r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7786cd9bd97e024b3a1d16215defaad2
786ddbb74b0b6bd9270622dbe0258d6caee407c1
9c297ccfd178eec7e472fb64a6b2e34d4c7a6dec32870f49982353e590196ba0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C297CCFD178EEC7E472FB64A6B2E34D4C7A6DEC32870F49982353E590196BA0"
Last-Modified: Mon, 14 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3123
Expires: Tue, 15 Nov 2022 04:44:52 GMT
Date: Tue, 15 Nov 2022 03:52:49 GMT
Connection: keep-alive
cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
301 Moved Permanently 0 B URL HTTP/1.1 cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php HTTP/1.1
Host: cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
expires: Tue, 15 Nov 2022 04:52:48 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: http://www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
content-length: 0
date: Tue, 15 Nov 2022 03:52:48 GMT
ocsp.digicert.com/
200 OK 471 B IP
Hash 832aecaba9f06ee2d39d4d4bea65f13c
7195d6ffadfdbc6fc8e92c63ae28d4a3038a72dc
a437509314a97065de6c7b9e5e2b4b61f0234b45f5f5bf2649cbdf499577bfd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3464
Cache-Control: max-age=113772
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:49 GMT
Etag: "637218f5-1d7"
Expires: Wed, 16 Nov 2022 11:29:01 GMT
Last-Modified: Mon, 14 Nov 2022 10:31:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8c15cef160d1514fc977ed4c4e97086c
ffe4ce3199658a1fc7a45d1607df40ef3911621d
db1a82d8a2bacc0257b87efec0c365c1b769700fa27ce928321e082505f1d72a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DB1A82D8A2BACC0257B87EFEC0C365C1B769700FA27CE928321E082505F1D72A"
Last-Modified: Sun, 13 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12391
Expires: Tue, 15 Nov 2022 07:19:20 GMT
Date: Tue, 15 Nov 2022 03:52:49 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4736bac84ca28f2b1e961159fb4ea098
1319612979f53896fcfeacd4215c2715d4951e4c
5e81213e111ddf68c7f884f72b4e06fc4dc95eb902c3cf0762236b2418840dba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 15 Nov 2022 03:44:37 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 492
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: pFzhiNQE1XdQt8kfbHPC3fQMbbXEPubX3tBvR5wrn93YVPr+acNIuUEnqpdrm33j8t1X4JK9+68=
x-amz-request-id: C0HME8A3MWP9SSP8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 15 Nov 2022 03:14:06 GMT
age: 2323
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 15 Nov 2022 03:52:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
301 Moved Permanently 0 B URL HTTP/1.1 www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
expires: Tue, 15 Nov 2022 04:52:48 GMT
cache-control: max-age=3600
x-redirect-by: WordPress
location: https://www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
content-length: 0
date: Tue, 15 Nov 2022 03:52:48 GMT
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 15 Nov 2022 03:25:01 GMT
cache-control: public,max-age=3600
age: 1668
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 3200044057cb585f1a435c0efece61c8
8305d5b5891288aa9996b4b4ca6fce2265413194
df45704534a24928e7659a6d8cd1b5ac9ffa9b224b02b34a2d6aed5ef69fd586
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3994
Cache-Control: max-age=109246
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:49 GMT
Etag: "63720535-1d7"
Expires: Wed, 16 Nov 2022 10:13:35 GMT
Last-Modified: Mon, 14 Nov 2022 09:07:01 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
404 Not Found 16 kB URL HTTP/2 www.cuscoinkasfeat.com/sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Hash ba99d24fe6d34cc3d37c90016f20cb90
20c140867f17638fa0226d0cf39584f5684e30fd
b4bc9fb6321dacbe45785ab7aa205aa143d019b3c2044fd8c8504317bba955d8
Analyzer Verdict Alert fortinet Phishing
GET /sh/ZS/589c3f8223e79caf05feaf3eb517bdbd/enterpassword.php HTTP/1.1
Host: www.cuscoinkasfeat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://www.cuscoinkasfeat.com/wp-json/>; rel="https://api.w.org/"
content-length: 15924
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 03:52:48 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: SHk04pEaWW95ePinyYB5sQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8VivjzuIrgzjYx3NZ8PckO2uVvE=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-K1BEJ91YTV
200 OK 80 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-K1BEJ91YTV
IP
File type ASCII text, with very long lines (25492)
Hash ec997d75bb4127bb47310d07e2395986
dd00a5e9e47ae07ae5faeb4e171969d33b30f9b2
af31fca592849e6577889e1e7df8590aab6db9d1fc4c6fe37add69b8e4837beb
GET /gtag/js?id=G-K1BEJ91YTV HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 15 Nov 2022 03:52:50 GMT
expires: Tue, 15 Nov 2022 03:52:50 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79656
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=6.1
200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?v=3.exp&libraries=places&ver=6.1
IP
File type ASCII text, with very long lines (2602)
Hash f7e172a94f0baa48cf70dd7e06f3fd67
fa7b9f36f5778fffe8ff0d560d62638ea599e9c9
81dc92941ad96581e42142a067b0ebc3f90a43ebf9d3ad636962892f4ba3a085
GET /maps/api/js?v=3.exp&libraries=places&ver=6.1 HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 15 Nov 2022 03:52:50 GMT
expires: Tue, 15 Nov 2022 04:22:50 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 55589
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1af800aa2b326e8af0f2640db68a7a0d
4c617814f5c705737bf4bf111c53bf40bb932af5
594f573b6e73b1d385ae75a518c18a0bb833ac4a3f894fcea377096c756f8cc1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash b2d6aeeb303eaefc4cc6900e30da3b1b
4c3c027013211aa1b987006d0eb6c72f18c6a657
f542eab7c032d6c5f59710ee8993a01537e0fa2bf3882a6a699de85bba020999
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jscache.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Tue, 15 Nov 2022 03:52:50 GMT
via: 1.1 varnish
x-served-by: cache-bma1648-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1668484370.176306,VS0,VE137
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6ea606a3c83b6b14b9375c84e37870d8
d73a898c2f3eba8e71d6d4f675c47107df0a5795
0dc0268899f946356be887d4ee84b411136f373200ce90464b331697b6cd9487
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
200 OK 30 kB URL HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 30480, version 1.0\012- data
Hash 0e7e5f9d3a8ef121149827180b790b5c
0e9f9333078e5df9245630ff6f68ba1d9da3c403
e8e147e15907f25cad69b2bcf060213efad4ed04e0d36374715cbca17b2afc1c
GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCjC3jsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30480
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 09 Nov 2022 19:29:11 GMT
expires: Thu, 09 Nov 2023 19:29:11 GMT
cache-control: public, max-age=31536000
age: 462219
last-modified: Wed, 27 Apr 2022 16:04:03 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.2
200 OK 25 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/v4-shims.css?ver=2.0.2
IP
File type ASCII text, with very long lines (26516)
Hash 0ffcce11af6cdc2a2df0de6eac708cc3
043a95fbf22b88f9f7ec4293762b909d72fc6334
ee3fd0407c89a2c389de3ae08bd1b91ea6b6817ec38e6139f6fbf01c088fb608
GET /releases/v5.15.4/css/v4-shims.css?ver=2.0.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:52:50 GMT
content-type: text/css
x-amz-id-2: 08InS8J69flRCGEEeQ+Kn0lFpcUUQyzelN+Suz2iBt11GmjnmFN6hZc2WBRTGGximWTkJTzIykQ=
x-amz-request-id: M47ES56CMJRTKT0R
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"a034d3c71bee546f625877d7932917f8"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2667657
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OsElCyfMJiX3yvpqTu0zVHJIy%2BFjLQN7epst67uc%2Fgqit41csLgcootbm3q4YhFrXupClCFdqWbYqgd2S8EuSS3iHV3%2FBD69yq8HRliBuMaiyJppj9C8aA1Ivx9H6jMd15wXFz3o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a50950c84df42f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 35ad471bf7f157abedbe322e59bb00ae
6f8c57f1c20377b6a1f74fd06849705a6370e291
b51251f347677a52f08a4a7c0d9ff0effed121992b6dc7fa709e33c400042e63
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tripadvisor.com.pe/img/cdsi/img2/branding/150_logo-11900-2.png
200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com.pe/img/cdsi/img2/branding/150_logo-11900-2.png
IP
File type PNG image data, 150 x 23, 8-bit/color RGBA, non-interlaced\012- data
Hash 9ef4dc95536816412fe4cba02308d5fc
9979817bfca34de65ffe2d857cd8e3c33208ceea
0170ac187ee3fb6bd4f2b84c6e49a54cab9700d7773e2e1423dc01b4fc562f95
GET /img/cdsi/img2/branding/150_logo-11900-2.png HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Tue, 15 Nov 2022 15:52:50 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/png
content-length: 2349
date: Tue, 15 Nov 2022 03:52:50 GMT
set-cookie: TADCID=PzQGxZw3o52LivfNABQCFdpBzzOuRA-9xvCxaMyI13GLFYSvwe39ZIipf4bAwIzI0h5RGkYLZ2tWIw3hSoS6SXZBA6hUCamWPWQ; Domain=www.tripadvisor.com.pe; Expires=Fri, 12-Nov-2032 03:52:50 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AOrn2D62ckVzk7nWhzVPS6shGd0grv0wJMtNdw7TedUU2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Thu, 14-Nov-2024 03:52:50 GMT; Path=/; HttpOnly
__vt=c5l_RAJ2JN8NJAOYABQCIf6-ytF7QiW7ovfhqc-AvSFotdb_dbFPBwLBO60JdAscfxCcR0R85tUt7g7s_0gE54a9w3HEqpNC7ktp7iJNn5YvQA19-Gv3eeKjk0gMFvN5ztnXNCDaT907G3mgQhtYM4n1Ag; Domain=www.tripadvisor.com.pe; Expires=Tue, 15-Nov-2022 04:52:50 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.2A2679E8986DE14EC4870376A29F227D*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com.pe; Path=/
ServerPool=A; Domain=.tripadvisor.com.pe; Path=/
TACds=A.1.11900.2.2022-11-14; Domain=.tripadvisor.com.pe; Expires=Sat, 14-Jan-2023 03:52:50 GMT; Path=/
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
200 OK 285 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2
IP
File type ASCII text, with very long lines (340)
Hash 258fdf0bd570342ff39c9ae6199a0649
23df6e4e40826f4fa67449c4891541b148ea3957
81b334c113038b21e6af48dae1913a113178ff76787a6ce00cce04aaf129d518
GET /wejs?wtype=selfserveprop&uniq=856&locationId=12660099&lang=es_PE&rating=true&nreviews=5&writereviewlink=true&popIdx=true&iswide=false&border=true&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 285
date: Tue, 15 Nov 2022 03:52:50 GMT
set-cookie: TADCID=n4YLFdhW-POWwIfDABQCFdpBzzOuRA-9xvCxaMyI13GLFRBR3BRlIP8PBPbkw1QId7ru0ZyKJiPHy1YC_bGxWxNXaJ3P18ql6KE; Domain=www.tripadvisor.com; Expires=Fri, 12-Nov-2032 03:52:50 GMT; Path=/; Secure; HttpOnly
__vt=Rzje-UP_EPgLZfZ0ABQCIf6-ytF7QiW7ovfhqc-AvSFotR8aLpDvd31d4rHKnFJCPJ9HIjwuKzTCsZ9ZcRK7n2lh3Erbv_ft5BAISvclOY09D4MqukbY_LDR592p7U5xqYD500T3jvdtZNBUPIUoLjy7Hrg; Domain=www.tripadvisor.com; Expires=Tue, 15-Nov-2022 04:52:50 GMT; Path=/; Secure; HttpOnly
_abck=6261BD18EAA28EB7FD27118C5EA9105F~-1~YAAQBk8kF+sZZzWEAQAAjBBreQhCg9W/CTgZpAAL4FxB4r+cbJ536Ra2nEhdwAAT0ohQxiSrU9NKdnmwqCTj2tG/kDpwj/dlxs+OYMG9aP8Ikm+jKGCbB7yV42Ep+BS/MEO+jdSTodt4gqtkfHrRQlivYoGsN0PjcE6daeH52nGNY/lFo48dfnnUrM/4aMTznEAMRhNygwFWNIbzGmRRN0iFVy15s/yvO2tolFbDSoIhPC7iaFuaVqm7kbo6eHZcLqSPeE+f1R2hDkLIFdEOZysZHrYzj6o+kgx+IQp6dTS+DIqhcakYMLu5rG714z4i5s0T5QAsCdX+pDSNStnfbc/FLgcfU+BN9hNcp6MhInXjBWc1eJ5IZqs2+ccTDIZpx6U=~-1~-1~-1; Domain=.tripadvisor.com; Path=/; Expires=Wed, 15 Nov 2023 03:52:50 GMT; Max-Age=31536000; Secure
bm_sz=29CD23C4E3C46D44A3553B0CD4ADE5C6~YAAQBk8kF+wZZzWEAQAAjBBreRGDgGkPM0b30zNLcBnJPlIzwlss0Ikfv4DHBgQE/UkG11PQ+KF0mKoj/6s4JDYqlf2PDLRTK9i5jpelg75V7PiBHJID1JkMwIH9nWQnX4tkZl0O3bXUOncCljh0Q8ocKw1sx1DGx2R3G0NIAqPZ9CbkJg/duPmAbnTNRw9nhNOkfQYEgnUBD8GOu9RLdICFV6xtpXDh9Ijfhm7DQZnCb97MOqav0dS542sCH6W7+3e1lEmf/JumgO/Qr4dji7VWokeMg/iD1O8HuETrtFuwAGtVWs2yAg==~4272449~4404547; Domain=.tripadvisor.com; Path=/; Expires=Tue, 15 Nov 2022 07:52:50 GMT; Max-Age=14400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
200 OK 13 kB URL HTTP/2 use.fontawesome.com/releases/v5.15.4/webfonts/fa-regular-400.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 13224, version 331.-31196\012- data
Hash b91d376b8d7646d671cd820950d5f7f1
13517529affa39e2585c591acae6dc336b6aa917
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
GET /releases/v5.15.4/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:52:50 GMT
content-type: font/woff2
content-length: 13224
x-amz-id-2: 4CiK2AqAglmclW7zQoDocQohwt2Zcvm7oiy2RLMm0XdETIrJj08cSCQEGHoFSg86QbXIDeLD4us=
x-amz-request-id: KV0N0VVJA3TMN22T
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 04 Aug 2021 20:43:47 GMT
etag: "b91d376b8d7646d671cd820950d5f7f1"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XyeKP3ocmyMw9T74hI%2BNR5vnsHiBodvDR84EhZJy0yEI2Jbk6om%2BASZibyAKEqsbSZJJn4YpzlY%2BrQDMAKDMTrZNUErHkIBh0xSM8MjHiwH26NIgYPt%2BcnRqCgNDEjv%2BcPXwvOOg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76a509533a7974d9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.tripadvisor.com.pe/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true
200 OK 4.0 kB URL HTTP/2 www.tripadvisor.com.pe/WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true
IP
File type Unicode text, UTF-8 text, with very long lines (373)
Hash 579deba4fd25bd5fcfb90482eaa2b8ff
a034b4b546e4b7c76357110ff20975f882852b1c
be5ae11ceaca7f435b587d695a6d0ca9dde81d0b1b32b9e90d857983862fa7ea
GET /WidgetEmbed-selfserveprop?border=true&popIdx=true&iswide=false&locationId=12660099&display_version=2&uniq=856&rating=true&lang=es_PE&nreviews=5&writereviewlink=true HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
content-language: es-PE
vary: User-Agent,Accept-Encoding
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
content-length: 3964
date: Tue, 15 Nov 2022 03:52:50 GMT
set-cookie: TADCID=ZEkL9BfMHRbxXC5cABQCFdpBzzOuRA-9xvCxaMyI13GLFZo2qNgVKdZujwlkF9XvT_Zdpwu0qTG6p0L8HWGh1SgHB6A_3Ovjp74; Domain=www.tripadvisor.com.pe; Expires=Fri, 12-Nov-2032 03:52:50 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3ARqJZljp%2F4Cbk7nWhzVPS6shGd0grv0wJ3B9f4mIO9bo2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Thu, 14-Nov-2024 03:52:50 GMT; Path=/; HttpOnly
__vt=H7MAvrrYheGFubNSABQCIf6-ytF7QiW7ovfhqc-AvSFotRzzoPXJ-s78ofil27zaGmrsKQ_czr8j6XrIKND_C7TUKdLMHRpDBk0MPzitdsfz5ajC-UtrmF9yDFaH0FAj9cWKADcFepqCLJXSDXSiHk8kEw; Domain=www.tripadvisor.com.pe; Expires=Tue, 15-Nov-2022 04:52:50 GMT; Path=/; Secure; HttpOnly
TASSK=enc%3AALlDhcVHbgVN9phzTys%2Fr4gRY3sdX%2B3JeOAI2MHluqZDc1S9ox6Oco%2B2dKENSMTDhr8uQVdka4ToPXQ9WTaWxDxLdSo5UbgxiA%2F5YU1ZLTie28IfAL1iduTzH38LBdLyDA%3D%3D; Domain=www.tripadvisor.com.pe; Expires=Sun, 14-May-2023 03:52:50 GMT; Path=/; HttpOnly
TASession=V2ID.2192A7876904492EA134CABDAD424CFD*SQ.1*LS.WidgetEmbed-selfserveprop*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*DF.0*TRA.true; Domain=.tripadvisor.com.pe; Path=/
SRT=TART_SYNC; Domain=www.tripadvisor.com.pe; Expires=Tue, 15-Nov-2022 04:22:50 GMT; Path=/
ServerPool=C; Domain=.tripadvisor.com.pe; Path=/
PMC=V2*MS.27*MD.20221114*LD.20221114; Domain=www.tripadvisor.com.pe; Expires=Thu, 14-Nov-2024 03:52:50 GMT; Path=/; Secure; HttpOnly
TART=%1%enc%3A5O51oc1T0urD1GZHCca7MXoQmaCXVBJTnG6OxamHslmNkHuIZxTOwc2CDZyFE7lMAUtuxWemFUE%3D; Domain=www.tripadvisor.com.pe; Expires=Sun, 20-Nov-2022 03:52:50 GMT; Path=/; HttpOnly
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RS.1; Domain=.tripadvisor.com.pe; Expires=Tue, 29-Nov-2022 03:52:50 GMT; Path=/
TAUD=RDD-1668484370657-2022_11_14; Domain=.tripadvisor.com.pe; Expires=Tue, 29-Nov-2022 03:52:50 GMT; Path=/
TASID=2192A7876904492EA134CABDAD424CFD; Domain=www.tripadvisor.com.pe; Expires=Tue, 15-Nov-2022 04:22:50 GMT; Path=/; Secure
X-Firefox-Spdy: h2
static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
200 OK 4.9 kB URL HTTP/2 static.tacdn.com/js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js
IP
File type ASCII text, with very long lines (13794)
Hash 6b5b20d72c899450ae89def8afda6dcf
dc7b92350e476c7a34b844681b97972b0639abae
31f92617fe2e93cb6ad7b054bb9db186464030b0d3dd000097a28f8600adb725
GET /js3/build/concat/widget/cdswidgets_m-c-v22480917520a.js HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Thu, 04 Nov 2021 09:27:29 GMT
cache-control: max-age=31536000, immutable
expires: Thu, 17 Nov 2022 23:42:11 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/x-javascript
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Nov 2022 03:52:50 GMT
via: 1.1 varnish
age: 31291838
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 11638
x-timer: S1668484371.852427,VS0,VE0
vary: Accept-Encoding
content-length: 4929
X-Firefox-Spdy: h2
static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
200 OK 6.3 kB URL HTTP/2 static.tacdn.com/css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css
IP
File type ASCII text, with very long lines (35043)
Hash ce0aa4b6b02e969b79259507a1fbf1fd
e8879aec419a12d1ddc9ed1265022eb3ee693637
4eee5185fbf55f383bedb7256a428d631c3d96693f0b2f9d41d5616729ebebea
GET /css2/build/concat/t4b_widget_self_serve_property-v24221562771a.css HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Sun, 09 Oct 2022 11:28:40 GMT
cache-control: max-age=31536000, immutable
expires: Wed, 25 Oct 2023 02:17:56 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
date: Tue, 15 Nov 2022 03:52:50 GMT
via: 1.1 varnish
age: 1820094
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 255
x-timer: S1668484371.852584,VS0,VE0
vary: Accept-Encoding
content-length: 6348
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-K1BEJ91YTV>m=2oeb90&_p=243645917&gdid=dZGIzZG&cid=12915279.1668484370&ul=en-us&sr=1280x1024&_s=1&sid=1668484370&sct=1&seg=0&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&dt=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php%26from%3D
204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-K1BEJ91YTV>m=2oeb90&_p=243645917&gdid=dZGIzZG&cid=12915279.1668484370&ul=en-us&sr=1280x1024&_s=1&sid=1668484370&sct=1&seg=0&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&dt=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php%26from%3D
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-K1BEJ91YTV>m=2oeb90&_p=243645917&gdid=dZGIzZG&cid=12915279.1668484370&ul=en-us&sr=1280x1024&_s=1&sid=1668484370&sct=1&seg=0&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&dt=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&ep.page_path=%2F404.html%3Fpage%3D%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php%26from%3D HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.cuscoinkasfeat.com
date: Tue, 15 Nov 2022 03:52:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f51a4efc7b43562164a21fac2f92dc3
ddeb9f8256d698f43e662029986c9032da79db9f
c60ba648b021d2c754eba4a6ace4758bb5a2c2b651586a6952128d0ad78045b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5579
Cache-Control: max-age=94623
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Etag: "6371c5e7-1d7"
Expires: Wed, 16 Nov 2022 06:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 04:36:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f51a4efc7b43562164a21fac2f92dc3
ddeb9f8256d698f43e662029986c9032da79db9f
c60ba648b021d2c754eba4a6ace4758bb5a2c2b651586a6952128d0ad78045b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5579
Cache-Control: max-age=94623
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Etag: "6371c5e7-1d7"
Expires: Wed, 16 Nov 2022 06:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 04:36:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash c1abc90e3b0a3418b27aa617d9e6f6eb
ec09eabd2f48a4013c6ae13d0145d5cd5823aa96
57905b7c1951f7340d51107297e02bd848abecfcf701ea8bc1befa105ee0178f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 15 Nov 2022 02:41:09 GMT
expires: Tue, 15 Nov 2022 04:41:09 GMT
cache-control: public, max-age=7200
age: 4302
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/es_LA/sdk.js
200 OK 1.7 kB URL HTTP/2 connect.facebook.net/es_LA/sdk.js
IP
File type ASCII text, with very long lines (1957)
Hash c02c7690fdc1328fa9e591e7e7cb45e5
ea45ff94b546ee736be360b67b339f3e06db9386
59be974624926891f64bdc2530264e989da7a63038323d4f711e16aab8db1df1
GET /es_LA/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 3ac94bbae4eff060fc7ae302a7f2fa1f
etag: "2c8b2cf66830d2f9676ab658feb1994d"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Tue, 15 Nov 2022 04:03:21 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: wCx2kP3BMo+p5ZHn58tF5Q==
x-fb-debug: ccpoZ2DQaDt0sSzEU4N6ECVS4uQWB5HoXzz9IWPTJT1FAl+B0M3UfUSTS7OtvkzEOOh9IEjuiWDFe7dYpmfgSw==
priority: u=3,i
content-length: 1684
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 2WE42/XaJa6AqXSHlhh+z+ELhxuNE4IW3QJ6f/psom14w36imBXDveRW5VwW0d9xLM1r2SkfsPEUY83yjZ8OAg==
content-length: 27340
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 8094f6d66cd067b92b99cc3c1ec916c6
cdb6d27ace38846e7a770dafce189f90a30db886
f07248933eddbab19c1153daaece5a2c3bcb421598bfab2c4b0f4c547d75e817
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 04:07:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 0f51a4efc7b43562164a21fac2f92dc3
ddeb9f8256d698f43e662029986c9032da79db9f
c60ba648b021d2c754eba4a6ace4758bb5a2c2b651586a6952128d0ad78045b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5579
Cache-Control: max-age=94623
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Etag: "6371c5e7-1d7"
Expires: Wed, 16 Nov 2022 06:09:54 GMT
Last-Modified: Mon, 14 Nov 2022 04:36:55 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1
200 OK 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&fmt=3&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&ct_cookie_present=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 15-Nov-2022 04:07:51 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
302 Found 63 B URL HTTP/2 www.google.com/pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 68a04663a52ab4272c25f5afcc09a92d
48b0722227353d06cb1dfd4480b644be6e6fc030
892ba18611f372b6bf390d3628b66efc4a721f0f2bde61ae22546a0948935b7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 96c9e6a333b1f0fddf32f24e7b965151
647fee1eb0d6839e30115edebe8d0840e6152cdb
a2ac4ddc863a9d641d91d504db389e0116cf1699322d2391f17d5785bf5bc538
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/es_LA/sdk.js?hash=eb5699e35aa156edee62bed2c001f7d3
200 OK 88 kB URL HTTP/2 connect.facebook.net/es_LA/sdk.js?hash=eb5699e35aa156edee62bed2c001f7d3
IP
File type ASCII text, with very long lines (18530)
Hash 3118d84e2b774dd9c31158aeac7a36c1
848399ab069b24bf816cfac96c6a266fdca56d0e
90b6ae4b2998a357c4c2d2b3470e89d52901f1bc37c3c264d9d02f4cf9d04071
GET /es_LA/sdk.js?hash=eb5699e35aa156edee62bed2c001f7d3 HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 350a90fa4e14135c2b8e05671ede5693
etag: "00521304a690fcf314d81ff8848b1be8"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Wed, 15 Nov 2023 03:03:18 GMT
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: MRjYTit3TdnDEViurHo2wQ==
x-fb-debug: kT8UwEmCfzHN7cuC2l5IOidcPNTv1K7+IYshZnkdKTbMBaUHjm+uRQvbiQjInlekAJLxs9ZslTQOVBXr+9WG/Q==
priority: u=3,i
content-length: 88401
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8788
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:52:51 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 29b1503232a9cf0843bd9f0d01c0a9a5
620b3b98a58cd32175d40534dca81ef4a26d880f
1f54c0fa57ea62f131e173d4a365d6d2d4d10e0993eb69eaf9e27d3788a5daf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F54C0FA57EA62F131E173D4A365D6D2D4D10E0993EB69EAF9E27D3788A5DAF8"
Last-Modified: Sat, 12 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8788
Expires: Tue, 15 Nov 2022 06:19:19 GMT
Date: Tue, 15 Nov 2022 03:52:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:57 GMT
age: 22014
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08bd66bbd19e46a42ef8acb8bce6388d
b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa
b7dc233e1415accc4e2eab0784255f250bb188e381721f76d4ced3eaf86d0184
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefdb26c1-8eff-4c41-9245-7fc53604cb29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6118
x-amzn-requestid: af3049d8-11b3-42d4-816f-bcdf7af4bb24
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEi5GwVoAMFYQw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b478-37caf4ec59319ee72aa531af;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V9HtFSwH7ALAODbiW__wB0BFoU5wQL0zCHcKAOzua0Bbn_c9u8LuxQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:45:33 GMT
age: 22038
etag: "b4b7e3421eb3f1c434c65cb468ec46ba1ff54afa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 962f43862a852bfa6766b9a2d8bfb99d
a5283e68020826f085fb4f06e3dcd36cef9eb067
7eee8aa0f5c6bce04a86fa16fb5d3e632d54792d79c550b044a40a6f070b89d4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbdf53960-f239-44a8-b66a-ca2ce9268f98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15206
x-amzn-requestid: a04dc971-de49-4dc4-8bc2-2d3244d33ace
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhpEJkoAMFV9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-632efaa725c2b959692e9e77;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:40 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ucLWmapHlWoKDoeb_ff2qbZOKGJLLQuq6RoP9mpFWOCVAJ70t13yw==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 21929
etag: "a5283e68020826f085fb4f06e3dcd36cef9eb067"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e933dcdb5b2f2b23e2a76371e20a5764
86a2e71c436e8af1cf117aad1d614c3ac0e53df3
d0a1abda9256eff9be44c5556abc865e75c076bf99b9295b0d7d8edccf6def68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F56f468d3-7a15-4d9a-b9b7-5c6fbf2260a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: 13f1239a-4f37-4c8d-9114-f6880e1883a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bnEhrGqzIAMFfvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6372b470-2605b8f41ebacb1d5da15dca;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 21:34:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rjUz_LZxMkyAQlwkskJ8gG6w-lG_FgI20NbRPt4jB7Drkji35OCnTw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 21:47:22 GMT
age: 21929
etag: "86a2e71c436e8af1cf117aad1d614c3ac0e53df3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9459d8c5ec4b22476e1470e5476f70f7
78118517bfffe997c85f08bd9b7b7ac9270d9b02
647d0898ed6a38191ff91ca316e90a72d9a5ce563c3602a8d4c477c64f096be4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa4cc31a8-ba2e-4cc0-bf6e-0daaf01962d2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7504
x-amzn-requestid: 553a2ee3-9dcb-44ac-b0e1-e8ea660eedcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bOAmqGAyoAMFv5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6368ae2a-7af9fba56c5ae9ca5f513668;Sampled=0
x-amzn-remapped-date: Mon, 07 Nov 2022 07:05:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rRrM6hW5gFH8bLxrzQv5emBacEQrqldwEfD1M0YycB4XphG-XXwRuA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 14 Nov 2022 05:03:47 GMT
age: 82144
etag: "78118517bfffe997c85f08bd9b7b7ac9270d9b02"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49fc9477e5982c76b5205fe284f50848
2ca4915631ddcda64c1cb70674f4b1379e288050
496e4e4317538bd34bc6bc28f0c772b7afaf0edac6d2a8686f5e6c4f44331bb4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50ad5043-e51e-4766-8f6a-d0782645cc84.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11290
x-amzn-requestid: e56e4731-696e-4c63-9b48-1be184b32098
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bhPzMHOEoAMFVJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63706014-22c49f066ed90cf35d5bba3d;Sampled=0
x-amzn-remapped-date: Sun, 13 Nov 2022 03:10:12 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RXdcX1PweMfXctBjufkeOtyV8F9Yb8OyZJaUX38cdaswfBHCim7mGQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 15 Nov 2022 03:37:51 GMT
age: 900
etag: "2ca4915631ddcda64c1cb70674f4b1379e288050"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1668484370442&cv=11&fst=1668484370442&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
200 OK 63 B URL HTTP/2 www.google.no/pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0
IP
File type ASCII text, with no line terminators
Hash 0339f8f57d1bf75003db591e28957e45
ae2286e497c9f76a02cb40c40a674b73bd293b76
609cd8e12464fe137cfaa9f1ab6637150d44e105559c901b6df50303fd05aa26
GET /pagead/1p-conversion/834862472/?random=1668484370448&cv=11&fst=1668484370448&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&label=mOgjCNXnj3UQiPuLjgM&hn=www.google.com&frm=0&url=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&tiba=Page%20not%20found%20-%20Cusco%20Inkas%20Feat&value=1&bttype=purchase&auid=1932030786.1668484370&gcp=1&sscte=1&ct_cookie_present=1&rfmt=3&fmt=4&ipr=y&prhg=0 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.cuscoinkasfeat.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript; charset=UTF-8
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 63
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ed64b41b0a432ed6f8763fb24643390
a706034f8eaca414f20e2bde40ff84dde5509515
f5486847b03849b009bebe64683cd107ac2427ffbf109786938be5e06e620aea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 15 Nov 2022 03:52:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=776777652494694&ev=PageView&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&rl=&if=false&ts=1668484371434&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668484371433.1943222787&it=1668484371130&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=776777652494694&ev=PageView&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&rl=&if=false&ts=1668484371434&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668484371433.1943222787&it=1668484371130&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=776777652494694&ev=PageView&dl=https%3A%2F%2Fwww.cuscoinkasfeat.com%2Fsh%2FZS%2F589c3f8223e79caf05feaf3eb517bdbd%2Fenterpassword.php&rl=&if=false&ts=1668484371434&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1668484371433.1943222787&it=1668484371130&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Nov 2022 03:52:51 GMT
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104113785-37&cid=12915279.1668484370&jid=453781370&gjid=1756415236&_gid=733087036.1668484371&_u=YADAAUABAAAAACAAI~&z=295872122
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104113785-37&cid=12915279.1668484370&jid=453781370&gjid=1756415236&_gid=733087036.1668484371&_u=YADAAUABAAAAACAAI~&z=295872122
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-104113785-37&cid=12915279.1668484370&jid=453781370&gjid=1756415236&_gid=733087036.1668484371&_u=YADAAUABAAAAACAAI~&z=295872122 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.cuscoinkasfeat.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 15 Nov 2022 03:52:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.tacdn.com/css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023
200 OK 26 kB URL HTTP/2 static.tacdn.com/css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023
IP
File type Web Open Font Format (Version 2), TrueType, length 26252, version 1.0\012- data
Hash 2d0c909fe09ed8ef77056363d8963d2e
f81b7dc1acf5a2c25e46a893be5fe09622716d70
b182c7fce760e8851d7e91095237ff86a4f7036c78ddf4107ead869ff2f3502a
GET /css2/webfonts/TripAdvisor/TripAdvisor_Regular.woff2?v004.023 HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.cuscoinkasfeat.com
Connection: keep-alive
Referer: https://static.tacdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Fri, 14 Oct 2022 11:29:34 GMT
cache-control: max-age=2592000, immutable
expires: Thu, 24 Nov 2022 01:12:12 GMT
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/font-woff2
accept-ranges: bytes
date: Tue, 15 Nov 2022 03:52:51 GMT
via: 1.1 varnish
age: 1824039
x-served-by: cache-bma1648-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1668484372.648156,VS0,VE1
vary: Accept-Encoding
content-length: 26252
X-Firefox-Spdy: h2
www.tripadvisor.com.pe/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
200 OK 2.3 kB URL HTTP/2 www.tripadvisor.com.pe/img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg
IP
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bf29758e41903e1fabdc4a19c89bac9b
1ff70aca18e5d207268b7888d56ab2a897909ff8
6936f35bf6375797c7d4a526dd6bfdf2a5f3d0dfb4e4d1e9e292ce31bc45702c
GET /img/cdsi/img2/branding/v2/Tripadvisor_lockup_horizontal_secondary_registered-11900-2.svg HTTP/1.1
Host: www.tripadvisor.com.pe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
cache-control: private, max-age=43200
expires: Tue, 15 Nov 2022 15:52:51 GMT
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
timing-allow-origin: https://www.tripadvisor.com
content-type: image/svg+xml
content-encoding: gzip
vary: Accept-Encoding
content-length: 2315
date: Tue, 15 Nov 2022 03:52:51 GMT
set-cookie: TADCID=G8y0q8gv6QbzRnIyABQCFdpBzzOuRA-9xvCxaMyI13GLFRvg28xUktyRIVDpZZ9zwAc1oMTeQoEXO_3xW8ZFmjiwmg855FPw3nw; Domain=www.tripadvisor.com.pe; Expires=Fri, 12-Nov-2032 03:52:51 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3AWgnoXZqSLJjk7nWhzVPS6shGd0grv0wJY2s6L4bnuGg2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com.pe; Expires=Thu, 14-Nov-2024 03:52:51 GMT; Path=/; HttpOnly
__vt=mq5mLVowpytU4GrTABQCIf6-ytF7QiW7ovfhqc-AvSFotW2YyCeclXLv0MDeWXsrma3zoHMT1tIHBeyi0UWXm7VcosifL-PIrHi34-Z-1_2SUh86oMGF52ALPPv7I3kahtTXLiBqx4EnmT_EVZ7ERlxYiBs; Domain=www.tripadvisor.com.pe; Expires=Tue, 15-Nov-2022 04:52:51 GMT; Path=/; Secure; HttpOnly
TASession=V2ID.8BB7F65A330524839970BA644417DF27*SQ.1*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*TRA.true; Domain=.tripadvisor.com.pe; Path=/
ServerPool=A; Domain=.tripadvisor.com.pe; Path=/
TACds=A.1.11900.2.2022-11-14; Domain=.tripadvisor.com.pe; Expires=Sat, 14-Jan-2023 03:52:51 GMT; Path=/
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
200 OK 827 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (724)
Hash 29973cf3b0ef9f16fe31ed981b2f6573
f22eb80b89b5e0ae9ace854aab6676d56eaef6a1
476822c80e0a0ee078edb7a74db59378f8b1d43d2de844e28a9e9c2f68a4c8d8
GET /rsrc.php/v3/ys/l/0,cross/4_8X-2u0CDc.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 20:06:17 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: KZc887Dvnxb+Me2YGy9lcw==
x-fb-debug: U8RJgKUtHGLUiQk9HHpA+IRcULT5qX+DuwPkFrA1TVl4/mz6+76fzZ9YDejeZlR7UxuiL1amRZ0p3hU19KekzQ==
priority: u=3,i
content-length: 827
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/I25-2d8evgh.css?_nc_x=Ij3Wp8lg5Kz
200 OK 5.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/I25-2d8evgh.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4431)
Hash a6aaf3625a4ea71fefe5acbc591b8114
7a9a1d0339ef6bf94586964aff811649dad143c2
df8f88c942eae50212a9c8f891d25e07cd8f390093f855c0ba17422343e1b060
GET /rsrc.php/v3/y8/l/0,cross/I25-2d8evgh.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 17:21:22 GMT
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-fb-rlafr: 0
content-md5: pqrzYlpOpx/v5ay8WRuBFA==
x-fb-debug: tb4PEjxyHVw5arWggnS7pC1Us4RrVYOXZDn1RKZsQEhqUVjcq/bLyKYYnzjh6xEJRa5YoNb058eT28mMWZp5Lg==
priority: u=2
content-length: 5321
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
200 OK 1.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (1984)
Hash 16f083b23b565db9d2f20d1ad75933c1
6d74ad139c96b1e3fc9d541419788b5b4893ec9a
36b909cd9132a8996a1bbb221d05217c31506a6951bb408deeea6aa612dc4200
GET /rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 07 Nov 2023 21:29:50 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: FvCDsjtWXbnS8g0a11kzwQ==
x-fb-debug: 8wfJHm/OTmUimpYLHqmFx0zK7zZKmbhmdxKPRe0Ddb/jB3DBuwry5M4WAMCosSl33thx2iA5vMezBbW00qquSw==
priority: u=3,i
content-length: 1657
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
200 OK 8.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (9885)
Hash 71e8e93b5e55f2010013b0814f4e3ae5
4732ba3acc539a0e9ff12d08c1b5a16f535bd594
b710ea52f812ac39c5195f0c170142bfcfcc274aa6b250a29a1ed1c59ea58556
GET /rsrc.php/v3/y-/r/y841rZ2iNa0.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 03:01:59 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: cejpO15V8gEAE7CBT0465Q==
x-fb-debug: 321S4ign/ZrGN5wn83hxFqFwb0IRvOu0Ch8PgzGs4YJv2EsoYHMtgL/5ghUYeX4rtH3OB5x9ofiRPjaTTHKVIQ==
content-length: 8748
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
200 OK 12 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (5542)
Hash 0765d76d746716156d53d36ee6f80836
17e1546f87cc6417615caa10dcbbcb699c59471a
f1e6af63ae9ff0385126b72a492b0d34709514dd4c00074a1be28272c253d4f8
GET /rsrc.php/v3/y6/r/8LoDHCcRMmF.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 09 Nov 2023 00:18:49 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: B2XXbXRnFhVtU9Nu5vgINg==
x-fb-debug: XIWAxIz1YPVrSnxdvo/LtlhQx09jgH6AWVB5gz/W4A1O8CeYZhZFwKbd/jC58B6BnsZReYMsjsRLmKdLjfkFDw==
priority: u=3,i
content-length: 12369
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (8741)
Hash dfb29285817fca7b068ba0ec98aa2392
78cd49585da28a245a096781c8e0fada59cf2b72
2c4a3a46d7dfaf97bbc16a2b93470d1b3382c0da3f44dca0c987a3384cee43d3
GET /rsrc.php/v3/yR/r/bPhRbIw5d4Y.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Sat, 11 Nov 2023 00:01:03 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 37KShYF/ynsGi6DsmKojkg==
x-fb-debug: R0dyX52wviJShiY2mL8EoglIWwZmdbHHvHXItQSj/bmRbf1oMab4hKDTC6kmg8h9v4JBEf9dSjWdJzowcvMWbA==
priority: u=3,i
content-length: 16262
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz
200 OK 91 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (18622)
Hash e939eadda5d7c9dd60450eb6fd816eb0
fd1b642357823cb1b21ae46e5c61a7488e203c1c
4c96ac797fe700732ccba8775a5a630eaafa1f03d81b2a2d48700fb29c3083a6
GET /rsrc.php/v3/yS/r/DEaHQMKxWBP.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 00:40:06 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 6Tnq3aXXyd1gRQ62/YFusA==
x-fb-debug: ZGkiPC9htvbQfN9ZFpsYXVtS4qzygxZqQ+3H9theQUhSPGMb7wKCJwLwA8PQrk945Ih2wstteMKC4Lo8uTTCjQ==
content-length: 91128
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
200 OK 338 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (327)
Hash 76f593e842677f73cd0a06232874b2c3
25a13f79478d5a0e286a2299dca2f3b296463079
74dcbe026002f10b703960a500b50dabe518862e568a9e689dec7afa243fa44d
GET /rsrc.php/v3/yF/r/p55HfXW__mM.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Thu, 09 Nov 2023 00:23:00 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: dvWT6EJnf3PNCgYjKHSyww==
x-fb-debug: VhNvMqq/a2luBaPuhJG8Dzm4AEhba5Hu9VZqhpiyqsgK6QT56eyQYxgyUGYTFMgqEqcwBYmGxlsdY6Hv+MZEow==
priority: u=3,i
content-length: 338
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3iWO94/yD/l/es_LA/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
200 OK 24 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3iWO94/yD/l/es_LA/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (42125)
Hash edd6307938f202d9850c6b94344e3646
62239bb94dd272c4a91d02ebe54ab709a712ba9e
ce27de63b54f0dc658b71f633908f775988544ae0a4744f30bf77229de395d6e
GET /rsrc.php/v3iWO94/yD/l/es_LA/JGSM2yXjSKh.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 05:13:08 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 7dYweTjyAtmFDGuUNE42Rg==
x-fb-debug: lW6i9Lxj+jptbcoQLC+Yw4rtPwWOdLR/ddXc1Lpgg2DW9rPHugnI8I72rNpnuRd8BTjgrxt1dRlr7GV0scxyBw==
content-length: 23519
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:51 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/XhLcFEqE8E_.css?_nc_x=Ij3Wp8lg5Kz
200 OK 28 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/XhLcFEqE8E_.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb545f91d494584af68c21eda97cf6b8
15d91fe8b772d60f24cbd61fa381f85020a7dd4e
4828567a3aab5929ac4ca058a8a7c2bb4f4c36383a8df62c9ce80a88655dfc3c
GET /rsrc.php/v3/y7/l/0,cross/XhLcFEqE8E_.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 17:28:46 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: x5FqIAU2Dy6QWvzo+/B+jw==
x-fb-debug: Lf944ByAM+xapnd9Fpi6PaKrbm3E/UYRNvw2/A3YmZF16wjmWLXFngG7iLbV72ziCa3s39tC6tP+lfBBoT7tuA==
content-length: 4736
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yE/r/PdOG-9jxBRT.js?_nc_x=Ij3Wp8lg5Kz
200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yE/r/PdOG-9jxBRT.js?_nc_x=Ij3Wp8lg5Kz
IP
File type C source, ASCII text, with very long lines (10494)
Hash 49995b2771629d4702348ab5a764d9b4
49127b99c14871692efd5d7cc9bc1fee767c113a
9e3afadca3415b0bcee9cc9ac780a46dbf55b21f3c192ad5d36cbadee37d89c0
GET /rsrc.php/v3/yE/r/PdOG-9jxBRT.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 17:21:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: SZlbJ3FinUcCNIq1p2TZtA==
x-fb-debug: tUQGT3g1dEqca6AyEf/j9deNxT0LFvcqyn/9gbnu5DM55qdqN9km0gu7fijqKVgWoGujslNsQ0gjo67T8V5ZZA==
priority: u=3,i
content-length: 10375
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/eqAiCx-Uqtj.css?_nc_x=Ij3Wp8lg5Kz
200 OK 3.8 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yE/l/0,cross/eqAiCx-Uqtj.css?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (10262)
Hash 22c52e0a0bbda3b03b678f7cc4d0d077
f27cc2373a1ae30f3daeae94af1b86a87a8bf5a1
969e476ec39bf47b6f955d6dc891e433b3d849977d5d76165a1ed6936a4a528b
GET /rsrc.php/v3/yE/l/0,cross/eqAiCx-Uqtj.css?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: text/css; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Tue, 14 Nov 2023 04:48:16 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: IsUuCgu9o7A7Z498xNDQdw==
x-fb-debug: 06NN0Pjb/7Zlyq0Vp1bkhLWBFI0JzmBOH59eYxGLw3WhOUBsJpF4C3hXCbmGEw4Fbxht3AJJNyTen2Sf2Ofb1Q==
content-length: 3795
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yt/r/Svz6e73QqZ7.js?_nc_x=Ij3Wp8lg5Kz
200 OK 16 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yt/r/Svz6e73QqZ7.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (15785)
Hash 90bdda53fc4aa76a1783f0ea94ba4d14
b2907eaca453bf82c67cbf8af80c084565288f96
431a56da8e8aacf4bc4bec1a9f51bc08309f110b770a59e725d6eba568c0956c
GET /rsrc.php/v3/yt/r/Svz6e73QqZ7.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 03:05:24 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: kL3aU/xKp2oXg/DqlLpNFA==
x-fb-debug: +85hcE66xUt22ti+q6d53qMGBuVtzHLzMqxVjlXlI7BEekLdJFBrkjPqnw/YeNhU7yMcCvB62rG15YbUiRSlAg==
priority: u=3,i
content-length: 16295
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yJ/r/wXhbxYJbfst.js?_nc_x=Ij3Wp8lg5Kz
200 OK 7.9 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yJ/r/wXhbxYJbfst.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (4643)
Hash 4263902f08d4299c6bad0aa8c901bb85
47867a84b33903997793c2d6089774d47a266faf
61d1b58a7f92df7ada14a899e3c72bea0b8d6b5fdefe94c42848da6af4b33002
GET /rsrc.php/v3/yJ/r/wXhbxYJbfst.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 04:34:48 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: QmOQLwjUKZxrrQqoyQG7hQ==
x-fb-debug: 0wtGEiSI2p/qbzm0G9Z0RMyd3jZ5bT+e9rh5NcwRAEwnb3P+bSCBMKL3GxRp+zpyyLb5bgm9W+V2P0NA0AwNNg==
priority: u=3,i
content-length: 7865
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
200 OK 1.3 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (1491)
Hash e0e53f8b49bf0ffb37c775b9c288a5c2
ade21104d506e6c9d4946e1afc9b88d80da7333c
5aa28d70ec74ee4b45e03fb453bb4adc23da65fbeb93c581411f0076b1444eb0
GET /rsrc.php/v3/yQ/r/3wX2w-O_9zc.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Fri, 03 Nov 2023 03:30:27 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: 4OU/i0m/D/s3x3W5woilwg==
x-fb-debug: 5jVxdpmP6OuCqV1mjWPxV9f+AJNon+z21EI7YFGVc9r35FoKsEgHmiaqWf/ZYGHhdLRIbWAuUby/D7TGWYUYeg==
content-length: 1286
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
200 OK 10 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (18915)
Hash fa4ad18d1fc36fa88e3680c20e1d1a61
bde4d3abf73cbd341a347979ac28fad8b2835910
141314a07b3470d7bbbec5a711fb10382865d915a1450620c15de95501b96606
GET /rsrc.php/v3/yH/r/MDNj1eUK5bV.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Mon, 13 Nov 2023 00:03:44 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: +krRjR/Db6iONoDCDh0aYQ==
x-fb-debug: w7+6Urp9j73OYFvZso5FbKQSJQnbzMlUnW3hkhKRNU6l0DAYn2P2b/7xwwd3lK4Yf6onqZ8jurIlN6qZgPvEig==
content-length: 10426
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3imfL4/yc/l/es_LA/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz
200 OK 6.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3imfL4/yc/l/es_LA/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz
IP
File type ASCII text, with very long lines (5962)
Hash 7284e04a6ef2cb1aba8f1d9aa6a3d412
6e9ed627273f58ff6d42b70d56b0909c343e91a2
65623e0486da99084132e1fd299c740b42e521e51790fa21fb1fbbd92abbb0bd
GET /rsrc.php/v3imfL4/yc/l/es_LA/L3rRYxmZ_M5.js?_nc_x=Ij3Wp8lg5Kz HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.facebook.com
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: br
content-type: application/x-javascript; charset=utf-8
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
expires: Wed, 15 Nov 2023 02:26:30 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
content-md5: coTgSm7yyxq6jx2apqPUEg==
x-fb-debug: /H57s7QPeyKvC97TR5SC2Ga93AyGnUHf6PrGaSGWm7bI5NZ+NYsQm5joj4FzixqapulPrg92uM1cyt3GoeyhWg==
priority: u=3,i
content-length: 6748
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
access-control-allow-origin: https://www.facebook.com
vary: Origin
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
200 OK 2.7 kB URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yx/r/re1hPxQECWj.png
IP
File type PNG image data, 25 x 281, 8-bit colormap, non-interlaced\012- data
Hash 8bb456647dce20d407811b3ddcae0999
c4df3fb38a35fd018a2f0f7a7009fa9aacac40db
fcdaa4a9116d5ab88233e3349fea2428f2a4c46b3538900117cef9c8c1d31f0c
GET /rsrc.php/v3/yx/r/re1hPxQECWj.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y7/l/0,cross/XhLcFEqE8E_.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: i7RWZH3OINQHgRs93K4JmQ==
expires: Tue, 07 Nov 2023 21:32:28 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 4Ik9TgaEonShD1ODV8rcGdp+jVQOlt08LqP+gG6GxLCZIknIJSwUSTNQS/pNZ9LGZK82g+9z4Mme4mfmebiBAQ==
priority: u=3,i
content-length: 2674
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
200 OK 548 B URL HTTP/2 static.xx.fbcdn.net/rsrc.php/v3/yD/r/MKQzjVd1bVq.png
IP
File type PNG image data, 12 x 12, 8-bit colormap, non-interlaced\012- data
Hash 976d05eb572dff7402dab33e7868d1a3
6de347f502856325e90de1fd137382cc2f61dc75
83b7d2afe243941c2527b2d875836ad2cb864290690dd1b253389de3f7bc7da4
GET /rsrc.php/v3/yD/r/MKQzjVd1bVq.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://static.xx.fbcdn.net/rsrc.php/v3/y8/l/0,cross/I25-2d8evgh.css?_nc_x=Ij3Wp8lg5Kz
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: l20F61ct/3QC2rM+eGjRow==
expires: Mon, 13 Nov 2023 04:39:12 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
timing-allow-origin: *
x-fb-debug: 97NGlraI5BIMh1FntbKfLh+UPgWkZYMIPHYVpkzp/5VIh5ltLmjlbbkDlNhDF/S0riqnm3AA7uijMbnt4QGLEA==
content-length: 548
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/tc0/1/16/1f4e9.png
200 OK 317 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/tc0/1/16/1f4e9.png
IP
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 013801775445d2edc20dc1dcf371f68e
0a2e07bc5d38960825fcc6325f3e06c561af3e60
56c3a8cc4da9734dcc9f3f45c3f3e2c8a217c22b9d5ea73ca6d0d7f97e5bd6aa
GET /images/emoji.php/v9/tc0/1/16/1f4e9.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: ATgBd1RF0u3CDcHc83H2jg==
expires: Fri, 03 Nov 2023 20:06:26 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 00zVpd4TIWDtBKtdkbUsvbmXARcIuZOLRnGUbuOTDMYIEKFFONqRe3qqHTv05YTIsITKvQT4DKSKHirsL2gaBw==
content-length: 317
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
static.xx.fbcdn.net/images/emoji.php/v9/t4d/1/16/1f4de.png
200 OK 359 B URL HTTP/2 static.xx.fbcdn.net/images/emoji.php/v9/t4d/1/16/1f4de.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f752bc0f243edcca7c0edbdae2c22810
75a459f3d4d27fa004b0d52840f449e853b1b315
b7416a8982684151dc0cf76f2b4fea8f7ad000b54b5c175ed5de0933f677390b
GET /images/emoji.php/v9/t4d/1/16/1f4de.png HTTP/1.1
Host: static.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
access-control-allow-origin: *
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 91K8DyQ+3Mp8Dtva4sIoEA==
expires: Fri, 03 Nov 2023 03:52:32 GMT
cache-control: public,max-age=31536000,immutable
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin
x-content-type-options: nosniff
timing-allow-origin: *
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 5/iPFrEx7o9TC+S8Ty4NlL1wSp7hTJAz1qn56UzTwGNE2J+9foODoWJyUf8jvc/yALXnjgTx1fdEX9aV0bsQYg==
content-length: 359
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/315114625_574410234684154_8567093676945156875_n.jpg?stp=dst-jpg_p350x350&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=viEemj-yPJEAX-xdzPi&_nc_ht=scontent-arn2-2.xx&oh=00_AfDUoLiUtPPsmwbUKn5D7Zo1D0iHUOfvv3LY2FsFPQUMYg&oe=6378FAAE
200 OK 44 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/315114625_574410234684154_8567093676945156875_n.jpg?stp=dst-jpg_p350x350&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=viEemj-yPJEAX-xdzPi&_nc_ht=scontent-arn2-2.xx&oh=00_AfDUoLiUtPPsmwbUKn5D7Zo1D0iHUOfvv3LY2FsFPQUMYg&oe=6378FAAE
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 350x455, components 3\012- data
Hash e7a6909dd6125f3131861b4dba5e0363
347c7aee3f21b15df5b55739d6efada365eb92b1
31e1fc014aa29ff5f85e6c4c1ade08edb469d0f9aac7039b918a57978390835a
GET /v/t39.30808-6/315114625_574410234684154_8567093676945156875_n.jpg?stp=dst-jpg_p350x350&_nc_cat=105&ccb=1-7&_nc_sid=8024bb&_nc_ohc=viEemj-yPJEAX-xdzPi&_nc_ht=scontent-arn2-2.xx&oh=00_AfDUoLiUtPPsmwbUKn5D7Zo1D0iHUOfvv3LY2FsFPQUMYg&oe=6378FAAE HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 14 Nov 2022 11:01:36 GMT
x-haystack-needlechecksum: 1168569474
x-needle-checksum: 519015319
content-type: image/jpeg
content-length: 43840
content-digest: adler32=4266990736
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
x-fb-edge-debug: JqPH1ivvQ2w-HspdZWCU2Nvl5DCqK7C8SlPyM-jPJMKrwUGxMLdmhVfbB2Ugt1D8iduIuTQjHUitQnWEb5yRtOKS69zcWv2A8Nm7eKYdmDY
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/315098508_574485071343337_1797981068670380851_n.jpg?stp=dst-jpg_p280x280&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=fqWwwsG8KgsAX8mtyfJ&_nc_ht=scontent-arn2-2.xx&oh=00_AfApKW89h8__cPyTV8bNd2tMQe04l2obUKpDaq4AJkKK-w&oe=6378849D
200 OK 16 kB URL HTTP/2 scontent-arn2-2.xx.fbcdn.net/v/t39.30808-6/315098508_574485071343337_1797981068670380851_n.jpg?stp=dst-jpg_p280x280&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=fqWwwsG8KgsAX8mtyfJ&_nc_ht=scontent-arn2-2.xx&oh=00_AfApKW89h8__cPyTV8bNd2tMQe04l2obUKpDaq4AJkKK-w&oe=6378849D
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 334x280, components 3\012- data
Hash d2197afa7751de019babb3d586d3397e
fb738b70a0d385a4fcea3c1b8d6fcf5271591f91
e35fe4b7005e200daa002135e934f2a3fb107728be43794ecb22c7af60d682b6
GET /v/t39.30808-6/315098508_574485071343337_1797981068670380851_n.jpg?stp=dst-jpg_p280x280&_nc_cat=108&ccb=1-7&_nc_sid=8024bb&_nc_ohc=fqWwwsG8KgsAX8mtyfJ&_nc_ht=scontent-arn2-2.xx&oh=00_AfApKW89h8__cPyTV8bNd2tMQe04l2obUKpDaq4AJkKK-w&oe=6378849D HTTP/1.1
Host: scontent-arn2-2.xx.fbcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.facebook.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-storage-error-category: dfs:none;hs_p:200:HS_ESUCCESS
last-modified: Mon, 14 Nov 2022 12:44:00 GMT
x-haystack-needlechecksum: 993999260
x-needle-checksum: 1547647068
content-type: image/jpeg
content-length: 15958
content-digest: adler32=2688085651
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-trip-id: 1904183273
date: Tue, 15 Nov 2022 03:52:52 GMT
x-fb-edge-debug: 7eVRuuK6HA-ctRt5bkDfXNW-rpTUlY5_JOCq2d2wPLN8iWK6TbDQaFWiQG0F71Rg2OvBbklvpmMp6Vb1uI_icSZdSjTGfd1Q5gQ9SouoVng
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto+Condensed:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto+Condensed:400,700
IP
GET /css?family=Roboto+Condensed:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 03:52:50 GMT
date: Tue, 15 Nov 2022 03:52:50 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.15.4/css/all.css?ver=2.0.2
IP
GET /releases/v5.15.4/css/all.css?ver=2.0.2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 15 Nov 2022 03:52:50 GMT
content-type: text/css
x-amz-id-2: 7YX9FZuPPdhE7EyoBeHEE6lGtK7YyTIBxBS4LsNzxeP6NotounJ53DmgWcgqDGwHR/hbQqEa+Y0=
x-amz-request-id: CP48A0MVNNXF8T6P
last-modified: Wed, 04 Aug 2021 20:43:22 GMT
etag: W/"ecd507b3125edc4d2a03aa6ae5d07da9"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 2668099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=br4sk3Kp%2BMVfgtJhdgOngsHxxm2pUKNIj5dVkuke1LBqzhRjrX9BPfPGOrITbf10MD%2BmDTNyI2Jn7%2FY8hK6j4Ky4wuJzy6P775arzSpR9FCc%2B6zybLT%2BGs6rpzGQECiUbB7MQUfv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76a50950c84af42f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Ubuntu:300,400,500
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Ubuntu:300,400,500
IP
GET /css?family=Ubuntu:300,400,500 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 03:52:50 GMT
date: Tue, 15 Nov 2022 03:52:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rum+Raisin
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rum+Raisin
IP
GET /css?family=Rum+Raisin HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.cuscoinkasfeat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 15 Nov 2022 03:52:50 GMT
date: Tue, 15 Nov 2022 03:52:50 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
75.102.57.149
216.239.34.36
31.13.72.12
23.38.201.85
93.184.220.29
0.0.0.0