Overview

URL www1.cuevana3.vc/search.html?keyword=ip+man
IP104.26.5.61
ASNCLOUDFLARENET
Location United States
Report completed2022-07-06 01:21:44 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Added / Verified Severity Host Comment
2022-07-06 2 dizzardfovea.com/rK9Q0RCVKymRPz/51010 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS
Added / Verified Severity Host Comment
2022-07-06 2 dizzardfovea.com Sinkholed
2022-07-06 2 wvhba6470p.com Sinkholed
2022-07-05 2 rndskittytor.com Sinkholed
2022-07-05 2 rndskittytor.com Sinkholed
2022-07-05 2 unphionetor.com Sinkholed
2022-07-05 2 unphionetor.com Sinkholed


Files

No files detected



Passive DNS (25)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
[Mnemonic Passive DNS] firefox.settings.services.mozilla.com (2) 867 2016-03-17 08:25:01 UTC 2020-05-25 20:01:47 UTC 54.230.111.7
[Mnemonic Passive DNS] img.repelis.id (12) 268319 No data No data 172.67.200.6
[Mnemonic Passive DNS] www1.cuevana3.vc (6) 0 No data No data 172.67.71.171 Unknown ranking
[Mnemonic Passive DNS] contile.services.mozilla.com (1) 1114 No data No data 34.117.237.239
[Mnemonic Passive DNS] use.fontawesome.com (2) 942 2017-01-30 04:43:25 UTC 2022-07-05 21:19:04 UTC 104.21.63.54
[Mnemonic Passive DNS] cdn.uponelectabuzzor.club (4) 0 No data No data 139.45.197.239 Unknown ranking
[Mnemonic Passive DNS] my.rtmark.net (1) 9054 No data No data 139.45.195.8
[Mnemonic Passive DNS] img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-07-05 12:56:13 UTC 34.120.237.76
[Mnemonic Passive DNS] unphionetor.com (2) 54035 No data No data 139.45.197.236
[Mnemonic Passive DNS] r3.o.lencr.org (9) 344 2020-12-02 08:52:13 UTC 2022-07-05 04:59:43 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.digicert.com (1) 86 2012-11-29 12:49:49 UTC 2022-07-05 18:37:22 UTC 93.184.220.29
[Mnemonic Passive DNS] dizzardfovea.com (1) 0 No data No data 23.109.170.49 Unknown ranking
[Mnemonic Passive DNS] wvhba6470p.com (1) 281989 No data No data 192.243.59.12
[Mnemonic Passive DNS] rndskittytor.com (2) 31865 No data No data 139.45.197.238
[Mnemonic Passive DNS] interstitial-07.com (2) 36198 No data No data 139.45.197.153
[Mnemonic Passive DNS] www.googletagmanager.com (1) 75 2017-01-30 05:00:47 UTC 2022-07-05 04:59:37 UTC 142.250.74.72
[Mnemonic Passive DNS] e1.o.lencr.org (1) 6159 2021-08-20 07:36:30 UTC 2022-07-05 18:54:16 UTC 23.36.77.32
[Mnemonic Passive DNS] ocsp.pki.goog (2) 175 2017-06-14 07:23:31 UTC 2022-07-05 04:59:45 UTC 142.250.74.3
[Mnemonic Passive DNS] push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-07-05 05:12:14 UTC 54.191.222.112
[Mnemonic Passive DNS] imp9.bidgear.com (1) 34078 No data No data 104.26.2.107
[Mnemonic Passive DNS] www.google-analytics.com (1) 40 2017-01-30 05:00:06 UTC 2022-07-05 23:31:20 UTC 142.250.74.174
[Mnemonic Passive DNS] ocsp.sectigo.com (3) 487 2018-12-17 11:31:55 UTC 2022-07-05 18:37:24 UTC 104.18.32.68
[Mnemonic Passive DNS] cdn.itskiddoan.club (2) 24539 No data No data 139.45.197.236
[Mnemonic Passive DNS] content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-07-05 05:12:14 UTC 54.230.111.64
[Mnemonic Passive DNS] offerimage.com (1) 304078 No data No data 104.22.32.172


Recent reports on same IP/ASN/Domain

Last 1 reports on IP: 104.26.5.61

Date UQ / IDS / BL URL IP
2022-07-17 23:15:51 +0000
0 - 0 - 12 www1.cuevana3.vc/118/cujo 104.26.5.61

Last 10 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-08-12 20:54:09 +0000
0 - 0 - 1 gen.giftbx-land.click/gift-temp/gen/generic.php 172.67.166.219
2022-08-12 20:53:08 +0000
0 - 0 - 2 agdm.ml/wp-admin/350573BHKEXRQFI_9762/?i=1 104.21.59.55
2022-08-12 20:53:06 +0000
0 - 0 - 5 agdm.ml/wp-admin/350573BHKEXRQFI_9762/ 104.21.59.55
2022-08-12 20:53:02 +0000
0 - 0 - 1 reallpccrack.com/gridinsoft-malware-crack-key/ 104.21.43.103
2022-08-12 20:52:54 +0000
0 - 0 - 1 cut-y.net/zsQTjIux7q 172.67.193.143
2022-08-12 20:52:34 +0000
0 - 0 - 5 centrichotel.com/wp-admin/62946-58914868/ 172.67.157.189
2022-08-12 20:52:30 +0000
0 - 0 - 2 centrichotel.com/wp-admin/62946-58914868/?i=1 172.67.157.189
2022-08-12 20:51:39 +0000
0 - 0 - 5 https://pitbull1-sbezo.ondigitalocean.app/login 104.16.243.78
2022-08-12 20:51:34 +0000
0 - 0 - 6 agdm.ml/wp-admin/L-67525/ 172.67.215.31
2022-08-12 20:50:28 +0000
0 - 0 - 1 escuelareloncavi.cl/nhcb.bns/5/login.php?sess (...) 172.67.145.29

No other reports on domain: cuevana3.vc



JavaScript

Executed Scripts (21)


Executed Evals (0)


Executed Writes (1)

#1 JavaScript::Write (size: 546, repeated: 1) - SHA256: 4116ea9124ccbc180d803f6e1aeedaad00a1c11864743d5785e7f9f3d4d283e3

                                        < div class = "bg-ssp-6326"
style = "position:relative!important;text-align:left!important;" > < div style = "display:none" > < img data - cfasync = "false"
src = "//imp9.bidgear.com/rec?t=1&z=6326&uuid=b4551dda206c44a58050d866de4deb4a&p=36&g=NO&token=4a44335432&tbg=1657070491"
rel = "noindex nofollow"
referrerpolicy = "unsafe-url" / > < /div><script type='text/javascript
' src=' //wvhba6470p.com/bf/fd/0c/bffd0ccd70480e9ae2e30278718389bf.js'></script> <script data-cfasync="false" async type="text/javascript" src="//dizzardfovea.com/rK9Q0RCVKymRPz/51010"></script></div>
                                    


HTTP Transactions (66)


Request Response
                                        
                                            GET /search.html?keyword=ip+man HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         172.67.71.171
HTTP/1.1 301 Moved Permanently
                                        
Date: Wed, 06 Jul 2022 01:21:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 06 Jul 2022 02:21:30 GMT
Location: https://www1.cuevana3.vc/search.html?keyword=ip+man
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GC5W%2BuyjSRPoY8FOosQ2VqT6O6uhHNJar%2FSLz62I6L5umy0gN3grn6tWIdFdCDcgfQoqrq7QUk%2B512a7kABPLZqfbBUxBGFepu0mnyK6s8%2BWgfRfwx9hMeA%2BzOFQBb6VjaE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 72648625686db515-OSL
alt-svc: h2=":443"; ma=60

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "5CA12512DFBE8A007255191678A4ECD570026D865AE741C0D3025D8FE1A58659"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8179
Expires: Wed, 06 Jul 2022 03:37:49 GMT
Date: Wed, 06 Jul 2022 01:21:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 06 Jul 2022 00:55:52 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OjcaokdrBJzAkiWYwHWmvgFd2YUq4PaLRHlwpJQx3gd1wFIQ8KerJw==
Age: 1538


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-08-10-12-10-21.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.64
HTTP/2 200 OK
                                        
content-type: binary/octet-stream
content-length: 5348
last-modified: Tue, 21 Jun 2022 12:10:22 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 05 Jul 2022 03:26:45 GMT
etag: "581454acdd98f34fd3fbabd0977ade29"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7KlkpFbDm39it4dCZK76lDMCJGVcACZUCB2mAgvVagpJFgQaFA3Oow==
age: 78885
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    581454acdd98f34fd3fbabd0977ade29
Sha1:   d8d86c0b513137aeb85de01cea7b272c35eb6ab4
Sha256: e98f8f33ba5ed59c3cfdf2ae54957ed32652cf0899f3c8db4b5872e3ece1e4eb
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "37879979C16BD4A35DE06230DFD27853BE42CE5F234B0829D5921E1C12FDDF5A"
Last-Modified: Tue, 05 Jul 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2040
Expires: Wed, 06 Jul 2022 01:55:30 GMT
Date: Wed, 06 Jul 2022 01:21:30 GMT
Connection: keep-alive

                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /static/img/loading.gif HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/search.html?keyword=ip+man
Cookie: gogoanime=1vfs4ota46s2cgj3gfl6n65rk2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.71.171
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: image/gif
content-length: 13952
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-3680"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ig5%2B%2B%2Ff5nMkJJJVSeovPwdUaAe%2Fok2BkOYgK9180hCC9lor3iWwbiNAvU1erMmLNrAlPZFA%2Bt%2FqyulJB0CsM2nkykhX5NBZ6mOP84ugyHGwUXtYBLEASdeNZUWMgypDYeMY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7264862a9f5e0b55-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 250 x 250\012- data
Size:   13952
Md5:    34cc62d1df1c8328f56ae7a7acf2e83a
Sha1:   afb49cf3ebd59e0a02b33ef8f0c1f4ea2cefe1fc
Sha256: c4492147e1e36bd65d7237c1961a3dc3505852b195bd9fd0ca042b3e7427bb65
                                        
                                            GET /static/img/cuevana3.png HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/search.html?keyword=ip+man
Cookie: gogoanime=1vfs4ota46s2cgj3gfl6n65rk2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.71.171
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: image/png
content-length: 4675
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-1243"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yCiidcokV6DwbBnENLRfUlqw0xGQQF5ktiKID%2BVRpmcn5%2FZlv7UDpuiRDnFnHb9rLTYHdSeQ8B3iSetINNQspberi3dInEKtSBNH%2Bes13rMF%2FzG8iXAdqsfYzAoaLM%2BWK24%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7264862a9f5d0b55-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   4675
Md5:    30ecf26d81b4d18a7a568d42e674705e
Sha1:   c846ca657d113edcdb68ae7e53b8ecede50a15cb
Sha256: f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
                                        
                                            GET /static/img/cuevana-logo.png HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/search.html?keyword=ip+man
Cookie: gogoanime=1vfs4ota46s2cgj3gfl6n65rk2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.71.171
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: image/png
content-length: 5783
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-1697"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98UyVnjPK3lF5uTMz2S9vWt%2BtTXuBl26c075d1hcdbzNBif6DkDib%2F%2BMXr1huOkGvsLaClJ2M2XJx726AJb%2FIrdheuzavAqXOZd3RimTeFpE1x3NSH%2FxbbWTMCIfx%2BxCIlk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7264862a9f5f0b55-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   5783
Md5:    a60e73427dd677b3a22ff75d7a989317
Sha1:   69d9c3b34502c3455ef4a70480a5eb78bb185be8
Sha256: bb8b54eb1859167182f80670354003360d5380d3ac9315a5c7be2bf3e250df07
                                        
                                            GET /static/img/google.png HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/search.html?keyword=ip+man
Cookie: gogoanime=1vfs4ota46s2cgj3gfl6n65rk2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.71.171
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: image/png
content-length: 1546
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-60a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98MLVCAtKG3hDKfaC4QoHcGOCaNWYO7es8ZeXqFytE6fFtPtOBGi7zNRdbteCyT1l6Q0ox0LHgSLFhVsVDP1%2FrQSSAh6m2D58Zv%2FPueirtf3DTeVRwBb39ZVvrYQsTyUhrw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7264862a9f600b55-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 27 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1546
Md5:    39fa61abc6882900163b6aac110681ac
Sha1:   c8de5c8663686c6678c8f53dcfd46b980e6e309a
Sha256: 6405e410140d23417d9dd63cb53590188906b0b79bab039d3d0bec253e950993
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtag/js?id=UA-151873175-1 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
                                        
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 06 Jul 2022 01:21:31 GMT
expires: Wed, 06 Jul 2022 01:21:31 GMT
cache-control: private, max-age=900
last-modified: Wed, 06 Jul 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 40364
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1596)
Size:   40364
Md5:    1ca9db7fede6ce9ebffe9e53266ec30c
Sha1:   24032e7f7c3e44baeaaf659de1324fc86f2c4d0c
Sha256: 42b80fdf8d1fb31a960e50a3d95916b2cda36e44322a09a2b366841dc1ffc4e1
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 01:21:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.63.54
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: font/woff2
content-length: 79100
x-amz-id-2: l2Hx9hk/8ARafaS0osURNPoSY2Aqy/WTzRNwxjVKq3IOoZt1eDoNYYuXVd8hVUOYYz48ZjvbIzA=
x-amz-request-id: CCPM79R69S3TBEP3
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 568289
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYLduo4FScsKRGV%2FWLjxSckZNTWqvgxp2wqC42UTcWmxugcHA%2B%2B8wBbF%2BM8M6OhzL5Kl92l%2BeM2FO7U7zNxTodDnggrRTP1KMBmgPn1CCXe%2BnANOaCKD2gZFkKY7mnZz5Cb46DEb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7264862bcb05b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Size:   79100
Md5:    5dc01cfcd5336f696cb85da7ce53fa9b
Sha1:   28a1f2fadc35c5343e0280389fe7955e3d1be607
Sha256: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
                                        
                                            GET /releases/v5.6.3/webfonts/fa-brands-400.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.63.54
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:31 GMT
content-type: font/woff2
content-length: 74288
x-amz-id-2: HMFOIS+/qeoL4RHYTuYY7hvZoMGfD7fcfOtY19a8btrBtPXsvqfkr4shdSfFcCmixJeXGma5XDE=
x-amz-request-id: 53EAR8B7M7KKX0DK
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "eac60e8a656781e13d2a674b4d9051c0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 978916
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FlQ%2F19XEYOEiXMuPQtYN5WC8UvF4pgnKuBLsRi9IqOhpmVyWhPfoXOdOJr0dOjkJgHGEj1V%2FGhFcBI4Aupconv3QS6kMH6PmjjZs15tipY38QaMq5FOpnG3nuvY%2FHEvcMk6CpBq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7264862bcb0fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 74288, version 1.0\012- data
Size:   74288
Md5:    eac60e8a656781e13d2a674b4d9051c0
Sha1:   0039be9d8a99d1e5cf200ca3e08757692020460e
Sha256: eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4112
Cache-Control: 'max-age=158059'
Date: Wed, 06 Jul 2022 01:21:31 GMT
Last-Modified: Wed, 06 Jul 2022 00:12:59 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Wed, 06 Jul 2022 00:34:56 GMT
Expires: Wed, 06 Jul 2022 00:43:27 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: uxMSIUktcpg0wnUvM4KyK1A5ea3NmQtHiRojYkJ1-VlIv7Is5zcxtQ==
Age: 2795


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TR3f2teRcGX9iPm6FmSDsg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.222.112
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TMf7/o91bw28S5D3rv4azHcN3Nw=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "23E69C0E09008CB4DB1865A1DD7E0FA99F7E83F09BD674539D5D84238F45156D"
Last-Modified: Mon, 04 Jul 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21596
Expires: Wed, 06 Jul 2022 07:21:27 GMT
Date: Wed, 06 Jul 2022 01:21:31 GMT
Connection: keep-alive

                                        
                                            GET /rK9Q0RCVKymRPz/51010 HTTP/1.1 
Host: dizzardfovea.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.109.170.49
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=utf-8
                                        
Server: nginx
Date: Wed, 06 Jul 2022 01:21:31 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www1.cuevana3.vc
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
Set-Cookie: GL_UI4=eJw9jUtOwzAYhPMOVUnESDkAR2gi0rRLNqy4Q%2BTYf4Jp4r9y3Ae3xyDBbh6fZoIgiKoS4TWLEV9Ei%2BejGru9pJrkoW6a%2BuXQyLEdRDfWqunqdoeNXnsnhplcgseJDFkte8mKCjz56i85Gb6ZBOlghVEF0sUTc4F8sHxbyVYxEiMWQv6mLY1894T4ZIvouPdSGy%2FDHSJeq7jcIH3X5nIvt1lQFlmA7XkWbmS79Fp5m05WKEL4igcpHE1sv5ArWk%2BOzwDPqv%2Fnfz%2FT%2BWcNmaKrlt6y%2ByD7DTb9Sx8%3D; expires=Thu, 07-Jul-2022 01:21:31 GMT; Max-Age=86400; path=/; secure; SameSite=None GL_GI10=eJxNjMFqg0AURXXSTCOK5UI%2FID9Qk7R2kW3TZdGFHzBY8xIGzDxxJm0mX181ULK5HA6cGwSBeE4hdIdku8m26yx%2FzTbvOWZHYoiiRNLw2bjeK1OfCLLg%2Frf2kD0dNRuI9RviG6uG94R5Ub7cuSmKS9vycjf%2BeDw0etxRIRr51j0O3eRm2nZIP1p9WVbcnt3wYhEZcsp2RHtEu%2Fq7pdVn9YX0304fMsRCW9X1fPEDPzl9oisbUnw4WHJSIPyR4g8Mt0dW; expires=Thu, 07-Jul-2022 01:21:31 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   25
Md5:    d488addc5df5fc9b9ff4135bb4e3a823
Sha1:   6ce56f48e851df4d562b43d3bc1269a504ae83fc
Sha256: d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

Alerts:
  Blocklists:
    - fortinet: Phishing
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8E1EECB2A3EF7581A6229610621BD79AE029D49C14FE7D1F9263E2D99D675339"
Last-Modified: Mon, 04 Jul 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3065
Expires: Wed, 06 Jul 2022 02:12:37 GMT
Date: Wed, 06 Jul 2022 01:21:32 GMT
Connection: keep-alive

                                        
                                            GET /bf/fd/0c/bffd0ccd70480e9ae2e30278718389bf.js HTTP/1.1 
Host: wvhba6470p.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         192.243.59.12
HTTP/1.1 403 Forbidden
Content-Type: application/javascript
                                        
Server: nginx/1.17.6
Date: Wed, 06 Jul 2022 01:21:32 GMT
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA-Full-Version-ListSec-CH-UA-MobileSec-CH-UA-Platform,Sec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-ModelSec-CH-UA-Mobile,Sec-CH-UA-PlatformSec-CH-UA-Platform-Version,Sec-CH-UASec-CH-UA-MobileSec-CH-UA-Platform,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A7027008D8D8FBE8F7D2621F1C16530E141A120E3D345490C9814D1525F24867"
Last-Modified: Sun, 03 Jul 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3986
Expires: Wed, 06 Jul 2022 02:27:58 GMT
Date: Wed, 06 Jul 2022 01:21:32 GMT
Connection: keep-alive

                                        
                                            GET /cover/wolf.png HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 8488
last-modified: Tue, 05 Jul 2022 03:41:41 GMT
etag: "62c3b2f5-2128"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1612
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6BSXSyF5JuLibRUT05JheZBBxYofOCzIh3oDG1pTxaMMFy9fNd1dSypr4r%2F1syEWhM0dmfhlDtmf7XXHmUoqgLHKBlWcywxDjMvtNScFfK8baQzI6xprr0y4cXXvWE05A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ca47b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   8488
Md5:    30ceef3ed2ea04a93eb30dd8c1f16dba
Sha1:   2f98c5b027c538e9759f5807aa377aaf27279227
Sha256: 1a6fd725495834228b4b9258632b8286145c51be91aa773cc61b2bd503434b9a
                                        
                                            GET /cover/confrontacion.png HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 7939
last-modified: Tue, 05 Jul 2022 03:38:48 GMT
etag: "62c3b248-1f03"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1612
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Bee8Tp2JfpW9kQGo6%2BXgKiIQqvQBBxoiYk%2F1992Li7PfJUpo4QyEpRtzEk6ccXhIhwA2b6cytZYdpDJBEj1qF%2FzDjJjlS8WL6GtZx32mhChaESzfhOZ1eUO05i9L%2FHyAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da49b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   7939
Md5:    11aabd056da7e170cb1cd556b7c3eb76
Sha1:   8d838630f24df603efb90a0ccf73ebfce9faa224
Sha256: 15751cebe0fa38b805f9f9857fff589acecffe1c9268f9e197d845824f4e8a4c
                                        
                                            GET /cover/staycation.png HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 8112
last-modified: Tue, 05 Jul 2022 03:35:07 GMT
etag: "62c3b16b-1fb0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1612
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhenH%2FZqfmtpZAp2Bo6tnq%2Fo5geAUeuKcDBFAsiPMmouXNdsR6%2FjBZTLCSQm9r8LNsKDUqgps9%2FxgNod0VLVyVO3OcsRa9fzdpUY93FpfLOErCeBTn10ohhPkawTSo2IuA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da4ab4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   8112
Md5:    42ad90846a6f18db11407776a4a41232
Sha1:   046037949f56f3389d5c4d5551753357bb13b231
Sha256: 8c7e70da04e9cb994ddac0d5cf4851deff1ab61561922caaac9c1e45c243c960
                                        
                                            GET /cover/sera-historia.png HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 9560
last-modified: Tue, 05 Jul 2022 03:34:03 GMT
etag: "62c3b12b-2558"
cache-control: max-age=14400
cf-cache-status: HIT
age: 1612
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yK7fBF%2BCd92LEhYFnd9jJkRufKLJBsKOfIwoPzbJcphvWp8B1tFaKXbY9zdLMARSffsB394DKJlFKY%2FM%2FARveu2GVCxyf9cSXz7yCIlEtuNRpQC7J%2FA7K1fViBSBzma8Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da4cb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   9560
Md5:    36effd40149bc7df4d7fa71cfb08a0c7
Sha1:   616e518f4d2641d2b33363d3ca9108c4d11db235
Sha256: 250014b608892f237a6f5358bc8bb63f4a931d2e2b80b40b763749c855088d72
                                        
                                            GET /cover/ip-man-3.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 31775
last-modified: Mon, 06 May 2019 06:58:00 GMT
etag: "5ccfdaf8-7c1f"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9hG39PWlqK9b1u%2Fo%2Fwn6H3dBKNxHeAe0SPKRTk9xlrRaZcpFZwwQ%2BTvMpbf79Ysyh559aljCr%2F8FaBoKUXOJqua57DX75CzJqxhXnBccClvIVAyO7e2NRCNz%2BBT6kvrKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da4fb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size:   31775
Md5:    85447ca07182d2677cc016fa7f9c56cf
Sha1:   9539d9b48a96030237a83e7385b9e244d9737c7c
Sha256: 8aeaf8e4b37af3a85be315a303e77a5616dc612f982414c6c79163680e2afacb
                                        
                                            GET /cover/ip-man-4-2-1581853563.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 12051
last-modified: Sun, 16 Feb 2020 11:46:03 GMT
etag: "5e492b7b-2f13"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJoRla6YSwqLhzcrPDkasoeQLfgQVKS5eisRCG1IYaehhs%2B%2BbXNRScrFSa5SOEM%2BcAcJyL7VFNrf3gfMINvKutXdkYUSPAfPFv1RSbbOIMdGKE2f9Mh2lmspXgiemf3%2BnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da51b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   12051
Md5:    4dc8fda4863db4c146e45229c2eb2b46
Sha1:   f34e4b8e06ba0401e57f95874d2275e157196487
Sha256: 73aae23ad3c051da354f774695227ab523b7d251b6bbfbcedbbc167705307c18
                                        
                                            GET /cover/ip-man-el-despertar.png HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 12768
last-modified: Thu, 16 Jun 2022 10:43:20 GMT
etag: "62ab0948-31e0"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TJx1T9UJTu%2BaFf9SDU1QRLhQmvzJY%2Btydk7ulweJCrbKWgStdUA0OYywnlxuaWA1smROo10XriTg2NAKaNZjze4RxU1ZrlDjaXvM%2F2ZSyrICF8dfd3XZal8wavuVmxEZQw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632da56b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   12768
Md5:    57ec5f2fa00d9722e91253aa0823376b
Sha1:   6378ae24c5fa80dd3fe2d51dd5641986d1f481ac
Sha256: 54c7abfb17aa646b6c06959f3d7df259f3597f7c7da540025d5a99a36a57b894
                                        
                                            GET /cover/ip-man-kung-fu-master-2-1608259564.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 13614
last-modified: Fri, 18 Dec 2020 02:46:04 GMT
etag: "5fdc17ec-352e"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=az5G3pAMlW8LJbQkNuXi8HCZ4UJ4LB7l0cNqFAhFNCsIAZw%2BNHGoTyKLWIeuwT2wTv3%2Fr5wOkbq%2BseXmKZpBxIWaGr2%2BtadbjBvgcFn3xMMLiMo9TzSgj4MgfWWzD5Fwgg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ea5fb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 185x278, components 3\012- data
Size:   13614
Md5:    b1db4143b6aacbc1b3110a6aaaf88ad9
Sha1:   c871a9f2cdfdd411e192afed3aa1e113454202b2
Sha256: aff86ad3e834eb19c18013d4589721ce5521a23dfc7d6b5aeb3cb5434a490894
                                        
                                            GET /cover/master-z-the-ip-man-legacy.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 35191
last-modified: Mon, 26 Aug 2019 22:00:15 GMT
etag: "5d64566f-8977"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fqY76duXgBRQjU00xki1bWnl357qWIGMI0mj2LR5iVNHwLKMMg5PoSEkbLXhXWhbVl3%2FFSqlWZA9ySUnrAHbRm3pwoAs76ANRmqCt9%2BS9iHoRPIURwINyqI%2BgUg5HpBFJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ca45b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size:   35191
Md5:    4ceb00f07aaf713d51dabd5d32ad90e5
Sha1:   5da267697d724eb5781eaf231421589607c92910
Sha256: 2225e487ef95fbcf02e121d1b2e2f475086756ab489984f0f18fe866430386bd
                                        
                                            GET /cover/ip-man-la-pelea-final.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 26925
last-modified: Mon, 06 May 2019 07:34:02 GMT
etag: "5ccfe36a-692d"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR8rK5YlpQfDwtOL4HGZ%2F6Fn3lfExOzsC8pWhmMn8E0VfjLwSsFWKifN5eSMif4XBAMqNVZDkIcq9zSch1ZwcBxfqZv9XKCVdZ50M0wIFMnwBrxEnVwE18XZSZ3YXMU8tg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ca44b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size:   26925
Md5:    58c5aa58a5d14d115095cf4bfabb2749
Sha1:   afcba72a9529c9d603d0640690cfb1c6fb6251e2
Sha256: 7c322e4550698922c734160e7723e971bfd7999d3b663ed6eac943e072193649
                                        
                                            GET /cover/ip-man-2.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 25333
last-modified: Thu, 01 Aug 2019 21:35:09 GMT
etag: "5d435b0d-62f5"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oVCc0jaWOT%2F4JH08et3%2F4VmiO9d67IUS71mP4Didrr%2Bzgsh%2B5nhU4xL85LNl2H6n4xnBX83u2sRSlSgErBIudpEa495FbvgRVV4sJdqU8AQ%2Bt%2FiicrSK7KjtZ%2FB6sNvyDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ea57b4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size:   25333
Md5:    2966e3064aa16b2e0fc3a9b6c316d01e
Sha1:   5e148f15b33767821c7868084ffe97cd35181e0f
Sha256: 91c0b7ec57a82ba92dd2e235b5423b6eb740fa1712184b2bbeac62b33ff21084
                                        
                                            GET /rec?t=1&z=6326&uuid=b4551dda206c44a58050d866de4deb4a&p=36&g=NO&token=4a44335432&tbg=1657070491 HTTP/1.1 
Host: imp9.bidgear.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.2.107
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c1oWk8qHdDCoXn3oTOKTHAMmAvZm10KT7c5TnMihl7bsc3E%2BCb5kUXvtXO5Av6nM5pb3y57PUbeL7v8Hg%2F4tJDxRsHvdYdRP6cmzLwkyx4k77RgFyEVjAjRrr%2FlBRSBl%2BCI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7264862d1e320afa-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size:   599
Md5:    ca49a7e783b806a4e8576ea80346203d
Sha1:   6fe9d083221dae98f6c76f7121c37bc884b02d82
Sha256: 3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28
                                        
                                            GET /cover/ip-man.jpg HTTP/1.1 
Host: img.repelis.id
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.200.6
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/jpeg
content-length: 57888
last-modified: Mon, 12 Aug 2019 17:55:14 GMT
etag: "5d51a802-e220"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FrxRs1gExV%2Bf81WUnnIxOOj0fmDrft4dvKHmUr8Bp70Z4wp2eIDs7ajD3dbFyrfEVD5ovQGckrCH86TErTQcoNt%2FNPjYn9NcOx9Gs8NoWaccgzGKlnHnCJAfcXjHOWkbKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 72648632ca3eb4f3-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size:   57888
Md5:    5a2066127f0a77335ec4c25b951b4e97
Sha1:   b2d7ffa51cc53665c33cebb9d9cf3e55196baf4f
Sha256: 5f3edec64c96e8c01ca3d814bcb34495b38f56c39483378f8122faef88ea83d2
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Wed, 06 Jul 2022 00:41:12 GMT
expires: Wed, 06 Jul 2022 02:41:12 GMT
cache-control: public, max-age=7200
age: 2420
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            GET /static/img/cropped-favicon-1-32x32.png HTTP/1.1 
Host: www1.cuevana3.vc
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/search.html?keyword=ip+man
Cookie: gogoanime=1vfs4ota46s2cgj3gfl6n65rk2; more_options=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         172.67.71.171
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:32 GMT
content-type: image/png
content-length: 993
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-3e1"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0mopmEGxqadTcL06w1VO5V6Gt9NkiU9npBhJfiuMPrzh4ZsthOPwAmqlFxWcd8HTwMCBrSmW5yjxw2%2BUZwEw97z%2F5B871A15vxYPNvVFYBELpruaPLMjCVdZX%2BMonL1T5kI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 726486339b420b55-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   993
Md5:    3d8e8d34146a64e3e2f58660f7dc1c39
Sha1:   4169d2484f1ae2e8eb4a47c39bef4e7db4c30321
Sha256: bea29e0130d9568137ca3c590a2748c244abb51a032bc985374c3b883a164079
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E72BAC7383829B8E79823072BFDDD023DFE4010206BA10695D83BAF1F6857F8"
Last-Modified: Sun, 03 Jul 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3903
Expires: Wed, 06 Jul 2022 02:26:35 GMT
Date: Wed, 06 Jul 2022 01:21:32 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 01:21:33 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 15:02:21 GMT
Expires: Mon, 11 Jul 2022 15:02:21 GMT
ETag: 5F0F565164E22D72DAFEBA47DE8310174E7ED11F
Cache-Control: max-age=480647,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp1
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 72648634ea940b69-OSL

                                        
                                            GET /42/38?z=3813316 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Cookie: scm=1; OAID=62278a6c0ae64beba2550e587d722baa; oaidts=1657070492
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: e26dd82c303b6efebbfcb65e5996b79f
access-control-expose-headers: X-Sc
set-cookie: OAID=62278a6c0ae64beba2550e587d722baa; expires=Thu, 06 Jul 2023 01:21:33 GMT; secure; SameSite=None oaidts=1657070492; expires=Thu, 06 Jul 2023 01:21:33 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 01:21:33 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 06:25:25 GMT
Expires: Mon, 11 Jul 2022 06:25:25 GMT
ETag: E490F8D0991A671A79E0B63008A7A93D1443E857
Cache-Control: max-age=449631,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp14
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 726486364b1a0b69-OSL

                                        
                                            GET /gid.js HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.195.8
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=bd20006ef04d44e7bc51634d36300f39; expires=Thu, 06 Jul 2023 01:21:33 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    d47d404496beb76ec60ae1edcdbf1c86
Sha1:   65e1a0302dbbb552347435ccdc20b7ba6d705d9b
Sha256: ed0a1f326cb895b428bf770b1bca203daf6454f2f054b252307b4fb65cec5c2c
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.32.68
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 06 Jul 2022 01:21:33 GMT
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 04 Jul 2022 00:52:20 GMT
Expires: Mon, 11 Jul 2022 00:52:20 GMT
ETag: 2E7335CA93B19AAF9A2B9B0E85A4176643E70490
Cache-Control: max-age=429646,s-maxage=1800,public,no-transform,must-revalidate
X-OCSP-Responder-ID: mcdpcaocsp11
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 72648636eb620b69-OSL

                                        
                                            GET /apu.php?zoneid=3388443 HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: application/javascript
x-trace-id: 4e6a4c9ea738907538e69aa7eadfbc48
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=2fa786e5e93b41f5a3861625d52ce0cb; expires=Thu, 06 Jul 2023 01:21:33 GMT; path=/; secure; SameSite=None oaidts=1657070493; expires=Thu, 06 Jul 2023 01:21:33 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   23045
Md5:    46fda595d2657e2768848b6b16b4ee3d
Sha1:   84eaf7adedddf49871e28b06f6bed661778162d7
Sha256: a49c91e61365316fed4e8d5b1cb0043fe8b2d908b49c75e567814ae54805b6a1
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Wed, 06 Jul 2022 02:05:41 GMT
Date: Wed, 06 Jul 2022 01:21:33 GMT
Connection: keep-alive

                                        
                                            GET /?rb=ZCpO3vKu_H2HYqi5Co8m6jWwFfcPa8Spf98U6qrQHJ8ylNQCvBNJtVFFJLiLtSi-41p05SdY-OeViLUyDh5u7beKqdqSWfTCsxHWmxFpj6xhJOA3p42UtspsCkE6E5Emax5Yq54lMJLWJ06o1C3K4mBMoHvsaFw1zWd87DTlJdRNe1XJ1RIRI6yNSIj3dOnDokrvXdyks7w8NYwav5dubAeZn14GTIwY1pZwmA%3D%3D&request_ab2=82001&zoneid=3388443&js_build=iclick-v1.401.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.401.0&bs=aae3ac90-90ff-4522-bfe5-df628d4fe137&userId=bd20006ef04d44e7bc51634d36300f39&m=link HTTP/1.1 
Host: cdn.itskiddoan.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www1.cuevana3.vc/
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Cookie: OAID=2fa786e5e93b41f5a3861625d52ce0cb; oaidts=1657070493
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: application/json
x-trace-id: d43e2e739c8279cf1678d4d6dcedbaea
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=bd20006ef04d44e7bc51634d36300f39; expires=Thu, 06 Jul 2023 01:21:33 GMT; path=/; secure; SameSite=None oaidts=1657070493; expires=Thu, 06 Jul 2023 01:21:33 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Wed, 13 Jul 2022 01:21:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2206
Md5:    f295f6278ac0f2b49aef985f7de0f9df
Sha1:   ae690d42bb6dfe493be6eb4fa1ba33316ac0eedd
Sha256: 9f47b29fc8c906b31678fb808f032a3ca6f72238053b29ffccaa0e0ef41f36f0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "611E864D4A64EB7175BDED94052A41462E3215D329EF82CBEEA70D511B811E8D"
Last-Modified: Mon, 04 Jul 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2648
Expires: Wed, 06 Jul 2022 02:05:41 GMT
Date: Wed, 06 Jul 2022 01:21:33 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6bb6c586-bb86-4a54-bd48-f2b5da763e74.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 7117
x-amzn-requestid: 7cfe344b-f098-4260-bb50-6574786e6ee2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BW8HnbIAMFkrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af5f-14a960ac060d2d120cb0ad7c;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0F6ZVkqKywgjh9Qa1DJw_-rdOLcc1tzEll0J58NeawksoIu9nY1a-g==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:50:32 GMT
age: 12661
etag: "01efbdf6b2ab79332bf6a22d36472e294732aa17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7117
Md5:    b4ead2bdcbc998a5685d65a26e40ce1a
Sha1:   01efbdf6b2ab79332bf6a22d36472e294732aa17
Sha256: 04399a91345db4f89bdbbb9ddb30db0f2a0c29654491b38bb1a30bd40c4f3e48
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffb82ec83-887b-4050-91d9-57a545edfc43.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 6527
x-amzn-requestid: 391d747d-26bd-4303-bccb-fb510b7788e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqGLpoAMF8Cg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-49710428275253eb6c36832f;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 4IvLYodhhI-4-NqMWY6xSfMrpjAwS6RKqTWGeNkBGKfZxwBk1bmaig==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:38 GMT
age: 13435
etag: "5320ab2d511bcf3b66328f71d2cecf6beecd8139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6527
Md5:    c74b2cd74c712ef13e74569a07f963ef
Sha1:   5320ab2d511bcf3b66328f71d2cecf6beecd8139
Sha256: 90498a0e0e346788001a46a6b505805ba91861505fd69cab53486fa66c50eadb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff1bf6d27-2cf4-4c33-9983-68ea58ece368.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 9437
x-amzn-requestid: 4b67fdbb-27a8-47ab-b92e-a404aa6d562e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: UnljbHnKoAMF86w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62bfb615-48d7c4324051729c33e01a73;Sampled=0
x-amzn-remapped-date: Sat, 02 Jul 2022 03:05:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vKc6qZmalBmkbceAuncO_mvzc7KMeq1gFWwfV3wgDGyIeCgBpNeipA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 16:29:07 GMT
age: 31946
etag: "62985fafd5ff2b3adbc9e539ccd7d073ff9ae9b2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9437
Md5:    87d5975302710a908fbc832e0fc4a8b7
Sha1:   62985fafd5ff2b3adbc9e539ccd7d073ff9ae9b2
Sha256: 94960a9b2b6c65c14c68af8af8f1194aa9d1c62a5a7c927ae5a3570c745a2ce8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F431f287f-9907-47aa-be38-0ff4e6db75fc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 8553
x-amzn-requestid: 2c1e16d1-357b-493e-bcf7-b4de1a34757f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Utd8tEKYIAMFbmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c21051-7382cb3050c6f13d70dd3706;Sampled=0
x-amzn-remapped-date: Sun, 03 Jul 2022 21:55:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QbUfJjPZPpKjVFzyb0NlS-aXRVWIs4MBDiR_3pNde5dAn7f097K8Lg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 03:11:52 GMT
age: 79781
etag: "303f4efaa9b98e39a935fc6514d3731d40d2977c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8553
Md5:    e6f97e6b64100081e8bed56216564854
Sha1:   303f4efaa9b98e39a935fc6514d3731d40d2977c
Sha256: 92dd803f1633bd65a2b4ac3223d8aa93dd55ed64c74b338aff62323585a3623c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb27cd33-0557-4e9f-afa8-36973b921638.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 11085
x-amzn-requestid: 82a2d755-e6c4-42dd-968b-68139eb0ca38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BHqG7yIAMFX4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4aefd-632afe61133c32b9404293aa;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:37:01 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CLeqn9TVpVeuhmnHl5NYGZrdVUMiKhGmJjB2lq_jDZYjQ9dxKHjRHQ==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:37:39 GMT
age: 13434
etag: "c2d6d0adbf9ddb01fb9e8e89398504c31720f99c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11085
Md5:    5552141e4ff21ea5cdfb3ee3cf7099a2
Sha1:   c2d6d0adbf9ddb01fb9e8e89398504c31720f99c
Sha256: 27bbe0ad182a253333e32623db676ef00298acc21c6195c0a7ca7a4c3c2b0b12
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4626f16d-f59e-486e-aba7-754776c9c813.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
                                        
server: nginx
content-length: 5085
x-amzn-requestid: 6d881c82-ac14-4c38-bdb8-03971046c55c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: U0BU0Ft0IAMF5dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-62c4af51-231f6f7a3b34ed1f0fbb97ad;Sampled=0
x-amzn-remapped-date: Tue, 05 Jul 2022 21:38:25 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: LNEE8lDDcpTL1hr54nNcOtUefzqe6_0yjtfD0AQfPeq0JjE4N2y4Mg==
via: 1.1 25b9a991f871f75614e7f92f97b136a4.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 05 Jul 2022 21:51:10 GMT
age: 12623
etag: "93d50986e48d44b7083ce2988d7f957fdee8380a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5085
Md5:    4b77ed8df745e7bf9a295b0b75aa6be7
Sha1:   93d50986e48d44b7083ce2988d7f957fdee8380a
Sha256: 546b9448d7f2140c0811d16128df1c644c7de8d19bd5d83b900f8072a6edba20
                                        
                                            OPTIONS /9?z=3813316&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&sah=1002&drf=&hil=1&ist=0&oaid=bd20006ef04d44e7bc51634d36300f39 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www1.cuevana3.vc/
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            OPTIONS /500/3136826?excludes=&oaid=bd20006ef04d44e7bc51634d36300f39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://www1.cuevana3.vc/
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.238
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /11?rnd=1038774514&z=3813316&b=13447402&var=&rqtdbc=1&rcvdbc=1&btp=7&rb=7E57fk1aKouiwUVx2-Eb7YJkkkpEdK0EGcQ1eMKfyB2F5SniBHHupynPJGzDD36kV7jUvAM5lkG3GwK3fd-zcuKA2i_KiSMSREHUXpjbcFwfb72KJn6Qnx7YEQe23cDdSIIe_ZmSB945gwdlXPqU-varQ_V8GQhVE8zzk72xlcC-wozn1HlicMDX8CvacJRo1n_VolNw71qaTzFYTglaDQauYaNNBH7nAuZr0HSwBQ9_R4qcf7MHYA5nJ6zhJzmF4l8u26ndZe2po8Q6Kcl1Lo3ZoW0LdZ0tgaSFLvewirzBXRSeRVC2c4VDsluao4BVh1nHrk7aw0a8idhiMI9JpOgT-zZNk5t8G7azC9lpbYI9BKeCQU3rpl3j7UZdk3aYGYJHgGxBAvO_DcBtdL8r8kXw_DwjooRkgT2IGoAe0EslK0mr9kpC1rhG8bq6hu6p6yTPNSL8M4wfOFCd9Snt-L6tYsb7m20IUY-FbmEdqCPPR1w4Epk4yl0lFvL7zDYJqX_2eW-tKzx8bbvDIWrZ7zecsyW6YOSe-n1T625SyW0aqhhxjJe_RPEArxYV_qnxVuUQykybXMn1BtmGuH8j5QKPkqYcjTTOA4pHRs4RyrdRsOSbw3pMiKeFfCaNbK1oZ2HHoQ==&ruid=a20f4596-d27c-45a7-b9eb-fdd8f5d67b02&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&sah=1002&drf=&hil=1&ist=0&ot=184 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Cookie: scm=1; OAID=bd20006ef04d44e7bc51634d36300f39; oaidts=1657070492
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 21e0f5b0e4676136fa24afff54b63cd4
access-control-expose-headers: X-Sc
set-cookie: OAID=bd20006ef04d44e7bc51634d36300f39; expires=Thu, 06 Jul 2023 01:21:33 GMT; secure; SameSite=None oaidts=1657070492; expires=Thu, 06 Jul 2023 01:21:33 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6964988639256CB878B74F2E32CAE4403559EB3BCB61F911B9A2003C4760D1C3"
Last-Modified: Tue, 05 Jul 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20654
Expires: Wed, 06 Jul 2022 07:05:47 GMT
Date: Wed, 06 Jul 2022 01:21:33 GMT
Connection: keep-alive

                                        
                                            GET /500/3136826?excludes=&oaid=bd20006ef04d44e7bc51634d36300f39&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1 
Host: rndskittytor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Cookie: OAID=1ad4a2bf58734c3da2111ac2aad1fb6c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.238
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: application/javascript
x-trace-id: ff7103aaf8c5227b4712d1b15b8a1200
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: https://www1.cuevana3.vc
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=bd20006ef04d44e7bc51634d36300f39; expires=Thu, 06 Jul 2023 01:21:33 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   1254
Md5:    655c8df445d2004bdf53221ca87443e6
Sha1:   909354f85892e3be61c51eec340d8d5dac0dd2ca
Sha256: 48530ef9fd342ed2cada96f419f4886647c1c1c2b9a70528b1d414c4b87ad30a

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1 
Host: offerimage.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.32.172
HTTP/2 200 OK
                                        
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: image/png
content-length: 66121
last-modified: Thu, 10 Dec 2020 12:34:30 GMT
etag: "5fd215d6-10249"
expires: Wed, 06 Jul 2022 07:23:30 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 64683
accept-ranges: bytes
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 7264863a0cfe98f0-ARN
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   66121
Md5:    3d08aacb36c7474e0d13b60f8f4adc14
Sha1:   e4af2de372b5e3a2211579a5973ef7ed160e7be4
Sha256: 54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
                                        
                                            GET /contents/s/41/dc/9c/832f785da101c50f9b12484a00/0450465234325.jpeg HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=gd3NqSz12ppgBBU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D1381097392%26z%3D3813316%26b%3D13447402%26c%3D5709467%26var%3D%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D323%2526key%253D2a96476f9a549dcc340d7807a20ac4e1%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7E57fk1aKouiwUVx2-Eb7YJkkkpEdK0EGcQ1eMKfyB2F5SniBHHupynPJGzDD36kV7jUvAM5lkG3GwK3fd-zcuKA2i_KiSMSREHUXpjbcFwfb72KJn6Qnx7YEQe23cDdSIIe_ZmSB945gwdlXPqU-varQ_V8GQhVE8zzk72xlcC-wozn1HlicMDX8CvacJRo1n_VolNw71qaTzFYTglaDQauYaNNBH7nAuZr0HSwBQ9_R4qcf7MHYA5nJ6zhJzmF4l8u26ndZe2po8Q6Kcl1Lo3ZoW0LdZ0tgaSFLvewirzBXRSeRVC2c4VDsluao4BVh1nHrk7aw0a8idhiMI9JpOgT-zZNk5t8G7azC9lpbYI9BKeCQU3rpl3j7UZdk3aYGYJHgGxBAvO_DcBtdL8r8kXw_DwjooRkgT2IGoAe0EslK0mr9kpC1rhG8bq6hu6p6yTPNSL8M4wfOFCd9Snt-L6tYsb7m20IUY-FbmEdqCPPR1w4Epk4yl0lFvL7zDYJqX_2eW-tKzx8bbvDIWrZ7zecsyW6YOSe-n1T625SyW0aqhhxjJe_RPEArxYV_qnxVuUQykybXMn1BtmGuH8j5QKPkqYcjTTOA4pHRs4RyrdRsOSbw3pMiKeFfCaNbK1oZ2HHoQ%3D%3D%26bag%3DmNKGnCKTBOKKtZqQS9tgdQ%3D%3D%26ruid%3Da20f4596-d27c-45a7-b9eb-fdd8f5d67b02%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww1.cuevana3.vc%252Fsearch.html%253Fkeyword%253Dip%252Bman%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         139.45.197.153
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: image/jpeg
content-length: 20639
last-modified: Wed, 27 Apr 2022 16:50:35 GMT
etag: "6269745b-509f"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Size:   20639
Md5:    41dc9c832f785da101c50f9b12484a00
Sha1:   b2e1862ca49054a64a839e49e5d3b7af83841f0b
Sha256: 9c4a425bd8babae1f243740993871a6e7a4493bc8e2728fb982d5b1d0125544d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1698CD79124E4F6E25669569180B8EA9D0CCA79CF2DA796F610D62DE1709499F"
Last-Modified: Mon, 04 Jul 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5996
Expires: Wed, 06 Jul 2022 03:01:29 GMT
Date: Wed, 06 Jul 2022 01:21:33 GMT
Connection: keep-alive

                                        
                                            GET /?l=gd3NqSz12ppgBBU&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Fcdn.uponelectabuzzor.club%2F12%3Frnd%3D1381097392%26z%3D3813316%26b%3D13447402%26c%3D5709467%26var%3D%26d%3Dhttp%253A%252F%252Fflyingadvert.com%252Fbase.php%253Fc%253D323%2526key%253D2a96476f9a549dcc340d7807a20ac4e1%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D7E57fk1aKouiwUVx2-Eb7YJkkkpEdK0EGcQ1eMKfyB2F5SniBHHupynPJGzDD36kV7jUvAM5lkG3GwK3fd-zcuKA2i_KiSMSREHUXpjbcFwfb72KJn6Qnx7YEQe23cDdSIIe_ZmSB945gwdlXPqU-varQ_V8GQhVE8zzk72xlcC-wozn1HlicMDX8CvacJRo1n_VolNw71qaTzFYTglaDQauYaNNBH7nAuZr0HSwBQ9_R4qcf7MHYA5nJ6zhJzmF4l8u26ndZe2po8Q6Kcl1Lo3ZoW0LdZ0tgaSFLvewirzBXRSeRVC2c4VDsluao4BVh1nHrk7aw0a8idhiMI9JpOgT-zZNk5t8G7azC9lpbYI9BKeCQU3rpl3j7UZdk3aYGYJHgGxBAvO_DcBtdL8r8kXw_DwjooRkgT2IGoAe0EslK0mr9kpC1rhG8bq6hu6p6yTPNSL8M4wfOFCd9Snt-L6tYsb7m20IUY-FbmEdqCPPR1w4Epk4yl0lFvL7zDYJqX_2eW-tKzx8bbvDIWrZ7zecsyW6YOSe-n1T625SyW0aqhhxjJe_RPEArxYV_qnxVuUQykybXMn1BtmGuH8j5QKPkqYcjTTOA4pHRs4RyrdRsOSbw3pMiKeFfCaNbK1oZ2HHoQ%3D%3D%26bag%3DmNKGnCKTBOKKtZqQS9tgdQ%3D%3D%26ruid%3Da20f4596-d27c-45a7-b9eb-fdd8f5d67b02%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttps%253A%252F%252Fwww1.cuevana3.vc%252Fsearch.html%253Fkeyword%253Dip%252Bman%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D1024%26wfc%3D1%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1 
Host: interstitial-07.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         139.45.197.153
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=c2BZ0g9xltAh9wClqrrsFGwB2hYWZKF331BPJhNo-nI; expires=Wed, 06-Jul-2022 02:21:33 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   46334
Md5:    fd792bf680a1cbda608d77a03a5bc7ce
Sha1:   c72d2003ef6f3e091e034bb5aaaa6598ad61a796
Sha256: 7ba192b8efc80d9c8e9da2b7af113847551fea044ff4d81195808865e002364a
                                        
                                            GET /vctx?t=72747 HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:33 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 3f8da18d9c1ccc5d517bfe25e1cd9fe1
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /11?rnd=1038774514&z=3813316&b=13447402&var=&rqtdbc=0&rcvdbc=0&btp=7&rb=7E57fk1aKouiwUVx2-Eb7YJkkkpEdK0EGcQ1eMKfyB2F5SniBHHupynPJGzDD36kV7jUvAM5lkG3GwK3fd-zcuKA2i_KiSMSREHUXpjbcFwfb72KJn6Qnx7YEQe23cDdSIIe_ZmSB945gwdlXPqU-varQ_V8GQhVE8zzk72xlcC-wozn1HlicMDX8CvacJRo1n_VolNw71qaTzFYTglaDQauYaNNBH7nAuZr0HSwBQ9_R4qcf7MHYA5nJ6zhJzmF4l8u26ndZe2po8Q6Kcl1Lo3ZoW0LdZ0tgaSFLvewirzBXRSeRVC2c4VDsluao4BVh1nHrk7aw0a8idhiMI9JpOgT-zZNk5t8G7azC9lpbYI9BKeCQU3rpl3j7UZdk3aYGYJHgGxBAvO_DcBtdL8r8kXw_DwjooRkgT2IGoAe0EslK0mr9kpC1rhG8bq6hu6p6yTPNSL8M4wfOFCd9Snt-L6tYsb7m20IUY-FbmEdqCPPR1w4Epk4yl0lFvL7zDYJqX_2eW-tKzx8bbvDIWrZ7zecsyW6YOSe-n1T625SyW0aqhhxjJe_RPEArxYV_qnxVuUQykybXMn1BtmGuH8j5QKPkqYcjTTOA4pHRs4RyrdRsOSbw3pMiKeFfCaNbK1oZ2HHoQ==&ruid=a20f4596-d27c-45a7-b9eb-fdd8f5d67b02&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fwww1.cuevana3.vc%2Fsearch.html%3Fkeyword%3Dip%2Bman&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=1024&wfc=1&sah=1002&drf=&hil=1&ist=0&ri=1&wvd=0&wvr=1.0000&isions=1 HTTP/1.1 
Host: cdn.uponelectabuzzor.club
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www1.cuevana3.vc
Connection: keep-alive
Referer: https://www1.cuevana3.vc/
Cookie: scm=1; OAID=bd20006ef04d44e7bc51634d36300f39; oaidts=1657070492
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         139.45.197.239
HTTP/2 200 OK
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:34 GMT
content-type: image/jpeg
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www1.cuevana3.vc
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 30ca21c34dc504eb1962bfc372c619a0
access-control-expose-headers: X-Sc
set-cookie: OAID=bd20006ef04d44e7bc51634d36300f39; expires=Thu, 06 Jul 2023 01:21:34 GMT; secure; SameSite=None oaidts=1657070492; expires=Thu, 06 Jul 2023 01:21:34 GMT; secure; SameSite=None oaidvc=1; expires=Thu, 06 Jul 2023 01:21:34 GMT; secure; SameSite=None CNT=1_v1_6jDNAAEAAADrSjEv; expires=Wed, 06 Jul 2022 02:21:34 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1 
Host: unphionetor.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

                                         
                                         139.45.197.236
HTTP/2 204 No Content
                                        
server: nginx
date: Wed, 06 Jul 2022 01:21:34 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 578ddeed25dcf567ae5476c10256bfc5
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed