rouonixon.com/4/5407349
139.45.197.238200 OK 7.1 kB IP 139.45.197.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8753)
Hash c3de22b40dc29f0fbe3ca8bd43825e64
42a52ffe3cc6aedee2da5b56d2fe8160b32386ab
39351f915927d3dadc00456d1be852cd9be0ce643281d09defca901ac1d6b044
Analyzer Verdict Alert fortinet Malware
GET /4/5407349 HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: OAID=134658ec4d6042e984b9ede60e5192ca; oaidts=1664280022; syncedCookie=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 27 Sep 2022 15:05:16 GMT
Content-Type: text/html; charset=utf8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: f8546e816fda538dda02527c761fbbd3
Link: <https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://my.rtmark.net>; rel="preconnect dns-prefetch"
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=134658ec4d6042e984b9ede60e5192ca; expires=Wed, 27 Sep 2023 15:05:16 GMT; path=/
oaidts=1664280022; expires=Wed, 27 Sep 2023 15:05:16 GMT; path=/
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS, POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Accept, Content-Type, Content-Length, Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 14:15:30 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iyFDUOBmr3CtWmGLj_O-7xFxr3FEf4F_L8Q6wCLbzb3DGHNsbOtp_A==
Age: 2986
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7862
Expires: Tue, 27 Sep 2022 17:16:18 GMT
Date: Tue, 27 Sep 2022 15:05:16 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 27 Sep 2022 09:24:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: fZK3OtwDlm7CzRHlWz5XiiwS2Met2QkZvpUxgR4NO7BhQbXep1iQSw==
age: 20463
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:16 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rouonixon.com/?z=5407349&syncedCookie=false&rhd=false
139.45.197.238302 Found 0 B URL HTTP/1.1 rouonixon.com/?z=5407349&syncedCookie=false&rhd=false
IP 139.45.197.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /?z=5407349&syncedCookie=false&rhd=false HTTP/1.1
Host: rouonixon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 424
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/afu.php?zoneid=5407349&var=5407349&rid=ksX-wKK1z8yLZCaWKyzJyw%3D%3D&rhd=false
Cookie: OAID=134658ec4d6042e984b9ede60e5192ca; oaidts=1664280022; syncedCookie=true
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 27 Sep 2022 15:05:16 GMT
Content-Length: 0
Connection: keep-alive
X-Trace-Id: f9bc922e3c15ee39098b686e7556dd49
Link: <https://saumeechoa.com>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Referrer-Policy: no-referrer
Location: https://saumeechoa.com/?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=134658ec4d6042e984b9ede60e5192ca; expires=Wed, 27 Sep 2023 15:05:16 GMT; path=/
oaidts=1664280022; expires=Wed, 27 Sep 2023 15:05:16 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0869109d63ef5270595fb34384023a90
f2ec69fdaca2a0327cd3599ac05d0051df3dee41
c4a67afda7094519228049f837e2e0c1674148bd2e564ae2dccc3458bbdb9ed4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 06:25:19 GMT
Expires: Mon, 03 Oct 2022 06:25:18 GMT
Etag: "f2ec69fdaca2a0327cd3599ac05d0051df3dee41"
Cache-Control: max-age=486601,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751522f7edee0b02-OSL
my.rtmark.net/img.gif?f=merge&userId=134658ec4d6042e984b9ede60e5192ca
139.45.195.8200 OK 43 B URL HTTP/2 my.rtmark.net/img.gif?f=merge&userId=134658ec4d6042e984b9ede60e5192ca
IP 139.45.195.8:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
POST /img.gif?f=merge&userId=134658ec4d6042e984b9ede60e5192ca HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/
Cookie: ID=134658ec4d6042e984b9ede60e5192ca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:16 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: http://rouonixon.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=134658ec4d6042e984b9ede60e5192ca; expires=Wed, 27 Sep 2023 15:05:16 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash f204a6c0f80fcda614c7928e88690a3c
e1e5e031bc34cc40fb8712697a6f6c6fe73ad62f
08dc57a84f11c9ea5fe0f231902f2b2dc4ae8b8810686927987e55b8f4317e7c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 27 Sep 2022 15:05:16 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 26 Sep 2022 04:52:37 GMT
Expires: Mon, 03 Oct 2022 04:52:36 GMT
Etag: "e1e5e031bc34cc40fb8712697a6f6c6fe73ad62f"
Cache-Control: max-age=481039,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 751522f87e730b02-OSL
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ab15a20e7099294c6deb867e592092ca
230f649e3c4314e4314392c9eb78199e954218fe
c8939c560cd28b556ae59acb80bee4f69a3467cfdd5f6b8551c9a580a2df1e23
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8939C560CD28B556AE59ACB80BEE4F69A3467CFDD5F6B8551C9A580A2DF1E23"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=417
Expires: Tue, 27 Sep 2022 15:12:13 GMT
Date: Tue, 27 Sep 2022 15:05:16 GMT
Connection: keep-alive
datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
139.45.195.253200 OK 2 B URL HTTP/1.1 datatechone.com/log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314
IP 139.45.195.253:0
File type ASCII text, with no line terminators
Hash 444bcb3a3fcf8389296c49467f27e1d6
7a85f4764bbd6daf1c3545efbbf0f279a6dc0beb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
Analyzer Verdict Alert quad9 Sinkholed
POST /log/add?cid=88506ad5-50e6-43b5-b450-2c5482f39314 HTTP/1.1
Host: datatechone.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 453
Origin: http://rouonixon.com
Connection: keep-alive
Referer: http://rouonixon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.10
Date: Tue, 27 Sep 2022 15:05:16 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: http://rouonixon.com
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/1.png
104.22.24.116200 OK 4.1 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/1.png
IP 104.22.24.116:0
File type PNG image data, 69 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b8394bdfbe3c170b90304b867ef7f8b
d825a6ac5d2edfb8981ea8fd143c92d2b80e2964
831586158d1b19d9a0c85e48b3c9ca6fdadceebb4a24b30f6e74f2711e851bb6
GET /apps/templates/video/video-streaming-adaptive-123movies/img/1.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 4095
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-fff"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa28211c06-OSL
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon-green.png
104.22.24.116200 OK 1.4 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon-green.png
IP 104.22.24.116:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash cae32c63e17242b2038666c32796076a
a4ef90bffceb03fd0a82b71434887805390cffbe
425b032c12965f5a5cb6173865c0c8673477eaeb2a2a457ddf9a2645d10216cb
GET /apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon-green.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 1357
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-54d"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa281c1c06-OSL
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/reorder-icon.png
104.22.24.116200 OK 1.2 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/reorder-icon.png
IP 104.22.24.116:0
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash eb390272665c95111b64bf52fb10e341
0b0a96325e0831348f88f19a8bff7f53143c9203
b76890f13c5d7f2a83bd61450fd01ddda7f885bb1f8b932d2707cb8c2fd8c32e
GET /apps/templates/video/video-streaming-adaptive-123movies/img/add/reorder-icon.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 1152
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-480"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa28231c06-OSL
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon.png
104.22.24.116200 OK 1.3 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon.png
IP 104.22.24.116:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash e2eb525d4ecd7a499015282d9b4674c6
78ef7e1e03480689a18d9b9e1ea64b33be27650f
60894883c484ae9e83c0e0b33df0f3b00789ddb8ab31a0113c7e81fe0c27d65f
GET /apps/templates/video/video-streaming-adaptive-123movies/img/add/search-icon.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 1305
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-519"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa281d1c06-OSL
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/2.png
104.22.24.116200 OK 3.0 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/2.png
IP 104.22.24.116:0
File type PNG image data, 51 x 127, 8-bit/color RGBA, non-interlaced\012- data
Hash 6d55520f5f5464811d450949e99926cb
b8e32d8433d649fd517628a51803307abacb27f9
a1ce97bee2fb666f8105beca4b6d47cb107766ab2e342953246f7308e48208eb
GET /apps/templates/video/video-streaming-adaptive-123movies/img/2.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 3011
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-bc3"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa281e1c06-OSL
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/btn-play.png
104.22.24.116200 OK 12 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/btn-play.png
IP 104.22.24.116:0
File type PNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data
Hash 90864453aa7618fa47c492e4c7bb7876
89daacd91dbf5212f5c4a7949310cd52717b32f7
9710de3622f0e9a3ac13c67fe91d6060b133b9dc75f62bfea9b6d6d7a1724f9c
GET /apps/templates/video/video-streaming-adaptive-123movies/img/btn-play.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: image/png
content-length: 12011
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-2eeb"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 751522fa28201c06-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6d23ee223cbe82cfa39c73fc2b52a85d
7bff361f87d260f3c4f70161a6ed05dbe38d6471
47dec190dedbfb1f7b67f28b22296b678e073115fe0a2bd9d3fb6fc8a6fa44a0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47DEC190DEDBFB1F7B67F28B22296B678E073115FE0A2BD9D3FB6FC8A6FA44A0"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17138
Expires: Tue, 27 Sep 2022 19:50:55 GMT
Date: Tue, 27 Sep 2022 15:05:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d7df7311c2ea860ab900e68e899e025f
a511d4e18940a13bd4f29504dabe57ea16cc9fbe
ce019ccff3f1712f16cf21985f926ef3938d55777d03163197dfa4aac00e3f44
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE019CCFF3F1712F16CF21985F926EF3938D55777D03163197DFA4AAC00E3F44"
Last-Modified: Mon, 26 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6756
Expires: Tue, 27 Sep 2022 16:57:53 GMT
Date: Tue, 27 Sep 2022 15:05:17 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 14:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 15:06:02 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: KDSxL7msqablVFj0dOL5QOIc94SO6yE-yb7lGVRDslV3-Fs6HYIzJQ==
Age: 3271
ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
216.58.207.234200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (32047)
Hash 7a83c39ee44cf30d4e6d9a8d5c74276e
175f5e717c0fd96485d4371234d4c54355753c2b
ab02740b3bd7f47ad3a0ebc2571a67e1d00dfef34bb04e87adb08b0b61381d8e
GET /ajax/libs/jquery/1.11.2/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33495
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 03:08:01 GMT
expires: Wed, 27 Sep 2023 03:08:01 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 43036
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/css.css?v=14
104.22.24.116200 OK 11 kB URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/css.css?v=14
IP 104.22.24.116:0
File type assembler source, ASCII text, with very long lines (5004)
Hash 055784be7be2a73841e28eca4d3e77ae
65d3a4f4321792660f74bc9e437b92fbe5d59209
09ebf8cc2bb7afa5c09c20be381e30791fd6028e9b2a3eeb0808f1549612aa0f
GET /apps/templates/video/video-streaming-adaptive-123movies/css/css.css?v=14 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
vary: Accept-Encoding
etag: W/"6332e0e8-4b66"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 751522fa787a1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=ZxJjsBW9rZoNDiy&z=3683319
139.45.197.250200 OK 40 kB URL HTTP/2 ptauxofi.net/pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=ZxJjsBW9rZoNDiy&z=3683319
IP 139.45.197.250:0
Hash cf6001f10b866c985724dfece558aa51
d9cfe4aedf898d0ed4d5ea1e7d9742ea00eff222
f8b50b0b6cb420f71c2944cb2427ba2273a05b5ece6fa59a6b3ad1ce11290bc3
GET /pfe/current/micro.tag.min.js?sw=/sw-check-permissions/3683319&var=ZxJjsBW9rZoNDiy&z=3683319 HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-1a5ed"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
142.250.74.163200 OK 9.8 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9840, version 1.0\012- data
Hash afda6e429fd299054de28e1f157c683d
c1847d6f3df5fe11d5e96fd5e6a59b73ff7ed96b
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
GET /s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:09:41 GMT
expires: Tue, 26 Sep 2023 21:09:41 GMT
cache-control: public, max-age=31536000
age: 64536
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 15:05:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tRxg6Bjj9rin/KmWExx0CA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8PrKcGFAu32i1q3+1XDN2A+JPQ0=
saumeechoa.com/favicon.ico
139.45.197.152204 No Content 0 B URL HTTP/2 saumeechoa.com/favicon.ico
IP 139.45.197.152:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: saumeechoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/?rzi=5407349&rsz=5407349&rid=
Cookie: reverse=AA9XBwAPF8Hh5__6IAYja2ERlcpAYFE9fZfqknJ0IhQ
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
strict-transport-security: max-age=60
x-content-type-options: nosniff
X-Firefox-Spdy: h2
static.saumeechoa.com/templates/video/video-streaming-adaptive-123movies/video.mp4
139.45.197.152206 Partial Content 844 kB URL HTTP/2 static.saumeechoa.com/templates/video/video-streaming-adaptive-123movies/video.mp4
IP 139.45.197.152:0
File type ISO Media, MP4 v2 [ISO 14496-14]\012- data
Size 844 kB (843949 bytes)
Hash 148a99f3781859571ed2192a1400556d
7fa4d5619c35163f85d3eca7a459485d809a54fd
f599b5a17b237a739ecec7e63035b7469c6f4f6e84e6b3eee27122bde972152c
GET /templates/video/video-streaming-adaptive-123movies/video.mp4 HTTP/1.1
Host: static.saumeechoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: video/mp4
content-length: 1577466
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-1811fa"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-range: bytes 0-1577465/1577466
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=56193&bid=1945902&aid=598642934614855734
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=56193&bid=1945902&aid=598642934614855734
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=56193&bid=1945902&aid=598642934614855734 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:05:18 GMT
access-control-allow-origin: https://saumeechoa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 4dc85b265efc62fc5a6868160b635465
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14188
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:18 GMT
Connection: keep-alive
saumeechoa.com/?tt
139.45.197.152200 OK 581 B IP 139.45.197.152:0
Hash 8ebc0b2e61703981fabdc76bcdd2478a
1ed6e457ff8d9a1d2e54792d743635f19540b963
24ecfc16061676123369fadd03b8246ae891ba97bbbd4ebd3f4331a0f6f9cc4e
POST /?tt HTTP/1.1
Host: saumeechoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 27
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://saumeechoa.com/?rzi=5407349&rsz=5407349&rid=
Cookie: reverse=AA9XBwAPF8Hh5__6IAYja2ERlcpAYFE9fZfqknJ0IhQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:18 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.25
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14188
Expires: Tue, 27 Sep 2022 19:01:46 GMT
Date: Tue, 27 Sep 2022 15:05:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 50363
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 49166
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 61998
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 62160
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 720fc80bd0ff9b71f20c8e0c13e1084e
6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50
e84bcabd01425354050fe8ba5f4b29a97f05e6f5f15d26d0706c174136de30e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bd5ecd8-fafe-452d-ae17-9df7d4cb5682.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8931
x-amzn-requestid: 9255ee80-ae19-4b47-882b-01e663e857ed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCUG-EmZoAMFyWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330cd5f-70cc0bc87ed2480879ba081a;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:51:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TT7kAd3SRni2Wp5jiP6_mQvHE0U5_bjQ3VpIUZJqmTC_WhTa15UDzw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:34:25 GMT
age: 59453
etag: "6ff5d7ce0608a8c1b1f4c731a94295e7a56dfe50"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 62551
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/vbri?t=56193&bid=1945902&aid=598642934614855734&tp=2792
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbri?t=56193&bid=1945902&aid=598642934614855734&tp=2792
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbri?t=56193&bid=1945902&aid=598642934614855734&tp=2792 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 27 Sep 2022 15:05:19 GMT
access-control-allow-origin: https://saumeechoa.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: f39e6faead9a660fc74a54d9bb6906c6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/texture.png
104.22.24.116200 OK 71 B URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/img/texture.png
IP 104.22.24.116:0
File type PNG image data, 2 x 2, 8-bit gray+alpha, non-interlaced\012- data
Hash e72797c0f83fd801beefd1b1c197126a
94dcc727cb8f56ac77640ecddcf76f156a64ffd8
da7981a472b489821ce00f93b4bb760e3406c276756a60b9c6fcfec23a392188
GET /apps/templates/video/video-streaming-adaptive-123movies/img/texture.png HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/css.css?v=14
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:22 GMT
content-type: image/png
content-length: 71
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
etag: "6332e0e8-47"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7515231b3e081c06-OSL
X-Firefox-Spdy: h2
ptauxofi.net/zone?&pub=0&zone_id=3683319&is_mobile=false&domain=saumeechoa.com&var=ZxJjsBW9rZoNDiy&ymid=&var_3=&dsig=&action=prerequest
139.45.197.250200 OK 0 B URL HTTP/2 ptauxofi.net/zone?&pub=0&zone_id=3683319&is_mobile=false&domain=saumeechoa.com&var=ZxJjsBW9rZoNDiy&ymid=&var_3=&dsig=&action=prerequest
IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zone?&pub=0&zone_id=3683319&is_mobile=false&domain=saumeechoa.com&var=ZxJjsBW9rZoNDiy&ymid=&var_3=&dsig=&action=prerequest HTTP/1.1
Host: ptauxofi.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:25 GMT
content-length: 0
x-trace-id: 328011f231cf68a4a731895d6fdd287c
access-control-allow-origin: https://saumeechoa.com
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 167d26d8eab100d0a21a773f8bacc199
cf2bd58f1215530fc1e12689a7ca83dde62dd4d7
14b6393fa01ca7e07948d45f2f7e2c5fe8faa58d2facbc0a960431f853480127
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14B6393FA01CA7E07948D45F2F7E2C5FE8FAA58D2FACBC0A960431F853480127"
Last-Modified: Mon, 26 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8105
Expires: Tue, 27 Sep 2022 17:20:30 GMT
Date: Tue, 27 Sep 2022 15:05:25 GMT
Connection: keep-alive
saumeechoa.com/?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3&mprtr=1
139.45.197.152200 OK 0 B URL HTTP/2 saumeechoa.com/?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3&mprtr=1
IP 139.45.197.152:0
POST /?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3&mprtr=1 HTTP/1.1
Host: saumeechoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://saumeechoa.com
Connection: keep-alive
Referer: https://saumeechoa.com/?rzi=5407349&rsz=5407349&rid=
Cookie: reverse=AA9XBwAPF8Hh5__6IAYja2ERlcpAYFE9fZfqknJ0IhQ
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: application/json
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=56193&cb=541875511
139.45.197.236200 OK 0 B URL HTTP/2 unphionetor.com/fv.js?t=56193&cb=541875511
IP 139.45.197.236:0
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=56193&cb=541875511 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: c359ee75aaab04f592f8dbade4f5b2f6
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/bootstrap.min.css?v=3
104.22.24.116200 OK 0 B URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/bootstrap.min.css?v=3
IP 104.22.24.116:0
GET /apps/templates/video/video-streaming-adaptive-123movies/css/bootstrap.min.css?v=3 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
vary: Accept-Encoding
etag: W/"6332e0e8-1f701"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 751522fa78781c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Oswald|Montserrat:400,700
IP 142.250.74.10:0
GET /css?family=Oswald|Montserrat:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://littlecdn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 27 Sep 2022 15:05:17 GMT
date: Tue, 27 Sep 2022 15:05:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
saumeechoa.com/?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3
139.45.197.152200 OK 0 B URL HTTP/2 saumeechoa.com/?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3
IP 139.45.197.152:0
GET /?b=1945902&ba=1&campid=14083&did=2&dm=1&ep=1&g=NO&l=ZxJjsBW9rZoNDiy&oaid=134658ec4d6042e984b9ede60e5192ca&s=598642934614855734&ssk=e2d45efcdd08e15540bac789d1d3c376&svar=1664291116&vi=1&vo=1&z=5407349&tr=tr1&rdk=rk3 HTTP/1.1
Host: saumeechoa.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.24
set-cookie: reverse=AA9XBwAPF8Hh5__6IAYja2ERlcpAYFE9fZfqknJ0IhQ; expires=Tue, 27-Sep-2022 16:05:16 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/header.css?v=5
104.22.24.116200 OK 0 B URL HTTP/2 littlecdn.com/apps/templates/video/video-streaming-adaptive-123movies/css/header.css?v=5
IP 104.22.24.116:0
GET /apps/templates/video/video-streaming-adaptive-123movies/css/header.css?v=5 HTTP/1.1
Host: littlecdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://saumeechoa.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 27 Sep 2022 15:05:17 GMT
content-type: text/css
last-modified: Tue, 27 Sep 2022 11:39:20 GMT
vary: Accept-Encoding
etag: W/"6332e0e8-66ad"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: max-age=3600
cf-cache-status: EXPIRED
server: cloudflare
cf-ray: 751522fa281b1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2