Overview

URLcuevana3.nu/peliculas-online/crepusculo/
IP 172.67.204.56 (United States)
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-25 10:29:18 UTC
StatusLoading report..
IDS alerts0
Blocklist alert12
urlquery alerts No alerts detected
Tags None

Domain Summary (27)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
s2.googleusercontent.com (8) 31575 2013-05-31 16:39:03 UTC 2020-04-25 20:13:57 UTC 142.250.74.33
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
nanouwho.com (7) 0 2022-07-09 20:30:29 UTC 2022-11-24 11:37:18 UTC 139.45.197.242 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.218.164.174
ocsp.pki.goog (15) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
ocsp.sca1b.amazontrust.com (1) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 143.204.42.165
www.google-analytics.com (2) 40 2012-10-03 01:04:21 UTC 2022-11-25 06:21:31 UTC 216.239.38.178
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
my.rtmark.net (2) 9054 2017-08-22 14:11:49 UTC 2022-11-25 07:48:21 UTC 139.45.195.8
t0.gstatic.com (5) 0 2016-05-22 01:47:34 UTC 2022-11-25 06:21:53 UTC 216.58.211.4 Domain (gstatic.com) ranked at: 540
cuevana3.nu (11) 0 2020-08-20 20:07:38 UTC 2022-11-25 01:41:55 UTC 104.21.93.38 Unknown ranking
code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.10
t1.gstatic.com (1) 0 2016-05-20 06:55:47 UTC 2022-11-25 06:24:15 UTC 142.250.74.36 Domain (gstatic.com) ranked at: 540
t2.gstatic.com (2) 0 2016-05-22 01:23:52 UTC 2022-11-24 19:00:06 UTC 142.250.74.132 Domain (gstatic.com) ranked at: 540
ocsp.sectigo.com (1) 487 2019-11-29 11:50:24 UTC 2021-09-17 20:05:40 UTC 172.64.155.188
datatechonert.com (1) 46154 2021-12-24 16:44:17 UTC 2022-11-25 06:19:41 UTC 37.48.68.71
cuevana3.plus (1) 0 2021-11-21 06:50:55 UTC 2022-11-23 22:30:06 UTC 104.21.89.109 Unknown ranking
use.fontawesome.com (1) 942 2018-09-18 10:26:26 UTC 2020-03-18 00:09:30 UTC 172.64.133.15
img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
tzegilo.com (1) 0 2022-01-14 15:27:15 UTC 2022-11-25 08:24:51 UTC 104.21.84.149 Unknown ranking
ocsp.digicert.com (4) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
whairtoa.com (4) 0 2022-08-31 12:42:23 UTC 2022-11-24 20:25:08 UTC 139.45.197.238 Unknown ranking
onvictinitor.com (4) 0 2019-12-09 10:51:51 UTC 2022-11-24 16:32:06 UTC 139.45.197.238 Unknown ranking
t3.gstatic.com (2) 0 2016-05-21 11:16:47 UTC 2022-11-25 06:49:12 UTC 142.250.74.36 Domain (gstatic.com) ranked at: 540
r3.o.lencr.org (9) 344 No data No data 23.36.76.226
e1.o.lencr.org (2) 6159 No data No data 23.36.77.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-11-24 2 whairtoa.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-24 2 whairtoa.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-25 2 nanouwho.com Sinkholed
2022-11-24 2 whairtoa.com Sinkholed
2022-11-25 2 datatechonert.com Sinkholed
2022-11-24 2 whairtoa.com Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 4 reports on IP: 172.67.204.56
Date UQ / IDS / BL URL IP
2022-11-29 17:50:52 +0000 0 - 0 - 13 cuevana3.nu/peliculas-online/el-gran-gatsby/ 172.67.204.56
2022-11-28 01:41:53 +0000 0 - 0 - 7 cuevana3.nu/peliculas-online/harry-potter-y-l (...) 172.67.204.56
2022-11-25 10:29:18 +0000 0 - 0 - 12 cuevana3.nu/peliculas-online/crepusculo/ 172.67.204.56
2022-08-28 16:39:05 +0000 0 - 0 - 1 odomom.com/24904c7b6ae5c7e397fd31e898e2b88fnt (...) 172.67.204.56


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-02-05 01:18:56 +0000 0 - 0 - 6 workprotocoles-com.webs.com/ 104.17.119.40
2023-02-05 01:18:24 +0000 0 - 2 - 4 chat-whatsapp2867.situsx.icu/id 104.21.47.26
2023-02-05 01:17:58 +0000 0 - 2 - 2 chat-whatsapp2867.situsx.icu/id/ 188.114.97.1
2023-02-05 01:17:40 +0000 0 - 4 - 1 dexfipro.com/ 172.67.203.74
2023-02-05 01:16:53 +0000 0 - 0 - 2 secure.buytrimdrops.com/ 188.114.96.1


Last 5 reports on domain: cuevana3.nu
Date UQ / IDS / BL URL IP
2022-12-23 23:34:04 +0000 0 - 0 - 22 cuevana3.nu/ver-el-episodio/episodio-3-de-sea (...) 104.21.93.38
2022-12-23 03:42:09 +0000 0 - 0 - 14 cuevana3.nu/ 104.21.93.38
2022-12-21 23:44:08 +0000 0 - 0 - 6 cuevana3.nu/peliculas-online/la-leyenda-de-kl (...) 172.64.106.26
2022-12-21 15:57:35 +0000 0 - 0 - 21 cuevana3.nu/peliculas-online/depredador-la-pr (...) 104.21.93.38
2022-12-12 04:38:15 +0000 0 - 0 - 20 cuevana3.nu/ver-el-episodio/episodio-6-de-ric (...) 188.114.97.1


No other reports with similar screenshot

JavaScript

Executed Scripts (22)

Executed Evals (1)
#1 JavaScript::Eval (size: 9) - SHA256: 9312a1adbbf0a4c05fc296d158ec3bd39acfe50e9e98ff02688139aad6fc3351
debugger;

Executed Writes (0)


HTTP Transactions (97)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7667
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 10:29:06 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5024
Cache-Control: max-age=91549
Date: Fri, 25 Nov 2022 10:29:06 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:54:55 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6"
Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11924
Expires: Fri, 25 Nov 2022 13:47:50 GMT
Date: Fri, 25 Nov 2022 10:29:06 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 10:19:05 GMT
cache-control: public,max-age=3600
age: 601
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    d130218d0e2841f39c99610fe1a2ab90
Sha1:   29fbe1e177ee55c7a61ae0a206afff271cf5f945
Sha256: 6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: /m81I/z6vPSB/al8/RjuRWnqlpDL56otUvTVXdyiKPj5ikDyApf3zcASP3xj1xUsx1eger+2OQ8=
x-amz-request-id: S48EYA0HN79DF90X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 09:40:45 GMT
age: 2901
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:06 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 10:11:11 GMT
cache-control: public,max-age=3600
age: 1075
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET /wp-content/uploads/2022/03/Cuevana-3-logo-oficial-1.png HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
content-length: 4675
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:43 GMT
cf-cache-status: HIT
age: 96290
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dnfup%2FWtdAAkoUUtqtUY2DhjOC07g3aHQlGdtXpfTdwalc46ERLPHnyChMMqMzKHjy3LoInpdx4zXeMFJboJyL%2FpN0c9VbbKAqIimOWfCJjr%2B9ba%2FFfYdwY9bqLgqg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b38e5b001bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size:   4675
Md5:    30ecf26d81b4d18a7a568d42e674705e
Sha1:   c846ca657d113edcdb68ae7e53b8ecede50a15cb
Sha256: f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927
                                        
                                            GET /wp-content/plugins/wp-postratings/images/stars/rating_off.gif HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
content-length: 326
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 18:13:59 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 58507
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRaoLpv48oEHPU0CKLkdgL%2BlNQ3VrMNdPCWZMJUSO1EKtS%2FDks7uFUpkuH3jrJyQ1hhuYpgoov%2F1KGMbMnjjTPIrVBzATI6U4HJuM%2BKSbQLBYg0zLeGG9dNSrt8Atw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b38e5afc1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 12\012- data
Size:   326
Md5:    7d99a060172d832e2a0586a9284765b7
Sha1:   a8db3d3a28f670f172c933d783e0865119ed54a7
Sha256: b2726e47d619f403a00a7ebf8d9bf5b5b65a214d14d40eaa36cddc8163ecb38e
                                        
                                            GET /wp-content/plugins/wp-postratings/images/loading.gif HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
content-length: 770
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 77424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggBksWhsZZ4fuWt2bAadGueydVtLh6B1%2F15S5OvyEsuDJ%2Bt8rylFQ%2FvibsbiBMPVbps6qVobYPp77GNo2UDf9rYuHLeBaGJAezPNAnw6JJ7rmXfMQ4FKfmcyqdc74Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b38e5aff1bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 16 x 16\012- data
Size:   770
Md5:    8ae1afcd44a2a3ea3c8f86bc74702b05
Sha1:   4f605e49a1ce94999619beef3f92dd923ca63b6d
Sha256: 561d133e612d60ea988fd5ab8819c6ea9c2336c8a3e3a054ac78a1bab3a73178
                                        
                                            GET /wp-content/plugins/wp-postratings/images/stars/rating_on.gif HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/gif
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
content-length: 523
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
cf-cache-status: HIT
age: 77424
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFd2%2BGOAHMbB8oZwNMu7DOOXquclwKawBW%2FEqnOEU%2FOES4EyIrLGdyr4piieewEDVHX7JBweNBZnhJ4c5BlZrza5IDwkMhSshAqEc%2FI9q%2BNdSfn8ZqO9bbcB%2BUjtTw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b38e5b021bfa-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 12 x 12\012- data
Size:   523
Md5:    cf853fb872bf743ae8556423ec0259ee
Sha1:   646fdebf47dfd354ece7ad18f6ff041059e4cd58
Sha256: cbd3ada90ee6d7f06fc267fd393252b2e4e56e4d7a106ed8fcf3de8c294db136
                                        
                                            GET /jquery-3.1.1.min.js?ver=3.1.1 HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
content-encoding: gzip
content-length: 30070
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-152b5"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669372146.dop065.sk1.t,1669372146.cds263.sk1.hn,1669372146.cds010.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32030)
Size:   30070
Md5:    f7a4a283c6a5130b43ce8de3b7842078
Sha1:   ef243edbb67f9e50f8589885e4541f6c919ea8d7
Sha256: aee9e5b2534ced87fe1e02a1a9e661468ba548e02edacbe9b68b3b247607dc4e
                                        
                                            GET /5/4907445 HTTP/1.1 
Host: whairtoa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/

search
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:29:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 301e7b103135502096835e4fadd0b240
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Timing-Allow-Origin: *
Set-Cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:06 GMT; path=/ oaidts=1669372146; expires=Sat, 25 Nov 2023 10:29:06 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Pragma: no-cache, no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (63289), with no line terminators
Size:   23620
Md5:    934e3421c692818678cb0aba0df3f254
Sha1:   cd988f60b141ff2c2b1fabf7a03d65262a801211
Sha256: bb5d0bc0b6d904838e1c2162a6092134b6c91af435867680b13f7662c5c5f7ae

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2066
Cache-Control: max-age=169930
Date: Fri, 25 Nov 2022 10:29:07 GMT
Etag: "638085ab-1d7"
Expires: Sun, 27 Nov 2022 09:41:17 GMT
Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "617EF48AB0D7E8783CBFD3F62BA39556FE7BE317D47C99406A1B4BCC39828D37"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19599
Expires: Fri, 25 Nov 2022 15:55:46 GMT
Date: Fri, 25 Nov 2022 10:29:07 GMT
Connection: keep-alive

                                        
                                            GET /perversas.jpg HTTP/1.1 
Host: cuevana3.plus
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.89.109
HTTP/2 301 Moved Permanently
                                        
date: Fri, 25 Nov 2022 10:29:07 GMT
location: https://cuevana3.nu/perversas.jpg
cache-control: max-age=3600
expires: Fri, 25 Nov 2022 11:29:07 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrJ6eLsPx3%2F4xZ9PWQSVZ5R8qFofdX8xA97CF2KlPMmdPJ6sH82a7JFRkhrF0UHIEVVHb%2F7pDKT6FUeHn1Pj1dfhQFXzkJk55aUFcIQeA%2FKbiJjeP44bgSBjpuRG3hqU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b38f59f1b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 95x95, segment length 16, baseline, precision 8, 600x150, components 3\012- data
Size:   34838
Md5:    b5d56c3488bd24f579f3cdf85b34a98a
Sha1:   e22c9646584cd85c8f515ea34eaf7c3e7d8a9d5e
Sha256: 721b2723484bcda0eda62a4445cc5d7521b1b02001306e34c75a251dfc275a2c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "617EF48AB0D7E8783CBFD3F62BA39556FE7BE317D47C99406A1B4BCC39828D37"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19599
Expires: Fri, 25 Nov 2022 15:55:46 GMT
Date: Fri, 25 Nov 2022 10:29:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         143.204.42.165
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=115592
Date: Fri, 25 Nov 2022 10:29:07 GMT
Etag: "637fa354-1d7"
Expires: Sat, 26 Nov 2022 18:35:39 GMT
Last-Modified: Thu, 24 Nov 2022 17:01:08 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: y-nrFuQq8qyJiuswEOi2s0P-xGJhxPMQfchJ2EjtX-_0b8Mh-cJGOQ==
Age: 5671

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CWdoKdwZ/seydLrTvkA2XQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.218.164.174
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ABIps3+Ya97Zv9E4QStvrUWnHHo=

                                        
                                            GET /peliculas-online/crepusculo/ HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         104.21.93.38
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Fri, 25 Nov 2022 10:29:06 GMT
Transfer-Encoding: chunked
Connection: keep-alive
x-pingback: https://cuevana3.nu/xmlrpc.php
link: <https://cuevana3.nu/wp-json/>; rel="https://api.w.org/", <https://cuevana3.nu/?p=78289>; rel=shortlink
vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uAREDZJ5noBB6gGHEj%2FymBgiPnqn31PpPs%2F%2FsbJZ4vMFLX%2BlhThb6O2Q2TXNIHmW9qstD41GoVGniSkcriFG8Q4Qa44tumdCX8JdI9pvh%2FghiEhdVmhCOW6x83zo2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 76f9b389ced70b02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   16229
Md5:    bb1c134d122daf416b491c8e56d02c94
Sha1:   7b1f9840c9e62e3b9c168836eb72bd642620cb9e
Sha256: 96079af747478d6f808d368acf721da017abf3a2d949335895b9889ee06ad1f8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/themes/cuevana/assets/img/castellano.svg HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 25 Nov 2022 10:29:07 GMT
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 10:29:07 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kVuP%2BS0jDt%2B9O6zG1Fpq67PlXObTNo2baGwMKlDiznBTTIyCXXqZ9SvIA3LAJXR8CHpoBXgF83wleI3qczSA3zWw4gPc%2FhW1nfvc6axeycyHWk%2BJzqqgA8pgOSLBlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e5b051bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1719), with no line terminators
Size:   44270
Md5:    e5e18f8c4d8d2b4a0214720e391869ce
Sha1:   fa9ec9e85ac81333b497bd2ba7c509771bd64ba7
Sha256: 68275beb55486e9686dfdc8c9123e5ac58f2e2f41b7e1c09c4d40d15d5d4ed0b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:07 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2527
Cache-Control: max-age=94789
Date: Fri, 25 Nov 2022 10:29:07 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 12:48:56 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /1?z=5014433 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/

search
                                         139.45.197.242
HTTP/1.1 200 OK
Content-Type: text/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin:
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
X-Trace-Id: b32d2085c30b8427bb744a66a3160719
Access-Control-Expose-Headers: X-Sc
X-Sc: 4N0QCDoYQGqF6qFWskn7KsNNqNc-8aGA1zJrJxcisqYnu2LEoqOiveU2uvcNMJAx7e31MSF9yXxrcx-SMMplFDydgkU=
Set-Cookie: scm=1; expires=Sat, 25 Nov 2023 10:29:07 GMT; secure; SameSite=None OAID=8e9b32d0730f42e19dacc336a3670056; expires=Sat, 25 Nov 2023 10:29:07 GMT; secure; SameSite=None oaidts=1669372147; expires=Sat, 25 Nov 2023 10:29:07 GMT; secure; SameSite=None
Pragma: no-cache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (16471)
Size:   6795
Md5:    00f53ddb01314d7f7eda8d5ea9d0d28a
Sha1:   87264ccf0478ceccde662a6f0f7b9ec6a7737d81
Sha256: e3b1639f29b88f77489e7d85c8edf5ade618d3c355557480a04e4a518df8ba02

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "43BBB48A1A37A33C18036773457C75408E907C1FD7297A42152AEE29F396066E"
Last-Modified: Thu, 24 Nov 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14927
Expires: Fri, 25 Nov 2022 14:37:54 GMT
Date: Fri, 25 Nov 2022 10:29:07 GMT
Connection: keep-alive

                                        
                                            GET /apu.php?zoneid=5487080 HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cuevana3.nu/

search
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8f19680adfe1a1793049239947df8d56
Link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=cd1f32046107414183d0d3be0f2e5d84; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ oaidts=1669372147; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   29309
Md5:    24875fa94f6ee69ab95901c961964a72
Sha1:   91f909500c1bd2a73a7ae3e5c0d0ae270208f2bd
Sha256: 041842fdbe69f0e88d9976f8b9bd198fa21d9e63a2e46a9602a5cf30c4af86a9
                                        
                                            GET /gid.js?userId=6cf4817cc1d141808d161465878c78a7 HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:07 GMT
content-length: 65
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:07 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bc8b0423c4e5d0502fdbbc2f0f9ae801
Sha1:   a2763884961fb6e0b3322892d866e15e3c90c9a8
Sha256: a885e50eb19446ed126802c8429cc601d48936ba844924de46b9018d1339a0ed
                                        
                                            GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         172.64.133.15
HTTP/2 200 OK
content-type: font/woff2
                                        
date: Fri, 25 Nov 2022 10:29:07 GMT
content-length: 79100
x-amz-id-2: 8jfmzQYUz1P3ucEcqETn5zevnT/qp9rHyz49QzmBzQAJFJzgG7I2+RgUE/ABstICsSJUcti/hM4=
x-amz-request-id: KYBXA64ZBSJTW0QM
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DTFOTtc9Xzedya%2BzeCILMPAQpwtsmZ4zcgDzBkS7xRriHCmdmZGcJ0a38P%2BiOntnndJjnFbUm4jFLZ5y5xGLOPrwKOp%2FU%2BR9XXXHhoXLLBOF%2Bfs2wmE3Vn7Wz4%2FrBrKL753tAKnt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b39369100686-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Size:   79100
Md5:    5dc01cfcd5336f696cb85da7ce53fa9b
Sha1:   28a1f2fadc35c5343e0280389fe7955e3d1be607
Sha256: f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "3F1EBF6792CB8C53345A7378CEF23D086F94E57AA9B3826E17C51EC5555EDD5D"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11500
Expires: Fri, 25 Nov 2022 13:40:47 GMT
Date: Fri, 25 Nov 2022 10:29:07 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2527
Cache-Control: max-age=94789
Date: Fri, 25 Nov 2022 10:29:07 GMT
Etag: "637f5e59-118"
Expires: Sat, 26 Nov 2022 12:48:56 GMT
Last-Modified: Thu, 24 Nov 2022 12:06:49 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280

                                        
                                            GET /?rb=ENZTbR8ntUqVn7d5sIjb_5VXfS7fGeTlJoczqpbhvYJkxE2coZ-lhaAJZ-_8r4inBseki97glYu0umFbUoVYVMpsluOi2JUaQs_9kCLzluG_4fbwNMTThHnzVsz-hI_t2mdnAKb_HS75_bu9ZyVR-n-usWJ4r0Femu_64cQZzR4pH9HSJUCJ1Ax7mqQA24hxzLKuMLXcXq64_oeBeyvryt73hjLPMoknCKKx2P-eIC4%3D&request_ab2=96001&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fcrepusculo%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=6941e410-775c-451a-a47e-ca3d85d53cc3&userId=6cf4817cc1d141808d161465878c78a7&m=link HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive

search
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 604f04810352ddb150093885b4f4dfd2
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ oaidts=1669372147; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ syncedCookie=true; expires=Fri, 02 Dec 2022 10:29:07 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2352), with no line terminators
Size:   1792
Md5:    8f69cbafb9216d33c7b7abcacd48767a
Sha1:   18a5e10fb48edc91438772812ba7b51f78c14ce8
Sha256: 32ade9c972ce17a1058469b19c44f7c41a4d85b31334ee23f75e4bc812e3bdb6
                                        
                                            GET /?rb=9qkog7K7P-sR9O9NYW26wRXexOy5xy0nSGM5QRfzU2EQjCed9dg3qKfv6FnbgKr_7y8-qUUnEhQ_FvFc_uGjckA92_RRPPh8U__w6OeXZyC6DHF6JUUuKZx8ljrUxIZEyBiOxF6_Jpl1aIsI2Sb_rck6qVDbMXTGflir-nISnOdfcqTaQr87zdv4J1gFL6jt2aWkpO7zXfw8pfi5U8NWm8GECkQ8vlWDIQLqm2OwIA8%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wih=939&wiw=1280&wfc=6&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fcrepusculo%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c18c5775-12d4-4791-9350-63a7e22fc2e5&userId=6cf4817cc1d141808d161465878c78a7&m=link HTTP/1.1 
Host: whairtoa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive

search
                                         139.45.197.238
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Server: nginx
Date: Fri, 25 Nov 2022 10:29:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 8476af5cb9f9dc5e125c6beaf181fda5
Access-Control-Allow-Origin: http://cuevana3.nu
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Access-Control-Max-Age: 86400
Pragma: no-cache
Cache-Control: no-transform, no-store, no-cache, must-revalidate, max-age=0
Expires: Tue, 11 Jan 1994 10:00:00 GMT
Set-Cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ oaidts=1669372147; expires=Sat, 25 Nov 2023 10:29:07 GMT; path=/ syncedCookie=true; expires=Fri, 02 Dec 2022 10:29:07 GMT; path=/
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *, *
Content-Encoding: gzip


--- Additional Info ---
Magic:  data
Size:   6923
Md5:    d46df6cf3113ae03f8f93fea2021f6f3
Sha1:   a9fc96a2cf62eb45bc37f2b4fc8a061c97509af3
Sha256: a29579c08eb277812c7300bc7356d4f523d66548733905dbd2013539db485b8e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/plugins/wp-postratings/css/postratings-css.css?ver=1.90 HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Fri, 30 Sep 2022 02:06:29 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 96290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=36PgKxcVls6x875tHpE3TzgpglVTYxtEc33E5YlkSMeKE6GHpAqN9yxZNa%2F2vk8slVOylVn3NwkCZUtUella%2BO6hSOp1sAdiH184%2BzOL%2BTg%2B2M9M0pqOEDlBil094A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e9b531bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   6709
Md5:    87de859f162d02ed14ddf9fc95cc1e4a
Sha1:   04472c674b62b9346ab449d1e966d3e805f9d173
Sha256: 91e6750fe0f41a33bb2b05c03fc5bb578cd5ceb63ff633cdab8fbca4f6ef594d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s2/favicons?domain=https://www.utorrent.com/ HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16
x-content-type-options: nosniff
server: sffe
content-length: 338
x-xss-protection: 0
date: Fri, 25 Nov 2022 10:27:17 GMT
expires: Fri, 25 Nov 2022 10:57:17 GMT
cache-control: public, max-age=1800
age: 111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   338
Md5:    11cc085844fd61eb970a3f8afc9da5bb
Sha1:   89a3382cab8d7dbc468b37ff207f93ec5fad5b06
Sha256: 6a5acdfe4ea95bd124a1f73d9d4166486593b86b27fc1c01c587c6e060baa64e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 07:44:16 GMT
last-modified: Sun, 13 Nov 2022 01:43:42 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 96290
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlbNkONdCmk4I4d2iYYMAcgRWen2rtTetkGUjEiYstLBwSFY79XHtXqU2kQRPCEl%2BIctk0saeJD9dK3JlAUZbar2o3lmiQMa9f%2FSBx5dzvWaEUVHYTJIanVMG%2BFZ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e5af71bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   511
Md5:    e8416284389c156b13fa6546852a9032
Sha1:   3b184689a04a590b868e91785c112b1a7a26545e
Sha256: 1bfbd8eda771fd9477ee1317370d8885863bb54ebf7a286f58d351241fa64e74
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY=&o=78289 HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t3.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY=&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   394
Md5:    d17560605a4e309769099fd23566dd5a
Sha1:   b1b9f5b2fcf25170573f81132224ef3da2fd76fc
Sha256: 2ed2e4353485daf1eb9ed97b014cff4f93059c4fc8b39900a7c5b5be2c5c6d25
                                        
                                            GET /s2/favicons?domain=https://mega.nz/file/5Xo2gLZJ HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t2.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/5Xo2gLZJ&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 342
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   342
Md5:    71b0688be4719e7a188d0a6034f3c1a3
Sha1:   fb4722ec51d2b07c83ccbf455ac092ce3fce0da5
Sha256: 8ef523d2e26a4c1f17ae22e926560b236ed57cc63a829b9ca7b9dec3a0998617
                                        
                                            GET /s2/favicons?domain=https://uptobox.com/wo6p2fivj65l HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/wo6p2fivj65l&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   345
Md5:    d277f05409a85c50ad07e3d0cffe8e53
Sha1:   fa3681524a321700e31d68e6dca3f9c1f3e451df
Sha256: a881a77e4690262e6a2a0ebfa02c5a15f40d23686c90f3d53d0f2d26497e043e
                                        
                                            GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9kMWR2WjNGQmNGZFBWM05PYjJnM1NGTkhOVWRtWnowOQ==&o=78289 HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9kMWR2WjNGQmNGZFBWM05PYjJnM1NGTkhOVWRtWnowOQ==&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   414
Md5:    8a46ffc12929681fade71f2598fabec8
Sha1:   f4933d3149071b4e248abc37e9e9da63845b56bc
Sha256: faee14b3efdc40206cceab99000c4af71f4c3c22b42f35c454ea614311a7d2c3
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PRmRwVkZvMVdVWkNTbUZzTDJWa2EzbE5lV2R5WnowOQ==&o=78289 HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PRmRwVkZvMVdVWkNTbUZzTDJWa2EzbE5lV2R5WnowOQ==&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   15278
Md5:    bb370fd6a3f8ad8887e2acb5e7d7fcc2
Sha1:   d2ccafbd97910b8873ad1fd315091fcbd7735a54
Sha256: 1ca55ae7b136479978f675206acda1437d7b772ae324be2b141193cefe33f666
                                        
                                            GET /27/41ab89fd46dee73b88e90458e19140c8 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:07 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Tue, 22 Nov 2022 04:37:20 GMT
expires: Tue, 22 Dec 2082 04:37:20 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   123440
Md5:    e16f99ac4123e5454df2a6619dfd1bc4
Sha1:   d795e545a61a8e7478996f98964afdc83fff69ae
Sha256: 9314cbcca58ea6141adb0676c5a4f0c47d67b3cf30cc4d273fa66b2bb477a0a0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PWFk0UjNCMFptTXpiM04xUW5RdlQzTnRhazR4VVQwOQ==&o=78289 HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PWFk0UjNCMFptTXpiM04xUW5RdlQzTnRhazR4VVQwOQ==&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   414
Md5:    10b411cdfcf8907fcf9a8d82f31ad924
Sha1:   727956188be67e8770144fad36b8028f7f919243
Sha256: fc1359bccd88f1b6ce63b10bb1d5bad6bc273df4787f8f8dd3b1228c262ee971
                                        
                                            GET /s2/favicons?domain=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQ2h3bnlCb0FFSmlGVUo=&o=78289 HTTP/1.1 
Host: s2.googleusercontent.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.33
HTTP/2 301 Moved Permanently
content-type: text/html; charset=UTF-8
                                        
location: https://t0.gstatic.com/faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQ2h3bnlCb0FFSmlGVUo=&size=16
x-content-type-options: nosniff
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 25 Nov 2022 10:59:08 GMT
cache-control: public, max-age=1800
server: sffe
content-length: 394
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Size:   394
Md5:    83ac0ff7432255ef5888cdc71417e737
Sha1:   6837da6f0596f4d16199cf432dd2e217844870c1
Sha256: 032f4bcd275875907b9e93a700e3500179f87a4d83cb7d8a20b255665b62ce5d
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            OPTIONS /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fcrepusculo%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=6cf4817cc1d141808d161465878c78a7 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cuevana3.nu/
Origin: http://cuevana3.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:08 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=5014433&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fcrepusculo%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=6&sah=1002&drf=&hil=1&ist=0&oaid=6cf4817cc1d141808d161465878c78a7 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 197
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:08 GMT
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: http://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: cd314bebb0fc649a92aa4bd0dfbd8535
access-control-expose-headers: X-Sc
x-sc: HS1f6ginLgtKbH59ifBnyPYNGtpZP2uVqUwhpPvM2UZrlGG5v60M1tKbOoako94fcq5bgnGr63WJkAf-Cx-58WizFVs=
set-cookie: scm=1; expires=Sat, 25 Nov 2023 10:29:08 GMT; secure; SameSite=None OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:08 GMT; secure; SameSite=None oaidts=1669372148; expires=Sat, 25 Nov 2023 10:29:08 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Fri, 25 Nov 2022 08:41:08 GMT
expires: Fri, 25 Nov 2022 10:41:08 GMT
cache-control: public, max-age=7200
age: 6480
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://www.utorrent.com/&size=16 HTTP/1.1 
Host: t3.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.36
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://www.utorrent.com/static/faviconUT-be6029e02bb2d6e0415a561c42641a2f.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 22:37:04 GMT
expires: Mon, 28 Nov 2022 22:37:04 GMT
cache-control: public, max-age=604800
last-modified: Fri, 23 Jul 2021 13:14:38 GMT
age: 301924
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   852
Md5:    faf64e32ce748dabf3d57c6daa6a00f7
Sha1:   46317741e4d001feb10442fb300ac4876ac14bd9
Sha256: 0de27c32ce9d9a34eb1c3f57169cb4cc44869cb143a3a5c56b4ef491cd6be4d2
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PWFk0UjNCMFptTXpiM04xUW5RdlQzTnRhazR4VVQwOQ==&size=16 HTTP/1.1 
Host: t0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9PRmRwVkZvMVdVWkNTbUZzTDJWa2EzbE5lV2R5WnowOQ==&size=16 HTTP/1.1 
Host: t0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY=&size=16 HTTP/1.1 
Host: t3.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.36
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ocXEudG8vZS9kMWR2WjNGQmNGZFBWM05PYjJnM1NGTkhOVWRtWnowOQ==&size=16 HTTP/1.1 
Host: t0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            POST /j/collect?v=1&_v=j98&a=2007983116&t=pageview&_s=1&dl=http%3A%2F%2Fcuevana3.nu%2Fpeliculas-online%2Fcrepusculo%2F&ul=en-us&de=UTF-8&dt=Crep%C3%BAsculo%20online%20gratis%20en%20Cuevana%203&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=765775041&gjid=868105754&cid=2107418791.1669372148&tid=UA-209818749-2&_gid=692060792.1669372148&_r=1&gtm=2oub90&z=707094658 HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://cuevana3.nu
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         216.239.38.178
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: http://cuevana3.nu
date: Fri, 25 Nov 2022 10:29:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  very short file (no magic)
Size:   1
Md5:    c4ca4238a0b923820dcc509a6f75849b
Sha1:   356a192b7913b04c54574d18c28d46e6395428ab
Sha256: 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvMUNiTTd4b3NsZ0NvbVU=&size=16 HTTP/1.1 
Host: t1.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.36
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://cuevana3.nu/vipembed/?id=aHR0cHM6Ly9ldm9sb2FkLmlvL2UvQ2h3bnlCb0FFSmlGVUo=&size=16 HTTP/1.1 
Host: t0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://cuevana3.nu/wp-content/uploads/2022/03/favicon-cuevana-1-1-150x150.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 270
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Tue, 07 Dec 2021 20:29:31 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Size:   270
Md5:    b09b837ca4b197aebeade8a2560d9fb2
Sha1:   afd2cc6572334ace938f25c0ca0314d30e1e812a
Sha256: f7686b84fe42a61c8ea31e7773594fd412054d9ffd44cbc921f212666f75663f
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://mega.nz/file/5Xo2gLZJ&size=16 HTTP/1.1 
Host: t2.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://mega.nz/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 454
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://1fichier.com/?7zsnye9uhd8cnzr5phlx&size=16 HTTP/1.1 
Host: t2.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.132
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://1fichier.com/favicon.ico
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 777
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Wed, 29 Nov 2017 12:34:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size:   777
Md5:    ea70b34ee38dc7e303778a47d2b46a13
Sha1:   58ae85c0048f4e0580992b0b8f5e5c3aa73fa499
Sha256: 62d589b58a50dbcc9fb91095fdddcde6a20574f085e60492b1fbbd2be693682a
                                        
                                            GET /faviconV2?client=SOCIAL&type=FAVICON&fallback_opts=TYPE,SIZE,URL&url=https://uptobox.com/wo6p2fivj65l&size=16 HTTP/1.1 
Host: t0.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cuevana3.nu/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.211.4
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-location: https://uptobox.com/assets/images/utb.png
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/media-favicon
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="media-favicon"
report-to: {"group":"media-favicon","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/media-favicon"}]}
content-length: 628
date: Fri, 25 Nov 2022 10:29:08 GMT
expires: Fri, 02 Dec 2022 10:29:08 GMT
cache-control: public, max-age=604800
last-modified: Wed, 27 Jun 2018 16:00:04 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 16 x 14, 8-bit colormap, non-interlaced\012- data
Size:   628
Md5:    a025a7d0ad9c9dcb11225d8ff891e2ab
Sha1:   7e31fbedf07c440553337ef9ccede378ff1723c3
Sha256: 1475fd2e3e237b87f41c35f27cb33d944b63b847c34909129eec1d7a9bf99f6e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:29:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:29:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:29:08 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15756
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 10:29:08 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9e23502-5ace-42f4-a990-42412dc7e04e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6385
x-amzn-requestid: 4c2a84f7-f038-4f5a-86c2-5c8ce1a48c6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cI5NVFMAoAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63803bee-45c6411c2430e2375f530dd8;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 03:52:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Fj82i9qJmEiUy2DOkkowq8WRyzupMwNyQqu110sJ3o72HEW4yb7bjQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:22:46 GMT
age: 11182
etag: "9b8aafcda0e22edcc16d3048f4b88659d3b42419"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6385
Md5:    f6292a2988fb4505d0098553b8e99ddc
Sha1:   9b8aafcda0e22edcc16d3048f4b88659d3b42419
Sha256: 16b7b473229c5e519ab81b385c50277424f3f3b2a5d7647035e84ba58e44f3be
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11249
x-amzn-requestid: 8f679d7f-2ea5-4e47-b78d-79af59435a62
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFPHYHkAIAMFpBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec562-26108a785e910dc3355d58f1;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:14:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NKwpIdw2RZNZNh69AF5GNvunA_QfRGClvzcRP3zYwn7c8BLBlt097g==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 08:37:15 GMT
age: 6713
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11249
Md5:    481c033b9ffd030ff0de6e35cf788b47
Sha1:   85d3baad9217af2b5d75c019d2ef95dbb919a788
Sha256: 02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F80e95b58-6cf9-4974-a4ce-f8515ca995ee.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11743
x-amzn-requestid: 9ab0aba7-5cd1-4f6c-8984-dc221e1cbf8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cICD-F7joAMFqmA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe3b2-152ba5f1495a44447356cdab;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oWSNdsrz59sJC2znLnFqa_Zm3T14_d6j-rjzDQe4yV22Dy2Qc4Swaw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:54:45 GMT
age: 45263
etag: "b0ddc1555d2506177adcdcea77864d75f1245d07"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11743
Md5:    8784bb7a8b88736a6016f712e3183bf3
Sha1:   b0ddc1555d2506177adcdcea77864d75f1245d07
Sha256: 8e331713b0ad0b5670dd33dfdadde665e076a40ddb80905d4df89876d49803d8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00e89fb5-5cb3-4f68-936b-5ee31d6061bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8006
x-amzn-requestid: 78aab013-df11-464b-a1c7-ee41b7e77b40
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB-AHSrIAMFvKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe38c-4d795f410a57fc2c21d7075d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:08 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: q53jN1uOtSdeThbk2_0UF6Rl3g4_-_TW7uK1_6Z5oDwSTSRk8XRjyQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:35:08 GMT
etag: "5d15fd672e968d59b541e4d5d0d01cd5e69f4075"
age: 46440
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8006
Md5:    8b6ee13d43732f7c764a49500d092865
Sha1:   5d15fd672e968d59b541e4d5d0d01cd5e69f4075
Sha256: fc3623d527147e1c6aab399251ed8d527e6eefdee6ad7183f00df2613498bfe4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5e4ptr__XHPd9Qsf8lEDqiZGKptuB9en72UAucNWxlGG_mEbhpFgdA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 07:43:51 GMT
age: 9917
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 02:07:28 GMT
age: 30100
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "F1D64F83CDC3CBB11AFAF7FBE28C39278EEE87FCB5464B4E80FCE850433A136A"
Last-Modified: Wed, 23 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14944
Expires: Fri, 25 Nov 2022 14:38:12 GMT
Date: Fri, 25 Nov 2022 10:29:08 GMT
Connection: keep-alive

                                        
                                            GET /gid.js?userId=cb77e3a6355c441e9ba5720971721efa HTTP/1.1 
Host: my.rtmark.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: ID=6cf4817cc1d141808d161465878c78a7
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.195.8
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
content-length: 65
access-control-allow-origin: https://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:09 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   65
Md5:    bc8b0423c4e5d0502fdbbc2f0f9ae801
Sha1:   a2763884961fb6e0b3322892d866e15e3c90c9a8
Sha256: a885e50eb19446ed126802c8429cc601d48936ba844924de46b9018d1339a0ed
                                        
                                            GET /1?z=5014433 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: scm=1; OAID=6cf4817cc1d141808d161465878c78a7; oaidts=1669372148
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: text/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c5d8459f5a2a6cbdf9b4860084862257
access-control-expose-headers: X-Sc
set-cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:09 GMT; secure; SameSite=None oaidts=1669372148; expires=Sat, 25 Nov 2023 10:29:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   7299
Md5:    faae807253a7da2c29f2710a6b761f87
Sha1:   b384e67c4031222fbcc0b02e1f5c98b3ab13041f
Sha256: 3c71da0c777a1be8d3642de65ee1f07d8d683fcc64c26ccd4dc8e93a82717ee7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /9?z=5014433&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY%3D%26o%3D78289&wy=0&wx=0&ww=1280&wh=1024&cw=1092&wiw=1092&wih=618&wfc=1&sah=1002&drf=http%3A%2F%2Fcuevana3.nu%2F&hil=1&ist=0&oaid=6cf4817cc1d141808d161465878c78a7 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://cuevana3.nu/
Origin: https://cuevana3.nu
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 204 No Content
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /9?z=5014433&ng=1&ix=1&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY%3D%26o%3D78289&wy=0&wx=0&ww=1280&wh=1024&cw=1092&wiw=1092&wih=618&wfc=1&sah=1002&drf=http%3A%2F%2Fcuevana3.nu%2F&hil=1&ist=0&oaid=6cf4817cc1d141808d161465878c78a7 HTTP/1.1 
Host: nanouwho.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 54
Origin: https://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Cookie: scm=1; OAID=6cf4817cc1d141808d161465878c78a7; oaidts=1669372148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.242
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
content-length: 7
access-control-allow-credentials: true
access-control-allow-origin: https://cuevana3.nu
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 418d153589f33105e58c7e173815af97
access-control-expose-headers: X-Sc
set-cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:09 GMT; secure; SameSite=None oaidts=1669372148; expires=Sat, 25 Nov 2023 10:29:09 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   7
Md5:    a97eb6fbe6f13b601d5d48c0eba8baae
Sha1:   736efb938caf3d0edec406932ada889f1a4f2268
Sha256: a04bf061f53e0011fd2f43bdf081526344f003c50146c88c42c2d95ef22c1821

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /?rb=z_C0U86vVW_lMn2vomAb27N4dXh6ZK_moUT4HEOlYw-UFYggHyoUJgNm35obbqZip9DAbpjd9iitfz31BMHZuUWq5hdSIo53IcMwe00_k289frU2IyVwjTcEpeGLa23NqgTUolZwRCwSZBsubys2n9T5BAjFNUh6YMhUqwsdfo3ZzPMUwHGmugUCKIfWm0xpFga3EYJv45XESGBjeUm5EAHZdT-XeApWJksN3c9D5cI%3D&request_ab2=96001&zoneid=4907445&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY%3D%26o%3D78289&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=d38009a9-9a56-4053-adc9-1a525c9f2a1e&userId=6cf4817cc1d141808d161465878c78a7&m=link HTTP/1.1 
Host: whairtoa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana3.nu/
Origin: https://cuevana3.nu
Connection: keep-alive
Cookie: OAID=cb77e3a6355c441e9ba5720971721efa; oaidts=1669372148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
x-trace-id: ac5add723d8b85a89796d0c3405cdbab
access-control-allow-origin: https://cuevana3.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None oaidts=1669372149; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 10:29:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2156
Md5:    36ac3a56a21982fef455be716548312b
Sha1:   f62bb915650be617b29aa31f70c21213b502e088
Sha256: be114a2d308bc5e863191add71ed2d1ad7eab13f369408c8608fc8bb6f475b92

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /?rb=DvaQeQhklWMZMUcUcLtd983rWU1nlAyS-NpDn6hQmi0lgi_-doNnRtWBIvKdthvu2Eg8jSWxm__5xvFRwiQQ4zlVRdycPSx2rt61BXaKYT_xHA-cFzOEsVTH4N267typtOWfIsx6Dy8cSupFBJHqAkbhcwxp6PIlVFXQz2DDynPMabQnFLT3vCK1X7e9Lojrxo07paMV4P86Fub6_83pmLkXTVR6-p784vYODihMMZg%3D&request_ab2=96001&zoneid=5487080&js_build=iclick-v1.454.0&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=618&wiw=1092&wfc=6&pl=https%3A%2F%2Fcuevana3.nu%2Fvipembed%2F%3Fid%3DaHR0cHM6Ly9ldm9sb2FkLmlvL2UvcDBtMWJLbVhtV2ZxMWY%3D%26o%3D78289&drf=http%3A%2F%2Fcuevana3.nu%2F&np=0&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&js_build=iclick-v1.454.0&bs=c245e579-0d04-43b5-b07d-c3451db6d675&userId=6cf4817cc1d141808d161465878c78a7&m=link HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana3.nu/
Origin: https://cuevana3.nu
Connection: keep-alive
Cookie: OAID=a6cd008151394b8a9db972cc20cee314; oaidts=1669372149
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
x-trace-id: 87849b0f54fa0a12008b367fdb5dced5
access-control-allow-origin: https://cuevana3.nu
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=6cf4817cc1d141808d161465878c78a7; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None oaidts=1669372149; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None syncedCookie=true; expires=Fri, 02 Dec 2022 10:29:09 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2157
Md5:    ee0cf44bcc5b6cfcd466ca38e3688585
Sha1:   e8eb388430be6f5cc5ab5da10811708a35f1d60f
Sha256: 48e5c057ea92cd6bf365e255d640a5f64b943eb78dac28e313621f5495dae155
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 10:29:09 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 22 Nov 2022 01:33:16 GMT
Expires: Tue, 29 Nov 2022 01:33:15 GMT
Etag: "78e21c7a408c8ef34065defa22dbcb926f562d9b"
Cache-Control: max-age=312845,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 76f9b39e4f0db50c-OSL

                                        
                                            POST /log/add?cid=1db9169f-90f4-4b2d-b517-bc47aab19c1f HTTP/1.1 
Host: datatechonert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 971
Origin: https://cuevana3.nu
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         37.48.68.71
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
                                        
Server: nginx/1.19.10
Date: Fri, 25 Nov 2022 10:29:09 GMT
Content-Length: 12
Connection: keep-alive
Access-Control-Allow-Origin: https://cuevana3.nu
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-Forwarded-For, If-None-Match
Access-Control-Allow-Credentials: true


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    adb4650bfc9d2a73d4dd69583b0ceb14
Sha1:   1ce399d6e936232aaf2192cd7903a279c5015f22
Sha256: 21c1f682de27109caabcca9016511974defcec217c0441fd3f1b50ecdf8247ed

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:47:08 GMT
age: 45727
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7993
Md5:    92c78302bcce1568eb6a5563100b932c
Sha1:   43d1dec7fc06879988c9c3cadd800cc8145df988
Sha256: 0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
                                        
                                            GET /wp-content/themes/cuevana/assets/img/latino.svg HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 77424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw2uVhxAaqJXrO9jcV9u4mHI8xoYFyWVVcbUhoznugekXhb5805uJmIzy43HpH4yPX%2Bn0VZ8iTmuLLUAGmCUOQOCo5TqATEw0%2BEkDxxAk6ZTQ%2BkV3ZQAXHrbV1yCHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e5afa1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /apu.php?zoneid=5487080 HTTP/1.1 
Host: onvictinitor.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:09 GMT
x-trace-id: 7e136050fbd4e880bef051509f62b643
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=a6cd008151394b8a9db972cc20cee314; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None oaidts=1669372149; expires=Sat, 25 Nov 2023 10:29:09 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /stattag.js HTTP/1.1 
Host: tzegilo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.84.149
HTTP/2 200 OK
content-type: application/javascript
                                        
date: Fri, 25 Nov 2022 10:29:09 GMT
last-modified: Wed, 23 Nov 2022 15:07:42 GMT
etag: W/"637e373e-32a6"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 832
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrPbojcF2iSivXd23RMnNqMzuGFey5gpUak2Qum1CbKfjO6cgdwQZ5Ex2knwZj7DboRsxD3wiEzPlwYvb4pKw6HdeXwDr6ceWeopJHTqxhvdA4Kkypq0IGROhcnaiw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 76f9b39d4d7bb50c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /wp-content/themes/cuevana/style.css?ver=0.15860200%201669372147 HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: text/css
                                        
date: Fri, 25 Nov 2022 10:29:07 GMT
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 04:40:29 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ksQlU9FnPqJZnC6l%2BssxvKE95cX8QR%2Bxrj9g%2Fjwuk5sw8ZK89rfNvaFNghELjqa%2FZYrSwxlI1VnDujiKkW11vN3D10D7XrB7zrIGkNJWvltXYA12dScfFs%2B3s9GVbg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e9b551bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /5/4907445 HTTP/1.1 
Host: whairtoa.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cuevana3.nu/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         139.45.197.238
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 25 Nov 2022 10:29:08 GMT
x-trace-id: 25d5c85c92a893d9a510eb852beaec05
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=cb77e3a6355c441e9ba5720971721efa; expires=Sat, 25 Nov 2023 10:29:08 GMT; path=/; secure; SameSite=None oaidts=1669372148; expires=Sat, 25 Nov 2023 10:29:08 GMT; path=/; secure; SameSite=None syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /wp-content/themes/cuevana/assets/img/ingles.svg HTTP/1.1 
Host: cuevana3.nu
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cuevana3.nu/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.21.93.38
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Fri, 25 Nov 2022 10:29:06 GMT
cache-control: public, max-age=604800
expires: Thu, 01 Dec 2022 12:58:42 GMT
last-modified: Fri, 30 Sep 2022 02:06:30 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 77424
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0pkznGMDbwVtOqKM1KZjcXbE72hZsXFeIULIUtQCVpIcBN9yss32R5uiUcCLzWV2ka%2B4wzTH%2FXanWQZVYbobfhoSJDfe9%2BwxbD1bomCOdkGXgCBKTJTGDSIifUMsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f9b38e5afb1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---