r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7e300ca7d2d586dd1ca0c185ef6b0da5
3914cfd3b7aa6e1d1117bf509319479e489ed2a4
91c8810ad137faf4393f7d15f9c619c06d124a7aaebfa21290dca614db2c7757
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91C8810AD137FAF4393F7D15F9C619C06D124A7AAEBFA21290DCA614DB2C7757"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15261
Expires: Fri, 23 Dec 2022 07:56:19 GMT
Date: Fri, 23 Dec 2022 03:41:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4246
Expires: Fri, 23 Dec 2022 04:52:44 GMT
Date: Fri, 23 Dec 2022 03:41:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 32167242c3bbe7e45a2a865279df94a6
d03436f418ff77d50a553daa892c05e0725ba908
d5578d537296da18f3f349a98465e9fe930dca60a8ed62c183e9c9f6eb53f493
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5578D537296DA18F3F349A98465E9FE930DCA60A8ED62C183E9C9F6EB53F493"
Last-Modified: Wed, 21 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6415
Expires: Fri, 23 Dec 2022 05:28:53 GMT
Date: Fri, 23 Dec 2022 03:41:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 03:34:42 GMT
content-type: application/json
age: 436
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NtENi0jLjYYv3Y8oPwFu1EoMEgDKGQijqFzJIKkmKgMDBYO5lccv8V58v9f9ZzMpWL+E9Y6suBQ=
x-amz-request-id: 64S5V784GE7W8A7R
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 02:56:01 GMT
age: 2757
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:41:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cuevana3.nu/
104.21.93.38200 OK 10 kB IP 104.21.93.38:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash 85fca0539a4001e070649c9fcc87d3ec
145054da542098f0171d5411aeb040c38f087c65
5fc62bf35a979307fe9aa1b23abfd7c499716d6e48678d82c7b6f0548a3f483c
GET / HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 23 Dec 2022 03:41:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-dns-prefetch-control: on
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/"
x-litespeed-cache: hit
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77de15a8bdcd0b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 70a7b165f99b2b8fa0dc98318a7158d7
4d924f7febab9c8fe3fe9199e8879fd6ad892575
c5e0e414c34f2f328b487ae72b21a12a1b50d952aa1a31fb6314b4e700d27e05
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4722
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Etag: "63a41e2a-1d7"
Last-Modified: Fri, 23 Dec 2022 02:23:17 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 216.58.211.3:0
Hash a4fffbd12c0abee380b9abf0df5b4fbe
7ae656a80411be4cc57e93326c36bd3e560101aa
5c65d2620c15d87ef578c8319c615fada14fb5a76cc4514c0ae533f0b4f42488
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 216.58.211.3:0
Hash a4fffbd12c0abee380b9abf0df5b4fbe
7ae656a80411be4cc57e93326c36bd3e560101aa
5c65d2620c15d87ef578c8319c615fada14fb5a76cc4514c0ae533f0b4f42488
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1
IP 104.21.93.38:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/themes/cuevana/assets/js/void.js?ver=6.1.1 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: application/javascript
content-length: 0
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
cf-cache-status: HIT
age: 66024
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77de15ad8e680b41-OSL
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
104.21.93.38200 OK 4.7 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png
IP 104.21.93.38:0
File type PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: image/png
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:35 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 66024
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77de15ad8e6b0b41-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 216.58.211.3:0
Hash a4fffbd12c0abee380b9abf0df5b4fbe
7ae656a80411be4cc57e93326c36bd3e560101aa
5c65d2620c15d87ef578c8319c615fada14fb5a76cc4514c0ae533f0b4f42488
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
216.58.211.3200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1p5/NeMHLpaAFpg
IP 216.58.211.3:0
Hash a4fffbd12c0abee380b9abf0df5b4fbe
7ae656a80411be4cc57e93326c36bd3e560101aa
5c65d2620c15d87ef578c8319c615fada14fb5a76cc4514c0ae533f0b4f42488
POST /s/gts1p5/NeMHLpaAFpg HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.1.1.min.js?ver=3.1.1
IP 69.16.175.10:0
File type ASCII text, with very long lines (32030)
Hash f7a4a283c6a5130b43ce8de3b7842078
ef243edbb67f9e50f8589885e4541f6c919ea8d7
aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-encoding: gzip
content-length: 30070
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CJfjlJ0GEocBCiRiOWEwMzQ2MC0wZjUzLTRhYzEtYmE5Yy00NmM3NDcwYjFmZTIQ+OiCoKvU+wIaBgiHx5SdBiIMOTEuOTAuNDIuMTU0KKfUAjADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkZWE5YzBmODktMmQ5Mi00NzUwLWI3ZjUtNTZmODYwNWYxYjFhGPbqASIYCAISFGNkczAxMC5zazEuaHdjZG4ubmV0.HivJ01leWwpTUdCD6TU3jSlS54jeNZZML8FrnLzD5v8=
x-hw: 1671766919.dop207.sk1.t,1671766919.cds071.sk1.hn,1671766919.cds010.sk1.c
X-Firefox-Spdy: h2
omfiydlbmy.com/lv/esnk/1955964/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955964/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash a94f8b84db4f6d40f716e0c1604361fc
5b8df05aa642c98ccbe651926a1606d065617d94
5bedfb6066dd197239fecf2818e906b3f86a0862c6fa0c812ce84205532491eb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /lv/esnk/1955964/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 03:41:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 12:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a44ffc-1a5e1"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
omfiydlbmy.com/lv/esnk/1955965/code.js
62.122.171.6200 OK 44 kB URL HTTP/1.1 omfiydlbmy.com/lv/esnk/1955965/code.js
IP 62.122.171.6:0
File type ASCII text, with very long lines (65530)
Hash 070f29a164e43e45efb4e94f9eb94cba
ca28bf443103cac8db40bd05f3843c6d059c5ec0
68dcc9caa9849a163638ff6b9c878a0b05ab0f8d9e0ee8f9a47302bda36cb43c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /lv/esnk/1955965/code.js HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 23 Dec 2022 03:41:59 GMT
Content-Type: application/javascript
Last-Modified: Thu, 22 Dec 2022 12:39:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a44ffc-1a5e1"
Timing-Allow-Origin: *
Accept-CH: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
Content-Encoding: gzip
www.googletagmanager.com/gtag/js?id=UA-209818749-2
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-209818749-2
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 4f377f4f6282bbd7d9ecef7dd105e303
d9050ed1e713ba72c2ddfb72eafec6c814062842
2e66c18a5f982114534a7fb2c21adbffcd68a5503887a641f15a4d87fe3aa751
GET /gtag/js?id=UA-209818749-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 23 Dec 2022 03:41:59 GMT
expires: Fri, 23 Dec 2022 03:41:59 GMT
cache-control: private, max-age=900
last-modified: Fri, 23 Dec 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43569
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 03:33:25 GMT
age: 514
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash b4064cd37eb4b1ac411189b0a7427ab4
23d775267bf9350ab08b1b28580ee5593b146d61
dc9c41cc8379d77eaba4bccb038ccd4e3b9cde1571cfe0e102c91b01881e239f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.210.158.59101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.210.158.59:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kHdMqag9hJYA4p+gQJVMHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XtoAvzeIempJLglIr6+h2csuVFE=
cuevana3.nu/wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=a6e42
104.21.93.38200 OK 23 kB URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=a6e42
IP 104.21.93.38:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9cbb54380a188a8fa825f649a2fbb56f
0bf07a15ea8c56f243ecbc93da671c25d936ea6d
d2ab3c0a364c8e041a6cf27bce5ea15e993bbf7891361a1846b9de3d10fb9e44
GET /wp-content/litespeed/css/44d8a0389b9e98cab08ab6871e2b0af5.css?ver=a6e42 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 03:42:01 GMT
last-modified: Fri, 23 Dec 2022 03:41:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77de15adae730b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee50f699dd823e853e1f42712296b6e7
87344390d2a04c38343db8fb5a1fd7aaf329d4f7
4ebceabee669f5cfb6473171a1f1852da115b373df98d4342758995995c2ce9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2459
Cache-Control: max-age=119149
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:42:00 GMT
Etag: "63a4485a-117"
Expires: Sat, 24 Dec 2022 12:47:50 GMT
Last-Modified: Thu, 22 Dec 2022 12:06:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.35853000%201671765534
104.21.93.38200 OK 94 kB URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/b.js?ver=0.35853000%201671765534
IP 104.21.93.38:0
File type ASCII text, with very long lines (44174)
Hash e6cdf62f7a62ffbf5946bfec72fda0dc
30ffec99708c8e58b86c8fbbaf5ce05db47c1c9e
74b865b0587fabefb88caa9c058becbb4a93ac0626cf22800d08f0d82759dc96
GET /wp-content/themes/cuevana/assets/js/b.js?ver=0.35853000%201671765534 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 16:13:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77de15ad9e6f0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ee50f699dd823e853e1f42712296b6e7
87344390d2a04c38343db8fb5a1fd7aaf329d4f7
4ebceabee669f5cfb6473171a1f1852da115b373df98d4342758995995c2ce9e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2459
Cache-Control: max-age=119149
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:42:00 GMT
Etag: "63a4485a-117"
Expires: Sat, 24 Dec 2022 12:47:50 GMT
Last-Modified: Thu, 22 Dec 2022 12:06:50 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_cl93ayk0kew5mgd6djzjrn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835285194868770
62.122.171.6200 OK 21 kB URL HTTP/2 omfiydlbmy.com/get/1955965?zoneid=1955965&jp=_cl93ayk0kew5mgd6djzjrn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835285194868770
IP 62.122.171.6:0
Hash c135b9b6d9542f2881259bfcafa23033
dab73986e0d3c1ebce62f7b6d9590af534ee9d9b
a7a8425a5762afa9e54952f3574155237cf18a1e8fe3673b791f93a7b96c8b1f
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955965?zoneid=1955965&jp=_cl93ayk0kew5mgd6djzjrn&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=8835285194868770 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212222242d0a62b4f9281477fbb5fd84560; Path=/; Expires=Sat, 23 Dec 2023 03:42:00 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1acb1d055bfb0f22c40ed966685c7010
17607a1849ba47f0623ea8b4c2f8a7a297a308be
7f63e19b51889d3538680a16a293de0c7bb17168ae0d21b8cd698f99ea7b21f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3559
Cache-Control: max-age=136486
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:42:00 GMT
Etag: "63a487c7-117"
Expires: Sat, 24 Dec 2022 17:36:46 GMT
Last-Modified: Thu, 22 Dec 2022 16:37:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
omfiydlbmy.com/chicken.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212222242d0a62b4f9281477fbb5fd84560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: ppucnt=0; Path=/; Expires=Sat, 24 Dec 2022 03:42:00 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/whob.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/whob.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1955964&pb=287d32d68c3d5527af6262150272cba71671774120&psp=4qs3rDFQZCpYm4e4AjvI4tYvAoI1Zv8DO3iLSpXSTo-U0mPfWtO7zeJ0h2uSKTzXaL0DCEeo6KT-BzJnVR6NOznt_K0HwKKT0MmfmmUYZqjYaTDTA-6mfDhpTbjufOwFWgXOUdWHTl3ZIdrBCc40c1D1Bq4GWBa246QKnoY6uxVH1DwGq6HNAsuR-0bu8zYoWmNGwybOmvE2me9Tap9FdccyJrhnrvAkjfMENW3ajRoF_0oNNUqz3wuULr6Y6Nvj5EdcIqkBENUu1815obgWpt5aUXecEV42CEEnMsSfSC_I2kfWUcBnEbg121c6w3uzmdSVXjiq3XrrvcuwxW1aGBqzIHDDftQqwOTG5FChRmwbwa554vctIE_nfHknOrqPPDC3OoBiBDcSfmNxIw4u3gycUfjJT2GoSdFvbqQJ_SZ_on6i--dA_tehYN43c8E_ZRyQma3O_MGvKrzuUHaeqYzPxk_MkocZ1elWlQTuiEc3RKQVQSFCcwi7MBDlEWIU7ekVHTA_x3EhXkMTCgwsBMxygk96-Ar8rFhBzPWOQr1BlfFF0ahd4NYcfOGUsR4a5VG2utDMfXpIa_T8dSxNQ-4OKqkgIhV5cMGfJy4yEwwEA5EUtl6N2UjeYScBkiwchWuFWVb3oYtvZ-ETwajfOo7n_tA07ok6UGc=&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212222242d0a62b4f9281477fbb5fd84560
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png
104.22.14.198200 OK 1.1 kB URL HTTP/2 cdn.bncloudfl.com/bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png
IP 104.22.14.198:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 579d0821fab57e6c6b174ff52b6b2f1c
89b66af2c17b55a77a3525f98cb1cef560be0358
1c535bae3477ff26bb69fde704fb455565a7e656c82c5f6ba65f566769464ccb
GET /bn/516/8eb/4d8/5168eb4d8942bd25f1cbec81acf9311a355d0823.png HTTP/1.1
Host: cdn.bncloudfl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/webp
content-length: 1142
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=2447
content-disposition: inline; filename="5168eb4d8942bd25f1cbec81acf9311a355d0823.webp"
etag: e0be6f0483ee14085537b72f62f24c1b
expires: Fri, 23 Dec 2022 20:12:14 GMT
last-modified: Mon, 31 May 2021 17:00:29 GMT
vary: Accept
x-openstack-request-id: txb41901d92c9442f686478-0061b09673
x-proxy-cache: HIT
x-timestamp: 1622480428.11687
x-trans-id: txb41901d92c9442f686478-0061b09673
cf-cache-status: HIT
age: 113386
accept-ranges: bytes
access-control-allow-origin: *
server: cloudflare
cf-ray: 77de15b388c6b524-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1acb1d055bfb0f22c40ed966685c7010
17607a1849ba47f0623ea8b4c2f8a7a297a308be
7f63e19b51889d3538680a16a293de0c7bb17168ae0d21b8cd698f99ea7b21f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3559
Cache-Control: max-age=136486
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 03:42:00 GMT
Etag: "63a487c7-117"
Expires: Sat, 24 Dec 2022 17:36:46 GMT
Last-Modified: Thu, 22 Dec 2022 16:37:27 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
omfiydlbmy.com/chicken.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/chicken.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212222242d0a62b4f9281477fbb5fd84560; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ABswwAAAAAAAAAAB; Path=/; Expires=Sun, 22 Jan 2023 03:42:00 GMT; Secure; SameSite=None
OACIBLOCK=ABswwAAAAABjo%2BRQ; Path=/; Expires=Sun, 22 Jan 2023 03:42:00 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sat, 24 Dec 2022 03:42:00 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
omfiydlbmy.com/whob.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 omfiydlbmy.com/whob.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /whob.gif?z=1955965&pb=287d32d68c3d5527af6262150272cba71671774120&psp=j_lESrPpykQ9OxspR39nVeb648F_CnQbpgjHGZmDiDy9Ic-DVVRpWN2-WwSUNHkpp0dolH3xkUSfxXLdU1VaicPFfrr7kcMIjkLYeMAs_ejBd1DdDhU1SYvJtOBW95bLLv6Ito6ND5qJiVTR5C6tMWH1GclpbTqja6WX0j067qXvzL8SKbJFnqSI8wG-Lnfc2UAFoIlKEyvhFE7DmiZIRVaAPBrHNkuDbNR-f1wLkNcmUVlkpqnKizAZLpl5pYCyjoP55cYGUTCuAivJ-L0cnbwaAuAXh6JnNEfsR7BKo0XeIxQZ_DlWyPiSDtVFdBt8ZSl3L_o3whsUUa9lE8SsgkUnu45Fc54Hy6aMDWWorBm1MMzNEeTHbM2EPtJA4CpVT5u8rBPOZSvxTr78w1ESBNDrcJSHudnDTKsMrnqq7jId0V0lvuioh8xSy4UJZUa1t8ZCy-FUShftzSvWYW9WB1tuSHiT1xCK8UDzIfNTqj6AyNnnJeTB4-yKxkNCtE-8ZHtkrJTS-pNlxv7tTp0YJzKsjv9Q_SxUZUC1XIOVSPxKBmL4AT64XVBTCzVzSviiNduTCPYE_xUFUeRHQ1fk7MfqZ-WoketmJNkTjBPCU0BDfwYXTDnKmtjOjjMrvgK97-lUNl_Dc8ol1PF3M51HcI4lIVOJcc9qU5JzkWeSBYNsTwuePTgwAGMVL3Zx&abvar=0&os=0 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212222242d0a62b4f9281477fbb5fd84560; ppucnt=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.banner.view
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
104.21.93.38200 OK 11 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
IP 104.21.93.38:0
File type PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced\012- data
Hash 34176e1c965cccf95234e8b686666b02
3305aadccc29cfddbfd3602c415f44b72d15ec3b
208e1ae8cbf78aaa61b40092b0b087e3a796ca6b6171ba77dd7c2cdf30606ba1
GET /wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/png
content-length: 10784
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:28:28 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 65612
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77de15b3efb20b41-OSL
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1.png
104.21.93.38200 OK 6.3 kB URL HTTP/2 cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1.png
IP 104.21.93.38:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f927a2fdc7103e8b411ee7be4456c5d4
db3fe792c3b6867145bccb4c476911610e2281a9
f6b7f7bda983115d684ba375a45241182b2321c4d20175986a4322cc9d3bb80a
GET /wp-content/uploads/2022/03/favicon-cuevana-1-1.png HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/png
content-length: 6324
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 00:08:56 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 99186
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 77de15b3efb10b41-OSL
X-Firefox-Spdy: h2
urimnugocfr.com/solid.gif?z=1955969&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 23 Dec 2022 03:34:02 GMT
expires: Fri, 23 Dec 2022 05:34:02 GMT
cache-control: public, max-age=7200
age: 478
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
urimnugocfr.com/solid.gif?z=1955969&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 urimnugocfr.com/solid.gif?z=1955969&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1955969&abvar=0 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clqw35uthy6xsf1bz0pkzf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=1235460823653896
62.122.171.6200 OK 1.7 kB URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_clqw35uthy6xsf1bz0pkzf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=1235460823653896
IP 62.122.171.6:0
Hash 9dbf32509f03ee4edbf6227aab8a1436
1873b21a4ed4434bb8f65c8dbecfb1a7fb541316
79c5d020cd9c292296873bef0a2073b40f4ffce16bfbacd3e6178625b2206c9c
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_clqw35uthy6xsf1bz0pkzf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=1235460823653896 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22122222422b606a1822cf4dfdaf65bfffe1; Path=/; Expires=Sat, 23 Dec 2023 03:42:00 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
set-cookie: UID=22122222422d310ba8354a4918b0c8258323; Path=/; Expires=Sat, 23 Dec 2023 03:42:00 GMT; HttpOnly; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122222427c7c98d690d84aaa80b469e8ed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122222427c7c98d690d84aaa80b469e8ed
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=P_LNZ8FQuUxPzCUFDsZcSDMP8bvuS91EgzubhnM2rIR2jnmJplETDTArFO8gSXCdeu7pV5ks1kpFvThmfca58isKGBPHrRelqRPvhCcI_ra_I8D5BhDovP3nb7YI5tC39xpw97TZHIuF0mJAP4crSk6qeXE0UKXMm9k5nQgJ7U7akxpAr9pKvZUB81tarv-fksMKCtunoI05crAPJILSF8feRdsCWNL6Bi_U3COOMeysYw0IqmT64GaieFBGQjMK37oVNaEXKt__UB5QBLXSBMUs9NhM2lsSpGhXHvyEcdNHXdok0cjt6Gjn4GoUBFj9MMiN3IkOIC6kIWPT_cwz6BCIkwtf0I4mnNGontnaR6uq-NVQq-ow4u6xEjXu0UImPBbK0fMWbweiiWhtj9G4c5amz0dSArc0oKvVNvPeKFv1rz3wSuypb0K1LNqC7V63nPU2-f7GYAr6AK607yxxN37EVDaudBGalsDza_PSWoJz74SRrL-yDizQWvSFbx59ar-zx0KlJlv2KU8ACOaL3OtGn2V55mS8M11-jcfmBEB-t4p8v40qH0PNzcsRqRACSh-GNi9oUMMf8YDEZeRUG7Cun4azfCRStj4IVEUM-FcNNHjQKcqHd2JmKuQtnP7ovhpLAFO4pH1oUc7SLflFGEPEaCFaEFZGWVwIWysYR2nvQ0VTguNVltpsMQ42J9OW1Hi4gXZR9PErJuSqxt01SX2xVJxvCssU9Xw51Y9OBIrWW3fhpnV-hjhSrOGCTC8aMjfq6Y1vRIy0Qcu7KfUG9yFbD4YLcxqDUQsk2iLIComtavKrRNhug4DxEi5Z8xGmtWBK7VTbx2m6bdje7w==&cb=_cl9qmisuio8es1gyawicob&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122222422d310ba8354a4918b0c8258323
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
62.122.171.6200 OK 7 B URL HTTP/2 limurol.com/ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24
IP 62.122.171.6:0
File type ASCII text, with no line terminators
Hash a97eb6fbe6f13b601d5d48c0eba8baae
736efb938caf3d0edec406932ada889f1a4f2268
a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821
GET /ssp/req/1955969/?pb=287d32d68c3d5527af6262150272cba71671774120&psp=4pLBDYlOO87WwALSvO5VLcScsBiNd3_R_GTsx30cDhgw5ZJI87u1xgfPz_nepkX6QH6weSglrP0PYeoel_v6hF0UnMP7r1JpUv_3N9GV9O28hqf6Gqtz8GD1P-TfD2xnceoXP5EfpoIdQdNM6mhK26jCvr9EikKEYxzLNKqzdqpIu0mBvNLpzLTMJQoFdJnnSWaGTmsPj2eVzAJMQq8bftOwOC8tpS8av2QnxbkrpliUcJuW5EqQIPcLq-OKjCaiiX4IMfG6ATAjBt30KUIY9hk9D8I-YpYWFD-oIJJah03-q690qRbT0JYW8oMhJOsbwfiKrrHU3oYj_TwBhSPzbkmypvkJp4EUgi7KR4hrxtzai6-ACyF6UXy0hxE8yg5vziVypeojMuDnjXYt2SE_yW0ho6IH-5Hp4hKFa1xlR3vZvBJDQQ2gnHcCcSqsryt7WLgabr4TX4tqXpAEwvNcC21DLUxwVtK5ULAPCFXRN9Yj8-frXsSBTklH0Tgr74ZkpDn6l_9j33cxtLVFoFN5eS_rOPeiOZVycqqaMfdmLIWbPpSQE6kdUZbhqyc9LAyBUOt9o75J4TSnrr7O3WL0dlCgu8ZE5F8x4kX3_h89INDb0uBqPyFNwTPFwzu7znPyRS4n6n1IzQBYDF0LDtceNOsXTxXwteeXzOmERlUArK08bPcdQ1o4EPwOKYIE_k78rPdmQ2OkVGOL5s6kZr5wSU7dA4Z1Drhf4vsHyKrqzIbYjEp9nrYNhpbUDYcLpC33ffxEqjtyBzhpu78CUsMuVfwbcvSCQUav-xJ4bDxgWrfVDuQh8vYxrI7eA-lG9hy0VtzuHpFKQZEmakwdpQ==&cb=_clprmxipgl970jr4uxicdt&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24 HTTP/1.1
Host: limurol.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Cookie: UID=22122222422d310ba8354a4918b0c8258323
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript
content-length: 7
x-route-id: ssp.bet
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Fri, 23 Dec 2022 07:32:48 GMT
Date: Fri, 23 Dec 2022 03:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Fri, 23 Dec 2022 07:32:48 GMT
Date: Fri, 23 Dec 2022 03:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Fri, 23 Dec 2022 07:32:48 GMT
Date: Fri, 23 Dec 2022 03:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Fri, 23 Dec 2022 07:32:48 GMT
Date: Fri, 23 Dec 2022 03:42:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6ce699bd0db3ee9d3a4ef6dcf941f9f1
14d813942d74d801024c42e2a4628ecd9306d2ad
060de67922db1f612b7f4c173f11e8714c8329d20fbec45a421bcefe7451f388
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060DE67922DB1F612B7F4C173F11E8714C8329D20FBEC45A421BCEFE7451F388"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13847
Expires: Fri, 23 Dec 2022 07:32:48 GMT
Date: Fri, 23 Dec 2022 03:42:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: ef5c3ac0-6e78-40c7-9289-bb4e3e88c168
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: de9-RHoioAMFX4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a2a9f4-3562d612246d193e695803de;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 06:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: iC2m4ASg-8irGcO9z9FpwVQAumplbOlr8lAedeAiZRUtKuVbM6uU0g==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 5c35539543902c678280929df206948c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 05:56:19 GMT
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
age: 78342
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 88dede3fbbab789a953b46f7abd99bec
fdd5a2c09ec16ffccd33bde9f503171607b65653
a45d65e7e99c7eca94d2ded3741d1823a8ff1358065021e837b65247fd0e96ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a06f1b4-7136-4077-b835-37444f8dfbc2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8838
x-amzn-requestid: 0dc7c87e-41a8-4bb9-94d3-fe58274100c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqFaxoAMFk-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-58fd6c175081eb4b11663189;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fzXm0jBQ88SQsF6NpATCl-Pna80F6u-3-MBtiKcHR6K5bYJSb8Q_NA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:49:34 GMT
age: 21147
etag: "fdd5a2c09ec16ffccd33bde9f503171607b65653"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ee73339f3e7eaeb4c1ecab1a24632a8
48ff42e4329102d6a006b8f947bfaf29c0a5de17
ae5787d0df124d7d95ccaaf58148bb46c931610ca908cd58787748da5b75a1c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F580b4499-2ffd-427f-93ed-4c39a78dd125.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12794
x-amzn-requestid: 82617475-f461-429b-b38d-0c84eee33754
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk55IGPioAMFi1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a509d3-0dfc997d3853974a08914362;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:52:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kWJ-6NeMz-Hn8fw8hfvoQhdmDKqBDKRauvBY-2O8QxDjt4-pXAvX8g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:57:28 GMT
age: 6273
etag: "48ff42e4329102d6a006b8f947bfaf29c0a5de17"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2bbbb7eaaa4b72573f00472962e147b9
617524daae76010761f7c1a91ef7d820f3bfa18d
8bd70123b979f4fa9b0dfaac49a8fe5a13b7f61ea1b3355b66c2f4b9450f42ff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2d5629e-fad4-47f4-b056-10a0b49847bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7938
x-amzn-requestid: 3e94e5ff-c053-410e-bd1a-b0b0fed79b38
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dh-a8Ga9IAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a3dddf-60d3dc124de205da4e1267d0;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 04:32:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: iPaIFw4FHSeRvK4jrofKgNjny_Y9Q0G4zgoDg6KF-nmyqiH8kzH_zw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 08:08:03 GMT
age: 70438
etag: "617524daae76010761f7c1a91ef7d820f3bfa18d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d4cf077d410b94f1326e942304f9e9b
98fb13feecfada3cc8b467aa48d7cdf1ed8ab001
ec82cd83bfd4da849888b0535c9764cd4d462ef9e12c5934512858375908dfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46c838f6-5365-43bb-981e-8ddefc5f3f14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5659
x-amzn-requestid: bc225a93-868b-42d4-aa94-c8fa16ef2c64
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dk33gHUqIAMFg1A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a50696-7710727f0f086a791a0e7939;Sampled=0
x-amzn-remapped-date: Fri, 23 Dec 2022 01:38:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SsDKCzVoU9imPo79Eg4_JraYGSE82tq3DvQqtDD4611YT_G18AED5w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 01:44:23 GMT
age: 7058
etag: "98fb13feecfada3cc8b467aa48d7cdf1ed8ab001"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
34.120.237.76200 OK 2.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 37ffea06e6cf128e4e43c662f4e8ad21
2d7b97172e7a0481a6eb1ccf0aa970d8934b2146
54a17f81719e2113d10e4bfadda1770b2f7d7827d6dc718327a1e469a4e07eca
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F257007ab-90ff-4ebd-93a2-9587a6c927b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2495
x-amzn-requestid: 9fe89a74-d6ce-4c60-94d6-42f3ff69a1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqH68IAMFYGA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-3c64c13f25da86714b698121;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Kef1NLYhKCghYCOvNnZJds6d4BT1mBXOt3MPN2Y-ysiGoVuTTSiGUA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:36 GMT
age: 21805
etag: "2d7b97172e7a0481a6eb1ccf0aa970d8934b2146"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
urimnugocfr.com/get/1955969?zoneid=1955969&jp=_cleftm49vi20766zeskwuk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7709385288045715
62.122.171.6200 OK 0 B URL HTTP/2 urimnugocfr.com/get/1955969?zoneid=1955969&jp=_cleftm49vi20766zeskwuk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7709385288045715
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955969?zoneid=1955969&jp=_cleftm49vi20766zeskwuk&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&sp=0&cid=7709385288045715 HTTP/1.1
Host: urimnugocfr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=221222224201b5342fdd4f440cb2a4b2e6e2; Path=/; Expires=Sat, 23 Dec 2023 03:42:00 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b
IP 104.21.93.38:0
GET /wp-content/litespeed/css/befc1691b96215a00818ad0da891c610.css?ver=e948b HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 24 Dec 2022 04:09:09 GMT
last-modified: Sat, 17 Dec 2022 04:09:09 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 516772
server: cloudflare
cf-ray: 77de15ad9e6c0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690
IP 104.21.93.38:0
GET /wp-content/litespeed/css/8e9d4acf3bfc90d43281e7b2b35e52f3.css?ver=92690 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Fri, 30 Dec 2022 03:42:01 GMT
last-modified: Fri, 23 Dec 2022 03:41:58 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77de15ad8e660b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.35853000%201671765534
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/themes/cuevana/assets/js/main.js?ver=0.35853000%201671765534
IP 104.21.93.38:0
GET /wp-content/themes/cuevana/assets/js/main.js?ver=0.35853000%201671765534 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 16:13:08 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 77de15ad9e6d0b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
104.21.93.38200 OK 0 B URL HTTP/2 cuevana3.nu/wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90
IP 104.21.93.38:0
GET /wp-content/plugins/wp-postratings/js/postratings-js.js?ver=1.90 HTTP/1.1
Host: cuevana3.nu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 23 Dec 2022 03:41:59 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Thu, 29 Dec 2022 09:21:34 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 66025
server: cloudflare
cf-ray: 77de15adbe750b41-OSL
content-encoding: br
X-Firefox-Spdy: h2
omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_clwa0lan8nm8to1k4xc84t&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739060451017973
62.122.171.6200 OK 0 B URL HTTP/2 omfiydlbmy.com/get/1955964?zoneid=1955964&jp=_clwa0lan8nm8to1k4xc84t&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739060451017973
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1955964?zoneid=1955964&jp=_clwa0lan8nm8to1k4xc84t&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=5739060451017973 HTTP/1.1
Host: omfiydlbmy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 03:42:00 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212222242146e88ebb6cd45a39804b2dd4d; Path=/; Expires=Sat, 23 Dec 2023 03:42:00 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2