r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7c60904d097cde276e4e5632cef1b9f1
4f805026462589345d85e8df2d18eafba6237504
12af026999398f4976749e320667d43da3f99b7a2e8254aca7a410a964a106aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "12AF026999398F4976749E320667D43DA3F99B7A2E8254ACA7A410A964A106AA"
Last-Modified: Thu, 24 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3461
Expires: Fri, 25 Nov 2022 14:54:03 GMT
Date: Fri, 25 Nov 2022 13:56:22 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5891
Expires: Fri, 25 Nov 2022 15:34:33 GMT
Date: Fri, 25 Nov 2022 13:56:22 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 10730f388c028d64e19b8a48d414768f
e43b104e57e5ea7ff8568835776858cf2ede6f00
f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2652
Cache-Control: max-age=163144
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:22 GMT
Etag: "63809972-1d7"
Expires: Sun, 27 Nov 2022 11:15:26 GMT
Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IqSEQmtM4xZSomVE8iNBwESKZqe90mdcRm30VpsV0vV8T9hgiELm2p6eP9bU5HEf3cLe3VnjgzM=
x-amz-request-id: HNV5HCD9SJHYE5GZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 13:40:49 GMT
age: 933
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 13:17:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2336
alt-svc: clear
X-Firefox-Spdy: h2
fubolgratisenvivo.blogspot.com/2022/07/directv-sports.html
142.250.74.161200 OK 23 kB URL HTTP/1.1 fubolgratisenvivo.blogspot.com/2022/07/directv-sports.html
IP 142.250.74.161:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (10355)
Hash 947ab803e775bf009237316f23ef0a1c
0e16e3a0ce3c59ea8f20722a25b629f60b96b6d8
481354c242d772823da10940f4f48cd5e8fc81ce793bb93e42da349ea6499467
GET /2022/07/directv-sports.html HTTP/1.1
Host: fubolgratisenvivo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
Expires: Fri, 25 Nov 2022 13:56:22 GMT
Date: Fri, 25 Nov 2022 13:56:22 GMT
Cache-Control: private, max-age=0
Last-Modified: Sun, 16 Oct 2022 15:43:02 GMT
ETag: W/"7376ac9385be3f4fbd2f87f71ce585db2797cc17efb406dc3d46eb40b88c71e1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 23205
Server: GSE
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 25 Nov 2022 13:56:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
fubolgratisenvivo.blogspot.com/js/cookienotice.js
142.250.74.161200 OK 2.0 kB URL HTTP/1.1 fubolgratisenvivo.blogspot.com/js/cookienotice.js
IP 142.250.74.161:0
Hash c4e1ed83d89245089b8a1203be20a377
f3940e1215b89300ef97d57a25993f25243b8688
afa801a129ff6fc98533118275db8a7d4a38fc91f8ab55ed4c19b864255e68d2
GET /js/cookienotice.js HTTP/1.1
Host: fubolgratisenvivo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/2022/07/directv-sports.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/javascript
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2026
Date: Fri, 25 Nov 2022 13:56:23 GMT
Expires: Fri, 02 Dec 2022 13:56:23 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 25 Nov 2022 12:51:04 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
fubolgratisenvivo.blogspot.com/responsive/sprite_v1_6.css.svg
142.250.74.161200 OK 2.2 kB URL HTTP/1.1 fubolgratisenvivo.blogspot.com/responsive/sprite_v1_6.css.svg
IP 142.250.74.161:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7657)
Hash 95c6fb790198cc0364925ea12e2bce11
371752558ef1ccaa9885db20be2d882dd1c15dab
a4f0e38c228313a0eb22ea4faeca14467732a9992e2b514a9a16b2717ab5d8b5
GET /responsive/sprite_v1_6.css.svg HTTP/1.1
Host: fubolgratisenvivo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/2022/07/directv-sports.html
HTTP/1.1 200 OK
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: image/svg+xml
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Length: 2244
Date: Fri, 25 Nov 2022 13:56:23 GMT
Expires: Fri, 02 Dec 2022 13:56:23 GMT
Cache-Control: public, max-age=604800
Last-Modified: Fri, 25 Nov 2022 09:50:52 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
216.58.207.195200 OK 19 kB URL HTTP/1.1 fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 19228, version 1.0\012- data
Hash 4de1acb111366ff5358a27c36bfff049
3e746862c43c9bf6080efa2e67985c6017013db1
df02979a78c233d4f94e6fabbf5620b730e3689c7492feb68506836d0d71417f
GET /s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787weuxJBkq0.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 19228
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 08:11:32 GMT
Expires: Thu, 23 Nov 2023 08:11:32 GMT
Cache-Control: public, max-age=31536000
Age: 193491
Last-Modified: Mon, 15 Aug 2022 18:05:09 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
216.58.207.195200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 21 Nov 2022 21:39:58 GMT
Expires: Tue, 21 Nov 2023 21:39:58 GMT
Cache-Control: public, max-age=31536000
Age: 317785
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
142.250.74.105200 OK 6.6 kB URL HTTP/2 www.blogger.com/static/v1/jsbin/3469866930-comment_from_post_iframe.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1441)
Hash f60e5037324bf7fd2256c16929886f09
aae4b1aea3737e0268e3578dd1d0e7cfe6c6d66b
71846da8d45274b77549b110389ab3dbcb8ce042051b5c39547909c1c343dfde
GET /static/v1/jsbin/3469866930-comment_from_post_iframe.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 6573
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 18:59:43 GMT
expires: Wed, 22 Nov 2023 18:59:43 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 19:52:12 GMT
content-type: text/javascript
age: 241000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
142.250.74.163200 OK 3.5 kB URL HTTP/2 www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js
IP 142.250.74.163:0
File type Unicode text, UTF-8 text, with very long lines (10473)
Hash 5f322b95a9dc592286f58bb0b446fb3a
7b504dd1f75dca0b6545643188e510cae4699c6a
a87b7a7bb8c3c8104355c38ea1e71953c2fc38320e3d32c675e753afa96eed15
GET /external_hosted/clipboardjs/clipboard.min.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 3475
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Nov 2022 13:56:23 GMT
expires: Fri, 25 Nov 2022 13:56:23 GMT
cache-control: public, max-age=0
last-modified: Wed, 14 Apr 2021 19:28:00 GMT
content-type: text/javascript
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
resources.blogblog.com/blogblog/data/res/915278307-rockpool_compiled.js
142.250.74.105200 OK 47 kB URL HTTP/2 resources.blogblog.com/blogblog/data/res/915278307-rockpool_compiled.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (1909)
Hash fa1771b9785fbd3d647d0e149f12cf09
1bb2b2f0850587dcfa34983edae0ecf5d9160566
22e5a22a9516e4de6816e74449428ba8aa5e30835ad3a713b54b508619b87988
GET /blogblog/data/res/915278307-rockpool_compiled.js HTTP/1.1
Host: resources.blogblog.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 46658
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Nov 2022 23:16:21 GMT
expires: Tue, 29 Nov 2022 23:16:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 22 Nov 2022 21:54:19 GMT
content-type: text/javascript
age: 225602
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/static/v1/widgets/2342155703-widgets.js
142.250.74.105200 OK 57 kB URL HTTP/2 www.blogger.com/static/v1/widgets/2342155703-widgets.js
IP 142.250.74.105:0
File type ASCII text, with very long lines (2221)
Hash 1217c8e34acb09c7cea97bae4d386ea1
55ee17703d0a7710943e93913bacb49220d98b4b
c2f23437ab938096bf8b40de8b08c4f27bb880b7ef8588481ec5ccc08b58870b
GET /static/v1/widgets/2342155703-widgets.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 56726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 16:02:03 GMT
expires: Tue, 21 Nov 2023 16:02:03 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Nov 2022 00:52:59 GMT
content-type: text/javascript
age: 338060
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
pelotero.net/directvsports.php
94.242.61.15200 OK 2.1 kB URL HTTP/2 pelotero.net/directvsports.php
IP 94.242.61.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Hash 50a9f31c9ce2a7475bdecc6f305caa02
edaeb32554b5ed25bdfa37aff777063aa617bc07
fa4d85d94c36e336f86fb1857c609bed464e8b0e39de741420921b63f47599cf
GET /directvsports.php HTTP/1.1
Host: pelotero.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 2082
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:56:23 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2
4.bp.blogspot.com/-BgWnwcjcYdA/TiJGKpmldMI/AAAAAAAAABg/PRyWAwJMk-4/s35/241427_103447439744486_100002376911667_30568_6946297_o.jpg
142.250.74.161200 OK 1.3 kB URL HTTP/1.1 4.bp.blogspot.com/-BgWnwcjcYdA/TiJGKpmldMI/AAAAAAAAABg/PRyWAwJMk-4/s35/241427_103447439744486_100002376911667_30568_6946297_o.jpg
IP 142.250.74.161:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 35x35, components 3\012- data
Hash bde5a0693243323212de9b7a5507632c
ad1d084e404bf04e5a1398a687d22ee18be6deb0
8a288b0cab1949c07f8b2726fa9d3161705e36767cc9c70e106096f48df04321
GET /-BgWnwcjcYdA/TiJGKpmldMI/AAAAAAAAABg/PRyWAwJMk-4/s35/241427_103447439744486_100002376911667_30568_6946297_o.jpg HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Access-Control-Expose-Headers: Content-Length
ETag: "v18"
Expires: Sat, 26 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=86400, no-transform
Content-Disposition: inline;filename="241427_103447439744486_100002376911667_30568_6946297_o.jpg"
Content-Type: image/jpeg
Vary: Origin
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Date: Fri, 25 Nov 2022 13:56:23 GMT
Server: fife
Content-Length: 1318
X-XSS-Protection: 0
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 01f789642d92b84211d7a9391f4e55af
bfcdc40fa2e82882051aa26c61d81ffd98371506
66e2ca388a8696e08f992e3d34fe75dcccd99a0743605f3bf5e6c1c893750f24
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 87de3dd2c7dce12b01a337d1554a222a
30e0bd68bbb78995aa8a0686ac02848fd5a7a699
533c21806ef66401ea5faeeb37366a33f19f0e9052b4fb06f22981ec73b21a59
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.blogger.com/dyn-css/authorization.css?targetBlogID=3018245043324454482&zx=97923590-89b2-40d6-bee5-340c4023fd5f
142.250.74.105200 OK 21 B URL HTTP/2 www.blogger.com/dyn-css/authorization.css?targetBlogID=3018245043324454482&zx=97923590-89b2-40d6-bee5-340c4023fd5f
IP 142.250.74.105:0
File type very short file (no magic)
Hash a62e4d501434033d5d177e67d3aafdd0
34f7300c9ed47334cf10826d57af785321e3138b
b0cabcbfed4b1830ab1956efbd2eec32289a968323cb854a47ef98360ed0f522
GET /dyn-css/authorization.css?targetBlogID=3018245043324454482&zx=97923590-89b2-40d6-bee5-340c4023fd5f HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 13:56:23 GMT
last-modified: Fri, 25 Nov 2022 13:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-length: 21
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.blogger.com/comment/frame/3018245043324454482?po=4983503404578617608&hl=es-419&skin=notable&blogspotRpcToken=1049503
142.250.74.105200 OK 14 kB URL HTTP/2 www.blogger.com/comment/frame/3018245043324454482?po=4983503404578617608&hl=es-419&skin=notable&blogspotRpcToken=1049503
IP 142.250.74.105:0
Hash 95d4063d6c30e5ad892c597e2d0d50e6
b1a25ae33169229f9d2c683da88cdf9d439decd8
a316e0ac07183b072e8b9f092badbc99615f9982c64d7838ed170fa04177601c
GET /comment/frame/3018245043324454482?po=4983503404578617608&hl=es-419&skin=notable&blogspotRpcToken=1049503 HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Nov 2022 13:56:23 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: same-site
report-to: {"group":"BloggerCommentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/BloggerCommentUi/external"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin; report-to="BloggerCommentUi"
content-security-policy: require-trusted-types-for 'script';report-uri /_/BloggerCommentUi/cspreport, script-src 'nonce-v0XGtNRyMYcSBEwLQZ_umg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/BloggerCommentUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/BloggerCommentUi/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=l5skpfnTxN8VvJrH_oF-duLHXywqrPyOzGPEHmzKEgFZDWvb1BBdAFttdi79xGQWiAqo7PwuClmaRrB3CuUGAKSVY8J1dV0nkkMDLiJFhX5Drc5byY2xFzusFqTPPjfQX6vFBxp5YpJ-fb5x86NXd2y_5RgKp_YJiMLSbkd6QPU; expires=Sat, 27-May-2023 13:56:23 GMT; path=/; domain=.blogger.com; Secure; HttpOnly
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 37421d0455431f58cbdbbd9300326121
bb2f721cf76c55dd3c3e0bcedf7cdeb7d2601261
071386cdf61026fbbfe6c87ba1ea655434735b7fbf4d5c41645fd692f486ea76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4989
Cache-Control: max-age=94910
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Etag: "637f85c8-117"
Expires: Sat, 26 Nov 2022 16:18:13 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 37421d0455431f58cbdbbd9300326121
bb2f721cf76c55dd3c3e0bcedf7cdeb7d2601261
071386cdf61026fbbfe6c87ba1ea655434735b7fbf4d5c41645fd692f486ea76
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4989
Cache-Control: max-age=94910
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Etag: "637f85c8-117"
Expires: Sat, 26 Nov 2022 16:18:13 GMT
Last-Modified: Thu, 24 Nov 2022 14:55:04 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 53fcb4ee27c7d134d3f97cc57e278afd
a62c21facb417781a08b8c65b76d266b441b2cf0
8a11549eec9046fd1637b81f2983388e78011cc52723b9c27511709a73576998
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5848
Cache-Control: max-age=91097
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Etag: "637f7388-117"
Expires: Sat, 26 Nov 2022 15:14:40 GMT
Last-Modified: Thu, 24 Nov 2022 13:37:12 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-latest.min.js
69.16.175.42200 OK 33 kB URL HTTP/2 code.jquery.com/jquery-latest.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32086)
Hash a39e9fcc2a78d5b1ed25b5f853c17a22
f1d1d30d35146a7adee855becba02b776366f169
a0581d3f2c05cfb302f81d2894c114da758e14a290bd4f240c7b63628469ee8d
GET /jquery-latest.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-encoding: gzip
content-length: 33202
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-1762a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669384583.dop214.sk1.t,1669384583.cds214.sk1.hn,1669384583.cds256.sk1.c
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d91b2de9b06b8b3762b6feeae2c338e
a6ca2eace27e1b3e57e44679dce7a4411d2f1388
a64167da8f9b5cb1e12f7f44de762fee666bd991bac462d7282a929cc34e4da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2667
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Last-Modified: Fri, 25 Nov 2022 13:11:56 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0d91b2de9b06b8b3762b6feeae2c338e
a6ca2eace27e1b3e57e44679dce7a4411d2f1388
a64167da8f9b5cb1e12f7f44de762fee666bd991bac462d7282a929cc34e4da4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1939
Cache-Control: max-age=116311
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:23 GMT
Etag: "637fe54b-118"
Expires: Sat, 26 Nov 2022 22:14:54 GMT
Last-Modified: Thu, 24 Nov 2022 21:42:35 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 280
unpkg.com/video.js@7.20.3/dist/video-js.css
104.16.124.175200 OK 74 kB URL HTTP/2 unpkg.com/video.js@7.20.3/dist/video-js.css
IP 104.16.124.175:0
File type Unicode text, UTF-8 text, with very long lines (5844)
Hash 6a99eef82f80546a992703005f8d45d7
7e65c4915347c2ce4ee8aeeabb1cb2a0335b86f8
c7d9c089233d449a7179e660746ec300b6a972afe3cc011b32991cf881011928
GET /video.js@7.20.3/dist/video-js.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelotero.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"b60f-hBF10RMDB1g/GOe7oM3xM3grpys"
via: 1.1 fly.io
fly-request-id: 01GCHQPM52HHYX0X15YBBMB8DD-fra
cf-cache-status: HIT
age: 6636956
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32f2980b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
fubolgratisenvivo.blogspot.com/favicon.ico
142.250.74.161200 OK 412 B URL HTTP/1.1 fubolgratisenvivo.blogspot.com/favicon.ico
IP 142.250.74.161:0
File type MS Windows icon resource - 2 icons, 32x32, 8 bits/pixel, 16x16, 8 bits/pixel\012- data
Hash 501c61a70f5c41181aa050d9110909ca
5b985d5671a7caf686fdfb1df13488c4407f6c9f
c4aaf001607ee331f6871b4dbbf45942b1e197726714fd106e46d70cc10ee97e
GET /favicon.ico HTTP/1.1
Host: fubolgratisenvivo.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/2022/07/directv-sports.html
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=UTF-8
Expires: Fri, 25 Nov 2022 13:56:23 GMT
Date: Fri, 25 Nov 2022 13:56:23 GMT
Cache-Control: private, max-age=86400
Last-Modified: Sun, 16 Oct 2022 15:43:02 GMT
ETag: W/"7376ac9385be3f4fbd2f87f71ce585db2797cc17efb406dc3d46eb40b88c71e1"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 412
Server: GSE
c.adsco.re/
104.17.166.186200 OK 50 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 8985d960fea08c825f70640415cbaed3
7f774c0596efbd1d2c39702f890f1bc24216a74a
f15537eb956a0c4e0808504854c197590cf57f827a35b47d18bd530a56c1c20d
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: text/html
cache-control: public, max-age=2678400
accept-ch: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
permissions-policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
expires: Mon, 26 Dec 2022 13:56:23 GMT
etag: W/"n/ARilLrRVDeZNVpaPOsXg=="
cf-cache-status: HIT
age: 509833
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae330adc60b61-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 13:11:11 GMT
cache-control: public,max-age=3600
age: 2712
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 043fe74d90f07b742a16a66d35c3c5d5
fab8c51cdeba0f9f2091df7a3522c3b2f701ad13
06c39af93e02e4d4f39dfd31552ea1488ba0c4c50b06e573665c6e95cda2f3e6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06C39AF93E02E4D4F39DFD31552EA1488BA0C4C50B06E573665C6E95CDA2F3E6"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7654
Expires: Fri, 25 Nov 2022 16:03:58 GMT
Date: Fri, 25 Nov 2022 13:56:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash df06e70fc8a35facf1d8db463d18e231
fa8a2975566cc792898f870e48ae7518d3657326
4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5413
Cache-Control: max-age=160840
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 10:37:04 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
c.adsco.re/
104.17.166.186200 OK 28 kB IP 104.17.166.186:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (689)
Hash 10a01aa4b1b98eaf84bbf379ae1e8a37
8fa47a75106dda08d76725d882fc80a4787a89e0
e7a5d2a6be0bdeed7f340c5da1d39049f8c6aab19ec273a016b4347a43106cf3
GET / HTTP/1.1
Host: c.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=2678400
Accept-CH: Sec-CH-UA, Sec-CH-UA-Mobile, Sec-CH-UA-Full-Version, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Device-Memory, Downlink, ECT, RTT, Width, Viewport-Width, DPR
Permissions-Policy: ch-ua=(self "https://adsco.re"),ch-ua-mobile=(self "https://adsco.re"),ch-ua-full-version=(self "https://adsco.re"),ch-ua-platform=(self "https://adsco.re"),ch-ua-platform-version=(self "https://adsco.re"),ch-ua-arch=(self "https://adsco.re"),ch-ua-model=(self "https://adsco.re"),ch-device-memory=(self "https://adsco.re"),ch-downlink=(self "https://adsco.re"),ch-ect=(self "https://adsco.re"),ch-rtt=(self "https://adsco.re"),ch-width=(self "https://adsco.re"),ch-viewport-width=(self "https://adsco.re"),ch-dpr=(self "https://adsco.re")
Link: <//6.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//4.adsco.re/>;rel=prefetch;crossorigin;as=fetch,<//adsco.re/>;rel=preconnect
Expires: Mon, 26 Dec 2022 13:56:24 GMT
ETag: W/"n/ARilLrRVDeZNVpaPOsXg=="
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 509834
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fae3323ca5b4f9-OSL
alt-svc: h2=":443"; ma=60
ssl.p.jwpcdn.com/player/v/8.25.1/jwplayer.js
151.101.86.114200 OK 41 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.25.1/jwplayer.js
IP 151.101.86.114:0
File type Unicode text, UTF-8 text, with very long lines (65144)
Hash 5dfcd8ade49f1d5be831179f942762ae
dde38817ffd4f921d8c9da2f64bd9de65207356b
892ead16302e331fb1467640791ad7743c1369d6453bea2d9ce18d10a3d1864a
GET /player/v/8.25.1/jwplayer.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Mon, 25 Apr 2022 19:34:51 GMT
etag: "7e53746c16be2dd406a6fbed7f43dfbc"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:56:24 GMT
via: 1.1 varnish
age: 1931341
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669384584.067172,VS0,VE2
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 40591
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: http://fubolgratisenvivo.blogspot.com
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fae33259d71bfa-OSL
alt-svc: h2=":443"; ma=60
4.adsco.re/
162.252.214.5200 OK 62 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash adde5febc7b5b6c2c759ec735cce83a0
77ec17be8a9970ff04663294d41c590d0d24fde4
ce2b9f2e5005195de7add565505005be6f2ef0d37521771e15106d1e1b9260ff
GET / HTTP/1.1
Host: 4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: http://fubolgratisenvivo.blogspot.com
Access-Control-Max-Age: 2592000
Cache-Control: private, max-age=5
Content-Encoding: gzip
documentationskillgrasshopper.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js
173.233.137.44200 OK 17 kB URL HTTP/1.1 documentationskillgrasshopper.com/ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (53769), with no line terminators
Hash 3ad79e41ff19bb9228806ae6b0af06aa
3c5409cc8d281adb19d186615962917a0ad98c4d
2dc2f78b5c32725cfeb6e06d5a21a081bc2850999c5f506c4d0f0a266ab0c37b
Analyzer Verdict Alert quad9 Sinkholed
GET /ac/58/bb/ac58bbe800329453de3d4b2f28050b55.js HTTP/1.1
Host: documentationskillgrasshopper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 804c0a70e2b2660ec31493c738322af8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MySCd3DV2Tt3mgTVCdBcRA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: K7E0osibYHRoNvKf/ccmGq54sJ8=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de213c2c26cf607adef68991823380b6
1ece612b83b1337da66a147fd213319d0da24ac2
5cbea6c7563210c36ee5d4e603971f207bc3e992644299d5e63b2fb14e942c30
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5CBEA6C7563210C36EE5D4E603971F207BC3E992644299D5E63B2FB14E942C30"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18380
Expires: Fri, 25 Nov 2022 19:02:44 GMT
Date: Fri, 25 Nov 2022 13:56:24 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 0 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Referer: https://www.blogger.com/
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Fri, 25 Nov 2022 13:56:24 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+403; expires=Sun, 24-Nov-2024 13:56:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 13:56:24 GMT
cache-control: private
X-Firefox-Spdy: h2
play.google.com/log?format=json&hasfast=true&authuser=0
216.58.207.206200 OK 131 B URL HTTP/2 play.google.com/log?format=json&hasfast=true&authuser=0
IP 216.58.207.206:0
File type JSON data\012- , ASCII text, with no line terminators
Hash babb6f090aeebc6f421624475b4aefff
06079b7547949822c118224e51604f4c5ebf80c8
b2fe8b91f31edc7284cc9690e90dd4a38d985598374df68967d917590beb55dd
POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 2979
Origin: https://www.blogger.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.blogger.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Fri, 25 Nov 2022 13:56:24 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+514; expires=Sun, 24-Nov-2024 13:56:24 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Nov 2022 13:56:24 GMT
X-Firefox-Spdy: h2
m7pdeuftnfno.n4.adsco.re/
38.132.109.186200 OK 0 B URL HTTP/1.1 m7pdeuftnfno.n4.adsco.re/
IP 38.132.109.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: m7pdeuftnfno.n4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:32:42 GMT
Connection: close
ETag: "5b5f2f9a-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 65992aeb8efb9a0b8fd59687090733fe
526a2afccc93d32849185d153fafe44b72797df9
b6677984b6c3602d7b62df776158c09a3e57eec4c0edbddafb0624200715f10e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 76544babbcf6515110bd81aaee8e7e63
043497692868c67ac84cdfe70d0a484517abd1c2
a19d5958d683662375a2469d1d7e551188469b967eb6f2bae2d5e43dac51a4f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eebdf501bc43ac3371037da7d0cb8819
96bd6dd27408d81b4a96cc0a6d0e89330adcf051
0e92782ce193b3ebe663f4277c23434a50a948e7c8f8fd5a9e7115cd4c03d89b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E92782CE193B3EBE663F4277C23434A50A948E7C8F8FD5A9E7115CD4C03D89B"
Last-Modified: Fri, 25 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18814
Expires: Fri, 25 Nov 2022 19:09:58 GMT
Date: Fri, 25 Nov 2022 13:56:24 GMT
Connection: keep-alive
1.bp.blogspot.com/-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png
142.250.74.161200 OK 15 kB URL HTTP/2 1.bp.blogspot.com/-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png
IP 142.250.74.161:0
File type PNG image data, 620 x 350, 8-bit/color RGBA, non-interlaced\012- data
Hash 28bd7f38ee1a79947a16ed6cc6ec66fe
9ef99e3d003e570c34d7a1302b529fb53d7eef86
6f44082d58abe527e2f0254949847293191be174b4ccb6b266b15983c95915da
GET /-nBy-9_9zQlA/Xf4vXMP6C0I/AAAAAAAABDk/j5lzykxSqicENwlQ5ok2a1Ni613FBBzAwCNcBGAsYHQ/s1600/espere.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="espere.png"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 15049
x-xss-protection: 0
date: Fri, 25 Nov 2022 12:02:01 GMT
expires: Thu, 13 Oct 2022 18:23:41 GMT
cache-control: public, max-age=86400, no-transform
age: 6863
etag: "v43b"
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
142.250.74.164200 OK 665 B URL HTTP/2 www.google.com/recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu
IP 142.250.74.164:0
File type ASCII text, with very long lines (1034), with no line terminators
Hash 34e37af4d526255a20a2056cd5f4addf
bcac186d6a49539e69a3f67aa08d0188966f5623
51a2c479b272414cb9d7e1ec62edffbad01217068b73d516d33cb8f26a4fc634
GET /recaptcha/api.js?trustedtypes=true&render=6LcdyMoZAAAAAFYwZAM4wZySTWVzr15BuInOVasu HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.blogger.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Fri, 25 Nov 2022 13:56:24 GMT
date: Fri, 25 Nov 2022 13:56:24 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 665
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 0754a39846284dd8d4fbfe285a83a6b0
d4deed21378a63659bb0bbf0ab636f838e2fe745
e0f3d9d5e8eef220c221b3002bbf14e86d56c841e9e5bfea2ed83a3b5fbb26cc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eebdf501bc43ac3371037da7d0cb8819
96bd6dd27408d81b4a96cc0a6d0e89330adcf051
0e92782ce193b3ebe663f4277c23434a50a948e7c8f8fd5a9e7115cd4c03d89b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E92782CE193B3EBE663F4277C23434A50A948E7C8F8FD5A9E7115CD4C03D89B"
Last-Modified: Fri, 25 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18814
Expires: Fri, 25 Nov 2022 19:09:58 GMT
Date: Fri, 25 Nov 2022 13:56:24 GMT
Connection: keep-alive
fulvo.creador.me/test?get=aHR0cHM6Ly8xMDYyLWFiYy5kdHZvdHQuY29tL2Rhc2hfbGl2ZV8xMDYyL21hbmlmZXN0Lm1wZA==&key=ZmFhMTk1MzAwOTQyNTY2ODg1N2IxYWVhNGJlYjVhOTI=&key2=ODEzMjQwMDk1MTFkZTNmZjIxZTkwZTUyZGY4MDgwNzY=
104.21.78.187200 OK 55 kB URL HTTP/2 fulvo.creador.me/test?get=aHR0cHM6Ly8xMDYyLWFiYy5kdHZvdHQuY29tL2Rhc2hfbGl2ZV8xMDYyL21hbmlmZXN0Lm1wZA==&key=ZmFhMTk1MzAwOTQyNTY2ODg1N2IxYWVhNGJlYjVhOTI=&key2=ODEzMjQwMDk1MTFkZTNmZjIxZTkwZTUyZGY4MDgwNzY=
IP 104.21.78.187:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (63234), with CRLF line terminators
Hash 725f19e3fa45aec34adaefd168b98c2f
683394f4fd0a755e3c62627a74bab74f23e36de7
6f3f631df5e151fda638089718908970a344ab5bb108d36548033e754def1878
GET /test?get=aHR0cHM6Ly8xMDYyLWFiYy5kdHZvdHQuY29tL2Rhc2hfbGl2ZV8xMDYyL21hbmlmZXN0Lm1wZA==&key=ZmFhMTk1MzAwOTQyNTY2ODg1N2IxYWVhNGJlYjVhOTI=&key2=ODEzMjQwMDk1MTFkZTNmZjIxZTkwZTUyZGY4MDgwNzY= HTTP/1.1
Host: fulvo.creador.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:24 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2BYRH5tZ5RrfA86uKNbDQPU0q3Vv8y2xT57pF0wsyBBvmW6jcjAYjRGIwlydon6K%2Fy1e00XpiCtuZgXGoj1dswd7iFIVHkzY5VEMPYSxM%2BaJUnZ99aLC%2B%2FXrCvXpWlaY%2F%2FGZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76fae335fb41b51b-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
content.jwplatform.com/libraries/KB5zFt7A.js
143.204.55.98200 OK 42 kB URL HTTP/2 content.jwplatform.com/libraries/KB5zFt7A.js
IP 143.204.55.98:0
File type Unicode text, UTF-8 text, with very long lines (65143)
Hash 0bf67979bac12084a332addd91bcbe41
0cddea14679aea153365b6a7de48dba6d43109ff
b5ff3204c5c20a0aac6b9d184b32a28ec5a481b19e7fc928a94410f84861ba58
GET /libraries/KB5zFt7A.js HTTP/1.1
Host: content.jwplatform.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 42373
access-control-allow-origin: *
cache-control: max-age=180
content-encoding: gzip
date: Fri, 25 Nov 2022 13:55:05 GMT
server: openresty
x-robots-tag: noindex, indexifembedded
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3GuNLiMd3ht43ytPOYeaus-QJQgs7h8uuA22i1nBCNfHprhuOO1mtg==
age: 79
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adsco.re/p
162.252.214.5200 OK 168 B IP 162.252.214.5:0
File type ASCII text, with no line terminators
Hash 9d5e9d6b735459034d586afa3a0c73c6
d13cbfb5bde5267a8919c2ebd46e7a45414004f4
1991ff9f1eb0d1d4e3bd7092e74844935a3fc6c8a3bf3008cebdbc3bb80de0c2
POST /p HTTP/1.1
Host: adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 1743
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
AS-P-1: OK lon123
AS-P-2: OK
AS-P-3: OK
Access-Control-Max-Age: 2592000
Cache-Control: no-transform
Access-Control-Allow-Origin: http://fubolgratisenvivo.blogspot.com
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
ssl.p.jwpcdn.com/player/v/8.26.2/jwpsrv.js
151.101.86.114200 OK 19 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.26.2/jwpsrv.js
IP 151.101.86.114:0
File type ASCII text, with very long lines (63039)
Hash 47c80e5e949f9c51cea9f3f4eb3411c8
ea848020d7f54579af52ebd5e5f6922b98cc2512
6455d2bb063d9fde3276b77cb3e6e886c9b2a87dfc1bf16365d0cd3e8c1d131d
GET /player/v/8.26.2/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=900, immutable
last-modified: Thu, 03 Nov 2022 20:18:33 GMT
etag: "662d21d9cc48caa9758882be57e10e92"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:56:24 GMT
via: 1.1 varnish
age: 122
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 36
x-timer: S1669384585.833923,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 18857
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 26 kB IP 172.64.155.188:0
Hash 8bfe2e0da68efdb0de8b7500ab7487c1
ce9870c4a12ae56e5be32589c98b51a032eeabe2
2c6124f8519478259f6ca0f784862ce6307cd771eae31bd65811df9e650806b0
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:24 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=400559,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fae3360f0eb515-OSL
ssl.p.jwpcdn.com/player/v/8.26.2/jwplayer.core.controls.js
151.101.86.114200 OK 86 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.26.2/jwplayer.core.controls.js
IP 151.101.86.114:0
File type ASCII text, with very long lines (65143)
Hash 79715e5ef7315552781361ce528ac5cc
7aaba3e7b33ad3370fe30ad05a6d0a7a4f1ef4bf
a475b39d1214cf3962a0fb0a901bacdba949ef0df55bd552a474677b461f658b
GET /player/v/8.26.2/jwplayer.core.controls.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Thu, 03 Nov 2022 20:18:25 GMT
etag: "ac30c7ab15072b75e1bd12403a673d76"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:56:24 GMT
via: 1.1 varnish
age: 1468007
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 131954
x-timer: S1669384585.841621,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 85630
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-K97HVWY69V
142.250.74.168200 OK 77 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-K97HVWY69V
IP 142.250.74.168:0
File type ASCII text, with very long lines (21484)
Hash c45145587b28628c2a2db2e740b55c69
4ee778b36f807883d35f24b82104960a62e1c24a
23784865bdefb2ecb00e6486efb81217cdf83db305b4c625e6ed9ce2c0e63581
GET /gtag/js?id=G-K97HVWY69V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fulvo.creador.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 25 Nov 2022 13:56:24 GMT
expires: Fri, 25 Nov 2022 13:56:24 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 76612
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ssl.p.jwpcdn.com/player/v/8.26.2/translations/es.json
151.101.86.114200 OK 1.4 kB URL HTTP/2 ssl.p.jwpcdn.com/player/v/8.26.2/translations/es.json
IP 151.101.86.114:0
File type JSON data\012- , Unicode text, UTF-8 text
Hash 9d185aca4a2dc77be9826639791fed53
6a22bb0b60989a17b2383ea1538ef9432278a8fa
67f8f8cb531e53de052f54f592d49f55897a7fcc3131e09738f578ae7de1966b
GET /player/v/8.26.2/translations/es.json HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fulvo.creador.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=31536000, immutable
last-modified: Thu, 03 Nov 2022 20:18:35 GMT
etag: "65c9c20ec057faa9f9115e26a9305664"
content-type: application/json
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:56:24 GMT
via: 1.1 varnish
age: 1349635
x-served-by: cache-bma1675-BMA
x-cache: HIT
x-cache-hits: 169
x-timer: S1669384585.845751,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 1409
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0111a2443450172e5d2b48d350a8f57
75e89d4cd001303e66a93880f96d6c47e7d665ab
c9865c82b8f373aeb3a7333b0f65408211d832aba753c35d3544ecb2913f4f64
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Nov 2022 13:56:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0a57a980ad62c1a1b7a78c437360f4c0
fad403ea4d9e1a880320dd93b50319ebb203cee1
28e3ca79d5926a23df04584dea6c930eb385a9af0c6fe54001d3fb8d34742513
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "28E3CA79D5926A23DF04584DEA6C930EB385A9AF0C6FE54001D3FB8D34742513"
Last-Modified: Thu, 24 Nov 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15665
Expires: Fri, 25 Nov 2022 18:17:29 GMT
Date: Fri, 25 Nov 2022 13:56:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 46851561ddffd8c312b6a7e87ce9be40
4dac90d5dfaeefac573c8a414e0d2732a8f707a7
6b518ee89587078376f3c5b6ff4f1bd6a615ed9d0b0c94037b9235d25152ff0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6B518EE89587078376F3C5B6FF4F1BD6A615ED9D0B0C94037B9235D25152FF0D"
Last-Modified: Wed, 23 Nov 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6007
Expires: Fri, 25 Nov 2022 15:36:32 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash bb0752e5c582d262c6fb2ccbbc4934b2
b284274f65c07ff39fb6c63027ba0d270cfee9a1
e4898311cb2f15694ca5ecae012ab44195e08c1a1f4380958799df7799818dff
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 23 Nov 2022 05:22:25 GMT
Expires: Wed, 30 Nov 2022 05:22:24 GMT
Etag: "b284274f65c07ff39fb6c63027ba0d270cfee9a1"
Cache-Control: max-age=400558,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fae338fc04b515-OSL
tallysaturatesnare.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 tallysaturatesnare.com/33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37134), with no line terminators
Hash f91659c7e5c8463f82fb4c27bf7ce318
6f9b45d9cdbe065a686bf2a8445afb0792453ae7
95c031de7b8356a9f03f19525cec3b3ec217462c8f1f4a2da13d6efbbbbe999f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /33/a3/af/33a3af0c29be07a2460f507fcc8304c1.js HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 25 Nov 2022 13:56:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: ca503f689cfe2f9364484abe4071c47f
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e4187a43946d8ea5337bb1347757b7a6
05dd65dd513f85c93974052ac7fa227aaf250fe4
495169482368a285ec3b8581b00365be1dd6c011d0278437bc55be18a6231adf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "495169482368A285EC3B8581B00365BE1DD6C011D0278437BC55BE18A6231ADF"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19682
Expires: Fri, 25 Nov 2022 19:24:27 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
s10.histats.com/js15_as.js
46.105.201.240200 OK 4.4 kB URL HTTP/2 s10.histats.com/js15_as.js
IP 46.105.201.240:0
File type HTML document, ASCII text, with very long lines (11440), with no line terminators
Hash ed192092c129db6123a3397855f42619
067e9b8e26cf6246eb84c6b9cf3da0c192ce7b3e
998fff486a7fb38b6ed445edc36c9b317b70950cd39efcf4012ca641312fcee1
GET /js15_as.js HTTP/1.1
Host: s10.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:54:10 GMT
etag: "-375139978"
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-request-id: 543719865
content-type: application/javascript; charset=UTF-8
content-encoding: br
x-cdn-pop: sbg
x-cdn-pop-ip: 137.74.120.0/27
x-cacheable: Matched cache
accept-ranges: bytes
content-length: 4364
X-Firefox-Spdy: h2
m7pdeuftnfno.s4.adsco.re/
185.200.116.90200 OK 0 B URL HTTP/1.1 m7pdeuftnfno.s4.adsco.re/
IP 185.200.116.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1
Host: m7pdeuftnfno.s4.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:25 GMT
Content-Type: text/html
Content-Length: 0
Last-Modified: Mon, 30 Jul 2018 15:38:01 GMT
Connection: close
ETag: "5b5f30d9-0"
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Expose-Headers: Content-Length,Content-Range
Accept-Ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17635
Expires: Fri, 25 Nov 2022 18:50:20 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
prd.jwpltx.com/v1/error/ping.gif?h=1542410248&e=ers&n=4701697185259680&aid=gz_FBsVMEeWiQBKCk4Wcgw&=0&at=1&c=-1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1gbl8lom48qt&i=1&lid=vyd6vf9n4ww7&lsa=set&mt=0&pbd=1&pbr=1&pgi=11h0lty1yk9s&ph=1&pid=KB5zFt7A&pii=0&pl=0&plc=0&pli=jos9k062nbxg&pp=&prc=1&ps=4&pss=0&pt=&pu=https%3A%2F%2Fpelotero.net%2F&pv=8.26.2&pyc=0&s=1&sdk=0&stc=1&stpe=0&tv=3.40.0&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1669384584906
151.101.86.114204 No Content 0 B URL HTTP/2 prd.jwpltx.com/v1/error/ping.gif?h=1542410248&e=ers&n=4701697185259680&aid=gz_FBsVMEeWiQBKCk4Wcgw&=0&at=1&c=-1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1gbl8lom48qt&i=1&lid=vyd6vf9n4ww7&lsa=set&mt=0&pbd=1&pbr=1&pgi=11h0lty1yk9s&ph=1&pid=KB5zFt7A&pii=0&pl=0&plc=0&pli=jos9k062nbxg&pp=&prc=1&ps=4&pss=0&pt=&pu=https%3A%2F%2Fpelotero.net%2F&pv=8.26.2&pyc=0&s=1&sdk=0&stc=1&stpe=0&tv=3.40.0&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1669384584906
IP 151.101.86.114:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/error/ping.gif?h=1542410248&e=ers&n=4701697185259680&aid=gz_FBsVMEeWiQBKCk4Wcgw&=0&at=1&c=-1&ccp=0&cp=0&d=1&eb=0&ed=6&emi=1gbl8lom48qt&i=1&lid=vyd6vf9n4ww7&lsa=set&mt=0&pbd=1&pbr=1&pgi=11h0lty1yk9s&ph=1&pid=KB5zFt7A&pii=0&pl=0&plc=0&pli=jos9k062nbxg&pp=&prc=1&ps=4&pss=0&pt=&pu=https%3A%2F%2Fpelotero.net%2F&pv=8.26.2&pyc=0&s=1&sdk=0&stc=1&stpe=0&tv=3.40.0&vl=90&wd=0&cme=0&erc=102630&flc=0&sa=1669384584906 HTTP/1.1
Host: prd.jwpltx.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
accept-ranges: bytes
date: Fri, 25 Nov 2022 13:56:25 GMT
via: 1.1 varnish
x-served-by: cache-bma1675-BMA
x-cache: MISS
x-cache-hits: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 5348b4ee74a9c894db836c2b61cc7086
9a65195ea94f2f7326007ad86ca1675010f4c00e
d2c786795613bca9a9bee9143dc278307b828a07b40880cfa20e087895aa359a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=86975
Date: Fri, 25 Nov 2022 13:56:25 GMT
Etag: "637f7219-1d7"
Expires: Sat, 26 Nov 2022 14:06:00 GMT
Last-Modified: Thu, 24 Nov 2022 13:31:05 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: thIOMW7mIMpWifNNuHsSl9k9bEkkR_4qVxR-NW_SbJn0qzT_Ispq-Q==
Age: 2096
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 44cf05481a50efacfb304a62ab07c942
59498c108caf0679d46f729ab49edbc55e38fbe8
317147e106a41d80d6703ed3a76a5118277b1968f315af8c868debd9cc64d892
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:25 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://pelotero.net
access-control-allow-credentials: true
set-cookie: uid_id2=3cd38ef3-b663-40e8-b242-fdb69ef631d6:3:1; expires=Mon, 22 Nov 2032 13:56:25 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Nov 2022 12:31:58 GMT
expires: Sun, 19 Nov 2023 12:31:58 GMT
cache-control: public, max-age=31536000
age: 523467
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 21:46:16 GMT
expires: Fri, 24 Nov 2023 21:46:16 GMT
cache-control: public, max-age=31536000
age: 58209
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 346 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17635
Expires: Fri, 25 Nov 2022 18:50:20 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3319
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 13:56:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:53 GMT
age: 58112
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6673267df195141739d1018c17101368
b80047da428636adb7027f12718c8d11bd461da4
de30af07eed7326a1326c831e04727649a112c20d0c485a7e973edd96f91bfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20a12e2c-1403-4b39-9da1-b2be17a6bbd1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11954
x-amzn-requestid: 0c912d90-72b5-4060-ae22-c2ecbe16b57a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b8J-nEFEoAMF2eA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637b2390-503ead086c8021af6eaeaa85;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 07:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JZAeoFNsUy2usSV7O41YGIfVow9gaIMXuKnfcaundLduQ5UX2eTKOQ==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 17:17:27 GMT
age: 74338
etag: "b80047da428636adb7027f12718c8d11bd461da4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b6ee13d43732f7c764a49500d092865
5d15fd672e968d59b541e4d5d0d01cd5e69f4075
fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NntLZ3wUdcX9kEo-afFLU0TPKgqAlSK3bToNh2mmoqoyLBJINNk7ow==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:39 GMT
age: 57706
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1U8xGxgIAMF-qQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: j_8oVo464QMWMnmkxQJIDRhaIVmwhzCTHe4A57OdmaUr9HcyTtBUjg==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 05:04:28 GMT
age: 31917
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8784bb7a8b88736a6016f712e3183bf3
b0ddc1555d2506177adcdcea77864d75f1245d07
8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 57701
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4006a9037ab5f28dca62b0aa7a704c41
74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 34406
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c9eb58b7dfc7b2f3a38096729d82001b
ccb572f30baee6fe3cafe4513b9a61b3b1aa8e22
38d45f240c55ef0788c28ab0c4ca8b44fc09f8a58420ca8e9b0903a9e86c2984
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "38D45F240C55EF0788C28AB0C4CA8B44FC09F8A58420CA8E9B0903A9E86C2984"
Last-Modified: Wed, 23 Nov 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2221
Expires: Fri, 25 Nov 2022 14:33:27 GMT
Date: Fri, 25 Nov 2022 13:56:26 GMT
Connection: keep-alive
s4.histats.com/stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttp%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-16984024&@b3:1669384585&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpelotero.net%2Fdirectvsports.php&@w
192.99.8.28200 OK 47 B URL HTTP/1.1 s4.histats.com/stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttp%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-16984024&@b3:1669384585&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpelotero.net%2Fdirectvsports.php&@w
IP 192.99.8.28:0
File type ASCII text, with no line terminators
Hash 06b05ae9614bafae9b0b09cfbeed559e
9b087683529b7b89a117b2d5cbb35a93e7dcbaca
a60692031ce09be66be89784e8b0214c0f8b6f52cd8fd6a36129a635ffe41ad2
GET /stats/0.php?4455589&@f16&@g1&@h0&@i0&@j0&@k0&@l0&@mDIRECTV%20SPORTS&@n0&@ohttp%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-16984024&@b3:1669384585&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fpelotero.net%2Fdirectvsports.php&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:26 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 47
Connection: close
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 27897a7a4f3d335e0c60f5c6790a478c
6e8350d5568779051aa70e2eea1d3e9789e2eb50
64a05e047b52efbac209c45db0e1955a1f80139b21f53c8b55aae67b0f904f28
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:26 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 17:29:14 GMT
Expires: Tue, 29 Nov 2022 17:29:13 GMT
Etag: "6e8350d5568779051aa70e2eea1d3e9789e2eb50"
Cache-Control: max-age=357766,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76fae339bce2b515-OSL
d24ak3f2b.top/advertisers.js
142.0.197.108200 OK 0 B URL HTTP/1.1 d24ak3f2b.top/advertisers.js
IP 142.0.197.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: d24ak3f2b.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Fri, 25 Nov 2022 13:56:26 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e35fa4dae40bd0e50b8721139c5c1e96
29c62a374706992243f28a55ccde2c170e0957f4
906b12ecb187e42e1a0522ad8a6418b1901f7c87adb31afe4b602e3756ade39f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "906B12ECB187E42E1A0522AD8A6418B1901F7C87ADB31AFE4B602E3756ADE39F"
Last-Modified: Wed, 23 Nov 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14686
Expires: Fri, 25 Nov 2022 18:01:12 GMT
Date: Fri, 25 Nov 2022 13:56:26 GMT
Connection: keep-alive
whos.amung.us/pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&y=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&a=0&d=1.569&v=27&r=1839
104.22.75.171200 OK 522 B URL HTTP/2 whos.amung.us/pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&y=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&a=0&d=1.569&v=27&r=1839
IP 104.22.75.171:0
Hash f7f7dbf5978a721a8c8c4234e466808d
1e0823f07b56a1cd8f4af9638fcdbfa6eca171cf
7a339f808dde99d0ce9a73c98d23d7e34534a88a74f237d3f21686320396bcd1
GET /pingjs/?k=mn6pnu92ye&t=DIRECTV%20SPORTS&c=t&x=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&y=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&a=0&d=1.569&v=27&r=1839 HTTP/1.1
Host: whos.amung.us
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:26 GMT
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 76fae33ff8c7f15e-ARN
X-Firefox-Spdy: h2
ifknittedhurtful.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1
192.243.59.20200 OK 4.0 kB URL HTTP/1.1 ifknittedhurtful.com/sbar.json?key=33a3af0c29be07a2460f507fcc8304c1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5769), with no line terminators
Hash 266b22d8307fbfb5d6aea184e1889c29
98707b468c182bfef874f9af444c23316b4339a9
0db81699a6467158957491ca8af3e92755432ec662960875e7c6a8dca59d7f15
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=33a3af0c29be07a2460f507fcc8304c1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:26 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://pelotero.net
Access-Control-Allow-Origin: https://pelotero.net
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=15497083; expires=Sat, 26 Nov 2022 13:56:26 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 26 Nov 2022 13:56:26 GMT; secure; SameSite=None
uncs=1; expires=Sat, 26 Nov 2022 13:56:26 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 26 Nov 2022 13:56:26 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 26 Nov 2022 13:56:26 GMT; secure; SameSite=None
slec33a3af0c29be07a2460f507fcc8304c1=[3789938]; expires=Fri, 25 Nov 2022 13:56:31 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a7b52958baff0d13d9323c74dee48df5
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.tynt.com/tc.js
104.18.36.173200 OK 6.7 kB IP 104.18.36.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (647)
Hash 1c19de1014ecbb64bf79594584b7e243
e2ab949e99c448f107245a0a39c10e0b30130e9f
5c80cda6336fe83e049aea16c899b4983fa70744beccddd14d75ee0c178c5c77
GET /tc.js HTTP/1.1
Host: cdn.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:26 GMT
content-type: application/javascript
last-modified: Thu, 21 Jul 2022 14:57:29 GMT
vary: Accept-Encoding
etag: W/"62d96959-4599"
content-encoding: gzip
cf-cache-status: HIT
age: 81091
expires: Mon, 28 Nov 2022 13:56:26 GMT
cache-control: public, max-age=259200
server: cloudflare
cf-ray: 76fae343cf6a1bfe-OSL
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&t=DIRECTV%20SPORTS HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
de.tynt.com/deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
67.202.105.31200 OK 4 B URL HTTP/2 de.tynt.com/deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
IP 67.202.105.31:0
File type ASCII text, with no line terminators
Hash 350fd6ef6446635f7a8f608434a405ec
a4b6c275ac2c80ec925b5c0c5c6abb79ba897356
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
GET /deb/v2?id=w!mn6pnu92ye&dn=TC&cc=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F HTTP/1.1
Host: de.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=86400
expires: Sat, 26 Nov 2022 13:56:27 GMT
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: application/javascript
content-length: 4
date: Fri, 25 Nov 2022 13:56:26 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1&r=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
67.202.105.32204 No Content 0 B URL HTTP/2 ic.tynt.com/b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1
IP 67.202.105.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b/p?id=w!mn6pnu92ye&lm=3&ts=1669384586262&dn=TC&iso=1 HTTP/1.1
Host: ic.tynt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx/1.16.1
date: Fri, 25 Nov 2022 13:56:27 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
X-Firefox-Spdy: h2
6.adsco.re/
104.17.167.186200 OK 0 B IP 104.17.167.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: 6.adsco.re
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Moz: prefetch
Connection: keep-alive
Referer: http://c.adsco.re/
HTTP/1.1 200 OK
Date: Fri, 25 Nov 2022 13:56:27 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=10
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76fae34a7cce1c0e-OSL
alt-svc: h2=":443"; ma=60
simplewebanalysis.com/stats
18.185.190.54200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 18.185.190.54:0
File type ASCII text, with no line terminators
Hash 44cf05481a50efacfb304a62ab07c942
59498c108caf0679d46f729ab49edbc55e38fbe8
317147e106a41d80d6703ed3a76a5118277b1968f315af8c868debd9cc64d892
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: uid_id2=3cd38ef3-b663-40e8-b242-fdb69ef631d6:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:27 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://pelotero.net
access-control-allow-credentials: true
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6600618d25a3e9acc27391d3f680d2b
4b416cee1249ac910f6fb8225e17390a644e3628
213d66ef9ad1f59458b0a4e68bb1b23c8fd349e0ee3010445000a2de12165127
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "213D66EF9AD1F59458B0A4E68BB1B23C8FD349E0EE3010445000A2DE12165127"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6496
Expires: Fri, 25 Nov 2022 15:44:44 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
ifknittedhurtful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1j3TaWQTjGAnGJM6MZCfWq6rXKVOv6lH1Xr9ORAgGwiAI7UqXL6eTCTqDOBsXgox03AwBYVpBghr8A1wI4qylOw3BC1X33jp3cc65tX%2BQnxOKnJ2tv2V3lNZstlmllRc3lBG28JXV25WQVun1yoYyc43rld74ct1XQtqs0pcqb0i%2BZWdrNKQ0pGFlSTkZ297sBIVK77fDaptWG7Vq2Gyg5%2F7b%2BzyAZwFE95xchRKj%2F28%2BegDFhzDJ1zek38ps%2BvLrSa5ZZh264vgds2VsYZBclrELEJvj6TSsHxHy%2BRVYczxVANs9HCtApEYk%2BCVEZI6nNBF1jy6YRhrSIBJPo%2BgOIfUQig3B7R6UeEwALrC6BpPcXbWuYNsXKBujIzLz5G%2BoYkRmfn8OJvlqUate5ZbVeaas8ejFJVRvCNUZIs1PkO0EUMUJePYRlPiRzD5ZgUkO17y2UKKcqFdqCBUPoWUfzAfIx0cFyOMAeRogEWcV1mzHlLbiKK7X5xuc83qd8%2Bb8nGiKemM%2Bpsj5mF4fWdoH131wt4vU7WJL9eHy7%2BE3S3gRwGcjEry9i64oUUiCwhMUjKBQBEVGUHTLI6F9zZd3hfZ5FE5zbZrr5cBmnQN2ZLOONOQgPSfPTHz5s%2FgAW%2FKsUq%2BzOospr7UjSVus1pijcZO2Ys7n67TBQ3hVQvkrE6k74yVdW0KqRoT88w0idgKvT8DVs2D5C2DFoFWjYJuDxjzFjrnnrbZdaavcJhC2RJrNINsODvQ5eX5Co%2F2zg%2BSnC3%2FsXTWffbIO7kqkrsT76geCjr4zuGkLcnjTFp48WEszlagdNl7drYxlcubLN%2BV2YZ1YvuH7X7zKx8C4vH9b%2BmyFGaFMx5N7i0oI6Zas45J8t%2Bw3ZLSe%2B83F3Jk8XVl%2FbWk5SZ30XlkzBFOP33sIrkbkqWR%2F8imv%2FboP5YZweYkkPyXTgLIn4OkufHq68Nvyt%2B82Fz6EtwROX85EaYAiLweuFl0%2BakWg5WXPohJeXloQydOHf11gB%2F4OOi4Ay%2FZgkhJdV6KrSzDdh8%2F%2FN8hSd7rwU30SiHQwiLQLDiPt9KcX1np1VpHNmMaS1mQUt6O4xahox412xNqhbEVNFiLzI7776ON%2FAQAA%2F%2F8BAAD%2F%2F1RizbNsBAAA
192.243.59.20200 OK 7 B URL HTTP/1.1 ifknittedhurtful.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1j3TaWQTjGAnGJM6MZCfWq6rXKVOv6lH1Xr9ORAgGwiAI7UqXL6eTCTqDOBsXgox03AwBYVpBghr8A1wI4qylOw3BC1X33jp3cc65tX%2BQnxOKnJ2tv2V3lNZstlmllRc3lBG28JXV25WQVun1yoYyc43rld74ct1XQtqs0pcqb0i%2BZWdrNKQ0pGFlSTkZ297sBIVK77fDaptWG7Vq2Gyg5%2F7b%2BzyAZwFE95xchRKj%2F28%2BegDFhzDJ1zek38ps%2BvLrSa5ZZh264vgds2VsYZBclrELEJvj6TSsHxHy%2BRVYczxVANs9HCtApEYk%2BCVEZI6nNBF1jy6YRhrSIBJPo%2BgOIfUQig3B7R6UeEwALrC6BpPcXbWuYNsXKBujIzLz5G%2BoYkRmfn8OJvlqUate5ZbVeaas8ejFJVRvCNUZIs1PkO0EUMUJePYRlPiRzD5ZgUkO17y2UKKcqFdqCBUPoWUfzAfIx0cFyOMAeRogEWcV1mzHlLbiKK7X5xuc83qd8%2Bb8nGiKemM%2Bpsj5mF4fWdoH131wt4vU7WJL9eHy7%2BE3S3gRwGcjEry9i64oUUiCwhMUjKBQBEVGUHTLI6F9zZd3hfZ5FE5zbZrr5cBmnQN2ZLOONOQgPSfPTHz5s%2FgAW%2FKsUq%2BzOospr7UjSVus1pijcZO2Ys7n67TBQ3hVQvkrE6k74yVdW0KqRoT88w0idgKvT8DVs2D5C2DFoFWjYJuDxjzFjrnnrbZdaavcJhC2RJrNINsODvQ5eX5Co%2F2zg%2BSnC3%2FsXTWffbIO7kqkrsT76geCjr4zuGkLcnjTFp48WEszlagdNl7drYxlcubLN%2BV2YZ1YvuH7X7zKx8C4vH9b%2BmyFGaFMx5N7i0oI6Zas45J8t%2Bw3ZLSe%2B83F3Jk8XVl%2FbWk5SZ30XlkzBFOP33sIrkbkqWR%2F8imv%2FboP5YZweYkkPyXTgLIn4OkufHq68Nvyt%2B82Fz6EtwROX85EaYAiLweuFl0%2BakWg5WXPohJeXloQydOHf11gB%2F4OOi4Ay%2FZgkhJdV6KrSzDdh8%2F%2FN8hSd7rwU30SiHQwiLQLDiPt9KcX1np1VpHNmMaS1mQUt6O4xahox412xNqhbEVNFiLzI7776ON%2FAQAA%2F%2F8BAAD%2F%2F1RizbNsBAAA
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1j3TaWQTjGAnGJM6MZCfWq6rXKVOv6lH1Xr9ORAgGwiAI7UqXL6eTCTqDOBsXgox03AwBYVpBghr8A1wI4qylOw3BC1X33jp3cc65tX%2BQnxOKnJ2tv2V3lNZstlmllRc3lBG28JXV25WQVun1yoYyc43rld74ct1XQtqs0pcqb0i%2BZWdrNKQ0pGFlSTkZ297sBIVK77fDaptWG7Vq2Gyg5%2F7b%2BzyAZwFE95xchRKj%2F28%2BegDFhzDJ1zek38ps%2BvLrSa5ZZh264vgds2VsYZBclrELEJvj6TSsHxHy%2BRVYczxVANs9HCtApEYk%2BCVEZI6nNBF1jy6YRhrSIBJPo%2BgOIfUQig3B7R6UeEwALrC6BpPcXbWuYNsXKBujIzLz5G%2BoYkRmfn8OJvlqUate5ZbVeaas8ejFJVRvCNUZIs1PkO0EUMUJePYRlPiRzD5ZgUkO17y2UKKcqFdqCBUPoWUfzAfIx0cFyOMAeRogEWcV1mzHlLbiKK7X5xuc83qd8%2Bb8nGiKemM%2Bpsj5mF4fWdoH131wt4vU7WJL9eHy7%2BE3S3gRwGcjEry9i64oUUiCwhMUjKBQBEVGUHTLI6F9zZd3hfZ5FE5zbZrr5cBmnQN2ZLOONOQgPSfPTHz5s%2FgAW%2FKsUq%2BzOospr7UjSVus1pijcZO2Ys7n67TBQ3hVQvkrE6k74yVdW0KqRoT88w0idgKvT8DVs2D5C2DFoFWjYJuDxjzFjrnnrbZdaavcJhC2RJrNINsODvQ5eX5Co%2F2zg%2BSnC3%2FsXTWffbIO7kqkrsT76geCjr4zuGkLcnjTFp48WEszlagdNl7drYxlcubLN%2BV2YZ1YvuH7X7zKx8C4vH9b%2BmyFGaFMx5N7i0oI6Zas45J8t%2Bw3ZLSe%2B83F3Jk8XVl%2FbWk5SZ30XlkzBFOP33sIrkbkqWR%2F8imv%2FboP5YZweYkkPyXTgLIn4OkufHq68Nvyt%2B82Fz6EtwROX85EaYAiLweuFl0%2BakWg5WXPohJeXloQydOHf11gB%2F4OOi4Ay%2FZgkhJdV6KrSzDdh8%2F%2FN8hSd7rwU30SiHQwiLQLDiPt9KcX1np1VpHNmMaS1mQUt6O4xahox412xNqhbEVNFiLzI7776ON%2FAQAA%2F%2F8BAAD%2F%2F1RizbNsBAAA HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:27 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f6ac52f781a9ad73bb9bb77bb074c657
Strict-Transport-Security: max-age=0; includeSubdomains
displayvertising.com/HKCV.aspx?_=BAYAY4DJiAFjgMmIgAGBAsAAIAYk7Y0CvKbssyHFFjyj5lSc8QyulHD57gwGNlLq3z64wQBHMEUCIECyGiCvHYrcAznLvsL3pDh7v1GdKeuQdbvKHd0w-gqNAiEAgm4CSVhrikFlzF5tWfd0uOlF32riwYAOpAoU-vxM5G4&v=4&iDfVwWcb=3860166&minBid=&TkWtQFau=0,0&NtdFXUwQ=&XmzPeJoE=&s=1280,1024,1,1280,1024,0
216.59.56.9200 OK 44 B URL HTTP/1.1 displayvertising.com/HKCV.aspx?_=BAYAY4DJiAFjgMmIgAGBAsAAIAYk7Y0CvKbssyHFFjyj5lSc8QyulHD57gwGNlLq3z64wQBHMEUCIECyGiCvHYrcAznLvsL3pDh7v1GdKeuQdbvKHd0w-gqNAiEAgm4CSVhrikFlzF5tWfd0uOlF32riwYAOpAoU-vxM5G4&v=4&iDfVwWcb=3860166&minBid=&TkWtQFau=0,0&NtdFXUwQ=&XmzPeJoE=&s=1280,1024,1,1280,1024,0
IP 216.59.56.9:0
File type ASCII text, with no line terminators
Hash d5f0a25e4d3522d56d48ce7bc3e518fb
86794caff58f7fee6e684c2ba7195f970a8d6f4c
9d781128a8ece413b003d5612b8398bf9340ef7f5b751d12bd125ba523d3ceb5
GET /HKCV.aspx?_=BAYAY4DJiAFjgMmIgAGBAsAAIAYk7Y0CvKbssyHFFjyj5lSc8QyulHD57gwGNlLq3z64wQBHMEUCIECyGiCvHYrcAznLvsL3pDh7v1GdKeuQdbvKHd0w-gqNAiEAgm4CSVhrikFlzF5tWfd0uOlF32riwYAOpAoU-vxM5G4&v=4&iDfVwWcb=3860166&minBid=&TkWtQFau=0,0&NtdFXUwQ=&XmzPeJoE=&s=1280,1024,1,1280,1024,0 HTTP/1.1
Host: displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
access-control-allow-origin: *
asf: 9
popads-ec: ASB
content-type: text/javascript;charset=UTF-8
content-length: 44
date: Fri, 25 Nov 2022 13:56:28 GMT
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Fri, 25 Nov 2022 16:24:09 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Fri, 25 Nov 2022 16:24:09 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
45.133.44.4200 OK 447 B URL HTTP/2 cdn.barscreative1.com/sb/notifications/games/nutaku/multi/2/index.html
IP 45.133.44.4:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 69dac4ff153c6f3d4ac2052f464fe121
69206b5461f92b875778a9d155472a3114b8bb07
c4b34692c0069e15cd48c41da9a66236e058e3f50bec4ca4298e377999ac8a8f
Analyzer Verdict Alert fortinet Phishing
GET /sb/notifications/games/nutaku/multi/2/index.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Thu, 15 Sep 2022 10:38:26 GMT
etag: W/"632300a2-514"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Fri, 25 Nov 2022 14:56:28 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
172.64.108.13200 OK 322 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/girls.png
IP 172.64.108.13:0
File type PNG image data, 729 x 331, 8-bit/color RGBA, non-interlaced\012- data
Size 322 kB (322399 bytes)
Hash 47b7ae41a98644de6d46d58a0e51a793
b0f736609af3c0b3214ee52cc9f0798dcc972df6
b2ad5bf8fc066203168fbceb53b7df6012e8897be344b240e94105af1b4ba0f2
GET /sb/notifications/games/nutaku/multi/2/img/girls.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: image/png
content-length: 322399
last-modified: Wed, 07 Sep 2022 14:37:32 GMT
etag: "6318acac-4eb5f"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864319
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2kKZOxx79sf60G4f6Nihw4hotFQTcPJNayA2yv%2FiVl6l0weA7yiWzqwknbSaKyp%2BdN76wp1EkN5TOEU64aUNfH0P%2FraR%2B1j3u6w%2B5vY0Xb6WW7LOmZTnKcQdyZbh1eW6p68z6V1%2BD0v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae34c883d4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 666f0822fa3b2bd37642dc6f1f9b95ea
b082ce304fa32d1afd9eee2c00c4d751d444f730
ea0fd5b59bc464c03f64e107247d245f8b9e65b5ad6593400952e0f978ba5251
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "EA0FD5B59BC464C03F64E107247D245F8B9E65B5AD6593400952E0F978BA5251"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Fri, 25 Nov 2022 16:24:09 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
172.64.108.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/animate.css
IP 172.64.108.13:0
Hash c91016401e0a0b7b3d7572de48c76597
12fb634abb5e708b4f55d1489055b4f626d3cdd1
2472e286e0bf6f54cef9d99e9c63301c873fa02bc4e3979e1a18587a6d973120
GET /sb/notifications/games/nutaku/multi/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: text/css
last-modified: Thu, 15 Sep 2022 10:38:28 GMT
etag: W/"632300a4-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2BGX%2FpTeF9Y5fI9f52sO1VGp3WoSm69Bbb9w8uheC75UGXvgMS1UdSJ%2Bs%2Bn0HDaaysGR7F9k0wDZIlPasFHdtO50gRhcnSR2F0DT%2B3Yr3heeKvIW9mjGhq8A4imp9DmKtyFuCcC9lP5e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae34c883a4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65f96a268c71dd2240b791911c212326
1c35b60c96efc632a131cb94748ee415a879f3b2
eecc5be54045ae30a37b00d7b96102d40dacc0e1c761a6432425673e04761c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EECC5BE54045AE30A37B00D7B96102D40DACC0E1C761A6432425673E04761C3A"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Fri, 25 Nov 2022 16:04:04 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 65f96a268c71dd2240b791911c212326
1c35b60c96efc632a131cb94748ee415a879f3b2
eecc5be54045ae30a37b00d7b96102d40dacc0e1c761a6432425673e04761c3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EECC5BE54045AE30A37B00D7B96102D40DACC0E1C761A6432425673E04761C3A"
Last-Modified: Wed, 23 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7656
Expires: Fri, 25 Nov 2022 16:04:04 GMT
Date: Fri, 25 Nov 2022 13:56:28 GMT
Connection: keep-alive
ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=270
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=270
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fjs%2Fmain.js&l=6946&fd=270 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=396
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=396
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgames%2Fnutaku%2Fmulti%2F2%2Fcss%2Fstyles.css&l=11401&fd=396 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:28 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=ac58bbe800329453de3d4b2f28050b55&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 25 Nov 2022 13:56:28 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cbbfd92ff88c9f9cebc80353946c3c9b
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
192.243.61.227200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=3cd38ef3-b663-40e8-b242-fdb69ef631d6&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=33a3af0c29be07a2460f507fcc8304c1&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=13 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Fri, 25 Nov 2022 13:56:28 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 560f815f82282f07002e22af447bec0d
Strict-Transport-Security: max-age=0; includeSubdomains
ifknittedhurtful.com/pixel/sbs?c=1
192.243.59.20200 OK 0 B URL HTTP/1.1 ifknittedhurtful.com/pixel/sbs?c=1
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:29 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
ifknittedhurtful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1657udhbBcYwEYxJnRrIT61XV65Sp9%2BpR9X50IkIwEAZBaFe6fDmdTNAZxNm4EGSk42YICNMKEtTgH%2BBCEGct3WkIXqi699a5i3POrb39%2FIxQ5Ox07S2zrbRm8606rb24rhJhSldbuV3zaZ1eq62r5GrzWq0%2FuWzxik9bdfpS7Q3JN818g%2FqU%2BtSvLSorI9Ofn6JQ6f2uX%2B%2FSerNR91tN9O1%2Fe5d7cMyDKM7IZSgx%2Fv%2FGowdQfIQk%2FvqGdJuZSV9%2BPc41y4xFIY7eSTYTUyaIL8rIeoiSo9k0jBsT8vklmORopgCmOJgoQKjGxPvFR5gczWgiLA7PmYYaMkEonkZZjCD1CIqNwM0ulHhMAC6wsookvrtibMm2zlE2Qcdk7snfUOWYzP3%2BHJL4q%2Bta9Wu3jM4zZRKHflRB9UdQvRHS%2FBjZtgdVHoNnH0GJH8n8k2Uk8cGq0wZKVFP1So2gohG0HIA5D%2FnkKA955CFPPcTitMZa3YjSdhRGQdBpcs6DgPNW56poiaDZiShyPqE3QJYOwPUA3O4gtTvYVAPY%2FHu4jQpOeHDZmHhv76AQFUpJUDqCkhGUiqDMCMqiOhTaNVx1V2iXh%2F4sN2Y5qIYm6%2B2zQ5P1ZEL20zPyzNSXP8sPsClPa0HAAhZR3uiGkrZZo3mVRi3ajjjvBLTJfThVQblLU6nbkyVdWUSqxoT88w1Cdgynj8HVs2D5C2DlsN2gYBvDZodiO7nnjDaFNHVuYghTIc3mkG15%2B%2FqMPD%2Bl0f3ZQvKThT92LyeffbIGbiuktsL76geCnr4zvGlKcnDTlI48WE0zFattNlndrYxlcu7LN%2BVWaaxYuuEGX7zKJ8CkvH9bumyZJUIlPUfuXVdCSLtoLJfkuyW3LsO13G1cz22Sp8trry0uxamVzimTjMDU4%2FcegqsxeSrem37KK7%2FuQdkRbF4hzk%2FILKDMMXi6A5eeLPy29O27rYUP4QyB1RczYeqhzKuhbYQXj1oRaHnRs7CCkxcWhPLk4V%2Fn2L67g571wLJdJHGFwlYodAWmB3D5%2F4ZZak8WfgqmgVB7w1Bb7yDUVn96bq1Tp7WW35SdsNPmQoSSC7%2FdCDoBpQ0hmu2u9LvI3JjvPPr4XwAAAP%2F%2FAQAA%2F%2F9AakNVbAQAAA%3D%3D
192.243.59.20200 OK 7 B URL HTTP/1.1 ifknittedhurtful.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1657udhbBcYwEYxJnRrIT61XV65Sp9%2BpR9X50IkIwEAZBaFe6fDmdTNAZxNm4EGSk42YICNMKEtTgH%2BBCEGct3WkIXqi699a5i3POrb39%2FIxQ5Ox07S2zrbRm8606rb24rhJhSldbuV3zaZ1eq62r5GrzWq0%2FuWzxik9bdfpS7Q3JN818g%2FqU%2BtSvLSorI9Ofn6JQ6f2uX%2B%2FSerNR91tN9O1%2Fe5d7cMyDKM7IZSgx%2Fv%2FGowdQfIQk%2FvqGdJuZSV9%2BPc41y4xFIY7eSTYTUyaIL8rIeoiSo9k0jBsT8vklmORopgCmOJgoQKjGxPvFR5gczWgiLA7PmYYaMkEonkZZjCD1CIqNwM0ulHhMAC6wsookvrtibMm2zlE2Qcdk7snfUOWYzP3%2BHJL4q%2Bta9Wu3jM4zZRKHflRB9UdQvRHS%2FBjZtgdVHoNnH0GJH8n8k2Uk8cGq0wZKVFP1So2gohG0HIA5D%2FnkKA955CFPPcTitMZa3YjSdhRGQdBpcs6DgPNW56poiaDZiShyPqE3QJYOwPUA3O4gtTvYVAPY%2FHu4jQpOeHDZmHhv76AQFUpJUDqCkhGUiqDMCMqiOhTaNVx1V2iXh%2F4sN2Y5qIYm6%2B2zQ5P1ZEL20zPyzNSXP8sPsClPa0HAAhZR3uiGkrZZo3mVRi3ajjjvBLTJfThVQblLU6nbkyVdWUSqxoT88w1Cdgynj8HVs2D5C2DlsN2gYBvDZodiO7nnjDaFNHVuYghTIc3mkG15%2B%2FqMPD%2Bl0f3ZQvKThT92LyeffbIGbiuktsL76geCnr4zvGlKcnDTlI48WE0zFattNlndrYxlcu7LN%2BVWaaxYuuEGX7zKJ8CkvH9bumyZJUIlPUfuXVdCSLtoLJfkuyW3LsO13G1cz22Sp8trry0uxamVzimTjMDU4%2FcegqsxeSrem37KK7%2FuQdkRbF4hzk%2FILKDMMXi6A5eeLPy29O27rYUP4QyB1RczYeqhzKuhbYQXj1oRaHnRs7CCkxcWhPLk4V%2Fn2L67g571wLJdJHGFwlYodAWmB3D5%2F4ZZak8WfgqmgVB7w1Bb7yDUVn96bq1Tp7WW35SdsNPmQoSSC7%2FdCDoBpQ0hmu2u9LvI3JjvPPr4XwAAAP%2F%2FAQAA%2F%2F9AakNVbAQAAA%3D%3D
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2tkRRetN1%2B%2Bja4c3bhw6KWCdOr1657udhbBcYwEYxJnRrIT61XV65Sp9%2BpR9X50IkIwEAZBaFe6fDmdTNAZxNm4EGSk42YICNMKEtTgH%2BBCEGct3WkIXqi699a5i3POrb39%2FIxQ5Ox07S2zrbRm8606rb24rhJhSldbuV3zaZ1eq62r5GrzWq0%2FuWzxik9bdfpS7Q3JN818g%2FqU%2BtSvLSorI9Ofn6JQ6f2uX%2B%2FSerNR91tN9O1%2Fe5d7cMyDKM7IZSgx%2Fv%2FGowdQfIQk%2FvqGdJuZSV9%2BPc41y4xFIY7eSTYTUyaIL8rIeoiSo9k0jBsT8vklmORopgCmOJgoQKjGxPvFR5gczWgiLA7PmYYaMkEonkZZjCD1CIqNwM0ulHhMAC6wsookvrtibMm2zlE2Qcdk7snfUOWYzP3%2BHJL4q%2Bta9Wu3jM4zZRKHflRB9UdQvRHS%2FBjZtgdVHoNnH0GJH8n8k2Uk8cGq0wZKVFP1So2gohG0HIA5D%2FnkKA955CFPPcTitMZa3YjSdhRGQdBpcs6DgPNW56poiaDZiShyPqE3QJYOwPUA3O4gtTvYVAPY%2FHu4jQpOeHDZmHhv76AQFUpJUDqCkhGUiqDMCMqiOhTaNVx1V2iXh%2F4sN2Y5qIYm6%2B2zQ5P1ZEL20zPyzNSXP8sPsClPa0HAAhZR3uiGkrZZo3mVRi3ajjjvBLTJfThVQblLU6nbkyVdWUSqxoT88w1Cdgynj8HVs2D5C2DlsN2gYBvDZodiO7nnjDaFNHVuYghTIc3mkG15%2B%2FqMPD%2Bl0f3ZQvKThT92LyeffbIGbiuktsL76geCnr4zvGlKcnDTlI48WE0zFattNlndrYxlcu7LN%2BVWaaxYuuEGX7zKJ8CkvH9bumyZJUIlPUfuXVdCSLtoLJfkuyW3LsO13G1cz22Sp8trry0uxamVzimTjMDU4%2FcegqsxeSrem37KK7%2FuQdkRbF4hzk%2FILKDMMXi6A5eeLPy29O27rYUP4QyB1RczYeqhzKuhbYQXj1oRaHnRs7CCkxcWhPLk4V%2Fn2L67g571wLJdJHGFwlYodAWmB3D5%2F4ZZak8WfgqmgVB7w1Bb7yDUVn96bq1Tp7WW35SdsNPmQoSSC7%2FdCDoBpQ0hmu2u9LvI3JjvPPr4XwAAAP%2F%2FAQAA%2F%2F9AakNVbAQAAA%3D%3D HTTP/1.1
Host: ifknittedhurtful.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Cookie: u_pl=15497083; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec33a3af0c29be07a2460f507fcc8304c1=[3789938]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Fri, 25 Nov 2022 13:56:29 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0fb3cb1888d663be67fd52ec7efb81fd
Strict-Transport-Security: max-age=0; includeSubdomains
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
172.64.108.13200 OK 7.7 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2
IP 172.64.108.13:0
File type Web Open Font Format (Version 2), TrueType, length 7664, version 1.0\012- data
Hash e41b02c342b94148fdd5e14fb41dcb4a
9d8415fc8df42aa67fa5a6d15d07f58265535cc0
d857f01d0c6fd46a16bf82acf8f6f76e7710524972ef7f88a926a0d97cadca0b
GET /sb/notifications/games/nutaku/multi/2/fonts/Mister-London-Sans.woff2 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelotero.net
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:29 GMT
content-type: application/octet-stream
content-length: 7664
last-modified: Thu, 15 Sep 2022 10:33:29 GMT
etag: "6322ff79-1df0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gSX2KlIHGyBhi7qgLIHd01ietlYpIjr2xlh6yrr1SuX73uLI0DYoH5r4MMWBTVGIn0fjvHqOk0pdbcpFLXUjhg7qDudodKfAbrzdFnRpzLUwb%2F%2BZsAPs79r5tvqZ8gCxH2yguNxIfNZR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae352183a4089-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
youradexchange.com/script/suurl4.php?r=4681243&cbur=0.5704498253634716&cbiframe=1&cbWidth=640&cbHeight=480&cbtitle=&cbpage=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0
35.190.41.116200 OK 0 B URL HTTP/2 youradexchange.com/script/suurl4.php?r=4681243&cbur=0.5704498253634716&cbiframe=1&cbWidth=640&cbHeight=480&cbtitle=&cbpage=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0
IP 35.190.41.116:0
GET /script/suurl4.php?r=4681243&cbur=0.5704498253634716&cbiframe=1&cbWidth=640&cbHeight=480&cbtitle=&cbpage=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F&cbref=&cbdescription=&cbkeywords=&cbcdn=acdcdn.com&aggr=0 HTTP/1.1
Host: youradexchange.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelotero.net/
Origin: https://pelotero.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: openresty
date: Fri, 25 Nov 2022 13:56:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/css/styles.css
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/css/styles.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelotero.net
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 08:03:32 GMT
etag: W/"632ac554-2c89"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OHvrbTD%2FU7y2%2BB4D7ysYNKcy72n%2FwJ8oQ8X62uCtvjBslCiY%2Fj1PJeZfOu7vh1E4x1tFSZI6iejZ3LGGXAAfH6u2rGhM3Ki4vH987ALaP%2BapzE2nlt1aRArv%2BqiRYhMkq3TaPkEYu%2FJ4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae34c782e4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/video.js/dist/video-js.css
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/video.js/dist/video-js.css
IP 104.16.124.175:0
GET /video.js/dist/video-js.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /video.js@7.20.3/dist/video-js.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJQH4CX8R8JH9J80ATDWKQ81-ams
cf-cache-status: HIT
age: 67
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32ed912b51b-OSL
X-Firefox-Spdy: h2
www.displayvertising.com/js-data-localforage.min.js
185.76.9.21200 OK 0 B URL HTTP/2 www.displayvertising.com/js-data-localforage.min.js
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
GET /js-data-localforage.min.js HTTP/1.1
Host: www.displayvertising.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://fubolgratisenvivo.blogspot.com
Connection: keep-alive
Referer: http://fubolgratisenvivo.blogspot.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: application/x-javascript
alt-svc: quic="185.76.9.20:443"; ma=2592000; v="44,43,39"
expires: Fri, 02 Dec 2022 13:56:23 GMT
access-control-allow-origin: *
link: <https://displayvertising.com/>;rel=preconnect,<https://c.adsco.re/>;rel=preconnect,<https://adsco.re/>;rel=preconnect
cache-control: public, max-age=604800
x-accel-expires: @1669989383
server: CDN77-Turbo
x-77-nzt: AblMCRTn15DB
x-77-nzt-ray: af585630f9a1de1c87c980632d05130f
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/video.js@7.20.3/dist/video.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/video.js@7.20.3/dist/video.js
IP 104.16.124.175:0
GET /video.js@7.20.3/dist/video.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelotero.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"20e61f-kH/5uLH0mWVQxg19Y1big7Ow1mg"
via: 1.1 fly.io
fly-request-id: 01GD0X2DYCYP4FARSEJ4VW5HMA-fra
cf-cache-status: HIT
age: 6128009
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32fba32b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
104.16.124.175200 OK 0 B URL HTTP/2 unpkg.com/videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
IP 104.16.124.175:0
GET /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelotero.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"af180-yddBL+N7CRgyB07pxWVoSeh+9Bw"
via: 1.1 fly.io
fly-request-id: 01G4XKX4QG128115AQAE4NBFMX-fra
cf-cache-status: HIT
age: 14828214
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32fba33b51b-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/img/close.svg
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: image/svg+xml
last-modified: Thu, 18 Aug 2022 08:55:17 GMT
etag: W/"62fdfe75-415"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RQk1cQypPTXA7dXPladTyn50wrpFdmnJs7eEhNtRbF8V8w2Njt%2FOfc9Y3hpbIMkECDlxL2Hwfl%2BDsBQSxeXIJfx5sahYbOWPRpL5ccQkS1tjCsoO3bQhwm3f3kC85R9T6TS%2F6gcNJ1Vu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae34c883c4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
waust.at/t.js
104.26.5.7200 OK 0 B IP 104.26.5.7:0
GET /t.js HTTP/1.1
Host: waust.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: application/x-javascript
last-modified: Fri, 11 Nov 2022 22:14:52 GMT
etag: W/"636ec95c-728a"
expires: Sat, 26 Nov 2022 13:44:05 GMT
cache-control: max-age=86400
access-control-allow-origin: *
cf-cache-status: HIT
age: 738
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ECEfH%2FCBKpYgQ2o3qyIBQTy6L%2BiUJ4aIdNNC6HuFJZ2fSi6J6xMY%2FdPorXTapjcro4QAYF0SgFmTcL%2BelvNnG4FIM5xQJHiKg2zLMgcqAAEQvuq7w%2FStgbm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae32f08061bfe-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/video.js/dist/video.js
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/video.js/dist/video.js
IP 104.16.124.175:0
GET /video.js/dist/video.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /video.js@7.20.3/dist/video.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJQH6EAS9M0BWVEZPG0A1WAM-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32ed918b51b-OSL
X-Firefox-Spdy: h2
t.dtscout.com/i/?l=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&j=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
172.64.163.7200 OK 0 B URL HTTP/2 t.dtscout.com/i/?l=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&j=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F
IP 172.64.163.7:0
GET /i/?l=https%3A%2F%2Fpelotero.net%2Fdirectvsports.php&j=http%3A%2F%2Ffubolgratisenvivo.blogspot.com%2F HTTP/1.1
Host: t.dtscout.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:24 GMT
content-type: application/javascript
x-s: mtl3
set-cookie: m=1; Domain=dtscout.com; Expires=Fri, 25-Nov-2022 15:19:44 GMT; Max-Age=5000; Path=/; SameSite=None; Secure
oa=1; Domain=dtscout.com; Expires=Fri, 25-Nov-2022 17:56:24 GMT; Max-Age=14400; Path=/; SameSite=None; Secure
df=1669384584; Domain=dtscout.com; Expires=Sun, 05-Mar-2023 13:56:24 GMT; Max-Age=8640000; Path=/; SameSite=None; Secure
x-t: 1.162
expires: Fri, 25 Nov 2022 13:56:23 GMT
cache-control: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jY5UzFnFbmj8gnmSpKa02l6YiPFVMjja5KZxutD9oo6oxL6iZ4nv23KudxI3%2FM6cCDSQPIdMEZobKCfXueAda4HRJUzUOmQ9%2BdAekEmqJ3mA23xco832PJm0ROLHeVaU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76fae3369be0719f-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
acdcdn.com/script/suv4.js
104.21.15.229200 OK 0 B URL HTTP/2 acdcdn.com/script/suv4.js
IP 104.21.15.229:0
GET /script/suv4.js HTTP/1.1
Host: acdcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: application/javascript
x-guploader-uploadid: ADPycdsa0kWv_m4fDoeBr2GW94C4wN_euw5XsRJIM5U6eweLO6G63BWjDR_FaNedEAF5NLnNG46AdHKaGJkf0Qh1_c7olg
x-goog-generation: 1669191527960820
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100584
x-goog-hash: crc32c=mktFgA==, md5=WKNwY2lJNJOzygA6Intvpg==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
expires: Fri, 25 Nov 2022 13:32:42 GMT
cache-control: public, max-age=14400
age: 2751
last-modified: Wed, 23 Nov 2022 08:18:48 GMT
etag: W/"58a3706369493493b3ca003a227b6fa6"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BweHXzAgmSeKZzW4Wo2trJt6RGQOvES%2Fg6oP9PCw%2FY%2F7OfD6jcjyaGGudmqhZAq4hR%2Fmq%2FEqff4we87fPp6oKsz%2BdJb5JFEuIW%2BboogzJ11FxHT0dJarLYZHtbtn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae32f2ad2b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
104.16.124.175302 Found 0 B URL HTTP/2 unpkg.com/videojs-contrib-hls/dist/videojs-contrib-hls.js
IP 104.16.124.175:0
GET /videojs-contrib-hls/dist/videojs-contrib-hls.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Fri, 25 Nov 2022 13:56:23 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /videojs-contrib-hls@5.15.0/dist/videojs-contrib-hls.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GJQH6EBJ8GP3TWSYVKMETXJW-ams
cf-cache-status: EXPIRED
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76fae32ef942b51b-OSL
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/games/nutaku/multi/2/js/jquery.min.js
IP 172.64.108.13:0
GET /sb/notifications/games/nutaku/multi/2/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:28 GMT
content-type: application/javascript
last-modified: Thu, 18 Aug 2022 08:55:27 GMT
etag: W/"62fdfe7f-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLMbimx%2BFJ%2BcWehcybMseV4urRTlSuliVGbycAH8ZEageHjN2Ug8Ngk2LgyqKoRq8xD%2BELWwEfmjj0cDbX3Ic%2BNtYwiCF%2FVr81VPnNA0PYoyiYQKGgjmF8vNpqz6He7RBTbj%2BScF3Jvc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae34c883e4089-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
172.64.109.35200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 172.64.109.35:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://pelotero.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 25 Nov 2022 13:56:25 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 190aa63f724486a5f203e359832bfc9a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 25 Nov 2022 13:56:25 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzoOhCgftqd81rXvkke8e%2FSQFw12FFkfGXIP7syVqsX7esG0JiGFgBtYtSuvbehVnOjKEPInDd4JMBUK8p38HI6bYwoaI%2FQ7HHB%2BXXWgEm%2BdDwJMei2BRpcG11o40NbGCIYFFag%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76fae33c281c4057-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2