9ced52bfd3726416aaab332c29eb3aab6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 16 Oct 2022 22:28:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f0413efff3fc4435819eea0892565002
68f2cbf9d99cbc2f3500c911fe2906ea03a6d72f
f5ebdb13ab4ad27844b4ad00d4bb79c9238bd02937bdab5dc83d0802d956895f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140732
Date: Sun, 16 Oct 2022 22:28:36 GMT
Etag: "634bf982-1d7"
Expires: Tue, 18 Oct 2022 13:34:08 GMT
Last-Modified: Sun, 16 Oct 2022 12:30:58 GMT
Server: ECS (bsa/EB12)
X-Cache: Miss from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -HAhAUlY-X2YhLFSIUcwxe85QUGNOQNAxT5nizyAQl6ppCABefrkNQ==
Age: 3790

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
433ea21184fce15d41db451a6aba1623
299c3e2f61fbf0d1356e235a6fafb35489047771
4512c73bccae5910c551882d43dbb9982495aed7776deca5424275c872dc15e5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cuevana.cool
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:36 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.cuevana.cool
access-control-allow-credentials: true
set-cookie: uid_id2=f545a19b-efba-4225-8276-dd77a4415ea1:2:1; expires=Wed, 13 Oct 2032 22:28:36 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
a5b04d6d3c126a01d5aa922574230332
fd3383c24dac377a75ca3160503bb31b8019df4a
621df3b5055828325b8cc517cf359ea5ca002fd5fad771cca767e15bde7fa330

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "621DF3B5055828325B8CC517CF359EA5CA002FD5FAD771CCA767E15BDE7FA330"
Last-Modified: Sat, 15 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3292
Expires: Sun, 16 Oct 2022 23:23:28 GMT
Date: Sun, 16 Oct 2022 22:28:36 GMT
Connection: keep-alive

negligentresponded.com/f2/72/33/f2723342888002f043115e7320b9d968.js

192.243.59.13

200 OK

20 kB

URL HTTP/1.1
negligentresponded.com/f2/72/33/f2723342888002f043115e7320b9d968.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with very long lines (59414), with no line terminators
Size
20 kB (20340 bytes)
Hash
ed90b6efb249770c3607af5598f8b3d0
dd8017ecdec61f8eb250cf458b3caf266092fdc1
535260369aed4214bf3584f289b373866a9812c057bcd19ca5edbb2a0748b875

HTTP Headers

GET /f2/72/33/f2723342888002f043115e7320b9d968.js HTTP/1.1
Host: negligentresponded.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 22:28:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 76715d024cc0b77a127afa170b852a44
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

simplewebanalysis.com/stats

3.66.118.16

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
3.66.118.16:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
433ea21184fce15d41db451a6aba1623
299c3e2f61fbf0d1356e235a6fafb35489047771
4512c73bccae5910c551882d43dbb9982495aed7776deca5424275c872dc15e5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://player.cuevana.biz
Connection: keep-alive
Cookie: uid_id2=f545a19b-efba-4225-8276-dd77a4415ea1:2:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: http://www.clicksgear.com
access-control-allow-credentials: true
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
847b1ea1c11d19d870afbc83c7c12f74
8d149fe2e33074450d5612feb295a38311fd8227
22d917f93d8c7488a84707b1c393164b68c32c478c582d37024eb9d40d221861

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22D917F93D8C7488A84707B1C393164B68C32C478C582D37024EB9D40D221861"
Last-Modified: Fri, 14 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15340
Expires: Mon, 17 Oct 2022 02:44:17 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

motivessuggest.com/pixel/purst?dl=0&th=0&sc=0&rs=1529&rd=1529&fd=889&bv=22.8.v.1&tmpl=70

173.233.137.44

200 OK

0 B

URL HTTP/1.1
motivessuggest.com/pixel/purst?dl=0&th=0&sc=0&rs=1529&rd=1529&fd=889&bv=22.8.v.1&tmpl=70
IP
173.233.137.44:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1529&rd=1529&fd=889&bv=22.8.v.1&tmpl=70 HTTP/1.1
Host: motivessuggest.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 22:28:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aed118e6a59324e2d52302879dbf1e2e
d171fcebf3ddbe36321cf3c09118d61c25336769
1faa3148720a9bf4a16b908984c46e9524d90aa29bf9cda421ba4ea3076e9854

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1FAA3148720A9BF4A16B908984C46E9524D90AA29BF9CDA421BA4EA3076E9854"
Last-Modified: Fri, 14 Oct 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6411
Expires: Mon, 17 Oct 2022 00:15:28 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

banquetunarmedgrater.com/advertisers.js

173.233.139.164

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.139.164:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 16 Oct 2022 22:28:37 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 471f7d476efbc0f295ad79b9ded04f5c
Strict-Transport-Security: max-age=0; includeSubdomains

r3.o.lencr.org/

23.36.76.226

200 OK

1.3 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.3 kB (1285 bytes)
Hash
358a9ee9c2127ed45fb4527f403ec1b5
a5d0bec626ff2af5edb656311852a699d0138393
9b65374df660ce3b55fc36d5296b0d719cb76818d2922693b25f57cebc5b7430

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43526AB8D7903082FB38EF266C9509C1827BE476E6FB8786ABC8650BE5DCAC28"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6681
Expires: Mon, 17 Oct 2022 00:19:58 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

46 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
46 kB (46269 bytes)
Hash
f454be975db9f45d8e377a30b522584c
0d0c8800442d2f2119761f7d63aa802f3fba1ced
6cd136dac91a909ff22d66e7d377817b206c039662f43d167cced30f904da286

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "43526AB8D7903082FB38EF266C9509C1827BE476E6FB8786ABC8650BE5DCAC28"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6681
Expires: Mon, 17 Oct 2022 00:19:58 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 16 Oct 2022 20:41:09 GMT
expires: Sun, 16 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 6448
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Mon, 17 Oct 2022 03:41:23 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
59c9f4b6a5cb5571f7e8ec52f3548732
9bd1c495d09547b8cc983f71b90471f42ec61f94
25c4798d1ef0730368cc5c6d41a4596c5c914865f6f7a4fad97bdd4ce017894e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Mon, 17 Oct 2022 03:41:23 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

751 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
751 B (751 bytes)
Hash
d1536611c88324e432f2cac3e5e7714d
98d3bab5340b9e07f77c43010d64ee8f615ba1d7
4a68e0d9aa2cba29c320e06207dc1b7621d52b4dddc3ca7704f94d578bd238fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Mon, 17 Oct 2022 03:41:23 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

3.1 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
3.1 kB (3093 bytes)
Hash
3a3529fd53bf7f0500c7db7da01876fe
d7203f74ef595dc4a69a84ca24c09f1f48f40724
045088d5f5a6411d91fbd51aad312861d6d3f7783dbc5b932e4a202b3c5a0f44

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25C4798D1EF0730368CC5C6D41A4596C5C914865F6F7A4FAD97BDD4CE017894E"
Last-Modified: Sun, 16 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18766
Expires: Mon, 17 Oct 2022 03:41:23 GMT
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive

addresseepaper.com/sfp.js

104.21.234.254

200 OK

50 kB

URL HTTP/2
addresseepaper.com/sfp.js
IP
104.21.234.254:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
50 kB (50136 bytes)
Hash
ea7e9df3ec566d93c7ff7f60eeff11b8
9a363446e7056005993e6a871d3a651e4794df8a
fbdf73796704bfe76adca97fab43ad996a5ec824f84899bbe65666e8255749a8

HTTP Headers

GET /sfp.js HTTP/1.1
Host: addresseepaper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:36 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 05e002e62ce2b68a2c96ea2ba6052a97
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 16 Oct 2022 22:28:36 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m2Dni70DGdt3s3B0P0xW5ThurlyuP7pSXmBrVk8yqZfuTbygQ%2Fo0Y0RFjb%2BapaNp%2F0270qvhalx8t38yaVxRC5EMqnjLUXV7atfaP32aXRRT5EyYou20y14ZTnKtZ7rM%2BAuJqCk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b43a81ed37dc21-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc93d45-62e4-4537-a211-c582543eaa7b.jpeg

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc93d45-62e4-4537-a211-c582543eaa7b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7362 bytes)
Hash
509e51b18f9e9c33c804eb2369fa910a
efad26648384acff4bb092cf4921c40809113df4
e19faa2460c26303e743776f91603ac203695ee55c7a8240b3f3b51cc94dbfa9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc93d45-62e4-4537-a211-c582543eaa7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7362
x-amzn-requestid: 921346a1-3abb-49a3-b26c-56491dabcae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHfyxGPSIAMF5gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c79ab-6750942e5ee91cdb5d3b0781;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 21:37:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 186j0NIOoYhhafRg9oYAizu9VC7oORim8l84dylH-6cR9SmgNH8-Tg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 21:57:39 GMT
age: 1858
etag: "efad26648384acff4bb092cf4921c40809113df4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15855 bytes)
Hash
319cbf11bba3f159e5c9f606deded924
13f29acb7a694030fc2de0b42c0d95c4be49deb7
09aa7d94e4829f4daf33d5e2aed077afcc59628839c5d6e877172e8455879062

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a5488a3-4a1c-4773-99f6-81e18bcdccd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15855
x-amzn-requestid: c8171eaf-67b4-4179-9e69-36fe00ef3bfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhQU8HmcIAMFw0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2db9-2985178a31d0e8c430323a26;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:09:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Zo6PXcoqkbRgpug8ZDp-0Q9RtLAwpAOlASdtGT4KHy6Q9q-4HgLqfw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 05:08:57 GMT
age: 62380
etag: "13f29acb7a694030fc2de0b42c0d95c4be49deb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ae5b65-3d0a-4d73-8a6b-e8f407db78a1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5613 bytes)
Hash
89156fccf0d7e65c0ac1467e63207bdb
0c7f5be7be8d6c21d0542eb4014d560eb0aae1ec
54316b96c831d7b77fffadb7a3c7a9370d6cbe59428f5ccf89490da25e40dd7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff4ae5b65-3d0a-4d73-8a6b-e8f407db78a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5613
x-amzn-requestid: bffac0a6-d874-4928-838d-7f702ca7ae24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aHf5VGpJoAMFVNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634c79d5-2a58b7c6018952bc0967def4;Sampled=0
x-amzn-remapped-date: Sun, 16 Oct 2022 21:38:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vBmUmkb1lqOcX03ln9YzL38v1HdvkWBwYjRnImNtnQYsgc5maPnlhQ==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 22:10:15 GMT
age: 1102
etag: "0c7f5be7be8d6c21d0542eb4014d560eb0aae1ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff5e073-79bd-4596-85f9-6311f621dc15.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5853 bytes)
Hash
67116d79438e8a208850e56e47786d04
a79f6c53a212cf3218fc176af4381acfa82b5173
a1f501a1793d2c863e4bdbedcf0cc871afe738c97e84c0a58eb29dba921c0e21

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcff5e073-79bd-4596-85f9-6311f621dc15.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5853
x-amzn-requestid: 44f8d2fb-e3b7-4ead-a462-0e72d6ad4187
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxMaCFFYoAMF4Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63438dd9-1454fba02e61ff711b91b060;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 03:13:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Oz350qnuIDfm5uB19PjAaCHZ8D3nKj4MZZGQ11fjL3JckEc8pG1-xQ==
via: 1.1 ac433885d6f49db81bf694a6c6b6bea0.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 21:51:21 GMT
age: 2236
etag: "a79f6c53a212cf3218fc176af4381acfa82b5173"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff16587d8-20bf-4cbe-a307-4babf4b40f43.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8528 bytes)
Hash
57b8c3defee740fd16ededbc0c5e8ff2
8842eab4aaeb646c4618081ec204d0f423ab5934
b19f5357c17653958793712c093dee642c530908c5d5009cb087ff6c70ec5d67

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff16587d8-20bf-4cbe-a307-4babf4b40f43.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8528
x-amzn-requestid: 469ff83f-2334-4968-9df9-d244a5763011
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxuZdFZroAMF71w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c43c-50e24c0339ffb18f4cadedd2;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:05:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: fEB6uY468DtLGtNZVCsvf0vZUrX4Cg4oZ25xxLjU-kPhW9haosznKg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 15 Oct 2022 22:43:18 GMT
age: 85519
etag: "8842eab4aaeb646c4618081ec204d0f423ab5934"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60670b74-cf10-4a50-84e4-68196c7d5bcc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5918 bytes)
Hash
e1c457c02b82a34aeeec8bb629e056f3
3d005eb7e3d67146ccd8fb05bec9861bb2d1ff40
74c380e47dd259bfb19ed8edd7a2525b3cc5eebcd87161532c02825863d5350a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60670b74-cf10-4a50-84e4-68196c7d5bcc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5918
x-amzn-requestid: f74468b9-e76a-42bc-93b8-43a13ee1377e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z-lVgHxKoAMFYfA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348e8ef-1d009d4b6be5915b02807b2e;Sampled=0
x-amzn-remapped-date: Fri, 14 Oct 2022 04:43:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YfePEug94wi5d97nRy8dA07GHRaIOsi_O08NVIB3DL0eDLWFUzhXHg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sun, 16 Oct 2022 17:40:05 GMT
age: 17312
etag: "3d005eb7e3d67146ccd8fb05bec9861bb2d1ff40"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

invaderannihilationperky.com/pixel/pure

192.243.61.227

204 No Content

0 B

URL HTTP/1.1
invaderannihilationperky.com/pixel/pure
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

OPTIONS /pixel/pure HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://player.cuevana.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 22:28:37 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0

invaderannihilationperky.com/pixel/pure

192.243.61.227

200 OK

1.3 kB

URL HTTP/1.1
invaderannihilationperky.com/pixel/pure
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
1.3 kB (1338 bytes)
Hash
7011de879b26e33bd82ed8573f84d891
a1a84179dcacf3712ab82d22ecfb6b2c269350de
29ce22c0cd30ae94e044c08c27faed43b9dcbc31bc04e283d902669a5c044a19

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /pixel/pure HTTP/1.1
Host: invaderannihilationperky.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 72
Origin: https://player.cuevana.biz
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 16 Oct 2022 22:28:38 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f3c1b705b929543711cc96507a60952b
b20afa731c5a5925bcf23b2a5e673c1ff0d7ec77
4eaaa1fa789a46a4a1ee02c23c7188bc7609383fc66dd259093de5911935e2b6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4EAAA1FA789A46A4A1EE02C23C7188BC7609383FC66DD259093DE5911935E2B6"
Last-Modified: Sat, 15 Oct 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2324
Expires: Sun, 16 Oct 2022 23:07:22 GMT
Date: Sun, 16 Oct 2022 22:28:38 GMT
Connection: keep-alive

unseenreport.com/pxf.gif?uuid=f545a19b-efba-4225-8276-dd77a4415ea1&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96bd31fed486055d6197aef4f5966c1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22

192.243.59.12

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=f545a19b-efba-4225-8276-dd77a4415ea1&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96bd31fed486055d6197aef4f5966c1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22
IP
192.243.59.12:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=f545a19b-efba-4225-8276-dd77a4415ea1&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=r&res=14.31&b_frame=0&pk=96bd31fed486055d6197aef4f5966c1d&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=22 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 16 Oct 2022 22:28:38 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0d4191f58f6b18a1777c2f43be06bc91
Strict-Transport-Security: max-age=0; includeSubdomains

player.cuevana.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

104.21.42.169

200 OK

0 B

URL HTTP/2
player.cuevana.biz/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
IP
104.21.42.169:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: player.cuevana.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:36 GMT
content-type: application/javascript
last-modified: Tue, 11 Oct 2022 13:38:05 GMT
etag: W/"634571bd-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tDEmxe%2BBHBjuVpXieEf5736Ib4senxyki8e2HiyUS1Q4lXMCfu%2F8bvcIMBTxQ2C0btHGcRgKOXaA3Uy9kiWGUXXPTFSmkr9kyTWj9j%2BO3rN7hVmdsjm88Mqx9vxdfDMb6O2s1%2BA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75b43a7e1ee7b4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Tue, 18 Oct 2022 22:28:36 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2

www.cuevana.cool/pelicula/610253/halloween-kills

172.64.205.29

200 OK

0 B

URL HTTP/2
www.cuevana.cool/pelicula/610253/halloween-kills
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pelicula/610253/halloween-kills HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-nextjs-cache: STALE
x-powered-by: Phusion Passenger(R) 6.0.15
status: 200 OK
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D5%2BaV%2BzRnDR9OprzG6%2BdHikyyz0MpBJ4IB7xM4KGAxOt7THb5vRsIgLFJ%2BIBKJdmGZ91wIgbRUUnArhfQqYR3U%2B9rBkEbJCJu83%2BBiE00fDoWotiap3t8Yhfj6Zlk2qtFFMc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7b38cce664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.cuevana.cool/_next/static/css/0a255b782476b48d.css

172.64.205.29

200 OK

0 B

URL HTTP/2
www.cuevana.cool/_next/static/css/0a255b782476b48d.css
IP
172.64.205.29:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/css/0a255b782476b48d.css HTTP/1.1
Host: www.cuevana.cool
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuevana.cool/pelicula/610253/halloween-kills
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Oct 2022 22:28:35 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-bgj: minify
etag: W/"9577-183d7730d04"
last-modified: Fri, 14 Oct 2022 17:03:04 GMT
status: 200 OK
vary: Accept-Encoding
x-powered-by: Phusion Passenger(R) 6.0.15
cf-cache-status: HIT
age: 191899
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4N54%2B1fV84HyxeORXT4ZdDqZ5n%2F%2FpKK0ZoFb4iHub5PGyPZyRNYceiMyaScy4Grv38onnYlWQtN0VAjyVxfziSjY8yp8%2B7UFdrwq7gO9PX4SH11GMejq0HTkrxr%2FH9HL4lMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75b43a7c499be664-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations