zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2
172.67.138.73301 Moved Permanently 0 B URL HTTP/1.1 zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2
IP 172.67.138.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 04 Dec 2022 00:59:35 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 04 Dec 2022 01:59:35 GMT
Location: https://zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2FLQ2cRAaN0jIMzZzflQCdy05vUyXQ%2FgbuDCzDNILx0UH9fSHqvO5Yfw7t%2BZFjSArgVFkpauuDA0dVwM9ujSSxPEuVrgqtVVK8Ye5O9wj3jpfhE3yuoOpXG3bEvVGA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774099a7bcdeb518-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15269
Expires: Sun, 04 Dec 2022 05:14:04 GMT
Date: Sun, 04 Dec 2022 00:59:35 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3506
Cache-Control: max-age=124203
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:35 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:29:38 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7637
Expires: Sun, 04 Dec 2022 03:06:52 GMT
Date: Sun, 04 Dec 2022 00:59:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 00:20:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2374
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /i8jJZ+x3fexrAt/1hjPzOqVqvb83lpF5w7G0W6w5ES4/tfA9iIOJXQp6Rgx4zWTfcjC+D16DVc=
x-amz-request-id: MZGS1QX9KQP5AK94
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 00:46:46 GMT
age: 769
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 16bb79721c29f700e47b8ef26678e53f
ac5b8f2b0440eaffdde01b4e2e5e61fee245f4c9
ca796aeb7661c0908946abd126e2903c69e1db63472808788d56dad372771fac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=155574
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:35 GMT
Etag: "638badad-116"
Expires: Mon, 05 Dec 2022 20:12:29 GMT
Last-Modified: Sat, 03 Dec 2022 20:12:29 GMT
Server: nginx
Content-Length: 278
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 16bb79721c29f700e47b8ef26678e53f
ac5b8f2b0440eaffdde01b4e2e5e61fee245f4c9
ca796aeb7661c0908946abd126e2903c69e1db63472808788d56dad372771fac
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=155574
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:35 GMT
Etag: "638badad-116"
Expires: Mon, 05 Dec 2022 20:12:29 GMT
Last-Modified: Sat, 03 Dec 2022 20:12:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3938eb94f35bfec2ce07b4cb32dc2013
51a5c7d2bcecf83f24a28f9af7de982cbe236d7f
c75604d9f21614c3b8f4c79e7df72801fd258ddb27d4c50c6d18d06bd172722f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1992
Cache-Control: max-age=158652
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:35 GMT
Etag: "638bb1eb-117"
Expires: Mon, 05 Dec 2022 21:03:47 GMT
Last-Modified: Sat, 03 Dec 2022 20:30:35 GMT
Server: ECS (amb/6BB1)
X-Cache: HIT
Content-Length: 279
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 00:11:19 GMT
cache-control: public,max-age=3600
age: 2896
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3476
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:35 GMT
Last-Modified: Sun, 04 Dec 2022 00:01:40 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3938eb94f35bfec2ce07b4cb32dc2013
51a5c7d2bcecf83f24a28f9af7de982cbe236d7f
c75604d9f21614c3b8f4c79e7df72801fd258ddb27d4c50c6d18d06bd172722f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1993
Cache-Control: max-age=158652
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Etag: "638bb1eb-117"
Expires: Mon, 05 Dec 2022 21:03:48 GMT
Last-Modified: Sat, 03 Dec 2022 20:30:35 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: WxYBtI2Ivhe1dw135enX2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kdh2xVEIA1jDafgEQ2GbRtDx/8U=
ocsp.digicert.com/
93.184.220.29200 OK 31 kB IP 93.184.220.29:0
Hash 515fade30a286af2d9024c11a23fa064
f460fb716b6b0ba10734e86a707ed60da2502e18
726eeed0a5069d66a48dee91d9648f91a93f13b40400eb177af4983d495ff132
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4872
Cache-Control: max-age=161885
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Etag: "638bb34d-116"
Expires: Mon, 05 Dec 2022 21:57:41 GMT
Last-Modified: Sat, 03 Dec 2022 20:36:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 23 kB IP 93.184.220.29:0
Hash 5e2ca1e94be1047383c398805e1c6e67
99e3790236062d5dccf63f6a3303230630fb3d82
febb1f721d42247bd3e089e0c11f25bbfc2140e8cc87dcc10ca6cd3af1ce7da6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=155574
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Etag: "638badad-116"
Expires: Mon, 05 Dec 2022 20:12:30 GMT
Last-Modified: Sat, 03 Dec 2022 20:12:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 1.8 kB IP 93.184.220.29:0
Hash 3698ada074d87f9abcde77573320b13b
5434892fa204fff05b1df5892f140bac75fcc58c
62f1dfee5e03e8de89d9a49ccbc8b819a826c02195af175fc2dfe9c6c8f3743a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4872
Cache-Control: max-age=161885
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Etag: "638bb34d-116"
Expires: Mon, 05 Dec 2022 21:57:41 GMT
Last-Modified: Sat, 03 Dec 2022 20:36:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 278
www.googletagmanager.com/gtag/js?id=UA-77394287-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-77394287-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 802fe16f2ecede4a81e6701ff0745f6a
a5d0c77db7d2150a9bd413a8bfba361c71416851
f230ca363a84189159afe78e9d4f8a9a8902af70420d2282b7e6fc67d1ebb9b1
GET /gtag/js?id=UA-77394287-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 00:59:36 GMT
expires: Sun, 04 Dec 2022 00:59:36 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43657
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=19
185.76.9.14200 OK 2.5 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=19
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 0693ae01347cad11353661d6efdb0d4d
b136e17a7cc71a0e127876a42f3bde5bdcc4e96c
dd790879c982530a83fbeb5bf9a3c34ab6c66d60e860b593108a67b0f5fa7354
GET /s/gen.js?type=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670562285
server: CDN77-Turbo
x-77-nzt: AblMCQ1unor/i2kCAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6312b44d15
x-cache: HIT
x-age: 158091
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 21 kB IP 216.58.211.3:0
Hash 7915a50739702ef9aa6147b326d736b7
3082f8324620425028c23e2280cc5cc5a8bb4ac0
9d7768cbee67dc28a5c817ed7298700dfb4bca57718b94d05c56078a517bb01a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
142.250.74.106200 OK 5.3 kB URL HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
IP 142.250.74.106:0
Hash 6a91c9ea515d2fb814d701c0282f6e30
5403daa6ec2a2965bc18ecf357489611de12a1cd
e93067aa58831e581a75c59436e0034bc0d824e8d7f8f5037734c57aa7dc3c30
GET /css?family=Nunito:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 00:59:36 GMT
date: Sun, 04 Dec 2022 00:59:36 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=1
185.76.9.14200 OK 27 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=1
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 726236f7035c334507a3ce062a6fca24
154981563bd9264572b9a88fe43dc8ea5ec8af50
4a6bd2e04ee92eff573d3dae9e796b29e93d7b182f953573d3a708888fa6b13d
GET /s/gen.js?type=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670562286
server: CDN77-Turbo
x-77-nzt: AblMCQ1rf8z/imkCAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6316473c15
x-cache: HIT
x-age: 158090
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/moneybid7_22/build/dist/prebid.js
185.76.9.14200 OK 157 kB URL HTTP/2 ads.themoneytizer.com/moneybid7_22/build/dist/prebid.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (8152)
Size 157 kB (157072 bytes)
Hash 426761f0aed403095f3233c59d8de83b
9bc566b4892c73e854cc8936ab37fce92dd53273
7d854ea3f3a4f7c01d85290e9c7e1e2e6524ebae5426247769297d6591a03f12
GET /moneybid7_22/build/dist/prebid.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
last-modified: Tue, 22 Nov 2022 17:12:05 GMT
expires: Sat, 03 Dec 2022 05:04:45 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1670130286
server: CDN77-Turbo
x-77-nzt: AblMCQ2vcsL/ChgBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b631281c91d
x-cache: HIT
x-age: 71690
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
142.250.74.35200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 21:26:12 GMT
expires: Tue, 28 Nov 2023 21:26:12 GMT
cache-control: public, max-age=31536000
age: 444804
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 96b3d00620dcd983b6058805813845fe
cd6ac2676217528ac79aab5b3a482354e5e506af
48a20e830e789d94b25058c34a149ce7c1cddf8e77ad1615bf2fc8c6cdfe2763
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2988
Cache-Control: max-age=87325
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Etag: "638a9769-139"
Expires: Mon, 05 Dec 2022 01:15:01 GMT
Last-Modified: Sat, 03 Dec 2022 00:25:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea3dd4a898b1cc44638234c36264a251
2334de5b08eb18899cb6dbd6ce68d131d3162c01
485d136f522d177fbfde2b1d600ddba2c297873a7d61d323d82ad7dd83a222b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "485D136F522D177FBFDE2B1D600DDBA2C297873A7D61D323D82AD7DD83A222B4"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11326
Expires: Sun, 04 Dec 2022 04:08:22 GMT
Date: Sun, 04 Dec 2022 00:59:36 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ea3dd4a898b1cc44638234c36264a251
2334de5b08eb18899cb6dbd6ce68d131d3162c01
485d136f522d177fbfde2b1d600ddba2c297873a7d61d323d82ad7dd83a222b4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "485D136F522D177FBFDE2B1D600DDBA2C297873A7D61D323D82AD7DD83A222B4"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11326
Expires: Sun, 04 Dec 2022 04:08:22 GMT
Date: Sun, 04 Dec 2022 00:59:36 GMT
Connection: keep-alive
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=6
185.76.9.14200 OK 17 kB URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=6
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (29846)
Hash 641508b707a7d14ee5fd50bac6491d40
6c1d4a4d8903c519caaa788997d49601ffa84ce9
15b52e3336c93fee23531155ede5a30b25c0e4bcd239dbdfd72cca866e9acc13
GET /s/requestform.js?siteId=52788&formatId=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670590253
server: CDN77-Turbo
x-77-nzt: AblMCQ3R8TL/S/wBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b63c4564f18
x-cache: HIT
x-age: 130123
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash b49137589a60d412f5d4a0dd8522f6ec
82eef68f000e856df428cd793276567d907fd46c
f9618f01a5da2c2ab3fe6c98efba65af8695f0bad9544a3574eaf806cca96d3c
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 03 Dec 2022 21:14:35 GMT
Expires: Sun, 04 Dec 2022 21:14:35 GMT
ETag: "82eef68f000e856df428cd793276567d907fd46c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
tag.leadplace.fr/libJsLP.js
145.239.193.51200 OK 7.1 kB URL HTTP/1.1 tag.leadplace.fr/libJsLP.js
IP 145.239.193.51:0
Hash 373c3cdf789463fc8290860e2d17a8fe
475ef1bee8d4103ffadfccf73df01e4764eb4ef3
8b1326ffc5b6157a0338c367ecf4a33aed89da980b2f8d9fd7f9df23e25fbbbe
GET /libJsLP.js HTTP/1.1
Host: tag.leadplace.fr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/javascript
Content-Length: 5547
Last-Modified: Thu, 07 Oct 2021 11:26:48 GMT
ETag: "615ed978-15ab"
Accept-Ranges: bytes
X-IPLB-Request-ID: 5B5A2A9A:9FE2_91EFC133:01BB_638BF0F8_3A94AF9A:14262
X-IPLB-Instance: 29922
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ads.themoneytizer.com/moneybile.js
185.76.9.14200 OK 16 kB URL HTTP/2 ads.themoneytizer.com/moneybile.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1310), with no line terminators
Hash fd178b78cba1aa388a61bf56a13dd95c
efc2c73821592a7804239745f0c42a977581e444
844c634f674077d30f2ab88109a9b050d53ac42b16d301fbc8ce7fc0bffbaf31
GET /moneybile.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
last-modified: Fri, 12 Mar 2021 17:07:19 GMT
expires: Sat, 03 Dec 2022 05:04:45 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1670130286
server: CDN77-Turbo
x-77-nzt: AblMCQ1iAT7/ChgBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6388b4161c
x-cache: HIT
x-age: 71690
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
c.tmyzer.com/c/?s=52788&f=1&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=52788&f=1&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=52788&f=1&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:DFE6_36264064:01BB_638BF0F8_165C78D:4897
X-IPLB-Instance: 41595
quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.88200 OK 13 kB URL HTTP/2 quantcast.mgr.consensu.org/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.88:0
File type ASCII text, with very long lines (31997)
Hash 62c5999de4188e2ba430af671a2976b6
7e65059b855540dac841e69ca5933a034445ee64
ab98186f976d9cadd1341e54cbfe9ef1159b512606a450a81d6e12cbda13315b
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: quantcast.mgr.consensu.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 04 Dec 2022 00:59:27 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Q73Mfr61RdMWREGQZqxSNvnA2SLoacuyZPl3fsTAAwvAg0XoZO4Y1A==
age: 16
X-Firefox-Spdy: h2
cdn.ftd.agency/libs/e.js
37.48.117.210200 OK 1.7 kB IP 37.48.117.210:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 02f679c9e331e69ac43f87af96915b9d
e589290852a088c34cbf7bb3104faa833244e1d4
7ea9bdfdd368aa5835ba2930414dc029b4d2ffbd46c362e33d2efaffbb8fad32
GET /libs/e.js HTTP/1.1
Host: cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 13 Sep 2022 09:47:20 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"632051a8-aec"
Expires: Mon, 05 Dec 2022 00:59:36 GMT
Cache-Control: max-age=86400
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block;
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e3e381c21364088089a51a55738deed9
3a62c0ac6efb335f609faa935d60f140069eb232
a61056456557188b8d0358b87d6d1c2b9fca014d97c4435f3bb779162ff44efd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A61056456557188B8D0358B87D6D1C2B9FCA014D97C4435F3BB779162FF44EFD"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11723
Expires: Sun, 04 Dec 2022 04:14:59 GMT
Date: Sun, 04 Dec 2022 00:59:36 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash dac57aee83fd3a2ddc6062078a14c96b
5f1d474a4240d864d1f9ca72bfb20c26667663d9
679ebe4565db79ab8eb3487a99c7b9aa54562c3a41e1be21db8de145997f8b40
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 12:12:00 GMT
Expires: Fri, 09 Dec 2022 12:11:59 GMT
Etag: "5f1d474a4240d864d1f9ca72bfb20c26667663d9"
Cache-Control: max-age=471742,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774099b26ae8b511-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 78aeb6c4df5d36e1e8387ccfef04989e
7e792f20fa8fa2fed06ee5cf14dfa4b7c2a486f5
823fe529f34f4e552462f6f2783e0a2b23db5f26b9c1f182b3a56e725121c84f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 22:16:04 GMT
Expires: Sat, 10 Dec 2022 22:16:03 GMT
Etag: "7e792f20fa8fa2fed06ee5cf14dfa4b7c2a486f5"
Cache-Control: max-age=594386,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774099b1aeca1bfa-OSL
iononetravoy.com/1clkn/33405
172.255.6.58200 OK 26 B URL HTTP/1.1 iononetravoy.com/1clkn/33405
IP 172.255.6.58:0
File type ASCII text, with no line terminators
Hash 414a242a6fee8464282857e475d3ef61
f669890350347f53aa9bd19c1a355692e8d17d2f
d4914e81dd0b4c1d8ee8e789f6b369d107b93ac886f862930e1a98580e79aafa
GET /1clkn/33405 HTTP/1.1
Host: iononetravoy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 05-Dec-2022 00:59:36 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 05-Dec-2022 00:59:36 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
p.cpx.to/p/12762/px.js
54.72.106.107200 OK 2.1 kB IP 54.72.106.107:0
Hash 16264e1faffa6eb51d37549cda134ba2
c3511765c2d5290632c31e32e7f3b477b9adaf8c
f23e9edd531747ede21e7eedbd76830506ed12ceadb9847a7c644351a6034537
GET /p/12762/px.js HTTP/1.1
Host: p.cpx.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2419200, public
Content-Type: application/javascript; charset=UTF-8
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Length: 1990
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 147cc403cb91fbc299aa9e77a5fb5171
a6c673a8af373a23e9090a4be38e85b0f044557c
e5864c47546db87efcd47b40968c8b8c1718fc44932a3e87e4e358cc1bb14dbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E5864C47546DB87EFCD47B40968C8B8C1718FC44932A3E87E4E358CC1BB14DBC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3342
Expires: Sun, 04 Dec 2022 01:55:18 GMT
Date: Sun, 04 Dec 2022 00:59:36 GMT
Connection: keep-alive
cdn.pbstck.com/index-monitoring-e116637.js
104.22.0.93200 OK 52 kB URL HTTP/2 cdn.pbstck.com/index-monitoring-e116637.js
IP 104.22.0.93:0
Hash 276670c59e5a17e366f1757459d36cdd
0df9ab19bac2b90d5805c14b145d54675d168199
1882f2b4feeb2cba5b88ff4473902f935fdb361d9e5acf1e13f0c83d5023a87b
GET /index-monitoring-e116637.js HTTP/1.1
Host: cdn.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdudYBwKGB6sE45BZQIH8phCKx2eXDoHkIP8UQIBviX_Hv_UY1eHe4wjGZOKKkVKyITT5Hb-IcROFYlcn-jBHg5KXw
x-goog-generation: 1666703631064678
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 51526
x-goog-hash: crc32c=tQfzUw==, md5=/TmpRpzCdMB3/k3emcg8+g==
x-goog-storage-class: STANDARD
vary: Accept-Encoding
access-control-allow-origin: *
access-control-expose-headers: Cache-Control, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Sun, 11 Dec 2022 00:02:40 GMT
cache-control: public, max-age=604800, immutable
last-modified: Tue, 25 Oct 2022 13:13:51 GMT
etag: W/"fd39a9469cc274c077fe4dde99c83cfa"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: MISS
server: cloudflare
cf-ray: 774099b28eb50afe-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.vidoomy.com/imagenesderopaparaperros_14871.js
3.19.54.139200 OK 4.8 kB URL HTTP/1.1 ads.vidoomy.com/imagenesderopaparaperros_14871.js
IP 3.19.54.139:0
File type ASCII text, with very long lines (4753)
Hash dca7d770c45a86e8ed98a1a70b16b30a
8d09f9f86cd4dd3f0cf8cef950e4e1ade9ce9c1b
3cfd562889f90c112dadbb1d22fcc0a37235cb8a95484d4c285a13ae670042c9
GET /imagenesderopaparaperros_14871.js HTTP/1.1
Host: ads.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:36 GMT
Server: Apache/2.4.54 (Amazon) OpenSSL/1.0.2k-fips PHP/7.0.33
X-Powered-By: PHP/7.0.33
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 4755
Keep-Alive: timeout=2, max=300
Connection: Keep-Alive
Content-Type: application/javascript
boot.pbstck.com/v1/tag/4154d2d4-b8d3-4ebd-87e3-10ab310b914d
104.22.1.93200 OK 1.1 kB URL HTTP/2 boot.pbstck.com/v1/tag/4154d2d4-b8d3-4ebd-87e3-10ab310b914d
IP 104.22.1.93:0
File type ASCII text, with very long lines (630)
Hash 88a6aef5727d537d75139d930a36fbb3
044985b0d93192cf43a77b3078d659452094488e
38b91fa33dd588b222fc2cefdfd930b1ccc0be818485135d697d4837ead81025
GET /v1/tag/4154d2d4-b8d3-4ebd-87e3-10ab310b914d HTTP/1.1
Host: boot.pbstck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=120
timing-allow-origin: *
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774099b1ca78b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
arbourrenewal.com/cf/62/1e/cf621eb24aa5b4a128894819698170b8.js
173.233.137.52200 OK 11 kB URL HTTP/1.1 arbourrenewal.com/cf/62/1e/cf621eb24aa5b4a128894819698170b8.js
IP 173.233.137.52:0
File type ASCII text, with very long lines (32129), with no line terminators
Hash bea11f8104607ca390af78955daace28
1274dabeec2033dfae92cef9d90d4383bf38f9cb
627a9a210c81076e6941180ec5c61e0dabcd4d775d10625f99d78efe00071b4f
GET /cf/62/1e/cf621eb24aa5b4a128894819698170b8.js HTTP/1.1
Host: arbourrenewal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 63e822906221560f61f5e021264353d8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
arbourrenewal.com/2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js
173.233.137.52200 OK 21 kB URL HTTP/1.1 arbourrenewal.com/2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js
IP 173.233.137.52:0
File type HTML document, ASCII text, with very long lines (60148), with no line terminators
Hash 62cde96a6c3c5d8e46a6e3248c01b43d
d00017ccfcce6f0552d6a32ebc68fdae313acb99
0b47449b8ecbdb68826bfb81f6c863e17cfe713385747c09d1d63e9df461fe9c
GET /2a/6d/fa/2a6dfa22c42f41c1c5d4b95b66a5509c.js HTTP/1.1
Host: arbourrenewal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1b2cebf332a0465dc970037ed74f3518
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
z.cdn.ftd.agency/load?z=1339915142&div=oeu17qmlkls&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=1868&hc=16&n=1670115574578&url=m.imagenesderopaparaperros.com%2FmvWeysw&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=3834945098
37.48.117.210204 No Content 0 B URL HTTP/1.1 z.cdn.ftd.agency/load?z=1339915142&div=oeu17qmlkls&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=1868&hc=16&n=1670115574578&url=m.imagenesderopaparaperros.com%2FmvWeysw&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=3834945098
IP 37.48.117.210:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /load?z=1339915142&div=oeu17qmlkls&cw=1280&ch=939&sr=1280x1024&df=1&bh=1&tl=1868&hc=16&n=1670115574578&url=m.imagenesderopaparaperros.com%2FmvWeysw&vc=0&ti=zShorte.net%20%7C%20zShorte.net&zyx=3834945098 HTTP/1.1
Host: z.cdn.ftd.agency
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: AU=66910b6b58fa7cc8
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
Expires: -1
c.tmyzer.com/c/?s=52788&f=19&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=52788&f=19&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=52788&f=19&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:2794_36264064:01BB_638BF0F8_165E870:211AA
X-IPLB-Instance: 20686
c.tmyzer.com/c/?s=52788&f=11&fi=99
54.38.64.100200 OK 0 B URL HTTP/1.1 c.tmyzer.com/c/?s=52788&f=11&fi=99
IP 54.38.64.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /c/?s=52788&f=11&fi=99 HTTP/1.1
Host: c.tmyzer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Access-Control-Allow-Origin: *
X-IPLB-Request-ID: 5B5A2A9A:DFE6_36264064:01BB_638BF0F8_165C79A:4897
X-IPLB-Instance: 41595
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Sun, 04 Dec 2022 03:27:14 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
www.cdn4ads.com/w2ui.min.css
185.76.9.23200 OK 0 B URL HTTP/2 www.cdn4ads.com/w2ui.min.css
IP 185.76.9.23:0
ASN #60068 Datacamp Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /w2ui.min.css HTTP/1.1
Host: www.cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:37 GMT
content-type: text/html; charset=UTF-8
content-length: 0
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
x-accel-expires: @1671050496
server: CDN77-Turbo
x-77-nzt: AblMCRSvuI3/+Y0BAA
x-77-nzt-ray: af5856306b96441bf9f08b63cbc56f14
x-cache: HIT
x-age: 101881
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3130
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 11210
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134379
Date: Sun, 04 Dec 2022 00:59:37 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 14:19:16 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (bsa/EB15)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: FrlBkQ6dS10djL4Yx1BGHRNF43iwMXQpYbx-2N7JCb8gjkbXVOLr4A==
Age: 2890
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134338
Date: Sun, 04 Dec 2022 00:59:37 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 14:18:35 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (bsa/EB18)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: w3Ry0q5-gov3qCEQEhcnY6iAK_FmEUwu0OgstTRLnv5QeUNIFK1reQ==
Age: 2849
ads.themoneytizer.com/s/gen.js?type=11
185.76.9.14200 OK 18 kB URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=11
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
File type ASCII text, with very long lines (2659)
Hash 29248b928a9319ec632e825503850ea6
4a2d843f343398bfc2ac2dfb7113639e5b19eca5
106d7ac1bdc97b9bb1758da2b5d2744280a7bf45286ea64a101a2fbeb37f410e
GET /s/gen.js?type=11 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670562288
server: CDN77-Turbo
x-77-nzt: AblMCQ0bUNX/iGkCAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6315f7a815
x-cache: HIT
x-age: 158088
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 11219
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 11376
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 027480c06cd67621f373c6765dafee4d
9f80bb7ca6f699d88eaec2248dec508c589fe994
f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 10610
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: t1vmY4fBoLpFjqHbLyMewgUrpvRjqG4QTAuA4BeB4Gl2jqbxI0gYQA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:08 GMT
age: 11369
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash bb66b367ecfe0ced270b29add93bd678
42875cade07cab7b2b4a8874de9fee340c0eb682
c560d65ac45dd25a8944b17a6570f42f1d955591192d11610a4958b3c2516e0f
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-allow-credentials: true
set-cookie: uid_id2=64a06ead-a862-4ea2-9dd8-ae13a4272db7:1:1; expires=Wed, 01 Dec 2032 00:59:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash c03dfedbb183ac1fb42368de53ecbbf0
82d9c7bcbd47ad1b6bfa187dbcaef9e7ade40c58
20a8b2981a246b251195d66974ec871f29d4f078e8665a6f49f92bf35411cdc2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:37 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-allow-credentials: true
set-cookie: uid_id2=703615a9-b6c0-464b-9156-a78430ab1772:1:1; expires=Wed, 01 Dec 2032 00:59:37 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8857
Expires: Sun, 04 Dec 2022 03:27:14 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 23193c3c0d9580d0c757de17730ac556
5ac0a13fe68155bfd4c6a3076729da2578776f8c
5019cffffb2c40d48d084ac4bf0bfac07569ecbe8835293c9ee4d4404dbcd4da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5019CFFFFB2C40D48D084AC4BF0BFAC07569ECBE8835293C9EE4D4404DBCD4DA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2830
Expires: Sun, 04 Dec 2022 01:46:47 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a64d2a86ee14c6a07d42a2df2ed3dcdc
5105b584f3293647fc541dcfd285584e97722c7d
07dca80d020913164af69b1c32212d70c85cd949b6c93ba5a38ce79c9d08b35d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "07DCA80D020913164AF69B1C32212D70C85CD949B6C93BA5A38CE79C9D08B35D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14423
Expires: Sun, 04 Dec 2022 05:00:00 GMT
Date: Sun, 04 Dec 2022 00:59:37 GMT
Connection: keep-alive
banquetunarmedgrater.com/advertisers.js
192.243.59.12200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 04 Dec 2022 00:59:37 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd687c8c4c749d408d974bb7ff2887e0
Strict-Transport-Security: max-age=0; includeSubdomains
reproductiontape.com/pixel/purst?dl=0&th=0&sc=0&rs=2254&rd=2254&fd=1057&bv=22.10.v.9&tmpl=70
192.243.61.225200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/purst?dl=0&th=0&sc=0&rs=2254&rd=2254&fd=1057&bv=22.10.v.9&tmpl=70
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2254&rd=2254&fd=1057&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 00:59:37 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 30957ed65c8b67cdd657582b3d999506
0f8246fa92e34c368782291a477837cf07c0424a
f04661cedfc8353ba9b34582d9b005ed9841cfa1eb1befbee60b8e19f49654e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F04661CEDFC8353BA9B34582D9B005ED9841CFA1EB1BEFBEE60B8E19F49654E9"
Last-Modified: Fri, 02 Dec 2022 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3764
Expires: Sun, 04 Dec 2022 02:02:22 GMT
Date: Sun, 04 Dec 2022 00:59:38 GMT
Connection: keep-alive
a.teads.tv/analytics/tag.js
23.38.201.50200 OK 3.4 kB URL HTTP/2 a.teads.tv/analytics/tag.js
IP 23.38.201.50:0
File type ASCII text, with very long lines (4822)
Hash 6ddfb3a828a563a7719081ff9aeedaba
80286455b7c85311df5f997714b83380ac02fd6d
826524e59a21d4190f923f804a17db1513e1ee3cb4a5ed12f3bb6a5b4f370835
GET /analytics/tag.js HTTP/1.1
Host: a.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: +hi3J8gLh7odTbzzwPTTi1cNLRiMIMeCbLwhFS3fdhvnkPc6F/KidF+aylAlaVgqP4umQC5X3TY=
x-amz-request-id: VYTSDGA8QVA7F7Y0
last-modified: Wed, 02 Nov 2022 09:38:15 GMT
etag: "6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption: AES256
x-amz-version-id: Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
accept-ranges: bytes
content-type: text/javascript;charset=utf-8
content-length: 3391
cache-control: private, max-age=3600
date: Sun, 04 Dec 2022 00:59:38 GMT
vary: Accept-Encoding
content-encoding: br
X-Firefox-Spdy: h2
ced.sascdn.com/tag/1097/smart.js
23.36.77.48200 OK 33 kB URL HTTP/1.1 ced.sascdn.com/tag/1097/smart.js
IP 23.36.77.48:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4686ea4ceef48bf4d7b06bf70fe2a6ef
6a1348d13eca8b7882c4679c53019a51f48a94fd
685fc19fe5c57ebff672b1a9c03ea8b85f78d37558cc6743a39baa034f852d0d
GET /tag/1097/smart.js HTTP/1.1
Host: ced.sascdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/javascript; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 32836
Cache-Control: public, max-age=7200
Expires: Sun, 04 Dec 2022 02:59:38 GMT
Date: Sun, 04 Dec 2022 00:59:38 GMT
Connection: keep-alive
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
143.204.42.225200 OK 26 kB URL HTTP/1.1 d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
IP 143.204.42.225:0
File type ASCII text, with very long lines (16085)
Hash 8703fc9eead243fe2f47380e962d7fa2
3d9f707259112fa9ccdd1e676f00eadcff71906c
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
GET /a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js HTTP/1.1
Host: d2zur9cc2gf1tx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 25704
Connection: keep-alive
Accept-Ranges: bytes
Last-Modified: Mon, 18 Feb 2019 16:54:28 GMT
Server: Apache
Date: Sat, 03 Dec 2022 20:46:16 GMT
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3kR1ia_axXd-oMlPel9Ux3Wy4DhGcgA9XHwsfm2itUUXHHGBhjhq7w==
Age: 15204
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 00:46:55 GMT
expires: Sun, 04 Dec 2022 02:46:55 GMT
cache-control: public, max-age=7200
age: 763
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 9b61e042ff9f7c8d3cbb3a46c565cb51
15a4546461f01ded4677206b47e507e6c308e6c2
bf4cc613ac8c3a993891a255dbde7791cb24f73dca3ce19e962f5ebe2ac3a1c6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash 150284c1f4dde9ee3cf095ce6ee60020
aa9571ac9afebd844c708d8ab5efb3ae4e3e0708
830c40386e05b6f863d0334c265a7936d208098988bdff0437a787a3228c0644
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5122
Cache-Control: max-age=168640
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Etag: "638bccb8-2d7"
Expires: Mon, 05 Dec 2022 23:50:18 GMT
Last-Modified: Sat, 03 Dec 2022 22:24:56 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
friendshipmale.com/sfp.js
104.21.234.92200 OK 28 kB URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 271e2f37e7e835474e4076fcef85b46f
cca3f9b11d64a4619ae5a16affc68a69775b237d
e85eff8f367f88ac491802422cb3cdcc7d65c0076a224065b72150050688c4e5
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:37 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 34c837e236cbe60b49cac41014e70f43
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 04 Dec 2022 00:59:37 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A9Ui3%2F6cH6kK4wtAUoycLjBK1Q8IJf7wS6wA0TZKTBWb8Ydsg0eBeHYiU4e0xqvfyRTwcxQFkcYpUd3nVibd%2Fc9h93iZyDkDgZP3vYyKexxRlPIXwTM8HzqjqVFC%2FkJTnqLSnAw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099b66a13dc97-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 8b129125171aa50e40f0d0e26d1a6c4e
d1376718e6dd2b03aab6f632af2438b8ae3e49b2
96b4c4d6e7843adcee8a1cda47dc0d485752afc26d633c0e97892c6040e460fd
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3424
Cache-Control: max-age=126267
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Etag: "638b2dd5-138"
Expires: Mon, 05 Dec 2022 12:04:05 GMT
Last-Modified: Sat, 03 Dec 2022 11:07:01 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 312
www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
142.250.74.131200 OK 583 B URL HTTP/2 www.recaptcha.net/recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit
IP 142.250.74.131:0
File type ASCII text, with very long lines (921), with no line terminators
Hash 6c064532ae9b3b8278a9d00701c75021
65cd4fbe613e8805d867dffa12cb29569419254d
ee4a48e1244ff8836f0b808d40bab0dc14b4702a3195920c6c600dcae3302bfa
GET /recaptcha/api.js?onload=onloadRecaptchaCallback&render=explicit HTTP/1.1
Host: www.recaptcha.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 04 Dec 2022 00:59:38 GMT
date: Sun, 04 Dec 2022 00:59:38 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 583
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258
142.250.74.162302 Found 447 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258
IP 142.250.74.162:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1a70419d8eaf2f285b4570313a92c62d
6c0c4642bd4509fdc9a4f49afbcbf3350c6598fe
49a6097bf5ab116933f95debc7cbe7a17055340e84f6a418f807eca0c91cab4d
GET /pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258&google_tc=
date: Sun, 04 Dec 2022 00:59:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 447
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 01:14:38 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/j/collect?v=1&_v=j98&a=67631053&t=pageview&_s=1&dl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&ul=en-us&de=UTF-8&dt=zShorte.net%20%7C%20zShorte.net&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=215253376&gjid=257461461&cid=653363686.1670115576&tid=UA-77394287-2&_gid=2015342122.1670115576&_r=1>m=2oubu0&z=911134966
142.250.74.14200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j98&a=67631053&t=pageview&_s=1&dl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&ul=en-us&de=UTF-8&dt=zShorte.net%20%7C%20zShorte.net&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=215253376&gjid=257461461&cid=653363686.1670115576&tid=UA-77394287-2&_gid=2015342122.1670115576&_r=1>m=2oubu0&z=911134966
IP 142.250.74.14:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=67631053&t=pageview&_s=1&dl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&ul=en-us&de=UTF-8&dt=zShorte.net%20%7C%20zShorte.net&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=215253376&gjid=257461461&cid=653363686.1670115576&tid=UA-77394287-2&_gid=2015342122.1670115576&_r=1>m=2oubu0&z=911134966 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://m.imagenesderopaparaperros.com
date: Sun, 04 Dec 2022 00:59:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 89757b50a8055fe5630793960963e992
4686842e9b109dd056936e47c364dd10995c1293
995c2617619bb86561a6620440002d85f54e42a0c46ee19d9c002c273e29264e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3087
Cache-Control: max-age=140653
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Etag: "638b6759-1d7"
Expires: Mon, 05 Dec 2022 16:03:51 GMT
Last-Modified: Sat, 03 Dec 2022 15:12:25 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 08ca0238100c906a665f21b1caa97f47
3f605891faeafb51a36cecd25d331bcc450d34e9
35dac74d71c723f7a8e7585174fad51a0115e4a294a2c0d80b63026e25825618
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ups.analytics.yahoo.com/ups/58610/occ
3.126.56.137302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58610/occ
IP 3.126.56.137:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58610/occ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 00:59:38 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58610/occ?verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBPrwi2MCEGxHQ-KsCehDZ12JeYLcg4cFEgEBAQFCjWOVYwAAAAAA_eMAAA&S=AQAAAliVwiLp0q8G7GegnA5ZyFQ; Expires=Mon, 4 Dec 2023 06:59:38 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 49490021f0b6c6f700a273e17f27ef6d
aa5dab61c4eb5ff05119e3feac9ca0abb43f89ca
191ef030b4d981bac12eb4363e7a1245ab8d3637cd8603e2576d34f23a017358
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dbb66a45515eb4bd61566b8a462222b7
2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9
1929d698afaff5af3fd939389346226a6056b86e4f870b0769755b0cdefd60a6
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:38 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 01:56:49 GMT
Expires: Sat, 10 Dec 2022 01:56:48 GMT
Etag: "2d18c51e1a9d35c874c96ad0552aa35d88bfc5f9"
Cache-Control: max-age=521229,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774099bc1984b511-OSL
x.bidswitch.net/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108
3.123.160.250302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108
IP 3.123.160.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 04 Dec 2022 00:59:38 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=04298513-64be-4b8f-b979-5e914e0f0cef; path=/; expires=Mon, 04-Dec-2023 00:59:38 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670115578; path=/; expires=Mon, 04-Dec-2023 00:59:38 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1670115578; path=/; expires=Mon, 04-Dec-2023 00:59:38 GMT; domain=.bidswitch.net; samesite=none; secure
c=1670115578; path=/; expires=Mon, 04-Dec-2023 00:59:38 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
handbagcordial.com/sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=703615a9-b6c0-464b-9156-a78430ab1772%3A1%3A1
173.233.137.52200 OK 4.4 kB URL HTTP/1.1 handbagcordial.com/sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=703615a9-b6c0-464b-9156-a78430ab1772%3A1%3A1
IP 173.233.137.52:0
File type JSON data\012- , ASCII text, with very long lines (6083), with no line terminators
Hash 334c333495337aaded0ca4c896c97959
752b7ba30e4d378c39df735f84d710430469f9b1
7f252de8fc7555fcf1497e9840c3d577d056dc9be266cb5f4ac920131218fdb2
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=cf621eb24aa5b4a128894819698170b8&uuid=703615a9-b6c0-464b-9156-a78430ab1772%3A1%3A1 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:38 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15289012; expires=Mon, 05 Dec 2022 00:59:38 GMT; secure; SameSite=None
uid_id2=703615a9-b6c0-464b-9156-a78430ab1772:1:1; expires=Sun, 11 Dec 2022 00:59:38 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 05 Dec 2022 00:59:38 GMT; secure; SameSite=None
uncs=1; expires=Mon, 05 Dec 2022 00:59:38 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 05 Dec 2022 00:59:38 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 05 Dec 2022 00:59:38 GMT; secure; SameSite=None
sleccf621eb24aa5b4a128894819698170b8=[3789938]; expires=Sun, 04 Dec 2022 00:59:43 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f14f1dafad19538bde9593de8f93c7f6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
6.adsco.re/
104.17.166.186200 OK 0 B IP 104.17.166.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: text/plain;charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: private, max-age=10
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, HEAD, OPTIONS
access-control-max-age: 2592000
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099be3f01b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:38 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 452981
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
142.250.74.42200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
IP 142.250.74.42:0
File type ASCII text, with very long lines (32034)
Hash c54aac7ef64c39b4f384e0d5771d3b46
d3e059104378a3844862a5ed12a13f5d423e86b6
3e1b5002dd64d185f806edeefd333348f423584d876cfc966b5c13884c8fe3da
GET /ajax/libs/jquery/3.0.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30186
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 22:25:29 GMT
expires: Sun, 03 Dec 2023 22:25:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 9249
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6f38dd7ea1214826c7a65cfadf2b7138
f209cd9d6e043dbc6fbbba23205133fa0e9b991f
36be864cb960e7cf3519f654c0b8233b3bb50a0b307066cfe52c588a4f6b8689
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36BE864CB960E7CF3519F654C0B8233B3BB50A0B307066CFE52C588A4F6B8689"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2559
Expires: Sun, 04 Dec 2022 01:42:17 GMT
Date: Sun, 04 Dec 2022 00:59:38 GMT
Connection: keep-alive
ads.stickyadstv.com/auto-user-sync
23.36.77.41200 OK 43 B URL HTTP/1.1 ads.stickyadstv.com/auto-user-sync
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /auto-user-sync HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670115578644070-537
Content-Length: 43
Expires: Sun, 04 Dec 2022 00:59:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Dec 2022 00:59:38 GMT
Connection: keep-alive
Set-Cookie: UID=6d1aebf0e22b72fa8ac5a4a849b90; Domain=ads.stickyadstv.com; Expires=Tue, 03-Jan-2023 00:59:38 GMT; Path=/
id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
162.19.138.82200 43 B URL HTTP/1.1 id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
IP 162.19.138.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /i/12/9.gif?gdpr=true&gdpr_consent= HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 04-Dec-2022 01:04:38 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 04 Dec 2022 00:59:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108
3.123.160.250200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108
IP 3.123.160.250:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?ssp=vidoomy&user_id=926546839.439824517167385.58527108 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ad.lkqd.net/vpaid/formats.js
151.139.128.10200 OK 36 kB URL HTTP/2 ad.lkqd.net/vpaid/formats.js
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b3736cf69ac3288810f4c8bb85ce569c
70984d14343ea485a8232927d58db0671eb1778f
1d2893bf6270530e1df90bc8279d8319cd721ba8dc4ba94970b1a0adf03bac98
GET /vpaid/formats.js HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-encoding: gzip
content-length: 35765
content-type: application/javascript
last-modified: Fri, 11 Dec 2020 00:09:23 GMT
accept-ranges: bytes
etag: "286704660baa2c113268f28385080796"
cache-control: public, max-age=1209600
x-hw: 1670115578.cds251.sk1.hn,1670115578.cds229.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0242539154ad5577482c101495485973
c003cb834ab389a553c9b859b6cf8786d7bb0496
532ad07db92ef70173355bd7c7ca4fefd644821793196a7dbb58801351504248
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "532AD07DB92EF70173355BD7C7CA4FEFD644821793196A7DBB58801351504248"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8617
Expires: Sun, 04 Dec 2022 03:23:15 GMT
Date: Sun, 04 Dec 2022 00:59:38 GMT
Connection: keep-alive
mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258&google_error=3
104.22.24.87200 OK 95 B URL HTTP/2 mwzeom.zeotap.com/mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258&google_error=3
IP 104.22.24.87:0
File type PNG image data, 1 x 1, 1-bit colormap, non-interlaced\012- data
Hash 71a50dbba44c78128b221b7df7bb51f1
0ec63b140374ba704a58fa0c743cb357683313dd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
GET /mw?google_gid=&google_cver=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=583e25f6-f838-40f3-575e-4d33aa1d1c41&reqId=4bc239a1-bac4-46e3-7be8-9afedb72cd6a&zdid=1258&google_error=3 HTTP/1.1
Host: mwzeom.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Connection: keep-alive
Cookie: zc=583e25f6-f838-40f3-575e-4d33aa1d1c41; zsc=gP%C9%B2w%F1%CB%C1%25%E3%AFb%C2%13%7C%EB%84.%C3%23i%27%B9%FE%1EQ%D5%8D52N%96%86%A8c%B0%AF%94%FF%AF%EA%9B%AE%B1_%1B%B5%C7M%81W%3Al%EC%29N%ABq%B6%93%8DXm%5BhS%BA%E5%AE%93h%23m%D2%C0%ED%BD%0A%BF%1A%28%BE%19
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://m.imagenesderopaparaperros.com
set-cookie: zc=583e25f6-f838-40f3-575e-4d33aa1d1c41; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774099bfeab7b521-OSL
X-Firefox-Spdy: h2
audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1670115576645%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-o5kkqnhoc0r4wc9cin18%22%7D
52.59.99.218200 OK 2 B URL HTTP/2 audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1670115576645%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-o5kkqnhoc0r4wc9cin18%22%7D
IP 52.59.99.218:0
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
GET /?log=%7B%22accountId%22%3A%226Fv0cGNfc_bw8%22%2C%22domain%22%3A%22m.imagenesderopaparaperros.com%22%2C%22publisher%22%3A%22themoneytizer.com%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.42%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22zqyqLXlGhIEyBziKWX6tNg%22%2C%22clientTimestamp%22%3A1670115576645%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-o5kkqnhoc0r4wc9cin18%22%7D HTTP/1.1
Host: audit-tcfv2.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: text/plain; charset=utf-8
content-length: 2
access-control-allow-origin: *
X-Firefox-Spdy: h2
ds1mhop1mtit.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 ds1mhop1mtit.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ds1mhop1mtit.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:38 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ad.lkqd.net/cookie-sync/usync.html
151.139.128.10200 OK 1.9 kB URL HTTP/2 ad.lkqd.net/cookie-sync/usync.html
IP 151.139.128.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 41b852ed55af42897839dd36a74c8836
ab34ebee16e719e22645fb8560fd66adf90f9dff
eb7f7a625357319b2e1a3f3099e9630dada48ec5c079e5d698699ebe15c8002f
GET /cookie-sync/usync.html HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-encoding: gzip
content-length: 1882
content-type: text/html
last-modified: Fri, 18 Feb 2022 17:38:44 GMT
accept-ranges: bytes
etag: "952dcfd8e3703b5a7e78418d51009535"
cache-control: public, max-age=1209600
x-hw: 1670115579.cds251.sk1.hn,1670115579.cds003.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
54.230.111.16200 OK 2.5 kB URL HTTP/2 rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
IP 54.230.111.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4478)
Hash 081c09fa11c398e34b4284d8ee98c0e5
48f27a745b7db788aee36e1033cadcc2138ead2c
fa438a80ed039f9d54a82bbe16102f91ee50f8509c80bb77a925ed8720f6dec1
GET /rules-p-6Fv0cGNfc_bw8.js HTTP/1.1
Host: rules.quantcount.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 22:35:53 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Sun, 04 Dec 2022 00:10:28 GMT
cache-control: max-age=3600
etag: W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vWA8Re9Ncufy2trgsW92FkCBR6hRTVH5QDU7E5rLfrdg0HBNgCT_eQ==
age: 2951
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
142.250.74.35200 OK 24 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
IP 142.250.74.35:0
File type ASCII text, with very long lines (52913), with no line terminators
Hash f4bb161deae4e93f1a82e52f82ea2af9
74cd72b02999ea35cde6dd6c1d58ca9aec94da07
3330fe65fd8dbe742211f1609fbfe70b3b94434ad5639223942d921f085ea589
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24262
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:53:03 GMT
expires: Tue, 28 Nov 2023 19:53:03 GMT
cache-control: public, max-age=31536000
age: 450396
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/css
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.35200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 452982
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.recaptcha.net
Connection: keep-alive
Referer: https://www.recaptcha.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 184296
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2ac700f4345b8a632a29fa9fd8dceee
4a5924b0a38471ee69b22e6f801641d56062311b
ca893ca35eb16dceef8e0754927fb6579daa6b41d30ddf264b8b80b81832f9fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CA893CA35EB16DCEEF8E0754927FB6579DAA6B41D30DDF264B8B80B81832F9FE"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11193
Expires: Sun, 04 Dec 2022 04:06:12 GMT
Date: Sun, 04 Dec 2022 00:59:39 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9f28c8c53d8fb1fecc4f8d54389232ca
a894b822528f3963a8976dfdf55a6af6a3f45ed2
b8c36430554ef78ab75f0891ad5fd2ff734150db7d5ad8d6ccf6a43a31ccfae3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4829
Cache-Control: max-age=165124
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:39 GMT
Etag: "638bc022-1d7"
Expires: Mon, 05 Dec 2022 22:51:43 GMT
Last-Modified: Sat, 03 Dec 2022 21:31:14 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.35200 OK 2.2 kB URL HTTP/2 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.35:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:40:09 GMT
expires: Sat, 10 Dec 2022 14:40:09 GMT
cache-control: public, max-age=604800
age: 37170
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 46cd5375ee0c8139bb95d2ad2ac35599
18f88494db04e95149b3546c57e04eedcd74961d
3d275903a4a9b59bdd0a2b2e809db271ae2e028f42d480dd184187d02f024683
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2825
Cache-Control: max-age=111278
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:39 GMT
Etag: "638af5a0-1d7"
Expires: Mon, 05 Dec 2022 07:54:17 GMT
Last-Modified: Sat, 03 Dec 2022 07:07:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a8e5a955a5a57cacc3bc8dc58098feab
c43ea1e5bd7be18976cd8cf9f51cd28ea04dbc4f
8d63288b45b0f7ec611ade13588957a444bb615cf2cd7485a3af365faf8cb640
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D63288B45B0F7EC611ADE13588957A444BB615CF2CD7485A3AF365FAF8CB640"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6234
Expires: Sun, 04 Dec 2022 02:43:33 GMT
Date: Sun, 04 Dec 2022 00:59:39 GMT
Connection: keep-alive
ad.turn.com/r/cs?pid=65
46.228.164.11302 Found 0 B IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7724467211844671392; Domain=.turn.com; Expires=Fri, 02-Jun-2023 00:59:39 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7724467211844671392
content-length: 0
date: Sun, 04 Dec 2022 00:59:38 GMT
X-Firefox-Spdy: h2
adsco.re/p
162.252.214.5200 OK 173 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash e5f81b6f0f57cba88d166a55a16d1ac8
24f3921eecef00e529211025b93f59b2cb136192
8a31537e860905288bbed53b96507228b9ff2d24c9a88822dc7b2a2a66eff73c
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2012
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:39 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
143.204.55.88200 OK 48 kB URL HTTP/2 cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
IP 143.204.55.88:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Hash 27bd3eb1eb3506bf7fe0d79ab2bd5117
67f5361353055c8ba09d94d3bcd33b6283bf654e
2e32a4416c07a1034f9f18d0159e0da967dd9505c8517ee30a1d5e04d7672a50
GET /GVL-v2/vendor-list-trimmed-v1.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 03 Dec 2022 03:00:45 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 03 Dec 2022 03:00:33 GMT
etag: W/"8beb7c9f2be4a512dd564389fb4698cc"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: USY5TdXVLnN_tLjzw37MXhPeBU7oy0qQHs-XcB1BtWvjGzqfM6uPUw==
age: 79134
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 0b9bc629551f3bf4bea219d73c777232
3551ab653881f5992eb39e7d507b18a62044d7f5
905116fd88ff99648d8de3b7cbbf8623bc6740ef11bff962d5dd6f8f0c2df979
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 00:59:39 GMT
Last-Modified: Sun, 04 Dec 2022 00:01:34 GMT
Server: ECS (nyb/1D20)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pil2wccpN8QnL_DpTyaa-DP2nI6Qs4BeEdWHs4oDLIwTBmFl8zjtBA==
Age: 3485
v.lkqd.net/ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=67889926&m=
69.20.43.192200 OK 150 B URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=67889926&m=
IP 69.20.43.192:0
File type ASCII text, with no line terminators
Hash f2200dfc5e8b75dea19cc2ff13526ce8
5235427034ffed5be887acecc26f62210be11554
e459e49bb953fa15bac6d8bcf457713e3f78a5154c0e1f213be85e378af41b38
GET /ad?pid=430&sid=1135195&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=67889926&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: application/xml; charset=UTF-8
content-length: 150
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=94&partnerUserId=7724467211844671392
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=94&partnerUserId=7724467211844671392
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=94&partnerUserId=7724467211844671392 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
34.193.201.64302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP 34.193.201.64:0
File type HTML document, ASCII text
Hash 16a1b6bfc4a4978a5180832db4ccefb3
e087053df8155db257a62b143a4620362aa79e7a
daf4b5b76813d0dfb45e4e435db193791c292660fb43c1067233323ff0399c62
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 00:59:39 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=4f9DkQBYTO5vE056HIuqyltaKpo
Set-Cookie: sa-user-id=s%3A0-e1ff4391-0058-4cee-6f13-4e7a1c8baaca.4F7AiHw8YDAdMhAqaTg6YhS6bcz8K137IT412%2FZGmV4; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3A4f9DkQBYTO5vE056HIuqyltaKpo.%2Fk%2FU83DMsszlOrZbRZzo93LjYbsck1JELaHgYGZwhWA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c770ed8e1043091817cf67c2338116d2
eb799e23dbf7d7fd82d63ec0220007e5b8196e48
addff025294dc6a89ff5f686910eb51ba8791c40f50b1c6b63ddc4c8db5808cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDFF025294DC6A89FF5F686910EB51BA8791C40F50B1C6B63DDC4C8DB5808CF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4287
Expires: Sun, 04 Dec 2022 02:11:06 GMT
Date: Sun, 04 Dec 2022 00:59:39 GMT
Connection: keep-alive
handbagcordial.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7un50waMxhhZs%2B4uSWSvVnVXz5Zb3dVUdU%2FPzmkxsAS8jDdP0vtmN4u6iAGPSmRWBBkQMwqyBBc8eMgpwUBATzKzA4sfdH9f1XuH995XW9v5EbGR08OVd1VPSEnn61W78tKqSEJVmMrStYpjV%2B1zlVWRNLxzle7kpzuvOna9ar9ceZsH62retR3bdmynckloHqnu%2FBSFSPd9p%2BrbVc%2BtOnUPXf3fs8ktGGoh7ByRJyHC8Zm1H29BBEMk8VcXuVnPVPrKW3EuaaY0OuHee8l6oooE8ckYaQtRsjdjQ5kxIZ%2Bcgkr2Zg6gOjsTB2BiTKzfHLBkbyYTrLN7rJRJ8AQsfBxFZwguhxB0iEBdhwjvECAIsbSMJL65pHRBN45ROkHH5PSjhxDFmJz%2B%2FSkk8ZcXpOhWriqZZ0IlBt2ohOgOIdpDpPkBsp4FURwgyD6ECH8i848WkcQ7y0YqiPDwhaZdazh16s%2BxRmDPeQ2PzflOvTFHmy2vZlPmNJvuNCIhhhDREJL3QY2FfPIJC3lkIU8txOFhhdb9yLabEYtqtZYXBEGtFgT1ViOshzWvFdnIg4mHPrK0j0D2EehNpHoT66IPnX8Hs1bChBZMRtAJSxScoDAEBSUoBEGRERSdcjeUxjXlzVCanDmz7s56rRyorL1Nd1XW5gnZTo%2FIE9Pg7r3zNdb5YSWIGq7DmetRWmceddxWy%2Fdajt%2FwW07TZi0YUUKYU1ObvckWn%2F4LqRgTcn8TjB7AyAME4ixo%2FhxoMWi6NujawGvZ6CX7PWnWlM54NeEZQlUizc4g27C25RF5dqrD%2F1WDB6PXz772992zP%2F%2BJQJdIdYkPxPcEbXljcEUVZOeKKgy5tZxmIhY9Olnu1Yxm%2FPTnl%2FlGoXS4cNH0P3sjmACTcf8aN9kiTUKRtA354oIIQ64vKR1w8u2CWeVsJTdrF3Kd5OniypuXFuJUc2OESoag4s77txGIMXks3po%2B2%2BfvbkHoIXReIs5HZFYQ6gBBugmTjs7%2F0bz8w979T2EUgZYnHJZaKPJyoF12cinFmLgPn4Hko%2FPf7P%2FfefHeBigrYfhJDIyPbj845m%2BbG2hrCzS7jiQu0dElOrIElX2Y%2FH%2BDLNWj87%2FUpgUmrQGT2tphUsuPj%2BM14rDC65EdcdvlLPJZ1KR26Eeez6jv8CarUweZGQcfPfjnXwAAAP%2F%2FAQAA%2F%2F9LZaWvkgQAAA%3D%3D
173.233.137.52200 OK 7 B URL HTTP/1.1 handbagcordial.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7un50waMxhhZs%2B4uSWSvVnVXz5Zb3dVUdU%2FPzmkxsAS8jDdP0vtmN4u6iAGPSmRWBBkQMwqyBBc8eMgpwUBATzKzA4sfdH9f1XuH995XW9v5EbGR08OVd1VPSEnn61W78tKqSEJVmMrStYpjV%2B1zlVWRNLxzle7kpzuvOna9ar9ceZsH62retR3bdmynckloHqnu%2FBSFSPd9p%2BrbVc%2BtOnUPXf3fs8ktGGoh7ByRJyHC8Zm1H29BBEMk8VcXuVnPVPrKW3EuaaY0OuHee8l6oooE8ckYaQtRsjdjQ5kxIZ%2Bcgkr2Zg6gOjsTB2BiTKzfHLBkbyYTrLN7rJRJ8AQsfBxFZwguhxB0iEBdhwjvECAIsbSMJL65pHRBN45ROkHH5PSjhxDFmJz%2B%2FSkk8ZcXpOhWriqZZ0IlBt2ohOgOIdpDpPkBsp4FURwgyD6ECH8i848WkcQ7y0YqiPDwhaZdazh16s%2BxRmDPeQ2PzflOvTFHmy2vZlPmNJvuNCIhhhDREJL3QY2FfPIJC3lkIU8txOFhhdb9yLabEYtqtZYXBEGtFgT1ViOshzWvFdnIg4mHPrK0j0D2EehNpHoT66IPnX8Hs1bChBZMRtAJSxScoDAEBSUoBEGRERSdcjeUxjXlzVCanDmz7s56rRyorL1Nd1XW5gnZTo%2FIE9Pg7r3zNdb5YSWIGq7DmetRWmceddxWy%2Fdajt%2FwW07TZi0YUUKYU1ObvckWn%2F4LqRgTcn8TjB7AyAME4ixo%2FhxoMWi6NujawGvZ6CX7PWnWlM54NeEZQlUizc4g27C25RF5dqrD%2F1WDB6PXz772992zP%2F%2BJQJdIdYkPxPcEbXljcEUVZOeKKgy5tZxmIhY9Olnu1Yxm%2FPTnl%2FlGoXS4cNH0P3sjmACTcf8aN9kiTUKRtA354oIIQ64vKR1w8u2CWeVsJTdrF3Kd5OniypuXFuJUc2OESoag4s77txGIMXks3po%2B2%2BfvbkHoIXReIs5HZFYQ6gBBugmTjs7%2F0bz8w979T2EUgZYnHJZaKPJyoF12cinFmLgPn4Hko%2FPf7P%2FfefHeBigrYfhJDIyPbj845m%2BbG2hrCzS7jiQu0dElOrIElX2Y%2FH%2BDLNWj87%2FUpgUmrQGT2tphUsuPj%2BM14rDC65EdcdvlLPJZ1KR26Eeez6jv8CarUweZGQcfPfjnXwAAAP%2F%2FAQAA%2F%2F9LZaWvkgQAAA%3D%3D
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7un50waMxhhZs%2B4uSWSvVnVXz5Zb3dVUdU%2FPzmkxsAS8jDdP0vtmN4u6iAGPSmRWBBkQMwqyBBc8eMgpwUBATzKzA4sfdH9f1XuH995XW9v5EbGR08OVd1VPSEnn61W78tKqSEJVmMrStYpjV%2B1zlVWRNLxzle7kpzuvOna9ar9ceZsH62retR3bdmynckloHqnu%2FBSFSPd9p%2BrbVc%2BtOnUPXf3fs8ktGGoh7ByRJyHC8Zm1H29BBEMk8VcXuVnPVPrKW3EuaaY0OuHee8l6oooE8ckYaQtRsjdjQ5kxIZ%2Bcgkr2Zg6gOjsTB2BiTKzfHLBkbyYTrLN7rJRJ8AQsfBxFZwguhxB0iEBdhwjvECAIsbSMJL65pHRBN45ROkHH5PSjhxDFmJz%2B%2FSkk8ZcXpOhWriqZZ0IlBt2ohOgOIdpDpPkBsp4FURwgyD6ECH8i848WkcQ7y0YqiPDwhaZdazh16s%2BxRmDPeQ2PzflOvTFHmy2vZlPmNJvuNCIhhhDREJL3QY2FfPIJC3lkIU8txOFhhdb9yLabEYtqtZYXBEGtFgT1ViOshzWvFdnIg4mHPrK0j0D2EehNpHoT66IPnX8Hs1bChBZMRtAJSxScoDAEBSUoBEGRERSdcjeUxjXlzVCanDmz7s56rRyorL1Nd1XW5gnZTo%2FIE9Pg7r3zNdb5YSWIGq7DmetRWmceddxWy%2Fdajt%2FwW07TZi0YUUKYU1ObvckWn%2F4LqRgTcn8TjB7AyAME4ixo%2FhxoMWi6NujawGvZ6CX7PWnWlM54NeEZQlUizc4g27C25RF5dqrD%2F1WDB6PXz772992zP%2F%2BJQJdIdYkPxPcEbXljcEUVZOeKKgy5tZxmIhY9Olnu1Yxm%2FPTnl%2FlGoXS4cNH0P3sjmACTcf8aN9kiTUKRtA354oIIQ64vKR1w8u2CWeVsJTdrF3Kd5OniypuXFuJUc2OESoag4s77txGIMXks3po%2B2%2BfvbkHoIXReIs5HZFYQ6gBBugmTjs7%2F0bz8w979T2EUgZYnHJZaKPJyoF12cinFmLgPn4Hko%2FPf7P%2FfefHeBigrYfhJDIyPbj845m%2BbG2hrCzS7jiQu0dElOrIElX2Y%2FH%2BDLNWj87%2FUpgUmrQGT2tphUsuPj%2BM14rDC65EdcdvlLPJZ1KR26Eeez6jv8CarUweZGQcfPfjnXwAAAP%2F%2FAQAA%2F%2F9LZaWvkgQAAA%3D%3D HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=703615a9-b6c0-464b-9156-a78430ab1772:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleccf621eb24aa5b4a128894819698170b8=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:39 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 55b3e80cc7f50c09c6b8f18e0e4f4730
Strict-Transport-Security: max-age=0; includeSubdomains
cs.lkqd.net/cs?partnerId=93&partnerUserId=4f9DkQBYTO5vE056HIuqyltaKpo
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=93&partnerUserId=4f9DkQBYTO5vE056HIuqyltaKpo
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=93&partnerUserId=4f9DkQBYTO5vE056HIuqyltaKpo HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash bdd88912547d360ef6c7dce5cd5b8370
87051ebf51c4d6a567ef768eac1925056e07e912
a3d3d53ad77b3b61d6be190646af32f6c96cedb2dfab4a91356e15e11f8a6eaf
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158875
Date: Sun, 04 Dec 2022 00:59:39 GMT
Etag: "638bb0aa-1d7"
Expires: Mon, 05 Dec 2022 21:07:34 GMT
Last-Modified: Sat, 03 Dec 2022 20:25:14 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: JYqO2nIdQ54MLoclF2yn1g1yLhGxxt-UZNQl6MWHkeS_X46rh77BOQ==
Age: 2540
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash c89059387888a3bf5e93f770c3148572
2f670b0651e63958c6952340bb3b519265b165f3
a246e2e71e92637f04309654e6e7beaaa59b65ae088150b23f0cf413e1017696
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3230
Cache-Control: max-age=145135
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:39 GMT
Etag: "638b784c-139"
Expires: Mon, 05 Dec 2022 17:18:34 GMT
Last-Modified: Sat, 03 Dec 2022 16:24:44 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 313
adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
52.18.48.214200 OK 20 B URL HTTP/1.1 adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
IP 52.18.48.214:0
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7 HTTP/1.1
Host: adtrack.adleadevent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Content-Encoding: gzip
Content-Type: application/x-javascript
Date: Sun, 04 Dec 2022 00:59:39 GMT
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Sun, 04 Dec 2022 00:59:39 GMT
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Length: 20
Connection: keep-alive
ds1mhop1mtit.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 ds1mhop1mtit.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: ds1mhop1mtit.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:39 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
178.250.0.162200 OK 43 B URL HTTP/2 csm.fr.eu.criteo.net/iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1
IP 178.250.0.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /iev?entry=c~Idfs.Rtus.147.Events.StartInit~1&entry=c~Idfs.Rtus.147.Events.SyncframeDropped~1 HTTP/1.1
Host: csm.fr.eu.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2056
Expires: Sun, 04 Dec 2022 01:33:55 GMT
Date: Sun, 04 Dec 2022 00:59:39 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2056
Expires: Sun, 04 Dec 2022 01:33:55 GMT
Date: Sun, 04 Dec 2022 00:59:39 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
172.64.108.13200 OK 796 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
IP 172.64.108.13:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Hash 51f2522d025f309c64df5ba59a429736
5a9baf436923cabb4fa770daa0b2b6c6c4e6ae3f
e363e67082535d193fb672418781e9e43a14cda4119deaa80838f663f111f98e
GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1595186
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=58j%2BbtZ%2BTsJc3uHrFYFjQuiORX1hlAHWhV9IBQ5%2FRx6Aa36KUlczfx%2BXzNU0GoGNEdQU7Rhi4UzV8r1rAAFhmjYJkSuL5Z8uRg30zpzg5ZtdAisdDqZoL3mBFronAoEGRTTXDjLB6dsG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099c649407437-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
172.64.108.13200 OK 322 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
IP 172.64.108.13:0
File type PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 322 kB (322399 bytes)
Hash 47b7ae41a98644de6d46d58a0e51a793
b0f736609af3c0b3214ee52cc9f0798dcc972df6
b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1595186
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iaoJX0XTeu0cN9yVkCUyg0nJ6t5Zu51yUWeVKMyGwfJCOTpeTNoPcb60vVaNtvB3YLjCzpBNEb%2B94yTFt9z6FrXoadfYFWu4d7EgC688ulaJIQPia3r9qeFzQkZGDNEVbwXuDC9k8bHa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099c649427437-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 53b9414cb6bc3eabdf19b5990c04b953
4d8dcdbf1dba4a72fb64482a39966368b5ea7d22
c830f82b7717d2e18ba97cddb1f94392d9c0a9a3e1723a00625b1dfe52c7484e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 00:59:40 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 18:57:13 GMT
Expires: Wed, 07 Dec 2022 18:57:12 GMT
Etag: "4d8dcdbf1dba4a72fb64482a39966368b5ea7d22"
Cache-Control: max-age=323251,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 774099c6cb051bfa-OSL
cdn4ads.com/VY.htm?_=BAYAY4vw-wFji_D7gAGBAsAAIMtqoHodLcqfVoyzZqDab-eH2WaML7C3d3_rmTLe9aFPwQBHMEUCIGnRM_Eb_oAOxeKlkgQ7xmQxkbiYU33OsUwgO2WEyNpyAiEA7-0Wy6E7e6Nnak65fSVcNKwssviXYQxYedLhBVEoYy8&v=4&RsxTUcye=4293767&minBid=&TZPSLlQa=0,0&YBTFmNeU=&WySdJeCN=&s=1280,1024,1,1280,1024,0
216.59.63.128200 OK 44 B URL HTTP/2 cdn4ads.com/VY.htm?_=BAYAY4vw-wFji_D7gAGBAsAAIMtqoHodLcqfVoyzZqDab-eH2WaML7C3d3_rmTLe9aFPwQBHMEUCIGnRM_Eb_oAOxeKlkgQ7xmQxkbiYU33OsUwgO2WEyNpyAiEA7-0Wy6E7e6Nnak65fSVcNKwssviXYQxYedLhBVEoYy8&v=4&RsxTUcye=4293767&minBid=&TZPSLlQa=0,0&YBTFmNeU=&WySdJeCN=&s=1280,1024,1,1280,1024,0
IP 216.59.63.128:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /VY.htm?_=BAYAY4vw-wFji_D7gAGBAsAAIMtqoHodLcqfVoyzZqDab-eH2WaML7C3d3_rmTLe9aFPwQBHMEUCIGnRM_Eb_oAOxeKlkgQ7xmQxkbiYU33OsUwgO2WEyNpyAiEA7-0Wy6E7e6Nnak65fSVcNKwssviXYQxYedLhBVEoYy8&v=4&RsxTUcye=4293767&minBid=&TZPSLlQa=0,0&YBTFmNeU=&WySdJeCN=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: cdn4ads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Sun, 04 Dec 2022 00:59:40 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 227de73c2950d257905eda6128f90ea9
d700e7cbc5c620f274ec53c336dba15988f046d9
306cc0e4114a9e5b3f9125f9a6fe9746e2db74d94c7991c714e6abb2de046fbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306CC0E4114A9E5B3F9125F9A6FE9746E2DB74D94C7991C714E6ABB2DE046FBC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13081
Expires: Sun, 04 Dec 2022 04:37:41 GMT
Date: Sun, 04 Dec 2022 00:59:40 GMT
Connection: keep-alive
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 8.9 kB URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
Hash e3fd7ce3cbdb3c4ce9e9a97b2b2f2d90
3e0b11e01c881d1ae3257e071d5efea90a5f44a8
ce3575416995d1e6bfa2ccf60e1376322844a90373fdeb09d58b61ac39e85fd2
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
access-control-allow-credentials: true
access-control-allow-origin: https://m.imagenesderopaparaperros.com
server-processing-duration-in-ticks: 288019
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=2a6dfa22c42f41c1c5d4b95b66a5509c&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 00:59:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4b123acfd0509c7dd7e6c00337f33c17
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
192.243.61.225200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=703615a9-b6c0-464b-9156-a78430ab1772&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=cf621eb24aa5b4a128894819698170b8&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=0 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 04 Dec 2022 00:59:40 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d2aef126094d2f4d425fabfc0f60f0bb
Strict-Transport-Security: max-age=0; includeSubdomains
handbagcordial.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7umZ6TFgNMZITExCEsnV%2Bje75VZ3NVXd07tzWgyEgJfx5kl632yyqIsY8KhEZkWQATGjIEtwwYOHnBIMBPQkMzuw%2BEH391W9d3jvfXVto9gjPgq6e%2BFd01da08Vm3a%2B9dEWlwpSudu5yLfDr%2FrHaFZW2omO11enP9l4N%2FGbdf7n2tuQrZjH0A98P%2FKB2SlnZNauLMxQq2%2B4E9Y5fj8J60Iywav97doUHRz2I3h55EkpMjiz%2FeAuKj5AmX52UbiU32StvJYWmubHoia330pXUlCmSg7FrPXTTrTkbxk0I%2BeQQTLo1dwDT25w6AFMT4v0WgKVbc5lgvRv7SpmGTMHE4yh7I0g9gqIjcHMVStwhABc4dx5pcvOcsSVd20fpFJ2Qw48eQpUTcvj3p5AmX57QarV2yegiVyZ1WO1WUKsjqKURsmIHed%2BDKnfA8w%2BhxE9k8dFZpMnmeacNlNh9oe03WkGTdhZYi%2FsLUStiC52g2Vqg7Thq%2BJQF7XY4i0ipEVR3BC0HoM5DMf2Uh6Lrocg8JGK3Rpudru%2B3u6zbaMQR57zR4LwZt0RTNKK466PgUw8D5NkAXA%2FA7Toyu44VNYAtvoNbruCEB5cT9ESFUhKUjqCkBKUiKHOCslfdENqFrroptCtYMO%2FhvDeqocmXNugNky%2FJlGxke%2BSJWXD33vkaK3K3xrutMJAsjChtsogGYRx3ojjotDpx0PZZDKcqKHdoZrM%2F3eLTfyFTE0Lur4PRHTi9A66OghbPgZbDduiDLg%2Bj2Ec%2F3e5rt2xsLuupzCFMhSw%2FgnzN29B75NmZjs6vFpKPXz%2F62t93j%2F78J7itkNkKH6jvCZb09eFFU5LNi6Z05Nb5LFeJ6tPpci%2FlNJeHPz8j10pjxemTbvDZG3wKTMfty9LlZ2kqVLrkyBcnlBDSnjKWS%2FLtaXdFsguFWz5R2LTIzl5489TpJLPSOWXSEai68%2F5tcDUhjyXXZs%2F2%2BbvXoOwItqiQFGMyLyizA56tw2Xj43%2B0z%2Fywdf9TOENg9QGHZR7KohrakB1cajUh4cNnoOX4%2BDfb%2Fw9evLcGyio4eRADk%2BPbD%2Fb5G%2B46lqwHml9FmlTo2Qo9XYHqAVzxv2Ge2fHxXxqzAtPekGnrbTJt9cf78Tq1W2sGkYxZ3OZCMMlF0A4bccP3QyGidkcGHeRuwj968M%2B%2FAAAA%2F%2F8BAAD%2F%2F19tK0mSBAAA
173.233.137.52200 OK 7 B URL HTTP/1.1 handbagcordial.com/impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7umZ6TFgNMZITExCEsnV%2Bje75VZ3NVXd07tzWgyEgJfx5kl632yyqIsY8KhEZkWQATGjIEtwwYOHnBIMBPQkMzuw%2BEH391W9d3jvfXVto9gjPgq6e%2BFd01da08Vm3a%2B9dEWlwpSudu5yLfDr%2FrHaFZW2omO11enP9l4N%2FGbdf7n2tuQrZjH0A98P%2FKB2SlnZNauLMxQq2%2B4E9Y5fj8J60Iywav97doUHRz2I3h55EkpMjiz%2FeAuKj5AmX52UbiU32StvJYWmubHoia330pXUlCmSg7FrPXTTrTkbxk0I%2BeQQTLo1dwDT25w6AFMT4v0WgKVbc5lgvRv7SpmGTMHE4yh7I0g9gqIjcHMVStwhABc4dx5pcvOcsSVd20fpFJ2Qw48eQpUTcvj3p5AmX57QarV2yegiVyZ1WO1WUKsjqKURsmIHed%2BDKnfA8w%2BhxE9k8dFZpMnmeacNlNh9oe03WkGTdhZYi%2FsLUStiC52g2Vqg7Thq%2BJQF7XY4i0ipEVR3BC0HoM5DMf2Uh6Lrocg8JGK3Rpudru%2B3u6zbaMQR57zR4LwZt0RTNKK466PgUw8D5NkAXA%2FA7Toyu44VNYAtvoNbruCEB5cT9ESFUhKUjqCkBKUiKHOCslfdENqFrroptCtYMO%2FhvDeqocmXNugNky%2FJlGxke%2BSJWXD33vkaK3K3xrutMJAsjChtsogGYRx3ojjotDpx0PZZDKcqKHdoZrM%2F3eLTfyFTE0Lur4PRHTi9A66OghbPgZbDduiDLg%2Bj2Ec%2F3e5rt2xsLuupzCFMhSw%2FgnzN29B75NmZjs6vFpKPXz%2F62t93j%2F78J7itkNkKH6jvCZb09eFFU5LNi6Z05Nb5LFeJ6tPpci%2FlNJeHPz8j10pjxemTbvDZG3wKTMfty9LlZ2kqVLrkyBcnlBDSnjKWS%2FLtaXdFsguFWz5R2LTIzl5489TpJLPSOWXSEai68%2F5tcDUhjyXXZs%2F2%2BbvXoOwItqiQFGMyLyizA56tw2Xj43%2B0z%2Fywdf9TOENg9QGHZR7KohrakB1cajUh4cNnoOX4%2BDfb%2Fw9evLcGyio4eRADk%2BPbD%2Fb5G%2B46lqwHml9FmlTo2Qo9XYHqAVzxv2Ge2fHxXxqzAtPekGnrbTJt9cf78Tq1W2sGkYxZ3OZCMMlF0A4bccP3QyGidkcGHeRuwj968M%2B%2FAAAA%2F%2F8BAAD%2F%2F19tK0mSBAAA
IP 173.233.137.52:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RST4gcxRutzi%2BBH3pSRPGgDEFEwZ3t7umZ6TFgNMZITExCEsnV%2Bje75VZ3NVXd07tzWgyEgJfx5kl632yyqIsY8KhEZkWQATGjIEtwwYOHnBIMBPQkMzuw%2BEH391W9d3jvfXVto9gjPgq6e%2BFd01da08Vm3a%2B9dEWlwpSudu5yLfDr%2FrHaFZW2omO11enP9l4N%2FGbdf7n2tuQrZjH0A98P%2FKB2SlnZNauLMxQq2%2B4E9Y5fj8J60Iywav97doUHRz2I3h55EkpMjiz%2FeAuKj5AmX52UbiU32StvJYWmubHoia330pXUlCmSg7FrPXTTrTkbxk0I%2BeQQTLo1dwDT25w6AFMT4v0WgKVbc5lgvRv7SpmGTMHE4yh7I0g9gqIjcHMVStwhABc4dx5pcvOcsSVd20fpFJ2Qw48eQpUTcvj3p5AmX57QarV2yegiVyZ1WO1WUKsjqKURsmIHed%2BDKnfA8w%2BhxE9k8dFZpMnmeacNlNh9oe03WkGTdhZYi%2FsLUStiC52g2Vqg7Thq%2BJQF7XY4i0ipEVR3BC0HoM5DMf2Uh6Lrocg8JGK3Rpudru%2B3u6zbaMQR57zR4LwZt0RTNKK466PgUw8D5NkAXA%2FA7Toyu44VNYAtvoNbruCEB5cT9ESFUhKUjqCkBKUiKHOCslfdENqFrroptCtYMO%2FhvDeqocmXNugNky%2FJlGxke%2BSJWXD33vkaK3K3xrutMJAsjChtsogGYRx3ojjotDpx0PZZDKcqKHdoZrM%2F3eLTfyFTE0Lur4PRHTi9A66OghbPgZbDduiDLg%2Bj2Ec%2F3e5rt2xsLuupzCFMhSw%2FgnzN29B75NmZjs6vFpKPXz%2F62t93j%2F78J7itkNkKH6jvCZb09eFFU5LNi6Z05Nb5LFeJ6tPpci%2FlNJeHPz8j10pjxemTbvDZG3wKTMfty9LlZ2kqVLrkyBcnlBDSnjKWS%2FLtaXdFsguFWz5R2LTIzl5489TpJLPSOWXSEai68%2F5tcDUhjyXXZs%2F2%2BbvXoOwItqiQFGMyLyizA56tw2Xj43%2B0z%2Fywdf9TOENg9QGHZR7KohrakB1cajUh4cNnoOX4%2BDfb%2Fw9evLcGyio4eRADk%2BPbD%2Fb5G%2B46lqwHml9FmlTo2Qo9XYHqAVzxv2Ge2fHxXxqzAtPekGnrbTJt9cf78Tq1W2sGkYxZ3OZCMMlF0A4bccP3QyGidkcGHeRuwj968M%2B%2FAAAA%2F%2F8BAAD%2F%2F19tK0mSBAAA HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=703615a9-b6c0-464b-9156-a78430ab1772:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleccf621eb24aa5b4a128894819698170b8=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:40 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 26cd2206a84109709d0ca306784c1d8b
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
172.64.108.13200 OK 7.7 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
IP 172.64.108.13:0
File type Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Hash e41b02c342b94148fdd5e14fb41dcb4a
9d8415fc8df42aa67fa5a6d15d07f58265535cc0
d857f01d0c6fd46a16bf82acf8f6f76e7710524972ef7f88a926a0d97cadca0b
GET /sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:40 GMT
content-type: application/octet-stream
content-length: 7664
last-modified: Thu, 15 Sep 2022 10:33:29 GMT
etag: "6322ff79-1df0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y7kw%2Br8wcaAdICWxW4VT6CPOV78QOsnBqZZI0ByYHnL7jmbVk6Ko3YEzPyzG%2FDTSKv3XXBlYGe%2FqOBi93qDfcgkL%2BNXTpoiIZ%2FXxA9frAr%2BLYb9xeAvEWjvba1Yfb6UWllvOSHtl%2Bwdq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099cbbd797437-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
handbagcordial.com/pixel/sbs?c=1
173.233.137.52200 OK 0 B URL HTTP/1.1 handbagcordial.com/pixel/sbs?c=1
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: handbagcordial.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Cookie: u_pl=15289012; uid_id2=703615a9-b6c0-464b-9156-a78430ab1772:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleccf621eb24aa5b4a128894819698170b8=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 04 Dec 2022 00:59:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
t.lkqd.net/t
146.20.128.85200 OK 0 B IP 146.20.128.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.85200 OK 0 B IP 146.20.128.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 602
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:42 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: lkqdidts=1670115582; Max-Age=31536000; Domain=.lkqd.net
lkqdid=4Tkwwx9mRU0; Max-Age=31536000; Domain=.lkqd.net
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=
69.20.43.192200 OK 1.4 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=
IP 69.20.43.192:0
File type ASCII text, with very long lines (1821), with no line terminators
Hash c6168bc18ed2917904d4ed1ca5c4903e
0eae1a497ff4c1c85250187ed7987569bcc024ec
d1af102d6448dabea205fed6a57c88de1a37a128c3b3d0c32023cc292733f859
GET /ad?pid=430&sid=1135194&formats=true&output=vastvpaid&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m= HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:42 GMT
content-type: application/xml; charset=UTF-8
content-length: 1365
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
151.139.128.10200 OK 62 kB URL HTTP/2 ad.lkqd.net/vpaid/vpaid.js?fusion=1.0
IP 151.139.128.10:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2a0adab82b941577dbd1041f8448fd08
bf2cf01d95e02fb5ec9075835cbee4e3e35a0246
757ad1d5b7a305d8eaa810c6585b5b7431b212af4ff8fdef9fbd40a8254666a6
GET /vpaid/vpaid.js?fusion=1.0 HTTP/1.1
Host: ad.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:42 GMT
content-encoding: gzip
content-length: 62021
content-type: application/javascript
last-modified: Thu, 13 Oct 2022 21:01:07 GMT
accept-ranges: bytes
etag: "88ca76abee51b1544e17b021f04aaaed"
cache-control: public, max-age=1209600
x-hw: 1670115582.cds251.sk1.hn,1670115582.cds254.sk1.c
access-control-allow-origin: *
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
69.20.43.192200 OK 0 B URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
IP 69.20.43.192:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://m.imagenesderopaparaperros.com/
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:42 GMT
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 300
cache-control: max-age=300
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=65
46.228.164.11302 Found 0 B IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=3850527107375912864; Domain=.turn.com; Expires=Fri, 02-Jun-2023 00:59:43 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=3850527107375912864
content-length: 0
date: Sun, 04 Dec 2022 00:59:42 GMT
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
34.193.201.64302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP 34.193.201.64:0
File type HTML document, ASCII text
Hash 9e83e95dbbff421dcb026d527eec2eee
ec5e089a822e0c02867470e796dec6ef695e0821
e66eedddcdc6cb5b40dcc82b817bbffee20d337fc47a24f488c00ef15573de87
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 00:59:43 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=Y2zWCxHJSWFSrRyStL5ou1taKpo
Set-Cookie: sa-user-id=s%3A0-636cd60b-11c9-4961-52ad-1c92b4be68bb.TYQfdxjDOy2p2QgZISpoN29sdKpQZRojsNsZzs1NGRI; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AY2zWCxHJSWFSrRyStL5ou1taKpo.Tz8IdaWYC%2BX8tjNtMT%2FAc9uSQcx55Fme%2FjYK8fnvFDw; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
cs.lkqd.net/cs?partnerId=94&partnerUserId=3850527107375912864
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=94&partnerUserId=3850527107375912864
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=94&partnerUserId=3850527107375912864 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
t.lkqd.net/t
146.20.128.85200 OK 0 B IP 146.20.128.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 763
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=93&partnerUserId=Y2zWCxHJSWFSrRyStL5ou1taKpo
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=93&partnerUserId=Y2zWCxHJSWFSrRyStL5ou1taKpo
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=93&partnerUserId=Y2zWCxHJSWFSrRyStL5ou1taKpo HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
69.20.43.192200 OK 4.3 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
IP 69.20.43.192:0
File type JSON data\012- , ASCII text, with very long lines (59072), with no line terminators
Hash 74c543aa54286948742ef3240995b889
21a9f74b4bc53f531b388285abc2c750ca91329b
7335131761e2497ec293491e9fb920898ca53e6ebc61ad98e80725821ef81374
POST /ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 38
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: application/json
content-length: 4331
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
35.214.223.115307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
IP 35.214.223.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Cookie: viewer_token=6c809598-151b-4cce-8ec5-859a8ae47dc7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=6c809598-151b-4cce-8ec5-859a8ae47dc7
location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
content-length: 0
date: Sun, 04 Dec 2022 00:59:43 GMT
server: _
X-Firefox-Spdy: h2
ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851271171786%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=
23.36.77.41200 OK 832 B URL HTTP/1.1 ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851271171786%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (412)
Hash 8d6bd13ac949dacb9f1d01e2fd09403b
16745f56e379d6044a5fd108e9dd76ff262edb7b
9b81ac7c38c50cbf8eea4ffdd757ae18e74e8e64f3018a2e813a58b5fed8ba7d
GET /vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851271171786%2C%2C&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670115583264004-580
Content-Length: 832
Expires: Sun, 04 Dec 2022 00:59:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Dec 2022 00:59:43 GMT
Connection: keep-alive
Set-Cookie: UID=3e3b73873ceea13378a6e69e83613e; Domain=ads.stickyadstv.com; Expires=Tue, 03-Jan-2023 00:59:43 GMT; Path=/
ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C13883657783682211655678532385,,&_fw_gdpr=1&_fw_gdpr_consent=
23.36.77.41200 OK 816 B URL HTTP/1.1 ads.stickyadstv.com/vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C13883657783682211655678532385,,&_fw_gdpr=1&_fw_gdpr_consent=
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (396)
Hash 8359301175ae78712e8b0321e3424ceb
46aa2a91e99bde9d75e538c9276b831f2b4f68cd
7dcadec4659deb553d72e68ccd991471a3af2b2f33f36edc0e8f0b823b9ffaa1
GET /vast/vpaid-adapter/7585793?schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C13883657783682211655678532385,,&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670115583255019-571
Content-Length: 816
Expires: Sun, 04 Dec 2022 00:59:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Dec 2022 00:59:43 GMT
Connection: keep-alive
Set-Cookie: UID=b8a2d279ceab7cfcbc53c377deaa859; Domain=ads.stickyadstv.com; Expires=Tue, 03-Jan-2023 00:59:43 GMT; Path=/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 47e7b72a0f9daec5e663ed567493f19b
ab63c6622a4f1775edf818cbdd7400846b94da10
bfea855fe56610db1cef69facc921d32851c2492fc68ffa989d0bbadedcb0a32
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3287
Cache-Control: max-age=157413
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:43 GMT
Etag: "638ba80d-1d7"
Expires: Mon, 05 Dec 2022 20:43:16 GMT
Last-Modified: Sat, 03 Dec 2022 19:48:29 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6274672c555604d72b1292b4648c3e0
d8c4fa29092153ecf3408e05e051c56ab8fd63c2
007d72b18139f05a87fd896bdfbce956ad5ea3571724eb7d1fcfa5d88a62bc05
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:43 GMT
Last-Modified: Sun, 04 Dec 2022 00:01:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385827807673%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=
23.36.77.41200 OK 831 B URL HTTP/1.1 ads.stickyadstv.com/vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385827807673%2C%2C&_fw_gdpr=1&_fw_gdpr_consent=
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, ASCII text, with very long lines (411)
Hash 455b1c92b9897b071445fe938a9905df
ed243debca30f567513f21a268304310fa9bd615
bf54bf1a741e7d3dcd2a70ed65e28b6a220a31417aee19ef5072e244d784a0eb
GET /vast/vpaid-adapter/7585793?supportsJavascript=true&supportsFlash=true&_fw_us_privacy=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385827807673%2C%2C&_fw_gdpr=1&_fw_gdpr_consent= HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670115583017097-416
Content-Length: 831
Expires: Sun, 04 Dec 2022 00:59:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Dec 2022 00:59:43 GMT
Connection: keep-alive
Set-Cookie: UID=06a22f66ee34e6fae6dc99466dd2eee; Domain=ads.stickyadstv.com; Expires=Tue, 03-Jan-2023 00:59:43 GMT; Path=/
ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C4753149493682211655678532385%2C%2C
23.36.77.41200 OK 67 B URL HTTP/1.1 ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C4753149493682211655678532385%2C%2C
IP 23.36.77.41:0
ASN #20940 Akamai International B.V.
File type XML 1.0 document text\012- XML document, ASCII text
Hash b753854b354a90a85ac6ff282b64b05d
1da3eb0c1b574c639024a54a679db90e403fc1b7
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
GET /www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&_fw_us_privacy=&zoneId=7439281&_fw_gdpr=1&_fw_gdpr_consent=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C4753149493682211655678532385%2C%2C HTTP/1.1
Host: ads.stickyadstv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Credentials: true
x-sticky-vk: 1670115583196020-358
Content-Length: 67
Expires: Sun, 04 Dec 2022 00:59:43 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Sun, 04 Dec 2022 00:59:43 GMT
Connection: keep-alive
Set-Cookie: UID=80faf8f52a131f228bcccc4b1edbd094; Domain=ads.stickyadstv.com; Expires=Tue, 03-Jan-2023 00:59:43 GMT; Path=/
vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1959595509&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851444743029,,
34.98.64.218200 OK 56 B URL HTTP/2 vidoomy-d.openx.net/v/1.0/av?auid=540805079&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1959595509&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851444743029,,
IP 34.98.64.218:0
File type XML 1.0 document text\012- XML document, ASCII text, with no line terminators
Hash 3255279395a3f83bf1b4d0b6735c292c
d14e724f7d28b39fd8662934069dd67169375521
49834b2ede460a27789ce383dcb82d66f10b5f056e950663a9c363e6fee30b52
GET /v/1.0/av?auid=540805079&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1959595509&vwd=400&vht=225&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C36822116556785323851444743029,, HTTP/1.1
Host: vidoomy-d.openx.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
server: OXGW/0.0.0
pragma: no-cache
p3p: CP="CUR ADM OUR NOR STA NID"
expires: Mon, 26 Jul 1997 05:00:00 GMT
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: text/xml
content-length: 56
content-encoding: gzip
cache-control: private, max-age=0, no-cache
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7 HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ad.lkqd.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6274672c555604d72b1292b4648c3e0
d8c4fa29092153ecf3408e05e051c56ab8fd63c2
007d72b18139f05a87fd896bdfbce956ad5ea3571724eb7d1fcfa5d88a62bc05
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3499
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:43 GMT
Last-Modified: Sun, 04 Dec 2022 00:01:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
a.vidoomy.com/api/rtbserver/rtb?id=864730087&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&l=EN&dt=2&c=NO&pid=&sid=&sname=&d=imagenesderopaparaperros.com&sp=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&coppa=&gdpr=1&gdprcs=&vpaid=1&idlot=
3.64.97.161204 No Content 0 B URL HTTP/2 a.vidoomy.com/api/rtbserver/rtb?id=864730087&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&l=EN&dt=2&c=NO&pid=&sid=&sname=&d=imagenesderopaparaperros.com&sp=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&coppa=&gdpr=1&gdprcs=&vpaid=1&idlot=
IP 3.64.97.161:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/rtbserver/rtb?id=864730087&w=400&h=225&skip=1&req_type=1&ip=&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0%29%20Gecko%2F20100101%20Firefox%2F105.0&l=EN&dt=2&c=NO&pid=&sid=&sname=&d=imagenesderopaparaperros.com&sp=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&coppa=&gdpr=1&gdprcs=&vpaid=1&idlot= HTTP/1.1
Host: a.vidoomy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 00:59:43 GMT
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-expose-headers: X-VD-C
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 94ee73e781768de855b8ddc497912b02
737bd5cce33a9647371ec0c14305a52142f32719
81777ae595e5de4345723405193a515b1d7fc7e6474bb0425e6a1abc3ce508fc
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3187
Cache-Control: max-age=88236
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 00:59:43 GMT
Etag: "638a9a38-1d7"
Expires: Mon, 05 Dec 2022 01:30:19 GMT
Last-Modified: Sat, 03 Dec 2022 00:37:12 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1500059009&player_width=400&player_height=225®s[gdpr]=1&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385414430004%2C%2C
185.94.180.124200 OK 79 B URL HTTP/1.1 search.spotxchange.com/vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1500059009&player_width=400&player_height=225®s[gdpr]=1&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385414430004%2C%2C
IP 185.94.180.124:0
ASN #35220 SpotXchange, INC
File type XML 1.0 document text\012- XML document, ASCII text
Hash da3e93c7e93fe9042e8437060a62e496
cd98d23361e34a2589a5e5de32221dce2d29f283
b63012ca704337abcd6d19a5a7fd83f9a81102f82b78a1760184b86e21513aab
GET /vast/2.0/218945?VPAID=JS&content_page_url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&cb=1500059009&player_width=400&player_height=225®s[gdpr]=1&user[consent]=&device[geo][lat]=&device[geo][lon]=&schain=1.0%2C1%21vidoomy.com%2C59795%2C1%2C3682211655678532385414430004%2C%2C HTTP/1.1
Host: search.spotxchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 00:59:43 GMT
Content-Type: text/xml;charset=UTF-8
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Sun, 04 Dec 2022 00:59:43 GMT
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: https://m.imagenesderopaparaperros.com
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Access-Control-Allow-Headers:
Access-Control-Allow-Credentials: true
X-fe: 115
X-SpotX-Timing-Page: 0.010667
X-SpotX-Timing-Page-Require: 0.000336
X-SpotX-Timing-Page-Context: 0.000265
X-SpotX-Timing-Page-URI: 0.000009
X-SpotX-Timing-Page-Mux: 0.000216
X-SpotX-Timing-Page-Cookie: 0.000003
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-Page-Misc: 0.002707
X-SpotX-Timing-SpotMarket: 0.006827
X-SpotX-Timing-SpotMarket-Primary: 0.006827
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Transform: 0.000304
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 79
t.lkqd.net/t
146.20.128.85200 OK 0 B IP 146.20.128.85:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /t HTTP/1.1
Host: t.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 9164
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
35.214.223.115307 Temporary Redirect 0 B URL HTTP/2 csync.loopme.me/?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D
IP 35.214.223.115:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /?redirect=https%3A%2F%2Fcs.lkqd.net%2Fcs%3FpartnerId%3D54%26partnerUserId%3D%7Bdevice_id%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Cookie: viewer_token=6c809598-151b-4cce-8ec5-859a8ae47dc7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=6c809598-151b-4cce-8ec5-859a8ae47dc7
location: https://cs.lkqd.net/cs?partnerId=54&partnerUserId=6c809598-151b-4cce-8ec5-859a8ae47dc7
content-length: 0
date: Sun, 04 Dec 2022 00:59:43 GMT
server: _
X-Firefox-Spdy: h2
v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
69.20.43.192200 OK 4.1 kB URL HTTP/2 v.lkqd.net/ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com
IP 69.20.43.192:0
File type JSON data\012- , ASCII text, with very long lines (52262), with no line terminators
Hash 8227037c79b763e2ced0f5c341350e32
8cd90ddc404943fba9e99971346b1a53c58cec43
3a15a8f75401f94f38df3e9c4b3cfea1df3d8ac1b20d12e25ce72afdc2568468
POST /ad?pid=430&sid=1135194&formats=true&output=json2&support=html5&execution=outstream&placement=slider&playinit=auto&volume=0&width=400&height=225&gdpr=1&gdprcs=&pageurl=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&dnt=0&c1=&c2=&c3=1.0%2C1!vidoomy.com%2C59795%2C1%2C&c4=true&rnd=840460&m=&rtv=1&thost=m.imagenesderopaparaperros.com HTTP/1.1
Host: v.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 38
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: application/json
content-length: 4070
content-encoding: gzip
access-control-allow-origin: https://m.imagenesderopaparaperros.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
X-Firefox-Spdy: h2
ad.turn.com/r/cs?pid=65
46.228.164.11302 Found 0 B IP 46.228.164.11:0
ASN #56396 Amobee EMEA Limited
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /r/cs?pid=65 HTTP/1.1
Host: ad.turn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7510460845594728352; Domain=.turn.com; Expires=Fri, 02-Jun-2023 00:59:43 GMT; Path=/; Secure; SameSite=None
location: https://cs.lkqd.net/cs?partnerId=94&partnerUserId=7510460845594728352
content-length: 0
date: Sun, 04 Dec 2022 00:59:43 GMT
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=103&redirect=https%3A%2F%2Fevent.clientgear.com%2Fcookie%2Flkqd%3Fpartner%3Dlkqd%26cookieid%3D%24%24rawlkqduserid%24%24&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:44 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
146.20.132.82200 OK 43 B URL HTTP/2 cs.lkqd.net/cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if
IP 146.20.132.82:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /cs?partnerId=102&redirect=https%3A%2F%2Fcs.krushmedia.com%2Fcd607442bfdf172cfcec45014a5f4ece.gif%3Fpuid%3D%24%24rawlkqduserid%24%24%26redir%3Dhttps%253A%252F%252Fcs.lkqd.net%252Fcs%253FpartnerId%253D102%2526partnerUserId%253D%255BUID%255D&r=if HTTP/1.1
Host: cs.lkqd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:44 GMT
content-type: image/gif
content-length: 43
access-control-max-age: 0
cache-control: max-age=0
access-control-allow-methods: GET
access-control-allow-headers: Content-Type
access-control-expose-headers: Content-Type, Content-Disposition
access-control-allow-credentials: true
access-control-allow-origin: *
X-Firefox-Spdy: h2
sync.srv.stackadapt.com/sync?nid=161
34.193.201.64302 Found 104 B URL HTTP/1.1 sync.srv.stackadapt.com/sync?nid=161
IP 34.193.201.64:0
File type HTML document, ASCII text
Hash efebe36667ac0ca2b218bd45452dca06
83a70ec70c7e23e9b43ba7ce552a1b7f2d855ce3
c563985bf7579439eda2f0eae57886dff55e4e24168134200ac264b453370c3a
GET /sync?nid=161 HTTP/1.1
Host: sync.srv.stackadapt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ad.lkqd.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
Date: Sun, 04 Dec 2022 00:59:44 GMT
Location: https://cs.lkqd.net/cs?partnerId=93&partnerUserId=jPv1bzQQRvNu8vjrPO86lVtaKpo
Set-Cookie: sa-user-id=s%3A0-8cfbf56f-3410-46f3-6ef2-f8eb3cef3a95.ituv5PBbLrmguTpv2ECN2AzbRwbzclr8ilSPYPigfrU; Max-Age=31536000; Secure; SameSite=None
sa-user-id-v2=s%3AjPv1bzQQRvNu8vjrPO86lVtaKpo.2TTbpirLd2tg5ueHtogFEPPMM0oXryIdJpTAJT8evRQ; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length: 104
Connection: keep-alive
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=11
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=11
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=11 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670632108
server: CDN77-Turbo
x-77-nzt: AblMCQ2mGzT/zFgBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b634011b515
x-cache: HIT
x-age: 88268
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=2
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=2
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670590253
server: CDN77-Turbo
x-77-nzt: AblMCQ0iCI//S/wBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b63766cb418
x-cache: HIT
x-age: 130123
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
wt.rqtrk.eu/6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js
162.19.141.161200 OK 0 B URL HTTP/2 wt.rqtrk.eu/6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js
IP 162.19.141.161:0
GET /6f4bcf39-b286-4d76-b513-ffb5541d5167-trk.js HTTP/1.1
Host: wt.rqtrk.eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding,Accept-Encoding
last-modified: Fri, 02 Dec 2022 12:25:50 GMT
etag: W/"82fef41533854eb9348a85e5baf8c3af"
x-cache: Hit from cloudfront
via: 1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: VhIS1FLXIIudLZBqZsluGxVjqpGut2BdsQshc1QwHNx771k_pHQblA==
age: 39359
expires: Mon, 05 Dec 2022 00:59:38 GMT
cache-control: max-age=86400,public
content-encoding: gzip
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/google-atp-list.json
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/google-atp-list.json
IP 143.204.55.88:0
GET /tcfv2/google-atp-list.json HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 3000
cache-control: max-age=172800
date: Sat, 03 Dec 2022 03:01:34 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-credentials: true
last-modified: Sat, 03 Dec 2022 03:01:31 GMT
etag: W/"bb1e5031aaa093cf8fc08d1e31095008"
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: evq_hg1DqLX9qRCHd2gdnaWnEo9oIg28E47xtjEXkjhE-RPTNTrISA==
age: 79085
X-Firefox-Spdy: h2
spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 0 B URL HTTP/2 spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:0
GET /mapper.js?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://m.imagenesderopaparaperros.com
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774099b1d82eb521-OSL
content-encoding: br
X-Firefox-Spdy: h2
cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
IP 143.204.55.88:0
GET /choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 28 Jun 2022 13:53:56 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
content-encoding: br
date: Sun, 04 Dec 2022 00:59:27 GMT
cache-control: max-age=3600
etag: W/"c53bd785b1ee57b613221019d7d72626"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ejxF7EyWxMdFyIk-rsuS5c9QspJdojqNzZ9ly29bV4tGGzdHV0tdjA==
age: 18
X-Firefox-Spdy: h2
unicons.iconscout.com/release/v2.1.9/script/monochrome/bundle.js
104.18.28.243200 OK 0 B URL HTTP/2 unicons.iconscout.com/release/v2.1.9/script/monochrome/bundle.js
IP 104.18.28.243:0
GET /release/v2.1.9/script/monochrome/bundle.js HTTP/1.1
Host: unicons.iconscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
x-amz-id-2: GvCKrN3nQW/FEY2jWfHeYZvKkWCt3JBdCuMVwvzgDsMJlQPRsp7xleY2w8Me+pQdtPQBGP2L4Og=
x-amz-request-id: J4Q012JMVSHPPMBE
last-modified: Fri, 22 May 2020 12:00:38 GMT
etag: W/"be52f9b7d5de40f1e7cf1faab2f6d95d"
cf-cache-status: HIT
age: 2121826
expires: Mon, 04 Dec 2023 00:59:36 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099b04cd1b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2.js?referer=www.themoneytizer.com
IP 143.204.55.88:0
GET /tcfv2/42/cmp2.js?referer=www.themoneytizer.com HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 86400
last-modified: Tue, 05 Jul 2022 18:40:23 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-qc-ineu: True
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
date: Sat, 03 Dec 2022 19:11:43 GMT
cache-control: max-age=172800
etag: W/"9494b70738cd74c9137e65c29c0b1f3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: GHthw_ivrCCjqnEqC6lgOuqf-japrCEwLiimnt92H0STXw6_rN_XsA==
age: 20875
X-Firefox-Spdy: h2
secure.quantserve.com/quant.js
91.228.74.208200 OK 0 B URL HTTP/2 secure.quantserve.com/quant.js
IP 91.228.74.208:0
GET /quant.js HTTP/1.1
Host: secure.quantserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: application/javascript
accept-ranges: bytes
cache-control: private, max-age=604800
content-encoding: gzip
etag: "nAbmxtqHqaYrwBiADJAeFg=="
expires: Sun, 11 Dec 2022 00:59:38 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:40 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3dj6xAhO9Iy%2FSnAtme98vKI2YjIZWA0ZHMIpRVmEzzBG1BXuXgmCoWAS%2Feyzp53c%2FrRiroaHtQDo%2BJwGvZwumhXkOV9tEmvld%2FnPOcj32PUFswucrl0Zg2AyfTzzWDzGTqmViSLNi3EV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099c639347437-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/main.js
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/js/main.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:40 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 07:29:33 GMT
etag: W/"632abd5d-20ea"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z08eB14uIXz2ewHjOfa2cxe0UI9N8%2BFNCMIiH6%2F9EcanyIfzPoKuPIYO6B0zZEgT3bj28PS%2BkXl%2F7LH8jz2mpUotPMkmGkJQNQA4W4ZujZSuCeq%2FYJkr0nfNTyPy5VV8j7gP0HU08hI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099c6fa017437-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=19
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=19
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=19 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670632108
server: CDN77-Turbo
x-77-nzt: AblMCQ3QdZr/zFgBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b63ebb35a15
x-cache: HIT
x-age: 88268
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
test.cmp.quantcast.com/GVL-v2/cmp-list.json
143.204.55.126200 OK 0 B URL HTTP/2 test.cmp.quantcast.com/GVL-v2/cmp-list.json
IP 143.204.55.126:0
GET /GVL-v2/cmp-list.json HTTP/1.1
Host: test.cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
access-control-max-age: 86400
cache-control: max-age=172800
date: Sat, 03 Dec 2022 03:00:39 GMT
last-modified: Wed, 30 Nov 2022 19:52:29 GMT
etag: W/"8980f3096e8d1a15cdb9518354d546f7"
x-amz-server-side-encryption: AES256
x-amz-version-id: KZ_abct9fxSnQsZ4cInZdlEfLgTLD6XT
server: AmazonS3
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YI8MPgjxS-x0ceU8oGOVQSqK26pd0tHXAFQ0aoIWRhDsB9bA776axQ==
age: 79140
X-Firefox-Spdy: h2
c.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Wed, 04 Jan 2023 00:59:38 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
cf-cache-status: HIT
age: 1240828
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099bcfca0b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&t=2
37.157.6.252200 OK 0 B URL HTTP/2 adx.adform.net/adx/?mid=970530&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&t=2
IP 37.157.6.252:0
GET /adx/?mid=970530&url=https%3A%2F%2Fm.imagenesderopaparaperros.com%2FmvWeysw&t=2 HTTP/1.1
Host: adx.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 00:59:43 GMT
content-type: text/xml
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: https://m.imagenesderopaparaperros.com
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Firefox-Spdy: h2
zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2
104.21.89.60301 Moved Permanently 0 B URL HTTP/2 zshorte.net/full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2
IP 104.21.89.60:0
GET /full?api=154aae1f8ba710dae8c111580e94598b2fba0e1f&url=aHR0cDovL3d3dy5tZWRpYWZpcmUuY29tL2ZpbGUvMjYzN2UybjBsd2Zua2Z3&type=2 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Sun, 04 Dec 2022 00:59:35 GMT
content-type: text/html; charset=UTF-8
location: https://m.imagenesderopaparaperros.com/mvWeysw
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-robots-tag: noindex, nofollow
set-cookie: AppSession=3bc7f97c508d590df710ca763dec8e1a; path=/; HttpOnly
csrfToken=be50a62e4be9e91fc8156d196a6e964678166c278126ab424dfa39b82c02c39a497d93749ff2421aa70362043123a92d36a47fdf9f7f4e530c6a5859fbbee289; path=/; HttpOnly
x-served-by: zshorte.net
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euXaF%2BLYlAfjKmMzXxNMKHnuqFTOqOVp%2BYcrYDZzrJObEzf8MfJpbbWOpK8XgL%2F9rpUEgju39bjaN3d9dr8MP4wsWBWlzLH7d3AVyJn6YfudY%2FWrmviVMdMhUIoHPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774099a94cdbb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
m.imagenesderopaparaperros.com/mvWeysw
104.21.94.136200 OK 0 B URL HTTP/2 m.imagenesderopaparaperros.com/mvWeysw
IP 104.21.94.136:0
GET /mvWeysw HTTP/1.1
Host: m.imagenesderopaparaperros.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: SAMEORIGIN
x-robots-tag: noindex, nofollow
set-cookie: lang=en_US; expires=Wed, 29-Nov-2023 00:59:35 GMT; Max-Age=31104000; path=/
AppSession=6c7bb5dc2ae4cc722bc47849f5546b86; path=/; HttpOnly
csrfToken=c6af8df52681e350d2e76831a585b0591a230db9dcaba3548cb50cd1e078011de8d53dfc73f8e15c9151b716374b848fc51ecab303bc5f795b68f2aa089295c2; path=/; HttpOnly
x-served-by: m.imagenesderopaparaperros.com
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=geJYlB73Qe2OPfikqcJVu%2FfZlK5bPaMqnWA1GDvBGi8zxSfpBuLCl3Uhq%2FDK4ZfWXgecE8H9JeDscaYIwp5Z8Itn7TtY1l%2Besa2HVmJPQKiVTbfVhWJtjdGgugdc9u7Z6KRB0o%2FEoajhwTaAchMEMEs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774099ac4ee4b511-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unicons.iconscout.com/release/v2.1.7/css/unicons.css
104.18.28.243200 OK 0 B URL HTTP/2 unicons.iconscout.com/release/v2.1.7/css/unicons.css
IP 104.18.28.243:0
GET /release/v2.1.7/css/unicons.css HTTP/1.1
Host: unicons.iconscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/css
cf-bgj: minify
cf-polished: origSize=63509
etag: W/"aaeb6aed7a9c71959a3b51e937c363f0"
last-modified: Tue, 28 Apr 2020 10:01:21 GMT
x-amz-id-2: qSduub1s3mFmCfde2XDgqPc08zdrY5EGOqvrCKN/6T4V9eqzeXI3mUndTj3zhrgkkk8TiMbEISM=
x-amz-request-id: V3PY903MVV55FPTX
cf-cache-status: HIT
age: 553544
expires: Mon, 04 Dec 2023 00:59:36 GMT
cache-control: public, max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099afcc80b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=147&r=2&j=criteoCallback
178.250.0.157200 OK 0 B URL HTTP/2 gum.criteo.com/sync?c=147&r=2&j=criteoCallback
IP 178.250.0.157:0
GET /sync?c=147&r=2&j=criteoCallback HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:38 GMT
content-type: text/javascript; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
expires: 60
server-processing-duration-in-ticks: 1336585
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=1
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/requestform.js?siteId=52788&formatId=1
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/requestform.js?siteId=52788&formatId=1 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670590253
server: CDN77-Turbo
x-77-nzt: AblMCQ0apcP/S/wBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b633c329a16
x-cache: HIT
x-age: 130123
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
104.22.24.87200 OK 0 B URL HTTP/2 spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
IP 104.22.24.87:0
GET /?env=mWeb&eventType=pageview&zdid=1258 HTTP/1.1
Host: spl.zeotap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://m.imagenesderopaparaperros.com
set-cookie: zc=583e25f6-f838-40f3-575e-4d33aa1d1c41; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
zsc=gP%C9%B2w%F1%CB%C1%25%E3%AFb%C2%13%7C%EB%84.%C3%23i%27%B9%FE%1EQ%D5%8D52N%96%86%A8c%B0%AF%94%FF%AF%EA%9B%AE%B1_%1B%B5%C7M%81W%3Al%EC%29N%ABq%B6%93%8DXm%5BhS%BA%E5%AE%93h%23m%D2%C0%ED%BD%0A%BF%1A%28%BE%19; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 774099b2c8b9b521-OSL
content-encoding: br
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=6
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=6
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=6 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670562287
server: CDN77-Turbo
x-77-nzt: AblMCQ14KxL/iWkCAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b63447fa218
x-cache: HIT
x-age: 158089
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
zshorte.net/js/app.js?ver=6.4.0
104.21.89.60200 OK 0 B URL HTTP/2 zshorte.net/js/app.js?ver=6.4.0
IP 104.21.89.60:0
GET /js/app.js?ver=6.4.0 HTTP/1.1
Host: zshorte.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
cache-control: max-age=2592000
cf-bgj: minify
cf-polished: origSize=30407
expires: Thu, 22 Dec 2022 22:54:39 GMT
last-modified: Sat, 20 Jun 2020 00:07:31 GMT
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
cf-cache-status: HIT
age: 957897
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rmHwNa%2BX%2BlJU5oPCXsUFEs2S5wvlEYIIFkxaJsG6uS89yu2fyPpFs1aybtPnMu7bxA8egWdmMHv5Zrm4Y3NWjk6rBSPXhbBfg3a%2BWV43GO8gTsvrcp7OHfWhBZTy%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774099b01ddc0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/s/gen.js?type=2
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/s/gen.js?type=2
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /s/gen.js?type=2 HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=604800
x-accel-expires: @1670562285
server: CDN77-Turbo
x-77-nzt: AblMCQ0IjjX/i2kCAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6381073e18
x-cache: HIT
x-age: 158091
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2
cmp.quantcast.com/tcfv2/42/cmp2ui-es.js
143.204.55.88200 OK 0 B URL HTTP/2 cmp.quantcast.com/tcfv2/42/cmp2ui-es.js
IP 143.204.55.88:0
GET /tcfv2/42/cmp2ui-es.js HTTP/1.1
Host: cmp.quantcast.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
access-control-max-age: 604800
last-modified: Tue, 05 Jul 2022 18:40:32 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
access-control-allow-methods: GET
content-encoding: gzip
date: Fri, 02 Dec 2022 21:47:04 GMT
cache-control: max-age=172800
etag: W/"61891c12c976950785806a7f08986298"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -k3u7kSHmockyqy4FA9szJXbGZch7q1KEaepa0p1PiyJsnWK2fMyDw==
age: 97955
X-Firefox-Spdy: h2
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
45.133.44.3200 OK 0 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 04 Dec 2022 01:59:39 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://m.imagenesderopaparaperros.com
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:39 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJAc5si9OZYd9Q3egLCvyuiBrXThXj2LkrSzeZN2c42QoRKLedcS67yY6OwEUqmxrpTHNDdrkS4ouiKJK00iqbl5CCVklHNNsOS0tj29JU1ZlVb46tKaFCCbgjHX7HFUxNcpkK42kjnE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774099c629317437-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ads.themoneytizer.com/lib_fs_close.js
185.76.9.14200 OK 0 B URL HTTP/2 ads.themoneytizer.com/lib_fs_close.js
IP 185.76.9.14:0
ASN #60068 Datacamp Limited
GET /lib_fs_close.js HTTP/1.1
Host: ads.themoneytizer.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.imagenesderopaparaperros.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 00:59:36 GMT
content-type: application/javascript
last-modified: Tue, 14 Jun 2022 12:21:22 GMT
expires: Sat, 03 Dec 2022 05:04:45 GMT
cache-control: max-age=86400, public, no-transform
pragma: public
x-accel-expires: @1670130286
server: CDN77-Turbo
x-77-nzt: AblMCQ1Lf6//ChgBAA
x-77-nzt-ray: c0a4cc282fe20d4af8f08b6384a6901f
x-cache: HIT
x-age: 71690
x-77-pop: stockholmSE
x-77-cache: HIT
content-encoding: br
X-Firefox-Spdy: h2