r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6614
Expires: Sun, 04 Dec 2022 01:33:26 GMT
Date: Sat, 03 Dec 2022 23:43:12 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5512
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:12 GMT
Last-Modified: Sat, 03 Dec 2022 22:11:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
putinho.garotasonline.net/menatplay-large-andy-onassis-victor-dangelo/
104.21.19.123200 OK 27 kB URL HTTP/1.1 putinho.garotasonline.net/menatplay-large-andy-onassis-victor-dangelo/
IP 104.21.19.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26806)
Hash 3758d64668e96dff824ec410bb88027c
e4832f88d3144ed183246fdac03947bc3db92c5c
42d7c7608d619739725b6211604faebb16ba2ef953b36a49285097ce8a505b3e
Analyzer Verdict Alert fortinet Malware
GET /menatplay-large-andy-onassis-victor-dangelo/ HTTP/1.1
Host: putinho.garotasonline.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:43:12 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: view=1; expires=Sun, 04-Dec-2022 23:43:12 GMT; Max-Age=86400
PHPSESSID=5ivpdpm1mb9s84ijpr849s6j46; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIDzJWwYyl44ByjmEWFwD11pzi9TMnq96ZrSIZZwsXcvS6aFocnYL5pgnqVAd5uFl42dmYcNr4u6Yqcpg7mKBKyI8%2FV827lgXXrdVmQuO5vFWlLxcEDPf%2FFCyBpIqfrtr2u1ds7VlNrOUrEx"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 774029c6b9bdb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12220
Expires: Sun, 04 Dec 2022 03:06:52 GMT
Date: Sat, 03 Dec 2022 23:43:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 23:18:19 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1493
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: FWpCDFrzonQr4BBs829YlX+dWQExS0WbEjpjebfOAgTgetPkO/gliC+atkDCopj2GDvxJ1Ti7yI=
x-amz-request-id: 7Y3JGG0D3PH3XM8X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 22:46:44 GMT
age: 3388
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=91072
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:12 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 01:01:04 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: nginx
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5835
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Etag: "63894e56-118"
Last-Modified: Sat, 03 Dec 2022 22:05:58 GMT
Server: ECS (amb/6B92)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5836
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Last-Modified: Sat, 03 Dec 2022 22:05:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5677
Cache-Control: max-age=96748
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 02:35:41 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: ECS (amb/6BBE)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5941
Cache-Control: max-age=97012
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 02:40:05 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: ECS (amb/6BAB)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c907045fe9369a3c27d9de53c31babc
eb5b984d18e61b8afbba6b7736c92f69ae72b363
9e12fbb2cc04e887b8f1e8838b094ee20c877f63cf962d2680e156659554d161
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E12FBB2CC04E887B8F1E8838B094EE20C877F63CF962D2680E156659554D161"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Sun, 04 Dec 2022 01:16:18 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c907045fe9369a3c27d9de53c31babc
eb5b984d18e61b8afbba6b7736c92f69ae72b363
9e12fbb2cc04e887b8f1e8838b094ee20c877f63cf962d2680e156659554d161
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E12FBB2CC04E887B8F1E8838B094EE20C877F63CF962D2680E156659554D161"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Sun, 04 Dec 2022 01:16:18 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1377c2956f6d4d989e6fafbe01600b49
7a550dd67e42a8f1ba1468646af02691d0580345
4e0206cd8e1112cdefa7f974876461a968bbcbbf016b1b1c2e3af77346507886
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b12d5e3d4e273f742a75489e81f5163d
df68005a67b4c5fbad7d1949d741ac827725b802
3af5656742bec49817995f3ea7eb3a6e9806b273e510d415388cabc76e77a593
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3AF5656742BEC49817995F3EA7EB3A6E9806B273E510D415388CABC76E77A593"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7961
Expires: Sun, 04 Dec 2022 01:55:54 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
172.67.70.80200 OK 14 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
IP 172.67.70.80:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.524\012- data
Hash c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.garotasonline.net
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: font/woff2
content-length: 13584
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: "3510-63599f1e-280511c;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cO7VeHRq3FACI9fjAefNfnLzFcp8ueNREtwcbUzpo0TxTxdY8Waas3%2FvMPEoZeDrlPm6AHs7mpnO6c13bTu29EKGvFEm4kZsiZXTBhT0XJQW9k4LTkmfTpBMzA5n"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029caabb5b523-OSL
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.74200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:34:16 GMT
expires: Wed, 29 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 364137
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42363af7a5c466be951be209a9bddbbf
f5e16af712dd54272296671bd28e7e50af83e3b9
6724232c49e8801da00b3586596d06ecdbf22c67e65d7549430cfe58040f472e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6724232C49E8801DA00B3586596D06ECDBF22C67E65D7549430CFE58040F472E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12752
Expires: Sun, 04 Dec 2022 03:15:45 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
www.google.com/recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 03 Dec 2022 23:43:13 GMT
date: Sat, 03 Dec 2022 23:43:13 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 40441b763808c441b7a528ee519d1ee0
b4e877fac951d89b98bf4ee8334111e388fcad76
ad5dad8273709c496e9c25b7a570799d412c32c622da532a6e504a37f1597d0f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AD5DAD8273709C496E9C25B7A570799D412C32C622DA532A6E504A37F1597D0F"
Last-Modified: Thu, 01 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=869
Expires: Sat, 03 Dec 2022 23:57:42 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8332dddd3c4ca2d97923dc41909de05
bf68d8ad627cf28f484443ab98663140e5492d6a
d4891dedda42e07d7921ce0588a44ecfad22a336dead4613fa9701b9d97f1eab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4891DEDDA42E07D7921CE0588A44ECFAD22A336DEAD4613FA9701B9D97F1EAB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6481
Expires: Sun, 04 Dec 2022 01:31:14 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
vmuid.com/script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156200 OK 10 kB URL HTTP/1.1 vmuid.com/script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (10176), with no line terminators
Hash 3de3ce8ec950a993d1d3bb362d84f0e7
c938aaab8eed435eb4fd277f1c1ab9976e969043
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
GET /script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Type: text/javascript
Content-Length: 10176
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: EXPIRED
origunix.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156302 Found 0 B URL HTTP/1.1 origunix.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: origunix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Location: https://tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
X-Cache-Status: EXPIRED
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b12d5e3d4e273f742a75489e81f5163d
df68005a67b4c5fbad7d1949d741ac827725b802
3af5656742bec49817995f3ea7eb3a6e9806b273e510d415388cabc76e77a593
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3AF5656742BEC49817995F3EA7EB3A6E9806B273E510D415388CABC76E77A593"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7961
Expires: Sun, 04 Dec 2022 01:55:54 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
putinho.garotasonline.net/wp-content/s/2019/12/putinho.2020.png
104.21.19.123302 Found 0 B URL HTTP/1.1 putinho.garotasonline.net/wp-content/s/2019/12/putinho.2020.png
IP 104.21.19.123:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/s/2019/12/putinho.2020.png HTTP/1.1
Host: putinho.garotasonline.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://putinho.garotasonline.net/menatplay-large-andy-onassis-victor-dangelo/
Cookie: PHPSESSID=5ivpdpm1mb9s84ijpr849s6j46
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Location: https://putinho.garotasonline.net
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Sun, 04-Dec-2022 23:43:13 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rjjYCXLmlY3vBbbdsGL6oaQmSccU9wHqg0Ad3X4nXzqo%2FwnRC0s%2BZ8UYvraGWTMc00KPGJfKU6C0Mf%2FL5lHxC2kObQsggRY4neEbkpTwHM7Qj9B%2BMnEo9WngqtIMwg8rcq735Ci%2BcLgkzRk"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774029cafe2cb4f4-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b4a80cfa6a45e2f933c11ac606d95cc9
d84bc2d888cdcae7929f95fb01d5cb664e22b2f5
1b19b2c9c18b21b039dec5f7a1fc37c01c386f77fca672b3e650804f6086d305
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=122046
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Etag: "638b18cf-117"
Expires: Mon, 05 Dec 2022 09:37:19 GMT
Last-Modified: Sat, 03 Dec 2022 09:37:19 GMT
Server: nginx
Content-Length: 279
putinho.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
172.67.70.80200 OK 6.0 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (16791)
Hash ac4f59bb03255e12b6c26ffdec74491a
05a00f48edc4b4af6d7a58972c4cec86cb062ec8
3d138cd4737d6f6856d2507937d16aeb77f06adcb90e39e6e0d2826465314a6c
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"4198-63599f1e-28051fa;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pHOKxdcGh3uj%2BOG3A4UoojS%2F%2FsFI4qmrCiJuT%2FbD99ZBO11HhyajsmOFHWnUZOfNiZe8btk%2FrrYJiYO%2BapzU4GS2PtD8EIN9E52YjPv1%2BKzyttzN3xCuwXRlc3gv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df4fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c907045fe9369a3c27d9de53c31babc
eb5b984d18e61b8afbba6b7736c92f69ae72b363
9e12fbb2cc04e887b8f1e8838b094ee20c877f63cf962d2680e156659554d161
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E12FBB2CC04E887B8F1E8838B094EE20C877F63CF962D2680E156659554D161"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5585
Expires: Sun, 04 Dec 2022 01:16:18 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4b1b04034fd7fde037f9e292ac1b1db
75c3e5fdd78f626baa6380ee1dec6b0918c92b9c
0bc689e88e074b3daa2218514cf796401d2477eccfa5bcac5c9ee8a8fb53a943
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC689E88E074B3DAA2218514CF796401D2477ECCFA5BCAC5C9EE8A8FB53A943"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3760
Expires: Sun, 04 Dec 2022 00:45:53 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e117dc22b09406f46c8d18abc8b0351d
0af378f0dc96fff6f31ccb9b0e2405dedd1b274f
b98d8a3e427f2963bb98f84e2ae450ff6604f28998c3ccb4dfec183e12ed9d7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B98D8A3E427F2963BB98F84E2AE450FF6604F28998C3CCB4DFEC183E12ED9D7D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17195
Expires: Sun, 04 Dec 2022 04:29:48 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fd236536beea55e4335b1f35acdc687a
5a27db6e6029be0bc35f0d3d43a8da779179c8ff
f06819499a5795df59b339f981e4c01c0ad120034cbe86b610ece4a11b2b82ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F06819499A5795DF59B339F981E4C01C0AD120034CBE86B610ECE4A11B2B82CE"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8890
Expires: Sun, 04 Dec 2022 02:11:23 GMT
Date: Sat, 03 Dec 2022 23:43:13 GMT
Connection: keep-alive
tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156200 OK 50 kB URL HTTP/1.1 tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (50530), with no line terminators
Hash 2ca28f4d3a639138717d4f659fa085c5
12a89adf846e7215e4dcb79ed46256b7713cbd40
d5f688f301d187b445b5f71c6ccedebb32a3c2ff262dff0157edff480849e838
GET /sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Type: text/javascript
Content-Length: 50530
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache-Status: EXPIRED
putinho.net/
172.67.70.80200 OK 21 kB IP 172.67.70.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26815), with CRLF, LF line terminators
Hash 9dbbbd7b097db15ac7312d088e1523c8
c67885fb6b8cd5e482f82f7cb9e22a85d20f38a0
9f3f4587212653772d9493ef035ec7cd45ad870f2b12c36873f312f68572ef00
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029cbdefffab8-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rRsQh%2F05XgsrONVtxY2ZiyOpZOU17W4qwVJwwmclfhgCZT62hsYfXZVRvQdIBiCmtRF24BxkE80OFiiejZ3omdL11tk0dcunZ9UIy6pHd1seb97VV9Selo%2FB2zNv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
172.67.70.80200 OK 3.9 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (15223)
Hash 39d6c06623d222ff19f6f8ef25e961e1
c0206b5b3f059476ae2e2989e4c212ab0a85a0d7
94be4f4ad0fbb898c360ef8ba07be519b853b4e6ce2af28e5d7bf3ac64988f0c
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"3b78-63599f1e-28052d4;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MsOShOEHSdgIlcm1nN%2BCgTkt9uuShiV%2FSusVR7JYU9c59M1oLVjinr8WUuFgxant%2FK2jqe3sdxdJnsXWumq5ontvZcYcdJ5bqnHzdWRtrnDwzNbohF1gbzA2dlcM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dddfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
middaysonnyguffaw.com/1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js
173.233.137.60200 OK 13 kB URL HTTP/1.1 middaysonnyguffaw.com/1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js
IP 173.233.137.60:0
File type ASCII text, with very long lines (37166), with no line terminators
Hash 46b44a6fd2b236bddf15765104d2ad1d
52170911603577aa6751a7d93f31bbe09022b927
044181ed98899de917cc710b6c56794ff2bd2e5c6a08b9027cbd330bc978e9cb
Analyzer Verdict Alert quad9 Sinkholed
GET /1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js HTTP/1.1
Host: middaysonnyguffaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ff0782753e72facd9deefc37151da04
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
vocalconferencesinister.com/4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js
192.243.61.227200 OK 21 kB URL HTTP/1.1 vocalconferencesinister.com/4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60171), with no line terminators
Hash e8d702d7b12b3728dd37bd05c048e0cb
59b575b8675550af2c1cf0d1c28267f1dbf746bf
e09df66e8ccea9f74bfcda48ab97ba584807c20bff70bde6dcae48e53798af13
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js HTTP/1.1
Host: vocalconferencesinister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c8872a22eb2c8fa4e7d94366456aadb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5489
Cache-Control: max-age=125707
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:13 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:38:20 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
putinho.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
172.67.70.80200 OK 17 kB URL HTTP/2 putinho.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 172.67.70.80:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 19fca1b29766c4d9a05d09052458e8fe
f9dbc4ff5173828c4bdc42a39b708f3016fbab26
12c4cc5b709182746e0c4bfe86b915f88e5c0b4885bb919caa27ca463deee34b
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"14f92-636316ef-2a611ba;gz"
last-modified: Thu, 03 Nov 2022 01:18:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frUfUcoo3R4YxI6s26AJiMIiAosllxusXrIcp40S6H%2BypvGXxlgH0YZ4XFRf6rzQHmoc0%2FupUYPsEEtc1P1KA9M7LXYhV%2BXsXTMhP%2FEDYBYCMu%2BldgqLM86rHekF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de3fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.pontogay.com/frontEnd/theme/assets/js/publi/putinho-open01.js
104.21.93.225200 OK 7.4 kB URL HTTP/2 www.pontogay.com/frontEnd/theme/assets/js/publi/putinho-open01.js
IP 104.21.93.225:0
File type ASCII text, with very long lines (25968), with no line terminators
Hash e22ddf40f01911b696a856c68ab48f04
f09d20947df2c938e860ac7c6a370cb4a75e2972
716c7a96d0a308857e707c7e435e5c75f8e1f471af1fa0d449502bf21f7d113e
GET /frontEnd/theme/assets/js/publi/putinho-open01.js HTTP/1.1
Host: www.pontogay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Sep 2022 14:57:05 GMT
vary: Accept-Encoding
etag: W/"632dc941-6570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
cf-cache-status: HIT
age: 6152800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LONt20G2PeccvyEJ1t0h8kGpeaV2AaWMHNf24I94QY3CrI%2FpPUVIIiHjaAafc2Jxvw3qxflkm0nQQ7iQReiumo%2FFNa84WcXH52HrWUa%2BsrDBGhXDYebQNYH5r4%2FJnQ1ik3aa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029cb0dc20b3d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
172.67.70.80200 OK 8.5 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (40484)
Hash 30b55484033312f557df46419257e2ac
44bd35e9ae6a30d2f7d6192fa5a6fe123e80b36a
1ec74f4d10433c874f36f76a2668b0481bd402bbd8bfec6fe36051acfc595c56
GET /wp-content/themes/jannah/assets/css/single.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"9e25-63599f1e-28052cb;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BL8QQTPK8mDQJzprLwPRz0rsJ2b%2FYFQmUjBM5pjy5QEvI3eJWXW%2FefX8LEAyVcDEVmIMVWkkEQZHbNfvq1Kr19fbEuiT8elAEuyp6EyTMdI9zs701hFDS6955RM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de1fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
172.67.70.80200 OK 12 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (32024)
Hash cf1c4c9815cdabb139b3894a9b690859
05aad3972b18335f4f0d974b02e052210b079b23
7a1a1bada02a5d7feb849ed380215c745b5a80034e68f0f9fd8a0eb988045895
GET /wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"c0a7-63599f1e-28051fe;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FZTvxh%2Bp4qZhWQ8AspIOoZ4fD07HSiBPtkCL5C0pivXJ3urHtJgED3gwDd7a4Er%2BtEY2USHJTdXhTQYdxXA061fny1M1RYbYxCyvAN7pRyqW2GoyL5YaRYu5aZV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df1fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JypNS3pKBQgE+3SqXvgchw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SpUS7hCESpqp3YW3TNueY3ex2g8=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1d38d7a57a4824a4b005ab667c0a36a3
42139c7cfa750c68fb49011936d82bda56266b4f
82f076bbc91ad54380576234f5d51a3e270a90969344f9f20466d8e0ff875ae2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "82F076BBC91AD54380576234F5D51A3E270A90969344F9F20466D8E0FF875AE2"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7773
Expires: Sun, 04 Dec 2022 01:52:47 GMT
Date: Sat, 03 Dec 2022 23:43:14 GMT
Connection: keep-alive
putinho.net/wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10
172.67.70.80200 OK 3.5 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10
IP 172.67.70.80:0
File type HTML document, ASCII text, with very long lines (4711)
Hash 8248eb2755638ec5032db475618e2741
37053454d0ed3a6b2e78b51151207de5ff58ca29
05aa7d56ca8914978d16b6a6ef60f6f35f04727d116bafbe66efb50831db7abc
GET /wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"1c60-63599f1e-2805213;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P2ND0lhp5jdrTfUMsbQlN5rmip77xwSNiC1%2F7igakzB2%2BeRYnIuy%2BCTXrm7J%2FkupvqVhnjzo7J7A7svluYP2c1TKGxe9IQhneyScYOV9RbsRHpHd5ran95m9mEwl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de8fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
172.67.70.80200 OK 22 kB URL HTTP/2 putinho.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 172.67.70.80:0
File type ASCII text, with very long lines (4186), with no line terminators
Hash 3769f23603a28cb4ec825e853b09e385
0b9f6fc795d0492fc0c907e490fb82e6a1471b47
1b5d0cee2f79380cf49f7335c933ac57a9bf29f748af7245c31aca88b408edc3
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"105a-63599f11-26a0589;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pDmjWJCLpEC0Xl3qPgC8oqnkY9tPgJDo66PulL8099wTu9rekrodgtysd69uBWL3%2FsmmjNxBO8ydw1kjhcuHbvblTGBoCTSBLszHJXVi42hv7cYugR6Vkhgk5J%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca2e09fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
tartator.com/api/report
178.162.196.156200 OK 2 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with no line terminators
Hash e0aa021e21dddbd6d8cecec71e9cf564
9ce3bd4224c8c1780db56b4125ecf3f24bf748b7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
POST /api/report HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------22691527044299495261467422477
Content-Length: 442
Origin: http://putinho.garotasonline.net
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Cookie: av_sw_hit=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:14 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 2
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
putinho.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
172.67.70.80200 OK 8.9 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (41903)
Hash 7e92d3522a226c59b27690fc467c275b
56ea24c0876717034cbc3bf13da206656a3fb889
98bad71f5b9b8d787f9599887e97b733936fcbae2182e0ae4cb1597e9f6ae898
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"a3b0-63599f1e-28052d3;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOZIp95sskr2bILKEBb1F25q%2FY1r6uD5JhmsPkt%2FIc9SbOZlpOiY5arjcTshem0vsyTJdOPX8UPeVTcvi6zISsKFfXEhBFdwRzRXE8XC4jKuSHkk26jhdR9u6fRl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1ddafab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/
172.67.70.80200 OK 48 kB IP 172.67.70.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26815), with CRLF, LF line terminators
Hash deeed2bf74f83ca7a3c91d6545cf4810
36251f3feb83828194b23e71ce5fd4dd6c61978d
f0a37dfc5eaa467d3e4e1f541576724b50b16cca3aaa8cfc47f7bc7fcb516cc8
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029cdf843fab8-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Rn1rp%2FarTMRlTh8FHCF6Pi7B%2BVoMH2FE9ZhUj3D86dekgX7qvxVhn0LlFyyDI6%2Bj%2FsPDBLWLPzi6UwwZrO5jNHutSZVNklSA6fGoj25Z9gzL4MawgQwnM0uogLO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-192x192.png
172.67.70.80403 Forbidden 1.9 kB URL HTTP/2 putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-192x192.png
IP 172.67.70.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Hash 1256b24769880d96dc5a16b4a5071d50
b6667b31dcedaff75b83e3092af5865d147c37c5
9e187d4fa6d460d2e0837929e2ee5977a24cc1a7984dfb4ada77892a5b0ce9f0
GET /wp-content/s/2017/04/cropped-favicon-putinho-192x192.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:14 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=60DqKmdSnm8QNIngqjMVx1H6sYyWz%2FJHBKNnCnvieVMNicV2qeoVAa75BdhyYx24c2n%2B%2B0OCI6f4PUQmTHSeEQdaEPV9GEcEfrzkOho9ka%2B9%2F1YHPrI0AeUcxyAE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d26a7afab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5838
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Last-Modified: Sat, 03 Dec 2022 22:05:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5943
Cache-Control: max-age=97012
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 02:40:07 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3
Cache-Control: max-age=91072
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 01:01:07 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 279
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
104.26.5.174200 OK 14 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2
IP 104.26.5.174:0
File type Web Open Font Format (Version 2), TrueType, length 13584, version 331.524\012- data
Hash c20b5b7362d8d7bb7eddf94344ace33e
260bb01acd44d88dcb7f501a238ab968f86bef9e
6a8c8e9e1e7f692c21af1956de163f3d026778e6449fe93a09a671847ca1ae65
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-regular-400.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: font/woff2
content-length: 13584
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: "3510-63599f1e-280511c;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aVpg6k5CY%2BPvFgJmJeDOv0HworvSXTi0iJn0UmD02sCKASa5u4hH0kuH186g%2BQOSCyTarS%2FrqlCF8rrQ845vkxB5VuqyfLS1A9iGHAfSERu1K31IZSVibt3aMNIh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d73aba0b49-OSL
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b12d5e3d4e273f742a75489e81f5163d
df68005a67b4c5fbad7d1949d741ac827725b802
3af5656742bec49817995f3ea7eb3a6e9806b273e510d415388cabc76e77a593
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "3AF5656742BEC49817995F3EA7EB3A6E9806B273E510D415388CABC76E77A593"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7959
Expires: Sun, 04 Dec 2022 01:55:54 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9d676a8ed1cc58d983087b9251d3d5ef
bb53577b72dcf8fca48882a45985de50a6f5aab5
e55feea4ad426977b466bb6da4bbb7855633b1696c0b94cf78cdbecf3ac9d922
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5679
Cache-Control: max-age=96748
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638a9fd0-117"
Expires: Mon, 05 Dec 2022 02:35:43 GMT
Last-Modified: Sat, 03 Dec 2022 01:01:04 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
putinho.garotasonline.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w
104.21.19.123200 OK 117 kB URL HTTP/2 putinho.garotasonline.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w
IP 104.21.19.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26815)
Size 117 kB (116727 bytes)
Hash c858751772f32494e31443e43d606b11
ee7f297fc101faa9f2f30b1e409304f5f0f208df
b9a270e66af676d2c81785e339cdc9ad7f85b3371d3a805755a390935d4233be
GET /wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w HTTP/1.1
Host: putinho.garotasonline.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: image/jpeg
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:13 GMT; Max-Age=86400
PHPSESSID=pd5hn7pi3ajijeqop4it0ue2nh; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpdZ6YD3bwfkJZnV1mrKr%2FcywVHtBwmlecTlnwl8OvzaIEf8yt%2BFi7tN0x8O8WJT1J2OLhXRnhXCm3YlHkAg94ZjJZwHmVQI3GBxUDV8aPDS187NBU%2BeadUE24CLXMdE86UfKTozFYNL00GO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029cb5ef5b4ed-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
142.250.74.74200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1/webfont.js
IP 142.250.74.74:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 18:34:16 GMT
expires: Wed, 29 Nov 2023 18:34:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 364139
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash b4a80cfa6a45e2f933c11ac606d95cc9
d84bc2d888cdcae7929f95fb01d5cb664e22b2f5
1b19b2c9c18b21b039dec5f7a1fc37c01c386f77fca672b3e650804f6086d305
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=122046
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638b18cf-117"
Expires: Mon, 05 Dec 2022 09:37:21 GMT
Last-Modified: Sat, 03 Dec 2022 09:37:19 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c907045fe9369a3c27d9de53c31babc
eb5b984d18e61b8afbba6b7736c92f69ae72b363
9e12fbb2cc04e887b8f1e8838b094ee20c877f63cf962d2680e156659554d161
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E12FBB2CC04E887B8F1E8838B094EE20C877F63CF962D2680E156659554D161"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Sun, 04 Dec 2022 01:16:18 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c907045fe9369a3c27d9de53c31babc
eb5b984d18e61b8afbba6b7736c92f69ae72b363
9e12fbb2cc04e887b8f1e8838b094ee20c877f63cf962d2680e156659554d161
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "9E12FBB2CC04E887B8F1E8838B094EE20C877F63CF962D2680E156659554D161"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5583
Expires: Sun, 04 Dec 2022 01:16:18 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
putinho.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
104.26.5.174200 OK 5.3 kB URL HTTP/2 putinho.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 104.26.5.174:0
File type ASCII text, with very long lines (15660)
Hash c19d4405388c141da6e5441339994a81
82d7c51c1710fa2d26b037f0110026a707979245
00f36c8766cee78d34442bf69da661e0b7eae1f5be5036821e03be1cfc8eb698
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"48b9-63599f11-26a05aa;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oo5i4akNnyD4g%2Bco0hd3F8qDfjN%2FqU2ZkEW58VDGpSLi67fyjRydel5dxloWNihmft5X4NfvRmg7vyoqTOG074%2FiLbDCGcTz%2BzPcSXqOnRZQw1IS9IHLW0qgGs7v"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718c0b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 42363af7a5c466be951be209a9bddbbf
f5e16af712dd54272296671bd28e7e50af83e3b9
6724232c49e8801da00b3586596d06ecdbf22c67e65d7549430cfe58040f472e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6724232C49E8801DA00B3586596D06ECDBF22C67E65D7549430CFE58040F472E"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12750
Expires: Sun, 04 Dec 2022 03:15:45 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
putinho.net/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
104.26.5.174200 OK 2.3 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
IP 104.26.5.174:0
File type HTML document, ASCII text, with very long lines (5548)
Hash 5942809d875e89f7273141f2b7b0aaac
3fceabf52bcf4f6eef1474d0f3bfa62ae6381348
ffa1fca02e62ec69ac06acba4cb73ceafa47be5313a45349b03f4cea47a96a2a
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"15ad-63599f1e-2805200;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sk8HVzjxF2%2Bme85MCWMWRkhX0laxn19TVikyyFR0dFVE90jvLguJ6CKb0%2BDTHI4qXwscQNHzL8iZAB1fM%2FsOlVXwzFTTpatXv4VyF%2Fn7hdTModggmo%2BiGNhMXwd0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718bcb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0
142.250.74.132200 OK 553 B URL HTTP/2 www.google.com/recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0
IP 142.250.74.132:0
File type ASCII text, with very long lines (850), with no line terminators
Hash 1309ff133720d219cc98090d66a051ed
b96fc5a893e42be16d687d7abdecdb13d348a019
358683c66634ea5ee3021c93111d8621d583880bcbbfadf3ec2ff87a15ea1038
GET /recaptcha/api.js?render=6LDfkUAAAAAED3K3pVvRpseWSWLBweVdx39ZjQ&ver=3.0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 03 Dec 2022 23:43:15 GMT
date: Sat, 03 Dec 2022 23:43:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 553
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e007834173b60b3d2fe4aef49dbfdf35
3d39deeaffd8e234ea6de0956448a654f74833e0
aa81d6406ec174b15a3a6b17c62d64bd0903e8da7bd83e7108e6aa7dac1b9e43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA81D6406EC174B15A3A6B17C62D64BD0903E8DA7BD83E7108E6AA7DAC1B9E43"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4926
Expires: Sun, 04 Dec 2022 01:05:21 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d8332dddd3c4ca2d97923dc41909de05
bf68d8ad627cf28f484443ab98663140e5492d6a
d4891dedda42e07d7921ce0588a44ecfad22a336dead4613fa9701b9d97f1eab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D4891DEDDA42E07D7921CE0588A44ECFAD22A336DEAD4613FA9701B9D97F1EAB"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6479
Expires: Sun, 04 Dec 2022 01:31:14 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
vmuid.com/script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156200 OK 10 kB URL HTTP/1.1 vmuid.com/script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (10176), with no line terminators
Hash 3de3ce8ec950a993d1d3bb362d84f0e7
c938aaab8eed435eb4fd277f1c1ab9976e969043
6f2d139be44a6dc85d842a753f4e3ebafdb63a0babcb64f741310076aaa29a7f
GET /script.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: text/javascript
Content-Length: 10176
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
X-Cache-Status: EXPIRED
putinho.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
104.26.5.174200 OK 1.8 kB URL HTTP/2 putinho.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 104.26.5.174:0
File type ASCII text, with very long lines (2946)
Hash edabf229666397df7d45c381f8d0c626
3d00e90debacd132a1a32d20e19dde350e8ce6eb
ddc6049fb851179075163ad5dc18271ae3c81f193357fc683bfd5a51bb5f4251
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"ba5-63599f11-26a05bd;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1Gz0c77fYiOQdG5RtPoje5Hkpe7wJuCa43Xgzua5Qi%2B0kfFy1blFnTcm2%2FJh2yamV1%2BVXXii1kqfyV5OdayjX07bnCthmnhlcIPzd32oPWk0%2B7OP16op4sI6FyQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718beb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 7154
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 6794
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
origunix.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156302 Found 0 B URL HTTP/1.1 origunix.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: origunix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Location: https://tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
X-Cache-Status: EXPIRED
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69411fa7c0f94e7179c2cf84b716e427
188edc080e8a683c3fdc2968ee1e6aae114d75d2
713514c9afaa1953e3387aa1d1b6203fe6387e007f9fb5347558b77dd72425e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4ef13a87-7179-4643-9f9e-199878f42764.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: 1c11b153-5494-4656-ad96-33bc541f93f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgaEAGmooAMFwlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389a3b3-1984a9194065807d36f29532;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 07:05:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: u-fwrNiMISyKCpTg9HJ8TBjWLnM_Zg2KK1xrbzDXstjKATuex_Porg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 14:50:20 GMT
age: 31975
etag: "188edc080e8a683c3fdc2968ee1e6aae114d75d2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
putinho.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg
104.26.5.174403 Forbidden 18 kB URL HTTP/2 putinho.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg
IP 104.26.5.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Hash 5db369ff57926f9215bcc4d2f759e1ed
ac7876036210a6ad702a557af363150ab094d638
5c31357d40dad8cc75c80430e85a6bf31cefdb66ab546d5fcb43e6f64c5f5f2c
GET /wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gFdxdZqZbmnZu6TJA3btK4v8ZQCOPntQbmLS603h0q7S%2FSfkKsl0abPA5qoDNfsr%2FK3c%2BGIsw4C8FT7ilQIXIWo9cJSFoycOngGD1qCz7YWUtXm4wYixJozpMm%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718c1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4b1b04034fd7fde037f9e292ac1b1db
75c3e5fdd78f626baa6380ee1dec6b0918c92b9c
0bc689e88e074b3daa2218514cf796401d2477eccfa5bcac5c9ee8a8fb53a943
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0BC689E88E074B3DAA2218514CF796401D2477ECCFA5BCAC5C9EE8A8FB53A943"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3758
Expires: Sun, 04 Dec 2022 00:45:53 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7712
Expires: Sun, 04 Dec 2022 01:51:47 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fd236536beea55e4335b1f35acdc687a
5a27db6e6029be0bc35f0d3d43a8da779179c8ff
f06819499a5795df59b339f981e4c01c0ad120034cbe86b610ece4a11b2b82ce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F06819499A5795DF59B339F981E4C01C0AD120034CBE86B610ECE4A11B2B82CE"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8888
Expires: Sun, 04 Dec 2022 02:11:23 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 6969
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
putinho.sexoaovivo.org/wp-content/s/2019/12/putinho.2020.png
172.67.197.34302 Found 0 B URL HTTP/1.1 putinho.sexoaovivo.org/wp-content/s/2019/12/putinho.2020.png
IP 172.67.197.34:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wp-content/s/2019/12/putinho.2020.png HTTP/1.1
Host: putinho.sexoaovivo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/menatplay-large-andy-onassis-victor-dangelo/
Cookie: PHPSESSID=ltrduo5dqm6cr7i1i3mfq3o1ll
HTTP/1.1 302 Found
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Location: https://putinho.sexoaovivo.org
CF-Cache-Status: BYPASS
Set-Cookie: view=1; expires=Sun, 04-Dec-2022 23:43:15 GMT; Max-Age=86400
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PrPk1VR1vJ1tj2TDkImWiLwJGGiD8so%2FRbWTgcENX3%2BWdHa6qSkYCWkRr0utjkKhWHIWQ21d8LOL0AlR5ehzGA%2FtccGAcUe3e5RQ%2F6GZ0JX2Aqs%2FKLdtoDKuhHOgYc%2B%2BTGhHSsVH16h8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774029d8aa7cb51d-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 89e5fc40e9e626a035abde2964ba0959
e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: sOtbi4sBuEPzvS_l6X_w5S5BeHb1DROkFmpNDTlvo57kUVeYN6ra3A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 7236
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
banquetunarmedgrater.com/advertisers.js
192.243.61.225200 OK 0 B URL HTTP/1.1 banquetunarmedgrater.com/advertisers.js
IP 192.243.61.225:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c18f3b248fd07ec663bfc80920eeee4
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e117dc22b09406f46c8d18abc8b0351d
0af378f0dc96fff6f31ccb9b0e2405dedd1b274f
b98d8a3e427f2963bb98f84e2ae450ff6604f28998c3ccb4dfec183e12ed9d7d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B98D8A3E427F2963BB98F84E2AE450FF6604F28998C3CCB4DFEC183E12ED9D7D"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17193
Expires: Sun, 04 Dec 2022 04:29:48 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 05f4b88aff34222f6f02ec23b0731608
c997e25e8a4d5490dbb40d84a3f8f48766448beb
2abc2f9e34b568b418484edcc21c3a14d782a0d70dc41996a84c49d38fb989a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=99316
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638ac007-117"
Expires: Mon, 05 Dec 2022 03:18:31 GMT
Last-Modified: Sat, 03 Dec 2022 03:18:31 GMT
Server: nginx
Content-Length: 279
middaysonnyguffaw.com/1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js
173.233.137.44200 OK 13 kB URL HTTP/1.1 middaysonnyguffaw.com/1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js
IP 173.233.137.44:0
File type ASCII text, with very long lines (37169), with no line terminators
Hash 4bb7f60446d82f1f4d1b8054680d8f08
e77b07ab5bd634b1e43d86455d4f5d1b55e182e8
0dfaff0742e4bda3d8f34b61db5c9b2324e26cfdc627a27bc34c752501c15126
Analyzer Verdict Alert quad9 Sinkholed
GET /1b/8a/d1/1b8ad19e5b8faa97b5af717e65b0bdee.js HTTP/1.1
Host: middaysonnyguffaw.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7bae7d6ad3ea072811281ea0c408182d
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
178.162.196.156200 OK 50 kB URL HTTP/1.1 tartator.com/sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0
IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type ASCII text, with very long lines (50530), with no line terminators
Hash 2ca28f4d3a639138717d4f659fa085c5
12a89adf846e7215e4dcb79ed46256b7713cbd40
d5f688f301d187b445b5f71c6ccedebb32a3c2ff262dff0157edff480849e838
GET /sdk.js?sid=c7a563de-f73e-40f2-abfd-c98fa333d0c0 HTTP/1.1
Host: tartator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: text/javascript
Content-Length: 50530
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Cache-Status: EXPIRED
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dce523f3870687f45ae7d00887a441b3
5a7ea9e6727ed432b13912738738cf162cbc8ccd
85316ac2b8b50d3ee141b842093b30059d066374dfcb4eaec06d7fa2a4ffc64c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=125647
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638b26e0-117"
Expires: Mon, 05 Dec 2022 10:37:22 GMT
Last-Modified: Sat, 03 Dec 2022 10:37:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dce523f3870687f45ae7d00887a441b3
5a7ea9e6727ed432b13912738738cf162cbc8ccd
85316ac2b8b50d3ee141b842093b30059d066374dfcb4eaec06d7fa2a4ffc64c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2108
Cache-Control: max-age=127753
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:15 GMT
Etag: "638b26e0-117"
Expires: Mon, 05 Dec 2022 11:12:28 GMT
Last-Modified: Sat, 03 Dec 2022 10:37:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
vocalconferencesinister.com/4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js
173.233.139.164200 OK 21 kB URL HTTP/1.1 vocalconferencesinister.com/4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js
IP 173.233.139.164:0
File type HTML document, ASCII text, with very long lines (60147), with no line terminators
Hash c386671be63237fecfc5c5e6c8a91c3d
1dd26edc599bfae74b217bf35cb577e0523d9b5b
587ba4b6d51bde7b9e77007f5421203e0209cd959015c325ac030a3e991363b9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /4e/84/f4/4e84f42101bf00d68343d16d78e896d0.js HTTP/1.1
Host: vocalconferencesinister.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1695669a0d4c24755093dcc0965c0e45
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b97be2d8bd17b1e730c1ac65efb1fcad
81c3f30bebcc9b5af7139a9c6b48e7376e06e300
e090d30e29c263a62732de92fb2956db3e8c68e1e94710a047c1bc9afa360d39
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E090D30E29C263A62732DE92FB2956DB3E8C68E1E94710A047C1BC9AFA360D39"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14499
Expires: Sun, 04 Dec 2022 03:44:54 GMT
Date: Sat, 03 Dec 2022 23:43:15 GMT
Connection: keep-alive
putinho.sexoaovivo.org/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w
172.67.197.34200 OK 117 kB URL HTTP/2 putinho.sexoaovivo.org/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w
IP 172.67.197.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (26815)
Size 117 kB (116827 bytes)
Hash 4b1b2566d2ac5d29c98cb64658588925
4c6e6d009c2c801a1daa1137ee885f6d47929f48
06677e120a2b738dac4d99d9ac60df57cb9aa14468ae4704de549b4672b0e222
GET /wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo-300x141.jpg%20300w HTTP/1.1
Host: putinho.sexoaovivo.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: image/jpeg
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:15 GMT; Max-Age=86400
PHPSESSID=hjkuv0io78a0h7qco5b9a6le68; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PpPRPENbVL%2BeNgKZIy%2Fk4DpfeBbLe1cgtJeUCorlmvYHwBhdB30JnR6KP9ZwjeatkwDQGiq%2BP77H1p16KNKrDxCdUvoqTNCI0YGEYqef4p%2FsT2yYaDi9NMcbC66Lo%2BOv%2Fp2F7VN9vqHE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d8bd76b529-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
awqwuiwmse.com/get/1939995?zoneid=1939995&jp=_clnywkmikhuziszwzv0oaf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050102068051146
62.122.171.6200 OK 1.3 kB URL HTTP/2 awqwuiwmse.com/get/1939995?zoneid=1939995&jp=_clnywkmikhuziszwzv0oaf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050102068051146
IP 62.122.171.6:0
Hash 07638044c7ad21242eb98c3c5f10dc0f
d600fb8efd51681f2a8a3131ffc1606ef74f3f56
bfce586150ee6160e2b113bf39fc594333307e1aedf6df321c167c9daac814bf
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1939995?zoneid=1939995&jp=_clnywkmikhuziszwzv0oaf&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=undefined&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&freq=0&cid=4050102068051146 HTTP/1.1
Host: awqwuiwmse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=2212031843a6e012de44514c00b9e6c96a75; Path=/; Expires=Sun, 03 Dec 2023 23:43:15 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
putinho.net/wp-includes/css/classic-themes.min.css?ver=1
172.67.70.80200 OK 2.7 kB URL HTTP/2 putinho.net/wp-includes/css/classic-themes.min.css?ver=1
IP 172.67.70.80:0
Hash 92f6bd15cc496e5bbb200d6e1369c1ff
1b9660be475fad1808447624a7ab17bf1d35945b
a42b881cdd8b3f04ee151025be53d103b0d3ebe7a34a0732486c3a12482d6622
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"d9-6361d7aa-26a15eb;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wWN%2FsDz84INWftBbEHTf2fdQDidCShQLPV91qgD56W5qtKj6zollvwugG55ThgLV6%2BVyFthwTjJ1t5mBc1lfYSeuvXAa%2Fz6gDPbalklys7BWxXvwmjlwQvj0XCd5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca3e0bfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4
172.67.70.80301 Moved Permanently 2.9 kB URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4
IP 172.67.70.80:0
Hash d8509c80f0e849b12a129372bae14266
3c2decf09e131ff81565eddbae6f4ffd5b8741c9
06abddf007d485c1664194f2eee2e9b5ab6ac570de3d5618fd966e6d8024eca3
GET /wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.477b49bfe9d88c8027e6404802db6033,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6V1BfgDvUrUg9A9E%2BKp%2BtyGSELq8nV7ILSBiU%2BD4SBBVl7NJ5i4VjW1isw25rntoSdr1XVBHcMV4c5uGHEXHYetNvSL%2F5FlWiYGgAvJWN6Fags82xUDYYbVL29Wg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dfdfab8-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10
172.67.70.80200 OK 49 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10
IP 172.67.70.80:0
Hash 5ca3f052b80eecd8bcde6146b30ab2ba
f7c8fc4d5277c52da6ebc63b46db3b4dbea56075
dc2d41a9b0da83bac9da4a909a682a6c1b0da2026c3673f1ea07c4dfc45e8662
GET /wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"84d-63599f1e-2805219;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f27JepbhztU3YAl0T25ev0NlbgRgH9Daty6lAsSwqj%2BQrAWYZmr42NZ%2BchvN0E81P3TBT0TuNIdxDULQR4TF3toPWxkikUnMn7VBozCRIE7BMqzIJfhko2sch73G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dd7fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
104.26.5.174200 OK 32 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
IP 104.26.5.174:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb9cd6020d0509956beea24b1af474f4
c9b96bdbe2582e843196f45ac3c21a6b7a72b3e9
393da34328b477f6738029db34b639e9db09933acb5379fb3c66ddd2c3ddf88e
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2aca3-63599f1e-28052d0;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3sHh8%2Bp5GiwlyTCGE2R5TkCunet6WTjkVHJHYOi%2Fsn3oEbe3GdIlC3jgdJ7P4mHddzO7j49uFwZQDsBshxoGEBgR22nyf6kPFdfKq%2FW%2BOgpcpn8I0e2KIYICGdXF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a2b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 16 kB IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e1d51e9fa4c0ddeb8c0ac64603002abc
fd1651c45c1e37b052dabeeb45227705c41922ca
d0d622ddd506052c80fbb7f500759375cb41e81e0b3857413388ea4e01578bf5
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "4D525470DE40C5F7A597ED5753CFCC4887826EA19FA0B29383D501DA9CB01FDC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7509
Expires: Sun, 04 Dec 2022 01:48:25 GMT
Date: Sat, 03 Dec 2022 23:43:16 GMT
Connection: keep-alive
vmuid.com/uid/send
178.162.196.156200 OK 65 B IP 178.162.196.156:0
ASN #28753 Leaseweb Deutschland GmbH
File type JSON data\012- , ASCII text, with no line terminators
Hash e1ea336726b35b6152e32aa2590b196f
0df9d7410bf838eb9495019acf2d7fc3385c1781
c60f8410bf86a00a71c4404a50c84449fab01b28b3e14bffd2854fd1c41421a7
POST /uid/send HTTP/1.1
Host: vmuid.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: multipart/form-data; boundary=---------------------------428221729829354708221348065040
Content-Length: 323
Origin: http://putinho.sexoaovivo.org
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.14.1
Date: Sat, 03 Dec 2022 23:43:16 GMT
Content-Type: application/json
Content-Length: 65
Connection: keep-alive
Cache-Control: no-store, max-age=0
Accept-Ch: Sec-CH-UA-Platform-Version
Access-Control-Allow-Origin: http://putinho.sexoaovivo.org
Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers, set-cookie, Cookie
Access-Control-Allow-Credentials: true
Set-Cookie: guid=40cfcfdc-3ecd-4f93-885b-0b330e1e5a74; expires=Wed, 31 Dec 2025 00:00:00 GMT; domain=vmuid.com; path=/; secure; SameSite=None
putinho.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
104.26.5.174200 OK 4.5 kB URL HTTP/2 putinho.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 104.26.5.174:0
File type ASCII text, with very long lines (11256), with no line terminators
Hash 7c416a824e724290626e5fb2ed5d3144
53d8b79b8ace76bd7bf553873944dc97e0a574ef
e2c55a03130aa12a7a929a9ab9388cb10f0599e134b89cd265de210c79cc1ffd
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2bf8-63599f11-26a0584;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lzbMl51SrGPkK9zPa9Wb2fj7cz7iPTkm7AdKcatAKR%2BqX1Uga0k1wdGRJhmjj6VlKYyUqVz3Iim1QkKf7LabTHjDOyGpEQpX1u9G0QYbtme%2FQotK3xmjppTuvq9p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7089eb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
pixel.wp.com/g.gif?v=ext&blog=150445319&post=75187&tz=-3&srv=putinho.net&j=1%3A11.5.1&host=putinho.sexoaovivo.org&ref=http%3A%2F%2Fputinho.garotasonline.net%2F&fcp=1785&rand=0.7541497745932808
192.0.76.3200 OK 50 B URL HTTP/2 pixel.wp.com/g.gif?v=ext&blog=150445319&post=75187&tz=-3&srv=putinho.net&j=1%3A11.5.1&host=putinho.sexoaovivo.org&ref=http%3A%2F%2Fputinho.garotasonline.net%2F&fcp=1785&rand=0.7541497745932808
IP 192.0.76.3:0
File type GIF image data, version 89a, 6 x 5\012- data
Hash e4d673a55c5656f19ef81563fb10884c
1f2d8ed221d39329251ad3a6ff1edb20b7219443
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
GET /g.gif?v=ext&blog=150445319&post=75187&tz=-3&srv=putinho.net&j=1%3A11.5.1&host=putinho.sexoaovivo.org&ref=http%3A%2F%2Fputinho.garotasonline.net%2F&fcp=1785&rand=0.7541497745932808 HTTP/1.1
Host: pixel.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: image/gif
content-length: 50
cache-control: no-cache
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9df4da97c2c230fd3b25bca951400445
a7e80bc6e2f165a9ce811760c9f5fa876dacb202
dbb6fdf125a8f5b2ed673fd03b00d25e675675149da356987be066aff41232da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4624
Cache-Control: max-age=145730
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Etag: "638b6346-117"
Expires: Mon, 05 Dec 2022 16:12:06 GMT
Last-Modified: Sat, 03 Dec 2022 14:55:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
putinho.net/wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4
104.26.5.174301 Moved Permanently 471 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4
IP 104.26.5.174:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
GET /wp-content/plugins/-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.477b49bfe9d88c8027e6404802db6033,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxdNTCd6%2B5BLlZwYcNsI6zgg5G5xeY%2ByTP873o3VQYn%2F6BhZEh%2FJXWOwan0YyTQxYgW5R3Z8mSuYyScsBVd425Wut3ANwy5mpxyHLiz7K5%2FADO45j6T%2B4ReI%2FTY1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7a92ab509-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9df4da97c2c230fd3b25bca951400445
a7e80bc6e2f165a9ce811760c9f5fa876dacb202
dbb6fdf125a8f5b2ed673fd03b00d25e675675149da356987be066aff41232da
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4441
Cache-Control: max-age=145547
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Etag: "638b6346-117"
Expires: Mon, 05 Dec 2022 16:09:03 GMT
Last-Modified: Sat, 03 Dec 2022 14:55:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279
video.putinho.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670097600
104.26.5.174200 OK 18 kB URL HTTP/2 video.putinho.net/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670097600
IP 104.26.5.174:0
File type ASCII text, with very long lines (43531), with no line terminators
Hash 092e6ee57c563997e900048a3a6dada2
4bdfa88409de98c52e823cab0a89756ef1c8f8f9
be7baea7f2368f04c34d11aaba4c6abff61b403619b5d2680b061f69bbf4fe7c
GET /cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1670097600 HTTP/1.1
Host: video.putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHcAv9A7Sf0cDGQ8TymhQJRU4Z1velJcR4NsCTagYHIA2oUEWtu1%2BCUtQ594pjPi%2BCPEqboLhXdzmJXjXKP6Pa0W0MiuRXAD%2F5K7MzVWCW7k%2B6Uj0qVV1OQda70bBROHCHEO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dd2e45b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.88200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.88:0
Hash 3ac233072203aa898099a9f19d5c89f1
49e15a39534a9dadb3a87e90295a1f568e6665d3
025c971b8163c8429372f5be9fed72e934b3c68d6050412f425c08acac55747f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=141022
Date: Sat, 03 Dec 2022 23:43:16 GMT
Etag: "638b4f9a-1d7"
Expires: Mon, 05 Dec 2022 14:53:38 GMT
Last-Modified: Sat, 03 Dec 2022 13:31:06 GMT
Server: ECS (nyb/1D2E)
X-Cache: Miss from cloudfront
Via: 1.1 a6d89f7e2d55548b941f1ff5d5b3c8d4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: zgyr23R8ha-sV2tbYRvIgKs7tCfIOIjJYh_rfC7VvmaKcJQ-7YPG7Q==
Age: 4952
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13438
Expires: Sun, 04 Dec 2022 03:27:14 GMT
Date: Sat, 03 Dec 2022 23:43:16 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aec10b31b33d452af500b55ac2f648d0
7ae7342d80f461258a89317117b8aad0da90f8f1
b861ce3b99dc4ff75ffc2dbe2713ccd0a40d96a716d3277742826c6fd4005f89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4396
Cache-Control: max-age=103369
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Etag: "638abeb1-116"
Expires: Mon, 05 Dec 2022 04:26:05 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10
104.26.5.174200 OK 3.6 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10
IP 104.26.5.174:0
Hash 79c26a8d1ab26683123f35580cc607b7
7566f12888f00e56c9b3d0b4e8b6a48653020c0c
8e7d0ec39cfe5d3fcc19037a71c6de9f5305a696d4b0ec7ce2bd949e50d4c196
GET /wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"3c54-63599f1e-280521b;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BNRACR1%2FAQxV0%2BHm%2BIYeBHtLnUY%2B5qQfvO%2FUfzC83Rkw3OHGChKezJgI84d4lRztE%2BiwT%2FubMItH6zlSlTCZcn%2BowkmSmh7DAxSs0UhJ1pdU5WmBV8uf%2BMC6HOZp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a0b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
104.26.5.174200 OK 12 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 104.26.5.174:0
Hash 74e01911d2fc827c15e438070103676e
49fad664032ea878328df3a488eab4084fde4271
2adb6587f7e387b1d3a703dbca246730a9c13f14c4b333d91fbb7d5124e7b844
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/font-woff
etag: W/"9e58-63599f1e-2805124;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wOY5BgwMkWstkCqw%2BsNbshPl5f5Z5fiU3HhPbnL3bg2yJtjHm8A2xO%2FJ%2B8WQ9lKMBZ2Vvwu4oIcsKqBzV6pR9wbUHCThtMAf300ABaliqhJ%2BV4ENWqpNv6AU7okZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7fb940b49-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82b76ca589dab1a017603e72a3b88a48
508aec57479a19c4074271246a27c6f0e311ee1e
809cde0622aec8a90e3c00512194696b02eb85d6c9536dbbe8557642d2149d95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
commentsengine.com/js/js.load.1.js?6740211171839187
188.114.97.1200 OK 0 B URL HTTP/2 commentsengine.com/js/js.load.1.js?6740211171839187
IP 188.114.97.1:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/js.load.1.js?6740211171839187 HTTP/1.1
Host: commentsengine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: MISS
x-inferno-location: static
cf-cache-status: HIT
age: 15560321
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqhCagqORy96Ak7uqEhkdv2Y4VndlpOPSgnnBb8p4xTD5JaJERvjEjxwgipgHq8VOWmFy6rR7qKGU%2Fw5aJZn2BH05JGQivSN8KkRyausvVJJO4dLEhRqFP4kF%2FgBlhPe32p9KOk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029de0984b4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
104.26.5.174200 OK 45 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
IP 104.26.5.174:0
File type ASCII text, with very long lines (41903)
Hash 9b916088abef382da894c203ad9d871f
5827ccbd76102c2f3bd3017b87bce40dd22c8d94
831c3ba279a3d5e9a07ddf3908372ccf370e376103c64db84bfff958c51b0086
GET /wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"a3b0-63599f1e-28052d3;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqb1EbjST%2BmZaL3H7kkwzChQefba70A%2B%2Fwfd4v5nzFIxFHlolT0wavaVUFVEqa4AkBM0Oe4WrLUnbqEN0U3sJMNUKf6SiZLWpBSs%2FbYZLdmfqUgFugvn%2BuxhvW45"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
n1internet.com/publicidades/putinho/index1.php
51.81.43.93200 OK 27 kB URL HTTP/2 n1internet.com/publicidades/putinho/index1.php
IP 51.81.43.93:0
File type HTML document, ASCII text, with no line terminators
Hash 4d695f585e201731dc2aa6eafd208b35
ad92e06f496b51d4d8342316a79852cacf17cb19
cca45072707e106fd5559db6a172d8ef1ade48134b4d860752c63431d0275d3d
GET /publicidades/putinho/index1.php HTTP/1.1
Host: n1internet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
protected: by MS22112801
x-download-options: noopen
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
x-dns-prefetch-control: on
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 4.4 kB IP 192.0.76.3:0
File type ASCII text, with very long lines (2690)
Hash 4cd67ccf07f5a362465689e99d0d0018
b77af3e0f8e2eaa4e80cbc6df25f0b506c82497e
cbde53faede493d3d990299ab0b292d87b32d4260f7a66446360ce44c6018085
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash aec10b31b33d452af500b55ac2f648d0
7ae7342d80f461258a89317117b8aad0da90f8f1
b861ce3b99dc4ff75ffc2dbe2713ccd0a40d96a716d3277742826c6fd4005f89
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4891
Cache-Control: max-age=103864
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Etag: "638abeb1-116"
Expires: Mon, 05 Dec 2022 04:34:20 GMT
Last-Modified: Sat, 03 Dec 2022 03:12:49 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2add168858bbe1c8c877a59b7de5da35
1b53b12fb6fab6799919dd9a2f48f33dc1d747e2
689877a5233821014a57ceee4f58c37b55ba2400efa64de5452594fecb090c53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "689877A5233821014A57CEEE4F58C37B55BA2400EFA64DE5452594FECB090C53"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=856
Expires: Sat, 03 Dec 2022 23:57:32 GMT
Date: Sat, 03 Dec 2022 23:43:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82b76ca589dab1a017603e72a3b88a48
508aec57479a19c4074271246a27c6f0e311ee1e
809cde0622aec8a90e3c00512194696b02eb85d6c9536dbbe8557642d2149d95
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ffb1fa188f11f4b1ec69136d1920502b
8aac404d7cf025e415c22f6170fea74bf537c603
7beabb9b7af824e542dc5f62308e6d44c4a38dee34d69836ca4c1cf966592b82
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "7BEABB9B7AF824E542DC5F62308E6D44C4A38DEE34D69836CA4C1CF966592B82"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13438
Expires: Sun, 04 Dec 2022 03:27:14 GMT
Date: Sat, 03 Dec 2022 23:43:16 GMT
Connection: keep-alive
wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=1540&rd=1540&fd=687&bv=22.10.v.9&tmpl=70
173.233.137.52200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/purst?dl=0&th=0&sc=0&rs=1540&rd=1540&fd=687&bv=22.10.v.9&tmpl=70
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=1540&rd=1540&fd=687&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:16 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
awqwuiwmse.com/chicken.gif?z=1939995&pb=87aa265671319caf5883beadc7f256ec1670118195&psp=MBypbVDXPV0wy9qkaad0YCgIi7AG3GLfMAknoJRHMjGt5FM2KNxJgRe-4-GJ9imLKw0a_yGNqQmsjLnpz1o_q-IAyzzDf-B__nKlEBqDU9dAuomYC-nSsPi-dWcsaQ35p5ot3fK0Ql43XKZk3U1XhDNAfMuKKmfZzW4g0AprSHtn7cKu-u4swafRM5oK5Oo7HKY_PoFoYmWTBT8SYIdN19_nD_HNYo9qbi13VIOW1TiHP2Y-bnJU43uzG0iyXpgnLAucIQWAZSuDyFO16di4zIYuXywPyeA5MGKJ6VJ50wY4zF_u0NP5KTC0CYd3nqnQqCHad2rrDko6L4TBylNSW7bSNLiZyChcyzxtp681EIeFNyDKoGNZb3dqAHg28lN4UIW_zFhyFUgK-9I0V_On7Dia-qiXzGMWrEwjgk837TjeYYTdqTD7-IuyDHmZWCXJeYjxXQfQfQwVecyW_D61b9sY4Sa4Krohp5GjCGdCuYCjgJG0nOwEb8KSGtWPehiFvaI74ZLM30jR9JRn6lO46F2HSTUFzymAa2boVjLgA15bfN0eoaKVPnUD7Z1rBqdod93NgpB8Xd3Jwayql6A4YP9b0uUGCugBuhns2l3-ZQR5bhFpAgCYpCCYSLzBucQAhcHjh67c9J00R4-7DaSVXhsImoz7JKK1zcDYismUj3zsLlsK_wIKKNuN8Ux94GUkVHtdUsE8K_2HtFlxGD5Bp_T9PKgn_Ih3UxV5LCl2zTR3M7hCLtLFIrzxifbw1kDvuyuD3aSVkn7hIHODDSRuE9YXFmAd&abvar=0&os=0
62.122.171.6200 OK 43 B URL HTTP/2 awqwuiwmse.com/chicken.gif?z=1939995&pb=87aa265671319caf5883beadc7f256ec1670118195&psp=MBypbVDXPV0wy9qkaad0YCgIi7AG3GLfMAknoJRHMjGt5FM2KNxJgRe-4-GJ9imLKw0a_yGNqQmsjLnpz1o_q-IAyzzDf-B__nKlEBqDU9dAuomYC-nSsPi-dWcsaQ35p5ot3fK0Ql43XKZk3U1XhDNAfMuKKmfZzW4g0AprSHtn7cKu-u4swafRM5oK5Oo7HKY_PoFoYmWTBT8SYIdN19_nD_HNYo9qbi13VIOW1TiHP2Y-bnJU43uzG0iyXpgnLAucIQWAZSuDyFO16di4zIYuXywPyeA5MGKJ6VJ50wY4zF_u0NP5KTC0CYd3nqnQqCHad2rrDko6L4TBylNSW7bSNLiZyChcyzxtp681EIeFNyDKoGNZb3dqAHg28lN4UIW_zFhyFUgK-9I0V_On7Dia-qiXzGMWrEwjgk837TjeYYTdqTD7-IuyDHmZWCXJeYjxXQfQfQwVecyW_D61b9sY4Sa4Krohp5GjCGdCuYCjgJG0nOwEb8KSGtWPehiFvaI74ZLM30jR9JRn6lO46F2HSTUFzymAa2boVjLgA15bfN0eoaKVPnUD7Z1rBqdod93NgpB8Xd3Jwayql6A4YP9b0uUGCugBuhns2l3-ZQR5bhFpAgCYpCCYSLzBucQAhcHjh67c9J00R4-7DaSVXhsImoz7JKK1zcDYismUj3zsLlsK_wIKKNuN8Ux94GUkVHtdUsE8K_2HtFlxGD5Bp_T9PKgn_Ih3UxV5LCl2zTR3M7hCLtLFIrzxifbw1kDvuyuD3aSVkn7hIHODDSRuE9YXFmAd&abvar=0&os=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
GET /chicken.gif?z=1939995&pb=87aa265671319caf5883beadc7f256ec1670118195&psp=MBypbVDXPV0wy9qkaad0YCgIi7AG3GLfMAknoJRHMjGt5FM2KNxJgRe-4-GJ9imLKw0a_yGNqQmsjLnpz1o_q-IAyzzDf-B__nKlEBqDU9dAuomYC-nSsPi-dWcsaQ35p5ot3fK0Ql43XKZk3U1XhDNAfMuKKmfZzW4g0AprSHtn7cKu-u4swafRM5oK5Oo7HKY_PoFoYmWTBT8SYIdN19_nD_HNYo9qbi13VIOW1TiHP2Y-bnJU43uzG0iyXpgnLAucIQWAZSuDyFO16di4zIYuXywPyeA5MGKJ6VJ50wY4zF_u0NP5KTC0CYd3nqnQqCHad2rrDko6L4TBylNSW7bSNLiZyChcyzxtp681EIeFNyDKoGNZb3dqAHg28lN4UIW_zFhyFUgK-9I0V_On7Dia-qiXzGMWrEwjgk837TjeYYTdqTD7-IuyDHmZWCXJeYjxXQfQfQwVecyW_D61b9sY4Sa4Krohp5GjCGdCuYCjgJG0nOwEb8KSGtWPehiFvaI74ZLM30jR9JRn6lO46F2HSTUFzymAa2boVjLgA15bfN0eoaKVPnUD7Z1rBqdod93NgpB8Xd3Jwayql6A4YP9b0uUGCugBuhns2l3-ZQR5bhFpAgCYpCCYSLzBucQAhcHjh67c9J00R4-7DaSVXhsImoz7JKK1zcDYismUj3zsLlsK_wIKKNuN8Ux94GUkVHtdUsE8K_2HtFlxGD5Bp_T9PKgn_Ih3UxV5LCl2zTR3M7hCLtLFIrzxifbw1kDvuyuD3aSVkn7hIHODDSRuE9YXFmAd&abvar=0&os=0 HTTP/1.1
Host: awqwuiwmse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: UID=2212031843a6e012de44514c00b9e6c96a75
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.impression
set-cookie: OACICAP=ACMWJQAAAAAAAAAB; Path=/; Expires=Mon, 02 Jan 2023 23:43:16 GMT; Secure; SameSite=None
OACIBLOCK=ACMWJQAAAABjitfQ; Path=/; Expires=Mon, 02 Jan 2023 23:43:16 GMT; Secure; SameSite=None
ppucnt=0; Path=/; Expires=Sun, 04 Dec 2022 23:43:16 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
bg4nxu2u5t.com/solid.gif?z=1940432&abvar=0
62.122.171.6200 OK 43 B URL HTTP/2 bg4nxu2u5t.com/solid.gif?z=1940432&abvar=0
IP 62.122.171.6:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
Analyzer Verdict Alert quad9 Sinkholed
POST /solid.gif?z=1940432&abvar=0 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
hqq.tv/js/script-2.12.5.js
190.115.19.71200 OK 4.3 kB URL HTTP/2 hqq.tv/js/script-2.12.5.js
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
File type ASCII text, with very long lines (1242)
Hash 63c6cc05ba344ef5f0e94cf7ad729625
0dde0cb61346e7bf5fb67f0f322be3e00a23da1e
fc751c1b5978b5381f24a0a6e3d55c21294d3ad2fa864064125bdd19885dd760
GET /js/script-2.12.5.js HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
Cookie: uid=y1oAq6tmHs45uL-sK-2IRkJiYVuJ6W3y
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=DZkzge7CdyipnKfZBmfI; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 23:43:16 GMT
date: Mon, 17 Oct 2022 10:54:59 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 01 Dec 2020 19:28:37 GMT
etag: W/"5fc69965-4cb8"
access-control-allow-origin: *
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: br
x-cache-status-inferno-s: HIT
x-inferno-location: static
age: 4106897
ddg-cache-status: HIT,MISS
content-length: 4344
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-32x32.png
104.26.5.174403 Forbidden 2.4 kB URL HTTP/2 putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-32x32.png
IP 104.26.5.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (501)
Hash 98240505e0e87774d40d61890b05601d
1ca9b11684353ab50a8a59006fcdaed635bdd8c3
ce197ed78e06127c95a769af9658e775e9648b00454f1898384bd59e6acad07b
GET /wp-content/s/2017/04/cropped-favicon-putinho-32x32.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGGq%2FzLjH7axLMDq16IIYbo2F0XjH25fL7VIVFfkg5ozSTOH5NCI%2FuOOPyadd4IOxAiKJ0z%2BcEQscV7HUot%2Ba%2BIO3Sj5ie7QsshGJvo6Igeq7ZnNnNBDYXD%2F3jFX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029e169dab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.3200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 28 Nov 2022 19:09:57 GMT
expires: Tue, 28 Nov 2023 19:09:57 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 448399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
104.26.5.174200 OK 14 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
IP 104.26.5.174:0
File type ASCII text, with very long lines (58661)
Hash 1da92bc9de18caaac7241d948479848d
cc93069dfa48fe7bd8f7cbd420ffabf117791f0c
0b935ba81c2cbfdbbb9408e88d3fdb28b80d9016446ad4154533ec01af3dee8a
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"e526-63599f1e-28052d2;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY3J7w9TWVS6DRzV%2B5BI0Wp8lXbQMVUn8AqKSTngrYs2wkyQfMcgCg9r5%2BYBfMuCyrc2dth6u359gL%2FoA0V%2Bvg3%2BIJV4PW8AY6hPz5sPsynpiW%2BzXMYxLaWEjijK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
104.26.5.174200 OK 16 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 104.26.5.174:0
File type Web Open Font Format (Version 2), TrueType, length 79444, version 331.524\012- data
Hash 42c27ea7847e36bfc3e5ea949f41363f
35a4034afa45ea80a628387b1a7594c436705ad5
0c5721430057b077030ae5872d7f20ca8ded9e79cbac142d341cdba4b76e52a4
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: font/woff2
content-length: 79444
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: "13654-63599f1e-2805119;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v3SESoOMm%2FA3V6hbY5I%2FdOEDjFLohPE3VlKcQ9edCGiGc0F2A0b97Vrf4dadyII8%2FcnT1xF99qwAHPcIz3rcg2yLof1myiOfF%2BSzOuXs63gUt8leqIEXYjqLwtXA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d73ab90b49-OSL
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/tag.js
77.88.21.119200 OK 73 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 77.88.21.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (586)
Hash a4567a1e52f99c2b3870f58375ec8cac
dbfc795e71fc19f7e45e8637abc4ac770f639a48
2b13b5716855040bd9a08972b0e61369e50c6daa402ed937e18f6795f82429c8
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 73266
date: Sat, 03 Dec 2022 23:43:16 GMT
access-control-allow-origin: *
etag: "6388ac0c-11e32"
expires: Sun, 04 Dec 2022 00:43:16 GMT
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0077c02fc1ff25e01128fe7e76477b3e
4a599c82af9be4c7b01c61f3124ff6576d5fccaf
58c827f32125567faa9502ca5e96f1958a640185e3727793cb0b06d32db0970d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "58C827F32125567FAA9502CA5E96F1958A640185E3727793CB0B06D32DB0970D"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3022
Expires: Sun, 04 Dec 2022 00:33:38 GMT
Date: Sat, 03 Dec 2022 23:43:16 GMT
Connection: keep-alive
alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
192.243.59.13200 OK 11 kB URL HTTP/1.1 alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (32142), with no line terminators
Hash 95632ca968ab5922efd53e417d77799b
07bb082c849064cada1120205dbb45c9cb870913
f70df574952baba8f626726e78f9ef75fa7b0b9cf04eea9a27193a436faf17b1
Analyzer Verdict Alert quad9 Sinkholed
GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c0384e2f6bd5055566335f75db67fc8a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 274467
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
216.58.207.227200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:28:50 GMT
expires: Thu, 30 Nov 2023 19:28:50 GMT
cache-control: public, max-age=31536000
age: 274467
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
104.26.5.174200 OK 11 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
IP 104.26.5.174:0
File type ASCII text, with very long lines (11672)
Hash 7e32c974fb1c5742d489df38f40567b7
31affd257fbcd66f0460b8a525a13ceb7ea42661
380eef14d71b305f7ef047991a31c7f550c153fb3cdd988682e5d9133eb456a9
GET /wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2d99-63599f1e-280521e;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xusZtQ1r6dCW7cQZBefPEMBKsnYUHfBWs0nU6%2FyegkZDKqkurzNYGWhjjJXl9nudwjRwlmw2bkXe6sPUHkjm5%2Fn5Ay0x60mImpxm9DPpgTZshoIXecR1mh38NGDc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a7b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
216.58.207.227200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 12:29:21 GMT
expires: Fri, 01 Dec 2023 12:29:21 GMT
cache-control: public, max-age=31536000
age: 213236
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
simplewebanalysis.com/stats
52.28.211.11200 OK 40 B URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
File type ASCII text, with no line terminators
Hash 1306b90012acfd94ef7464c818964d2e
f307b559a591c95df04ecdbe0c39e799699e3210
362d19980706697383d2d909727c60450ae8e8ed84b5b85cfc8fc78567882e18
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Cookie: uid_id2=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:17 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.tv
access-control-allow-credentials: true
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/pure
173.233.137.52204 No Content 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://putinho.sexoaovivo.org/
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
wastedinvaluable.com/pixel/pure
173.233.137.52204 No Content 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
OPTIONS /pixel/pure HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://putinho.sexoaovivo.org/
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Content-Length: 0
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e007834173b60b3d2fe4aef49dbfdf35
3d39deeaffd8e234ea6de0956448a654f74833e0
aa81d6406ec174b15a3a6b17c62d64bd0903e8da7bd83e7108e6aa7dac1b9e43
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AA81D6406EC174B15A3A6B17C62D64BD0903E8DA7BD83E7108E6AA7DAC1B9E43"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4924
Expires: Sun, 04 Dec 2022 01:05:21 GMT
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ddb39861247447d4893bb0c047341873
e98e593991fd7aafdca51a41de2ab418cce988ed
88c10bd0a2532486d293e37d2c3b7e2572428c40165afbafd97d464f1b42a60f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88C10BD0A2532486D293E37D2C3B7E2572428C40165AFBAFD97D464F1B42A60F"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13384
Expires: Sun, 04 Dec 2022 03:26:21 GMT
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
putinho.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
172.67.70.80200 OK 34 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
IP 172.67.70.80:0
File type ASCII text, with very long lines (54141)
Hash a22678e3bea754654b38326c3ad5dad7
0cfbd2f3cca17e4adaf96cdda426b181309ea497
621e23a6e7515ce21022b2706d38bf4c5b38f31f7c5ad4a4e412238ec2201049
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"d37e-63599f1e-280522c;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PSecJBzBfJiWsxuYOSSys%2FsVL0vJNh6HUJwQVRf2ocyi2Kch9pBguYUYTIWN0auLt4VGeu2aDJ1KzsvOSSP0sc%2BMZfMsSRuSsH%2Ba0ANRQnPofhls%2Bh6s5iIDfNFC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1ddcfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
wastedinvaluable.com/pixel/pure
173.233.137.52200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: http://putinho.sexoaovivo.org
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
wastedinvaluable.com/pixel/pure
173.233.137.52200 OK 0 B URL HTTP/1.1 wastedinvaluable.com/pixel/pure
IP 173.233.137.52:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
POST /pixel/pure HTTP/1.1
Host: wastedinvaluable.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 73
Origin: http://putinho.sexoaovivo.org
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
172.67.70.80200 OK 21 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP 172.67.70.80:0
Hash 593b507f839fa0170f8411a20d877a1f
a57955511567f05812cb26a26ba15c12e5cf6b6f
97398abfbf8f71bf43b349873f73691b9456b5eb3ca0348f30740da06c3ea8a6
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.garotasonline.net
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/font-woff
etag: W/"9e58-63599f1e-2805124;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZzuAoeiBr3CbguJAUhuiKar1T5nbwc7Yw8vCmu6XRcliJ5SEIfwlP78DS9tSjmaa7zzkCzCa02gJKlrkNq5GLZ9PghfXKzy7ydKHi7a8piv7Ob1Imsnb5NzbDh24"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1b2fb523-OSL
content-encoding: br
X-Firefox-Spdy: h2
parkingridiculous.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
173.233.137.60200 OK 29 kB URL HTTP/1.1 parkingridiculous.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
IP 173.233.137.60:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 7762d5ccb764e0b4bc0b9f57b742b6c7
132ee4cbb253acb74c81319a2626435e4be9d9f1
17848029f5266dbab8f962f2843cd3a61b9969a254895ded30ff3ba4997135af
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 46ade8444eb35953ff6448bf3ff62626
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
mc.yandex.ru/metrika/advert.gif
77.88.21.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 77.88.21.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Sat, 03 Dec 2022 23:43:17 GMT
access-control-allow-origin: *
etag: "6388ac0c-2b"
expires: Sun, 04 Dec 2022 00:43:17 GMT
accept-ranges: bytes
last-modified: Thu, 01 Dec 2022 16:28:44 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88674247?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 407 B URL HTTP/2 mc.yandex.ru/watch/88674247?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash 9dac5f1cec5d449e18c33be94a593cba
e08522fa2fba6cca91554f9a5a43fd625becc2e5
a99da94e55c7fe7ffbc69fc6f80d114a4afbe5dc777062d4dd5e94410e308aec
GET /watch/88674247?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/88674247/1?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 03 Dec 2022 23:43:17 GMT
access-control-allow-origin: http://putinho.sexoaovivo.org
set-cookie: yabs-sid=500607581670110997; Path=/; SameSite=None; Secure
i=P7MdJ5txklUl1QR9IZCAqJT+yRLnFCA+9HJfq7GWuE07g4ANUwx9IxlBGM7BGPtJYYER/k9V81+0ufhdG8XjpAwCxoY=; Expires=Tue, 30-Nov-2032 23:43:16 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=7068780961670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=7068780961670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701646997.yc.1670110997#1701646997.yrts.1670110997#1701646997.yrtsi.1670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 23:43:17 GMT
last-modified: Sat, 03-Dec-2022 23:43:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/88674247/1?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
77.88.21.119200 OK 407 B URL HTTP/2 mc.yandex.ru/watch/88674247/1?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
IP 77.88.21.119:0
File type JSON data\012- , ASCII text, with very long lines (407), with no line terminators
Hash e67862047e2e7f258c16293f3557db3c
c64dad7955ce7e776b55af01f0bbc537254c5d21
e007074db39d377bf3f383cdc34123b37661d5c76d9410f7b03c4072bc3c2119
GET /watch/88674247/1?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A664869180253%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A72109941%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29 HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 407
date: Sat, 03 Dec 2022 23:43:17 GMT
x-content-type-options: nosniff
access-control-allow-origin: http://putinho.sexoaovivo.org
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 23:43:17 GMT
last-modified: Sat, 03-Dec-2022 23:43:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: application/json; charset=utf-8
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
tallysaturatesnare.com/sbar.json?key=1b8ad19e5b8faa97b5af717e65b0bdee
192.243.61.227200 OK 3.3 kB URL HTTP/1.1 tallysaturatesnare.com/sbar.json?key=1b8ad19e5b8faa97b5af717e65b0bdee
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type JSON data\012- , ASCII text, with very long lines (5807), with no line terminators
Hash f3533bb4ee3eef5b243a315e78cb1791
9a1d2961a034886cb0cc8f01bf5d5b9a2be9b7fe
772e079c2d2b5bc1a09880f68e995b3d73a6bf0823808136b800d408ab1aee97
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=1b8ad19e5b8faa97b5af717e65b0bdee HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: http://putinho.sexoaovivo.org
Access-Control-Allow-Origin: http://putinho.sexoaovivo.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=16091052; expires=Sun, 04 Dec 2022 23:43:17 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 04 Dec 2022 23:43:17 GMT; secure; SameSite=None
uncs=1; expires=Sun, 04 Dec 2022 23:43:17 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 04 Dec 2022 23:43:17 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 04 Dec 2022 23:43:17 GMT; secure; SameSite=None
slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]; expires=Sat, 03 Dec 2022 23:43:22 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 349f42f1801e26a4a197b5c45071e9fa
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
putinho.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
172.67.70.80200 OK 11 kB URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
IP 172.67.70.80:0
File type HTML document, ASCII text, with very long lines (22472)
Hash ce4d518379c1afaebaff48b7aeb1f676
9a54868ae6c90a3dc3b13ca4a3b56a33f2a5e063
4f2513ecd5a5c9050fdc09bdb3d36eb94b4d6f74fa434ab1221574a0f9f9390f
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"57c9-63599f1e-28051fd;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5BpywTklqHh1aDnQCN25b77b%2Fw%2FSrc17A0awGpD0STeksXOgBF%2BO088qA9zw%2BjQDc9PhQRA3u8XK4Mxfoj%2B1VD1f8n5XRCrIW%2FBvPI4RBk0NiyQ%2Fb3ZeRWIuoNQC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1deffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a239878ef5bbcc237e7b45f282075f4
6eeb910e4ece59e97dfe32071ea94a6e3530c81b
92305af0d4663e9c8bc67a8021e4a983ab13c5a3a613a71e6e2fad826886ee18
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "92305AF0D4663E9C8BC67A8021E4A983AB13C5A3A613A71E6E2FAD826886EE18"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9362
Expires: Sun, 04 Dec 2022 02:19:19 GMT
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c770ed8e1043091817cf67c2338116d2
eb799e23dbf7d7fd82d63ec0220007e5b8196e48
addff025294dc6a89ff5f686910eb51ba8791c40f50b1c6b63ddc4c8db5808cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ADDFF025294DC6A89FF5F686910EB51BA8791C40F50B1C6B63DDC4C8DB5808CF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8869
Expires: Sun, 04 Dec 2022 02:11:06 GMT
Date: Sat, 03 Dec 2022 23:43:17 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2356d056eaba2ee2501fd83f7317b936
1556d69002913b6636aa0973881b421b8111002f
d4394c92e350c6564bf5104ea8c2c2fc7866794cda878be883f1c1f98a12ca6e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1172
Cache-Control: max-age=154890
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 23:43:18 GMT
Etag: "638b948c-117"
Expires: Mon, 05 Dec 2022 18:44:48 GMT
Last-Modified: Sat, 03 Dec 2022 18:25:16 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLekFLoACEgeEj0VCzq5%2FxHZ7iBrahIiQhLYoFw7M7Mw6Q8Y7q5ldr%2BNTRCVa1EMdIaRy23xOGgGhaq9ISMWGA7KEVPcAOZCKQ%2F8C1J44IDsWEU%2BaeW%2Fme4fv%2B977fDc5Ji4SerT2gW5LpehMOe%2Fmzq3LkOvU5lau5Tw3717IrctwtnQh1xpdpnnec8t59%2B3covA39UzB9VzXc73cgjQi0K2ZMQoZHda8fM3Nlwp5r1xCy%2Fz%2FbRMHljrgzWPyKiQfnt349QGk30PYuH9J2M1YR%2B9cbiSKxtqgyQ8%2BCjdDnYZonJaBcRCEB5NuaDsk5M4Z6PBgogC6uTdSACaHxPndAwsPJjTBmvsnTJmCCMH4S0ibPQjVg6Q9%2BPo6JH9EAJ9jZRVh4%2B6KNindOkHpCB2Sqed%2FQ6ZDMvXnNMLGvXklW7mrWiWx1KFFK8ggWz3Ieg9R0kfcdiDTPvz4M0j%2BG5l5voywsbdqlYbk2Vi9lD3IoAclOqDWQTI60kESOEgiBw1%2BlKPlWuC6lYAFxWK15Pt%2Bsej75eosL%2FNiqRq4SPwRvQ7iqANfdeCbbURmG5ty59HiPzDJQ9iNDJY7sPGQOB9uo8kzpIIgtQQpJUglQRoTpM1snytbsNldrmzCvEkuTHIx6%2Bq4vkv3dVwXIdmNjskrY2ue3TjEpjjKeaxKuVcTZVYNKK1VWJkGFa8iZsvMZVwIWJlB2jNjtW05JK8%2F%2FQGRHBJy%2Bw8w2odVffjyZdDkTdC0Wym4oBvdUtVFO%2Fw%2B0iaMjG5t5WkUgesMUTyFeMvZVcfkjTGR82Yawh%2FMHd33bn258DV8kyEyGT6VPxPU1c3uFZ2SvSs6teTBahTLhmzT0fyuxjQWZ799X2yl2vClS7bzzUV%2FBIzKw2vCxss05DKsW%2FLdvORcmAVtfEF%2BXLLrgq0ldmM%2BMWESLa%2B9u7DUiIywVuqwBzrStvMEvhySF7%2FKj3fzrct3IE0PJsnQSAZkEpC6Dz%2Faho0Gc7%2F0bn987lkfVhMYddrDIgdpknVNgZ1%2BKjkkpRuPocRg7uHTTy5%2BUVkGZRmsGMz9tHhvuv3Xe2DiP1N27U3UjQMaX0fYyNA0GZoqA1Ud2OSFbhyZwdzj4jjAlNNlyjh7TBm1c2KwlUc5UQ7cQLgFwYIaCyrU5bWgVGO05onR1D3EdujfevLavwAAAP%2F%2FAQAA%2F%2F8XDXNSdwQAAA%3D%3D
192.243.61.227200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLekFLoACEgeEj0VCzq5%2FxHZ7iBrahIiQhLYoFw7M7Mw6Q8Y7q5ldr%2BNTRCVa1EMdIaRy23xOGgGhaq9ISMWGA7KEVPcAOZCKQ%2F8C1J44IDsWEU%2BaeW%2Fme4fv%2B977fDc5Ji4SerT2gW5LpehMOe%2Fmzq3LkOvU5lau5Tw3717IrctwtnQh1xpdpnnec8t59%2B3covA39UzB9VzXc73cgjQi0K2ZMQoZHda8fM3Nlwp5r1xCy%2Fz%2FbRMHljrgzWPyKiQfnt349QGk30PYuH9J2M1YR%2B9cbiSKxtqgyQ8%2BCjdDnYZonJaBcRCEB5NuaDsk5M4Z6PBgogC6uTdSACaHxPndAwsPJjTBmvsnTJmCCMH4S0ibPQjVg6Q9%2BPo6JH9EAJ9jZRVh4%2B6KNindOkHpCB2Sqed%2FQ6ZDMvXnNMLGvXklW7mrWiWx1KFFK8ggWz3Ieg9R0kfcdiDTPvz4M0j%2BG5l5voywsbdqlYbk2Vi9lD3IoAclOqDWQTI60kESOEgiBw1%2BlKPlWuC6lYAFxWK15Pt%2Bsej75eosL%2FNiqRq4SPwRvQ7iqANfdeCbbURmG5ty59HiPzDJQ9iNDJY7sPGQOB9uo8kzpIIgtQQpJUglQRoTpM1snytbsNldrmzCvEkuTHIx6%2Bq4vkv3dVwXIdmNjskrY2ue3TjEpjjKeaxKuVcTZVYNKK1VWJkGFa8iZsvMZVwIWJlB2jNjtW05JK8%2F%2FQGRHBJy%2Bw8w2odVffjyZdDkTdC0Wym4oBvdUtVFO%2Fw%2B0iaMjG5t5WkUgesMUTyFeMvZVcfkjTGR82Yawh%2FMHd33bn258DV8kyEyGT6VPxPU1c3uFZ2SvSs6teTBahTLhmzT0fyuxjQWZ799X2yl2vClS7bzzUV%2FBIzKw2vCxss05DKsW%2FLdvORcmAVtfEF%2BXLLrgq0ldmM%2BMWESLa%2B9u7DUiIywVuqwBzrStvMEvhySF7%2FKj3fzrct3IE0PJsnQSAZkEpC6Dz%2Faho0Gc7%2F0bn987lkfVhMYddrDIgdpknVNgZ1%2BKjkkpRuPocRg7uHTTy5%2BUVkGZRmsGMz9tHhvuv3Xe2DiP1N27U3UjQMaX0fYyNA0GZoqA1Ud2OSFbhyZwdzj4jjAlNNlyjh7TBm1c2KwlUc5UQ7cQLgFwYIaCyrU5bWgVGO05onR1D3EdujfevLavwAAAP%2F%2FAQAA%2F%2F8XDXNSdwQAAA%3D%3D
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz28bRRSeLekFLoACEgeEj0VCzq5%2FxHZ7iBrahIiQhLYoFw7M7Mw6Q8Y7q5ldr%2BNTRCVa1EMdIaRy23xOGgGhaq9ISMWGA7KEVPcAOZCKQ%2F8C1J44IDsWEU%2BaeW%2Fme4fv%2B977fDc5Ji4SerT2gW5LpehMOe%2Fmzq3LkOvU5lau5Tw3717IrctwtnQh1xpdpnnec8t59%2B3covA39UzB9VzXc73cgjQi0K2ZMQoZHda8fM3Nlwp5r1xCy%2Fz%2FbRMHljrgzWPyKiQfnt349QGk30PYuH9J2M1YR%2B9cbiSKxtqgyQ8%2BCjdDnYZonJaBcRCEB5NuaDsk5M4Z6PBgogC6uTdSACaHxPndAwsPJjTBmvsnTJmCCMH4S0ibPQjVg6Q9%2BPo6JH9EAJ9jZRVh4%2B6KNindOkHpCB2Sqed%2FQ6ZDMvXnNMLGvXklW7mrWiWx1KFFK8ggWz3Ieg9R0kfcdiDTPvz4M0j%2BG5l5voywsbdqlYbk2Vi9lD3IoAclOqDWQTI60kESOEgiBw1%2BlKPlWuC6lYAFxWK15Pt%2Bsej75eosL%2FNiqRq4SPwRvQ7iqANfdeCbbURmG5ty59HiPzDJQ9iNDJY7sPGQOB9uo8kzpIIgtQQpJUglQRoTpM1snytbsNldrmzCvEkuTHIx6%2Bq4vkv3dVwXIdmNjskrY2ue3TjEpjjKeaxKuVcTZVYNKK1VWJkGFa8iZsvMZVwIWJlB2jNjtW05JK8%2F%2FQGRHBJy%2Bw8w2odVffjyZdDkTdC0Wym4oBvdUtVFO%2Fw%2B0iaMjG5t5WkUgesMUTyFeMvZVcfkjTGR82Yawh%2FMHd33bn258DV8kyEyGT6VPxPU1c3uFZ2SvSs6teTBahTLhmzT0fyuxjQWZ799X2yl2vClS7bzzUV%2FBIzKw2vCxss05DKsW%2FLdvORcmAVtfEF%2BXLLrgq0ldmM%2BMWESLa%2B9u7DUiIywVuqwBzrStvMEvhySF7%2FKj3fzrct3IE0PJsnQSAZkEpC6Dz%2Faho0Gc7%2F0bn987lkfVhMYddrDIgdpknVNgZ1%2BKjkkpRuPocRg7uHTTy5%2BUVkGZRmsGMz9tHhvuv3Xe2DiP1N27U3UjQMaX0fYyNA0GZoqA1Ud2OSFbhyZwdzj4jjAlNNlyjh7TBm1c2KwlUc5UQ7cQLgFwYIaCyrU5bWgVGO05onR1D3EdujfevLavwAAAP%2F%2FAQAA%2F%2F8XDXNSdwQAAA%3D%3D HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Cookie: u_pl=16091052; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:17 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: caa5984b9c895ae0f11ff02fdb27b2d2
Strict-Transport-Security: max-age=0; includeSubdomains
parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9NTM%2FfgNuVHShKPTChYLpVHVVpbudxWAcI8FMEmZGshDB9686z7yuV%2FNeVVcnqzADMuCm3bmsnE4mjAZxPsCAdASRgGC7kMAYP4MIs3IhnTS03kXde%2BrcxTnnvs%2F3ijPio6Cn6zfNjtKazsd1v%2FbmhkqFKV1t9U4t8Ov%2BtdqGSheia7X%2B5GN77wR%2BXPffqn0g%2BZaZb%2FiB7wd%2BUFtSViamP3%2FOQmVH7aDe9utRox7EEfr2v9gVHhz1IHpn5EUoMf7f5k%2BPofgIafe7G9Jt5SZ7%2B%2F1uoWluLHri8KN0KzVliu5sTKyHJD2cbsO4MSFfXYJJD6cOYHr7Ewdgaky83wKw9HAqE6x3cKGUacgUTDyHsjeC1CMoOgI396HELwTgAqtrSLsPV40t6fYFSyfsmFx59hdUOSZXfn8JaffbRa36tdtGF7kyqUM%2FqaD6I6jOCFlxjHzHgyqPwfN7UOJnMv9sBWl3f81pAyVO32hIGTMum3NSRGwuYkl7rtVaCOcCKqOoyXkQBuF5REqNoJIRtByAussonIdCeSgSD0XmoStOazRuJ77fTFgShq2Icx6GnMetBRGLMGolPgo%2B8TBAng3A9QDc7iKzu9hSA9jie7jNCk54cDlBT1QoJUHpCEpKUCqCMicoe9WB0K7hqodCu4IF096Y9rAamryzRw9M3pEp2cvOyAuT4Lyr946wJU9rdIH5rNVuxKLNQhoFccT9MOaNiEVStJsSTlVQ7hKo87CjxuS1J3Vkakz%2B%2F8lTMHoMp4%2FB1fOgxeug5bDZ8EE3h1HLx056REWh87nNu3fruYEwFbL8CvJtb0%2BfkVfODxheewrJT65%2Fym6O%2F3z0N7itkNkKn6kfCDr6wfCWKcn%2BLVM68ngty1VX7dDJcW%2FnNJeXv%2F5QbpfGiuUbbvDoXT4hJuPRHenyFZoKlXYc%2BWZRCSHtkrFckifLbkOy9cJtLhY2LbKV9feWlruZlc4pk45A1ZiQH0%2FA1ZhcFeX5w33VfQxlR7BFhW5xQqYFZY7Bs124bKbfGQKrZzss81AW1dA22OynVgRazjBlFdy%2FMJvNe%2B4BOtYDze8j7Vbo2Qo9XYHqAVxxeZhn9uT6r%2BF5gWlvyLT19pm2%2BsuLcJ06rck48RPpNyRL2ixpUl%2B0k6jNaDuQTRbTALkb8y%2F%2BePkfAAAA%2F%2F8BAAD%2F%2F9xjgfiQBAAA
173.233.137.60200 OK 7 B URL HTTP/1.1 parkingridiculous.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9NTM%2FfgNuVHShKPTChYLpVHVVpbudxWAcI8FMEmZGshDB9686z7yuV%2FNeVVcnqzADMuCm3bmsnE4mjAZxPsCAdASRgGC7kMAYP4MIs3IhnTS03kXde%2BrcxTnnvs%2F3ijPio6Cn6zfNjtKazsd1v%2FbmhkqFKV1t9U4t8Ov%2BtdqGSheia7X%2B5GN77wR%2BXPffqn0g%2BZaZb%2FiB7wd%2BUFtSViamP3%2FOQmVH7aDe9utRox7EEfr2v9gVHhz1IHpn5EUoMf7f5k%2BPofgIafe7G9Jt5SZ7%2B%2F1uoWluLHri8KN0KzVliu5sTKyHJD2cbsO4MSFfXYJJD6cOYHr7Ewdgaky83wKw9HAqE6x3cKGUacgUTDyHsjeC1CMoOgI396HELwTgAqtrSLsPV40t6fYFSyfsmFx59hdUOSZXfn8JaffbRa36tdtGF7kyqUM%2FqaD6I6jOCFlxjHzHgyqPwfN7UOJnMv9sBWl3f81pAyVO32hIGTMum3NSRGwuYkl7rtVaCOcCKqOoyXkQBuF5REqNoJIRtByAussonIdCeSgSD0XmoStOazRuJ77fTFgShq2Icx6GnMetBRGLMGolPgo%2B8TBAng3A9QDc7iKzu9hSA9jie7jNCk54cDlBT1QoJUHpCEpKUCqCMicoe9WB0K7hqodCu4IF096Y9rAamryzRw9M3pEp2cvOyAuT4Lyr946wJU9rdIH5rNVuxKLNQhoFccT9MOaNiEVStJsSTlVQ7hKo87CjxuS1J3Vkakz%2B%2F8lTMHoMp4%2FB1fOgxeug5bDZ8EE3h1HLx056REWh87nNu3fruYEwFbL8CvJtb0%2BfkVfODxheewrJT65%2Fym6O%2F3z0N7itkNkKn6kfCDr6wfCWKcn%2BLVM68ngty1VX7dDJcW%2FnNJeXv%2F5QbpfGiuUbbvDoXT4hJuPRHenyFZoKlXYc%2BWZRCSHtkrFckifLbkOy9cJtLhY2LbKV9feWlruZlc4pk45A1ZiQH0%2FA1ZhcFeX5w33VfQxlR7BFhW5xQqYFZY7Bs124bKbfGQKrZzss81AW1dA22OynVgRazjBlFdy%2FMJvNe%2B4BOtYDze8j7Vbo2Qo9XYHqAVxxeZhn9uT6r%2BF5gWlvyLT19pm2%2BsuLcJ06rck48RPpNyRL2ixpUl%2B0k6jNaDuQTRbTALkb8y%2F%2BePkfAAAA%2F%2F8BAAD%2F%2F9xjgfiQBAAA
IP 173.233.137.60:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2sk1Rd9NTM%2FfgNuVHShKPTChYLpVHVVpbudxWAcI8FMEmZGshDB9686z7yuV%2FNeVVcnqzADMuCm3bmsnE4mjAZxPsCAdASRgGC7kMAYP4MIs3IhnTS03kXde%2BrcxTnnvs%2F3ijPio6Cn6zfNjtKazsd1v%2FbmhkqFKV1t9U4t8Ov%2BtdqGSheia7X%2B5GN77wR%2BXPffqn0g%2BZaZb%2FiB7wd%2BUFtSViamP3%2FOQmVH7aDe9utRox7EEfr2v9gVHhz1IHpn5EUoMf7f5k%2BPofgIafe7G9Jt5SZ7%2B%2F1uoWluLHri8KN0KzVliu5sTKyHJD2cbsO4MSFfXYJJD6cOYHr7Ewdgaky83wKw9HAqE6x3cKGUacgUTDyHsjeC1CMoOgI396HELwTgAqtrSLsPV40t6fYFSyfsmFx59hdUOSZXfn8JaffbRa36tdtGF7kyqUM%2FqaD6I6jOCFlxjHzHgyqPwfN7UOJnMv9sBWl3f81pAyVO32hIGTMum3NSRGwuYkl7rtVaCOcCKqOoyXkQBuF5REqNoJIRtByAussonIdCeSgSD0XmoStOazRuJ77fTFgShq2Icx6GnMetBRGLMGolPgo%2B8TBAng3A9QDc7iKzu9hSA9jie7jNCk54cDlBT1QoJUHpCEpKUCqCMicoe9WB0K7hqodCu4IF096Y9rAamryzRw9M3pEp2cvOyAuT4Lyr946wJU9rdIH5rNVuxKLNQhoFccT9MOaNiEVStJsSTlVQ7hKo87CjxuS1J3Vkakz%2B%2F8lTMHoMp4%2FB1fOgxeug5bDZ8EE3h1HLx056REWh87nNu3fruYEwFbL8CvJtb0%2BfkVfODxheewrJT65%2Fym6O%2F3z0N7itkNkKn6kfCDr6wfCWKcn%2BLVM68ngty1VX7dDJcW%2FnNJeXv%2F5QbpfGiuUbbvDoXT4hJuPRHenyFZoKlXYc%2BWZRCSHtkrFckifLbkOy9cJtLhY2LbKV9feWlruZlc4pk45A1ZiQH0%2FA1ZhcFeX5w33VfQxlR7BFhW5xQqYFZY7Bs124bKbfGQKrZzss81AW1dA22OynVgRazjBlFdy%2FMJvNe%2B4BOtYDze8j7Vbo2Qo9XYHqAVxxeZhn9uT6r%2BF5gWlvyLT19pm2%2BsuLcJ06rck48RPpNyRL2ixpUl%2B0k6jNaDuQTRbTALkb8y%2F%2BePkfAAAA%2F%2F8BAAD%2F%2F9xjgfiQBAAA HTTP/1.1
Host: parkingridiculous.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Cookie: u_pl=17334956; uid_id2=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; sleca6b0b8925d9b3a4154c035c24b4ed97e=[3357660]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c1e145078eddda1fda98c3af83a6faec
Strict-Transport-Security: max-age=0; includeSubdomains
s4.histats.com/stats/0.php?3040017&@f16&@g1&@h1&@i1&@j1670110994660&@k0&@l1&@mMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&@n0&@ohttp%3A%2F%2Fputinho.garotasonline.net%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-32617790&@b3:1670110995&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&@w
149.56.240.132200 OK 64 B URL HTTP/1.1 s4.histats.com/stats/0.php?3040017&@f16&@g1&@h1&@i1&@j1670110994660&@k0&@l1&@mMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&@n0&@ohttp%3A%2F%2Fputinho.garotasonline.net%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-32617790&@b3:1670110995&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&@w
IP 149.56.240.132:0
File type ASCII text, with no line terminators
Hash c2a7dde819e9bd22675978cf94ba32ae
b80607e23dcc3534b92512eae0a99cb0a526b62f
fc44c5fc7a0fbafb010ed7223c6d365f4a9a5cb07aa62d5ab3a333405123c5a2
GET /stats/0.php?3040017&@f16&@g1&@h1&@i1&@j1670110994660&@k0&@l1&@mMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&@n0&@ohttp%3A%2F%2Fputinho.garotasonline.net%2F&@q0&@r0&@s0&@ten-US&@u1280&@b1:-32617790&@b3:1670110995&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttp%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&@w HTTP/1.1
Host: s4.histats.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 64
Connection: close
whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=2150&rd=2150&fd=513&bv=22.10.v.10&tmpl=136
173.233.137.60200 OK 0 B URL HTTP/1.1 whiskerssituationdisturb.com/pixel/purst?dl=0&th=0&sc=0&rs=2150&rd=2150&fd=513&bv=22.10.v.10&tmpl=136
IP 173.233.137.60:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=2150&rd=2150&fd=513&bv=22.10.v.10&tmpl=136 HTTP/1.1
Host: whiskerssituationdisturb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sun, 04 Dec 2022 01:29:25 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sun, 04 Dec 2022 01:29:25 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sun, 04 Dec 2022 01:29:25 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
172.67.74.218200 OK 572 B URL HTTP/2 cdn.yourwebbars.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html
IP 172.67.74.218:0
File type HTML document, ASCII text
Hash 7e111e84ac45ada71323d218ea05d02b
f7f6a35ab4b8e07a613d2389896ce47784515c79
5a737352d2da8abd1b48ff4e4cca93e8e9d6065bf15b4fae714587eab3510714
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: text/html
last-modified: Tue, 01 Feb 2022 13:22:32 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1926984
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAElzUWyWBbMSgEg5y6Z1hGfd2%2FehGxxq4%2BJ8ZrPng5tgoBcLUAfcBawxjxLv3BCeG8tY1oVPt3lFzVXk%2FVw08%2B4DKk%2B5vL3memttztm72OT1B5f0nb131GoSMvMt8ZBbIAUi3Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029e9a9c40b3d-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
172.64.108.13200 OK 6.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png
IP 172.64.108.13:0
File type PNG image data, 522 x 391, 8-bit/color RGBA, non-interlaced\012- data
Hash c489ce2c491a22ee37a55e26a92dfd73
2fa588ab09e94dd902e5bd24b48f98ad1949c9d6
1eed147c7d5de6291c25fbc5274830c12d5549262fb144271576d4e15966e5bd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: image/png
content-length: 5982
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-175e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590678
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLXJ6RrYHDnuaNPQv2X%2F8zaS9BRLMvzvDfNzJlRsv%2BJvsyVulQw%2Bk4tZRnFj09e5GD%2FJFSu%2ByZSrJp%2BRMQg%2ByO2Q5R3If68%2Bd1HDSD8bcemTlgY1Jv1weYmaPmR3NFI52SjLIvsulPlO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb1f7c76c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
172.64.108.13200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png
IP 172.64.108.13:0
File type PNG image data, 52 x 81, 8-bit/color RGBA, non-interlaced\012- data
Hash ef2bad0eceeff00bf615df0a433a5bff
a910af81d23d78c96283b46c241d3d9652562009
9c362044a93ac6919b7174a1620d4d82dbe1940a450aea1abca32a48fd160d40
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/arrow.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: image/png
content-length: 2008
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-7d8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590678
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=56JOAXIooWccRDu5PCA9YR5hJj4VG8%2FHmzzae1L%2BJOzwOI8cwjcg8RyikyBYXXCiDHwnwuADrAxDe4T5AWLpkQbRGYqCsi%2BANxB7pooGi9Ex%2BZWPDIpg2pCeaCuugd9khiYL2tS06CI7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb1f7d76c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
172.64.108.13200 OK 1.1 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png
IP 172.64.108.13:0
File type PNG image data, 43 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 9e4414e85c588bf7db195e49c02ab2bb
09254e79b255f1b2dfe45adbbe44583a4b433782
0b977ec6e7cf5d35df03cd3a8041f5f523f5d4059ac67c152c0a7b613e20b762
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/number.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: image/png
content-length: 1138
last-modified: Fri, 21 May 2021 10:10:48 GMT
etag: "60a78728-472"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590678
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FzlfS9DmzB5fTNQRnorX0fRooGIo8xrw%2BezYxPMM50UScEOqv5JNjTPNhdOMqxMiIE7KhamilDfdPNMR%2FwVYXFB4kGkVa1oeWyC2CgrH4diSEDvSRC5mhWIe3Y5R0ENPZR2gOdESljO6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb1f7f76c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
172.64.108.13200 OK 46 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png
IP 172.64.108.13:0
File type PNG image data, 340 x 340, 8-bit/color RGB, non-interlaced\012- data
Hash 0d687af39faa7241d1a584f1c3eec050
ccd68a2138d3da9c44c93a139a72fcd8fd750614
cdd30ab847b158f337faaca366647fa594365de0c63b58c9e8243dec575df329
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/img/icon.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: image/png
content-length: 45627
last-modified: Tue, 01 Feb 2022 11:50:51 GMT
etag: "61f91e9b-b23b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590678
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0ieOOgt5l2KvtN9E0y2wa6XyL8sqgnNEAZMPsvJJTLjpZxSkpXk9x3wOVm%2FqhVIneoRop2M4vUiQjOHlXd0cHm4SEP7EBpPpIMlEDn5cvbgWlt2VMwvldGLFdFpK%2BqU2DEhe9IbAsRe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb2f8576c6-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7007a042a79310c8938c279ae7eec8e5
8b72d7da27205ce31ff5497ba5428808a498dd7e
8188a5b1208fea4f2bdb97e404aefeb04a89ad62bc16ba2512e3a660b68b67af
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "8188A5B1208FEA4F2BDB97E404AEFEB04A89AD62BC16BA2512E3A660B68B67AF"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6367
Expires: Sun, 04 Dec 2022 01:29:25 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
172.64.108.13200 OK 32 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js
IP 172.64.108.13:0
File type ASCII text, with very long lines (65451)
Hash 337c9db1d857aced395e34a0ff570def
b63268e5cf572d0d055f3e44aaada21dde2ad315
f3a181e3ee4b27d5500db1f013277f53dd15ba8fb26c76c22bc2ab653d6819cd
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/js/jquery.min.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: application/javascript
last-modified: Fri, 21 May 2021 10:10:50 GMT
etag: W/"60a7872a-15d94"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oahV0ja1RchoYMeZ2yaFzXF%2Bolkjpi2zonFEjJ09ipcvyJS4JUqz4814pqIOSs%2BB9SUdNVKerBtXGAlHTXENC1Kgpz3xgCeTUQEfU9kNVFT%2BElXzLgTxKfCkNgwc4spuMWPw7AP3DzsV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb2f8c76c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c69a25b07dd690540ccbd3dcd885b7d8
3e457a884cdd89322592e571f7c5411a99eba29f
b28b957159b81b77f88525867c2261ddab32ed9a4f3b3fd71e727bd5522d93d7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B28B957159B81B77F88525867C2261DDAB32ED9A4F3B3FD71E727BD5522D93D7"
Last-Modified: Sat, 03 Dec 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16940
Expires: Sun, 04 Dec 2022 04:25:38 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
cdn.cloudimagesb.com/si/28/d6/a4/28d6a403173def438ad97dc6687ec5eb/1669910284.png
45.133.44.9200 OK 78 kB URL HTTP/2 cdn.cloudimagesb.com/si/28/d6/a4/28d6a403173def438ad97dc6687ec5eb/1669910284.png
IP 45.133.44.9:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash f073aaf0ef05830f8ac9db84fc0dd661
ef3d1adef699a050c829ae76084cf1ce9ae54cd0
8afdd964d1a19e9177174a08456e129ceda215587326ead6bc10b0557859c541
GET /si/28/d6/a4/28d6a403173def438ad97dc6687ec5eb/1669910284.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: image/png
content-length: 77811
server: nginx/1.17.6
last-modified: Thu, 01 Dec 2022 15:58:13 GMT
etag: "6388cf15-12ff3"
expires: Mon, 05 Dec 2022 23:43:18 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 227de73c2950d257905eda6128f90ea9
d700e7cbc5c620f274ec53c336dba15988f046d9
306cc0e4114a9e5b3f9125f9a6fe9746e2db74d94c7991c714e6abb2de046fbc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "306CC0E4114A9E5B3F9125F9A6FE9746E2DB74D94C7991C714E6ABB2DE046FBC"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17663
Expires: Sun, 04 Dec 2022 04:37:41 GMT
Date: Sat, 03 Dec 2022 23:43:18 GMT
Connection: keep-alive
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=371
192.243.61.227200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=371
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fcss%2Fanimate.css&l=79313&fd=371 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Cookie: u_pl=16091052; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 274164
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
172.64.108.13200 OK 21 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css
IP 172.64.108.13:0
Hash c2393990bed9f0961d709787e5fa9852
e9b0d72c79bec26059fc669244dde460aaa8fb83
02133ebf93b3e0e51a6ec604a41d500d1db97dd9cd800d4e4271e5404a94b661
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: text/css
last-modified: Fri, 21 May 2021 10:10:46 GMT
etag: W/"60a78726-13591"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Akh0DGELYrQXWBnlXPAOzE1%2BvTeaf180NKhNZOmb5ICb9k5JnmYqBlsgAqnJUL%2BWn6DpdoMj%2BlVzZOoa5VlAaluOkwzUIoHYOA6T72NlsWn1JX8eObeiwh90d7qNIjZVAGZZIl%2FxvkI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb1f7676c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
172.64.108.13200 OK 4.9 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/animate.css
IP 172.64.108.13:0
Hash 8f577697ac6fc1c891e96a9847cda341
db0e2f01bb77c188aba5e6ed904cb2980d457f91
808fe041164d96bcc5c95d6eabc4133c77db63b8c0a0ad578cd8bd847c616739
GET /sb/chat/mob/ssp/v2/new/3/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:56 GMT
etag: W/"62ceb704-135d1"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wKCemPhuHr2sTEccwfdgQit4iyovqe2ouUtMsZVk54sEZsEv%2B0exua7p77gQjykhBGR912wF604M9AWkHFZTor8%2B49lIRYHlWLysfP3V2OkDQhFfE8ZqDkXZefywbLghvKrwBkegtgd0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eaff6176c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
172.64.108.13200 OK 1.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/chat/mob/ssp/v2/new/3/css/style.css
IP 172.64.108.13:0
Hash ec70dc1133e8021599c02dbeeb35d577
649f3cc3878514bdb5a50964daf80861e9be2f08
244b275d88e14763ac99b385740bb139693b58772e445e5f9c8c88e4616d5381
GET /sb/chat/mob/ssp/v2/new/3/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: text/css
last-modified: Wed, 13 Jul 2022 12:13:55 GMT
etag: W/"62ceb703-1229"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2F8IfFjVih0k5vgCtcEvkqrq5u3gJqkyipmvffbDAufIQJD%2BIT%2FRS5rdvO%2FEQWTRzKpBtaddw1bb4CLYj3pxkX0yngNild9RMb0V%2FEf3TkvkEzYZHrzkTQYm%2B77zT3wVWBpqNTM%2FDicc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb0f7276c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=0a6e9a96058c7f39edbf4999920d05a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=0a6e9a96058c7f39edbf4999920d05a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=0a6e9a96058c7f39edbf4999920d05a3&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 24ecec6db656ae6bd5722fdf882f24d6
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=a6b0b8925d9b3a4154c035c24b4ed97e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 661 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=a6b0b8925d9b3a4154c035c24b4ed97e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type gzip compressed data, max compression\012- data
Hash 69f7e5b7a94453990de2b42acd66a683
4cc9cf9339dcd1eb21c6c0aab0d0ff51eb12ca25
24f2c695e4c4fa7733cac8313595a14625e61af698084e2c58602fa2d00d84bf
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=72d67910a8ee07737c08ec4a7ef2f980&te=b0143518e841b2470af84d86e1b09d3b&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=1&pk=a6b0b8925d9b3a4154c035c24b4ed97e&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cd6d92b4c1ea6b610f345740820eb565
Strict-Transport-Security: max-age=0; includeSubdomains
webstatsg.com/www/delivery/afr.php?zoneid=57
104.21.38.59200 OK 969 B URL HTTP/2 webstatsg.com/www/delivery/afr.php?zoneid=57
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (753)
Hash 39e34ac2a2aeac6ec11419312ad47c09
b891063dd9e53424990dcd54bb4bbfbcc9d5dd74
39f2a0d1d7b2e8730dbd5a90038d7b013852534fba20c2d9be722e15ab381297
GET /www/delivery/afr.php?zoneid=57 HTTP/1.1
Host: webstatsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Sun, 03-Dec-2023 23:43:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeYlE3kshIZHj8mgc9LVHZ5sHi7ybcQ%2FBG%2F0ua1gPOcvN0mRvdeaUnu9ijmE0pogpWz4HinZET33Mu659QV29Bzbk2iA1p8qzPev2YWmz9PucMb50iJpWD5MyxCF7Yh7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029da8d0db4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=260
192.243.61.227200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=260
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fchat%2Fmob%2Fssp%2Fv2%2Fnew%2F3%2Fjs%2Fscript.js&l=383&fd=260 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Cookie: u_pl=16091052; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4e84f42101bf00d68343d16d78e896d0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4e84f42101bf00d68343d16d78e896d0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=4e84f42101bf00d68343d16d78e896d0&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 49d9fb70a1f45d71fd5e3fc8412cdf04
Strict-Transport-Security: max-age=0; includeSubdomains
unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=1b8ad19e5b8faa97b5af717e65b0bdee&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
192.243.59.20200 OK 1 B URL HTTP/1.1 unseenreport.com/pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=1b8ad19e5b8faa97b5af717e65b0bdee&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23
IP 192.243.59.20:0
ASN #39572 DataWeb Global Group B.V.
File type very short file (no magic)
Hash 93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d
Analyzer Verdict Alert quad9 Sinkholed
GET /pxf.gif?uuid=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1053&b_frame=0&pk=1b8ad19e5b8faa97b5af717e65b0bdee&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=23 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 03 Dec 2022 23:43:18 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 025e16b2032799ad93815d943f3152c3
Strict-Transport-Security: max-age=0; includeSubdomains
tallysaturatesnare.com/pixel/sbs?c=1
192.243.61.227200 OK 0 B URL HTTP/1.1 tallysaturatesnare.com/pixel/sbs?c=1
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Cookie: u_pl=16091052; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:19 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz28bRRTHZ0t6gQuggMQB4WORkLPrH7HdHqKGNiEiJKEtyoUDszOzzpDxzmpm1%2Bv4FFGJFvVQRwip3DZfJ42AULVXJKRiwwFZQqp7gBxIxaF%2FAWpPHJAdi4gnzbw3832H7%2BfNfL6bHBMXCT1a%2B0C3pVJ0ppx3c%2BfWZch1anMr13Kem3cv5NZlOFu6kGuNNtM877nlvPt2blGwTT1TcD3X9VwvtyCNCHRrZqxCRoc1L19z86VC3iuX0DL%2FP9vEgaUOePOYvArJh2c3fn0AyXoIG%2FcvCbsZ6%2Bidy41E0VgbNPnBR%2BFmqNMQjdMyMA6C8GDSDW2HhNw5Ax0eTAigm3sjAvhySJzfPfjhwcQm%2FOb%2BiVNfQYTw%2BUtImz0I1YOkPTB9HZI%2FIgDjWFlF2Li7ok1Kt05UOlKHZOr535DpkEz9OY2wcW9eyVbuqlZJLHVo0QoyyFYPst5DlPQRtx3ItA8WfwbJfyMzz5cRNvZWrdKQPBvTS9mDDHpQogNqHSSjJR0kgYMkctDgRzlargWuWwn8oFislhhjxSJj5eosL%2FNiqRq4SNjIXgdx1AFTHTCzjchsY1PuPFr8ByZ5CLuRwXIHNh4S58NtNHmGVBCkliClBKkkSGOCtJntc2ULNrvLlU18b5ILk1zMujqu79J9HddFSHajY%2FLKeDTPbhxiUxzlPL9KuVcTZb8aUFqr%2BGUaVLyKmC37rs%2BFgJUZpD0zpm3LIXn96Q%2BI5JCQ23%2FAp31Y1QeTL4Mmb4Km3UrBBd3olqou2uH3kTZhZHRrK0%2BjCFxniOIpxFvOrjomb4yNnDfTEGwwd3Tfu%2FXlwtdgJkNkMnwqfyaoq5vdKzole1d0asmD1SiWDdmmo%2Fe7GtNYnP32fbGVasOXLtnONxfZSBiVh9eEjZdpyGVYt%2BS7ecm5MAvaMEF%2BXLLrwl9L7MZ8YsIkWl57d2GpERlhrdRhD3TEtvMETA7Ji1%2Flx3%2Fzrct3IE0PJsnQSAZkEpC6DxZtw0aDuV96tz8%2B96wPqwmMOu3xIwdpknVNwT%2B9VHJISjceQ4nB3MOnn1z8orIM6mewYjD30%2BK96fZf78EX%2Fw1l195E3Tig8XWEjQxNk6GpMlDVgU1e6MaRGcw9Lo4DvnK6vjLOnq%2BM2jkZsJVHubJXElW%2FWmGc%2B4Jxr1IoVouuW%2BC8VKkJr4bYDtmtJ6%2F9CwAA%2F%2F8BAAD%2F%2FwMF%2FbR3BAAA
192.243.61.227200 OK 7 B URL HTTP/1.1 tallysaturatesnare.com/impr.gif?sid=H4sIAAAAAAAC%2F1SSz28bRRTHZ0t6gQuggMQB4WORkLPrH7HdHqKGNiEiJKEtyoUDszOzzpDxzmpm1%2Bv4FFGJFvVQRwip3DZfJ42AULVXJKRiwwFZQqp7gBxIxaF%2FAWpPHJAdi4gnzbw3832H7%2BfNfL6bHBMXCT1a%2B0C3pVJ0ppx3c%2BfWZch1anMr13Kem3cv5NZlOFu6kGuNNtM877nlvPt2blGwTT1TcD3X9VwvtyCNCHRrZqxCRoc1L19z86VC3iuX0DL%2FP9vEgaUOePOYvArJh2c3fn0AyXoIG%2FcvCbsZ6%2Bidy41E0VgbNPnBR%2BFmqNMQjdMyMA6C8GDSDW2HhNw5Ax0eTAigm3sjAvhySJzfPfjhwcQm%2FOb%2BiVNfQYTw%2BUtImz0I1YOkPTB9HZI%2FIgDjWFlF2Li7ok1Kt05UOlKHZOr535DpkEz9OY2wcW9eyVbuqlZJLHVo0QoyyFYPst5DlPQRtx3ItA8WfwbJfyMzz5cRNvZWrdKQPBvTS9mDDHpQogNqHSSjJR0kgYMkctDgRzlargWuWwn8oFislhhjxSJj5eosL%2FNiqRq4SNjIXgdx1AFTHTCzjchsY1PuPFr8ByZ5CLuRwXIHNh4S58NtNHmGVBCkliClBKkkSGOCtJntc2ULNrvLlU18b5ILk1zMujqu79J9HddFSHajY%2FLKeDTPbhxiUxzlPL9KuVcTZb8aUFqr%2BGUaVLyKmC37rs%2BFgJUZpD0zpm3LIXn96Q%2BI5JCQ23%2FAp31Y1QeTL4Mmb4Km3UrBBd3olqou2uH3kTZhZHRrK0%2BjCFxniOIpxFvOrjomb4yNnDfTEGwwd3Tfu%2FXlwtdgJkNkMnwqfyaoq5vdKzole1d0asmD1SiWDdmmo%2Fe7GtNYnP32fbGVasOXLtnONxfZSBiVh9eEjZdpyGVYt%2BS7ecm5MAvaMEF%2BXLLrwl9L7MZ8YsIkWl57d2GpERlhrdRhD3TEtvMETA7Ji1%2Flx3%2Fzrct3IE0PJsnQSAZkEpC6DxZtw0aDuV96tz8%2B96wPqwmMOu3xIwdpknVNwT%2B9VHJISjceQ4nB3MOnn1z8orIM6mewYjD30%2BK96fZf78EX%2Fw1l195E3Tig8XWEjQxNk6GpMlDVgU1e6MaRGcw9Lo4DvnK6vjLOnq%2BM2jkZsJVHubJXElW%2FWmGc%2B4Jxr1IoVouuW%2BC8VKkJr4bYDtmtJ6%2F9CwAA%2F%2F8BAAD%2F%2FwMF%2FbR3BAAA
IP 192.243.61.227:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1SSz28bRRTHZ0t6gQuggMQB4WORkLPrH7HdHqKGNiEiJKEtyoUDszOzzpDxzmpm1%2Bv4FFGJFvVQRwip3DZfJ42AULVXJKRiwwFZQqp7gBxIxaF%2FAWpPHJAdi4gnzbw3832H7%2BfNfL6bHBMXCT1a%2B0C3pVJ0ppx3c%2BfWZch1anMr13Kem3cv5NZlOFu6kGuNNtM877nlvPt2blGwTT1TcD3X9VwvtyCNCHRrZqxCRoc1L19z86VC3iuX0DL%2FP9vEgaUOePOYvArJh2c3fn0AyXoIG%2FcvCbsZ6%2Bidy41E0VgbNPnBR%2BFmqNMQjdMyMA6C8GDSDW2HhNw5Ax0eTAigm3sjAvhySJzfPfjhwcQm%2FOb%2BiVNfQYTw%2BUtImz0I1YOkPTB9HZI%2FIgDjWFlF2Li7ok1Kt05UOlKHZOr535DpkEz9OY2wcW9eyVbuqlZJLHVo0QoyyFYPst5DlPQRtx3ItA8WfwbJfyMzz5cRNvZWrdKQPBvTS9mDDHpQogNqHSSjJR0kgYMkctDgRzlargWuWwn8oFislhhjxSJj5eosL%2FNiqRq4SNjIXgdx1AFTHTCzjchsY1PuPFr8ByZ5CLuRwXIHNh4S58NtNHmGVBCkliClBKkkSGOCtJntc2ULNrvLlU18b5ILk1zMujqu79J9HddFSHajY%2FLKeDTPbhxiUxzlPL9KuVcTZb8aUFqr%2BGUaVLyKmC37rs%2BFgJUZpD0zpm3LIXn96Q%2BI5JCQ23%2FAp31Y1QeTL4Mmb4Km3UrBBd3olqou2uH3kTZhZHRrK0%2BjCFxniOIpxFvOrjomb4yNnDfTEGwwd3Tfu%2FXlwtdgJkNkMnwqfyaoq5vdKzole1d0asmD1SiWDdmmo%2Fe7GtNYnP32fbGVasOXLtnONxfZSBiVh9eEjZdpyGVYt%2BS7ecm5MAvaMEF%2BXLLrwl9L7MZ8YsIkWl57d2GpERlhrdRhD3TEtvMETA7Ji1%2Flx3%2Fzrct3IE0PJsnQSAZkEpC6DxZtw0aDuV96tz8%2B96wPqwmMOu3xIwdpknVNwT%2B9VHJISjceQ4nB3MOnn1z8orIM6mewYjD30%2BK96fZf78EX%2Fw1l195E3Tig8XWEjQxNk6GpMlDVgU1e6MaRGcw9Lo4DvnK6vjLOnq%2BM2jkZsJVHubJXElW%2FWmGc%2B4Jxr1IoVouuW%2BC8VKkJr4bYDtmtJ6%2F9CwAA%2F%2F8BAAD%2F%2FwMF%2FbR3BAAA HTTP/1.1
Host: tallysaturatesnare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Cookie: u_pl=16091052; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec1b8ad19e5b8faa97b5af717e65b0bdee=[3830292]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 03 Dec 2022 23:43:19 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: e8e4e8e84c2d081c8897df0c7fdb006c
Strict-Transport-Security: max-age=0; includeSubdomains
putinho.net/
104.26.5.174200 OK 0 B IP 104.26.5.174:0
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029d98b1cb509-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fUSqiPCTEA0QTBbpf52yiF1lyQtxraLf%2BGBzndChoKfuKxTwpkrmGi86n6GfCO8Jie2zdWQL7l0hnbcflwxLzc7sLIPclxtNRjN%2B5x7Fppu7JFp9AdrBzqIwQP92"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
104.21.234.92200 OK 0 B URL HTTP/2 friendshipmale.com/sfp.js
IP 104.21.234.92:0
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 4293166d8eca64db5bfad987c4d22543
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 03 Dec 2022 23:43:16 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KBp05bWWWQC0gKdVGUJbQb2UORVye94jJIORFjEvNA2rjX62vcwxlHaK8NU%2Bo4lMfxjqsQwMgtM8nm%2FSqJcnZwGitzztbnIwIJnnl4gQwRKptfV%2F863Sfiz2lnRAJoVJHgmR5bs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029de191a88b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP 172.67.70.80:0
GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"ba5-63599f11-26a05bd;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8SWf6kcgcKb4EVmkz7y8GSgIWFErmwdCOBcY%2FlwE36ylKrbsOfY23sQKIkfdvsQfGxAbXjcsN5MJB2Bm5HL9EN6kzKMCrPh2dk8hfoKCrvqmhrXY%2BUVxuhNkuDs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df9fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"e526-63599f1e-28052d2;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=78tm4pFrlFlUZbsmj2ExVHNjFO7rXookuNYfrrxPl2Qicgbay6muhWE95Ls7gHv8g%2B4PzeTtVT0P1NQVVSFwbyP%2BnQWtKVoWCSgdYZOg4MhSH59cDSnObvWFsTY2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1ddefab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 172.67.70.80:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"459f-6361d7aa-26a0602;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80Gyq0Fmc5%2FCFOPoT%2BT7EpcwOitnQCorzuj3XHQJ9S6HAdWqP%2FUMFPz%2BcowoxE2ee5CzMMjQ4noANUFbah%2FkY%2FolMSsAVL4GebgvH3MQWDmaFls52bfcjWkaK57e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dedfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2022/11/HB-VizinhoPirocudo171-VitaoPorrete-PedroZull-220x150.png
104.26.5.174403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2022/11/HB-VizinhoPirocudo171-VitaoPorrete-PedroZull-220x150.png
IP 104.26.5.174:0
GET /wp-content/s/2022/11/HB-VizinhoPirocudo171-VitaoPorrete-PedroZull-220x150.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XF%2B0vWKQRKQEAjXfpvXAmA3IzxzTZHd3rQ4WDcIAjIGhnUbZFBcZibSbGr3E4jsBHZkJdYev%2B5oO1aWQM7W%2Bcfi6JXUVpdCdyltQYvVUgq7RCHPZsLsw%2B2csBFO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dc5da1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2e37-63599f1e-280518f;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Mcr5mz1tdlDYN7%2FyFgJklOmJDL02QDI1fj1QvYNp5th7xikf%2F6tG0SPZt2vfaMo9qBjKWQ7XSFdO2gr9sSc61K4x0YCUnjR1EKnoiqjE90ZuJmb5tcAtTd9W%2Fze"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a6b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
mc.yandex.ru/watch/90922391?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A797782856952%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A85095445%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
77.88.21.119302 Found 0 B URL HTTP/2 mc.yandex.ru/watch/90922391?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A797782856952%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A85095445%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2)
IP 77.88.21.119:0
GET /watch/90922391?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A797782856952%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A85095445%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)fip(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/90922391/1?wmode=7&page-url=http%3A%2F%2Fputinho.sexoaovivo.org%2Fmenatplay-large-andy-onassis-victor-dangelo%2F&page-ref=http%3A%2F%2Fputinho.garotasonline.net%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A1785%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A2%3Adp%3A0%3Als%3A797782856952%3Ahid%3A791700156%3Az%3A0%3Ai%3A20221203234314%3Aet%3A1670110995%3Ac%3A1%3Arn%3A85095445%3Arqn%3A1%3Au%3A1670110995846627162%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A299%2C1%2C213%2C62%2C%2C0%2C%2C1249%2C6%2C%2C%2C%2C1873%3Aco%3A0%3Ans%3A1670110991894%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1670110995%3At%3AMenAtPlay%20-%20Large%20-%20Andy%20Onassis%20%26%20Victor%20D%E2%80%99Angelo%20-%20Putinho%20-%20V%C3%ADdeos%20Gays%20%7C%20Sexo%20Gay%20%7C%20Porno%20Gay%20%7C%20Gay%20Amauter&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29fip%281%29ti%282%29
date: Sat, 03 Dec 2022 23:43:17 GMT
access-control-allow-origin: http://putinho.sexoaovivo.org
set-cookie: yabs-sid=451753051670110997; Path=/; SameSite=None; Secure
i=ryocP4kTAkNsJe9Cab2vISAzTiCIcWUWUBZ5BJYdmTG8DEpSk5wOVsGg9uSKtzr1iIUQtjKyDD3HRYdkkzb2gB5z65A=; Expires=Tue, 30-Nov-2032 23:43:14 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
yandexuid=3194230201670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3194230201670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
ymex=1701646997.yc.1670110997#1701646997.yrts.1670110997#1701646997.yrtsi.1670110997; Expires=Sun, 03-Dec-2023 23:43:17 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Sat, 03-Dec-2022 23:43:17 GMT
last-modified: Sat, 03-Dec-2022 23:43:17 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1
IP 104.26.5.174:0
GET /wp-content/plugins/jetpack/css/jetpack.css?ver=11.5.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"14f92-636316ef-2a611ba;gz"
last-modified: Thu, 03 Nov 2022 01:18:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ToicN2tfJ8h6%2BiwV1SmMYNSIjDLfBjZNr8usiFWqsBqJmnLluaQKYVQ6Ln5KNceuPCVmylAuNXMZ0Sdb4KCDCnWaBShfUQyV7IJ%2BBLvjahUOprqBxl7o9lV7Ts8R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708abb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"13e0f-63599f1e-28051f7;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vtiEMJDbMC7OPJfbwBE%2B%2B6i6CoHCvVYlaZrwhHjcZRkXk0SrAS0UEa4PzE1NXk0AxXVG2%2BcgHmLJeX1k6f14tBIcWf49CQdTqCt%2B5ooF8SVHdob2En5kJb9UF0o"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718b8b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/css/classic-themes.min.css?ver=1
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/css/classic-themes.min.css?ver=1
IP 104.26.5.174:0
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"d9-6361d7aa-26a15eb;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JdX22UHJ25B1DpL09r3y7JUSJg7EAq4KsSrVsQDY3%2BBLYe7jJwqE%2BhdA7tgSJnNXTFr8sXEWGDEsb%2BDCM9Dytq98MnC0KRJgH1hnZJUtg9axvBpqISXVKu67trtF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7f973b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg
172.67.70.80403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg
IP 172.67.70.80:0
GET /wp-content/s/2018/10/MAP-AndyOnassis-VictorDAngelo.jpg HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:12 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TNlSAp%2FcQaiKHls5%2FKoD8PYNUGYbei6gBAd9bdd21NYzNIFn4Ete1wzkPzrpFPhu1ANq9y8N2rpytnuwUMiOmTcjLZII5mcV%2Fs8h9s5g4jdd%2BjJmDCmdizKM79H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dd6fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 172.67.70.80:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2bd8-63599f11-26a06f3;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EED3B3hYIVdZ6HIjQprPlLTrvTqWpQZLRu1EJOsQJRURYm1S6DAOW27cNSk3B8sMu8bAdVRudOqxDzWBkcMK2ftxSocee5cGf5TOUFsuMhyKAWiWkH81UuqoB0JZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de5fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.garotasonline.net/
104.21.19.123200 OK 0 B URL HTTP/2 putinho.garotasonline.net/
IP 104.21.19.123:0
GET / HTTP/1.1
Host: putinho.garotasonline.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html;charset=UTF-8
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:13 GMT; Max-Age=86400
PHPSESSID=dnekdd0bluua7o5bvi0vd9mfhr; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLEL5gLkg6s4AMubB628UI%2Bx%2Bmv%2BEFtS5bUCnXa9J%2F6KMZGXnkdDLhJbkjqyf%2BuLeIYeDc8bsyNtucPkSjtjABvWsf0TUIHpWl8H9Tq8kTbFGmo6yuqALPSXccjhC679mdw3tImWk0IuWLcA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029cbaf7bb4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
IP 104.26.5.174:0
GET /wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"459f-6361d7aa-26a0602;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=40xX6FpB%2FkmtG855syofV%2FNI%2BEWGmUA2l9rsythg6FdWF5BUw46CfK8nfU8D5tkte06%2F0eNCn6XkwvB5nHmAbsrB4Q7cLpyk5eL%2Fmu6KMwzSl2LrzDv8yTDM%2BA6D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b3b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
awqwuiwmse.com/lv/esnk/1939995/code.js
62.122.171.6200 OK 0 B URL HTTP/2 awqwuiwmse.com/lv/esnk/1939995/code.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1939995/code.js HTTP/1.1
Host: awqwuiwmse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: font/woff2
content-length: 76612
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: "12b44-63599f1e-2805113;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJJrOk%2FwVkKMlVmQXI51NR%2FwS9ocUm71Bh5R47f%2BdCtPePA%2FN2nJfyUGGmia4JRLWIvm%2Blatxa%2Foz4CgdRts89TDC0tjHzuUh0HLHAJPdHXGghg0cL83rMgVO%2Fj6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d75ad30b49-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/css/ie/ie-lte-11.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"84d-63599f1e-2805219;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IyE31f80NnZoMPpd5A4gqWasePbnEjQp8V%2Bv2ZktUShNLFq5iy3%2FHGuAU%2FpkfrV5YEzNZMLYtzU8caS76DajMf3fdVrEB1edIioZ5X1rLgmLrPTKbtJY7MjAMMW8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7a92bb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
static1.cameraprive.com/scripts/jquery.float.min.js
104.17.118.68200 OK 0 B URL HTTP/2 static1.cameraprive.com/scripts/jquery.float.min.js
IP 104.17.118.68:0
GET /scripts/jquery.float.min.js HTTP/1.1
Host: static1.cameraprive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/javascript
last-modified: Fri, 02 Aug 2019 20:10:44 GMT
vary: Accept-Encoding
etag: W/"5d4498c4-1fe8"
expires: Thu, 23 Mar 2023 08:31:38 GMT
cache-control: max-age=31104000
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
cf-cache-status: HIT
age: 13150378
server: cloudflare
cf-ray: 774029d85999b4eb-OSL
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17
IP 172.67.70.80:0
GET /wp-includes/js/mediaelement/mediaelementplayer-legacy.min.css?ver=4.2.17 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2bf8-63599f11-26a0584;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUGTM0dPTa0jrkcjlcPvwLJe9hP%2FZYhnqw%2F9TUTx2XyuiHvuKuIjp2XiFjTcEQBfbv2kiMz2bjFO%2FCcPOxPhCyMviVHLDfgUpg8fVzp1cv078c%2BzDJQH1RnVoy%2BD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1e00fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-brands-400.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.garotasonline.net
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: font/woff2
content-length: 76612
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: "12b44-63599f1e-2805113;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nb11XZPNyfdvI2kK5m1faF%2BwRE3BbV3Lvuk38Uv865VUWFk0flaBXqUPvW%2Fn2%2BMPaFRdSm5dbyCOGcRHQ%2FZizPmDiUTavZav2ln3fosxPzzqsEiGJAjPFU%2BDyOfi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca8b8db523-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4
104.26.5.174301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4
IP 104.26.5.174:0
GET /wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.cbeb46ec26877b0ea6c1396842a050f2,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EOYNgd0bEAP%2F2Onx4YVNTgeDf8FFaaBawfkgs04Nw2CqrSJeEcch8ERs22nwqvsQ%2BCoSanbuIpOnp6N1yKCkPucTzcG5nDUGoWCIpo6gW4EF%2FIe4O1Rh7dK9zrye"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708afb509-OSL
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=76061372
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=76061372
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=76061372 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
Cookie: uid=y1oAq6tmHs45uL-sK-2IRkJiYVuJ6W3y; dom3ic8zudi28v8lr6fgphwffqoz0j6c=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313%3A3%3A1; sb_main_a6b0b8925d9b3a4154c035c24b4ed97e=1; sb_count_a6b0b8925d9b3a4154c035c24b4ed97e=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=parkingridiculous.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=byrSDRFfRtziEtKz5nKO; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 23:43:18 GMT
date: Sat, 03 Dec 2022 23:43:17 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.pontogay.com/frontEnd/theme/assets/js/publi/putinho-open01.js
172.67.216.81200 OK 0 B URL HTTP/2 www.pontogay.com/frontEnd/theme/assets/js/publi/putinho-open01.js
IP 172.67.216.81:0
GET /frontEnd/theme/assets/js/publi/putinho-open01.js HTTP/1.1
Host: www.pontogay.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/javascript; charset=utf-8
last-modified: Fri, 23 Sep 2022 14:57:05 GMT
vary: Accept-Encoding
etag: W/"632dc941-6570"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
cf-cache-status: HIT
age: 6152802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GzcGNM4GtHaN4bAFiqk28NNoBST5DDwX%2FuebJfzNySzYtU8dvGFqSzohwy5XaLnFTEHqCKj7KcuGdwsEXcN53LGF63up%2FRQs8WpBQ6gre1XxTuRP7DdZw522%2B4CsOkOavyhS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7fcc0b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin&display=swap
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:regular,500,600,700&subset=latin&display=swap
IP 142.250.74.106:0
GET /css?family=Poppins:regular,500,600,700&subset=latin&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 23:43:16 GMT
date: Sat, 03 Dec 2022 23:43:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/css/print.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"87f-63599f1e-28052cf;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=txghjWD%2F%2F5GVVwEvNbjBYkjXlvqb248EzbXxExoXX0WIv4CQH3SuZhiesRfVftTfdF1f%2F9eXJA9d0zOEapE%2Fh%2B9A20f2EJc9IFW8zTGk6DxwE8PVIoKOdNAS1lAA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029da0b78b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-192x192.png
104.26.5.174403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2017/04/cropped-favicon-putinho-192x192.png
IP 104.26.5.174:0
GET /wp-content/s/2017/04/cropped-favicon-putinho-192x192.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4qn%2BYGEMGVjRjMz0RAERqM3WKb5jitsyF%2FDHqrvZ4rdy1bjOS9DsurU6z7vdd0e5tcOdn0q89DIofN8l3gYCzY%2BanNGToFQw004wS19lK7m9v26VM6vNme6pp4X"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029e169d9b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=nTxPlgtIYm96WdXA8AeM; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 23:43:13 GMT
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 104.26.5.174:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"15e54-6361d7aa-26a074e;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AvX8frk6qtdR%2B3uHBFeU5%2FWVCeFA9Z5tMXYHPYj7c2jhuok5GPcOPcFhHYokCAsE6fF36X8Y1J22tgCdBxUqkaSSn20Fdt7ptCDKv1lqCWigRsBuR0TFTGolUQGy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708acb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1
IP 104.26.5.174:0
GET /wp-includes/js/mediaelement/wp-mediaelement.min.css?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"105a-63599f11-26a0589;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3w%2FSP85oQZ1KJXNCkFvMah6pLTljiPlgydwzqLlLo13ABZ3LzjdlFw4BYU2G0glsmgIlYFINT9pxPJoibLPZv66kAMH%2BMEF8Irh2mo1B%2FCM1xf8BZlef4iBAQFN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d7a928b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4
104.26.5.174301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4
IP 104.26.5.174:0
GET /wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.df25da0f3637c022e9aad7c7ac2f9bc6,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XlxjFsD9FcX%2B032o3klwFbn4em%2Fg2Y4ggXBkFG0SMiFBS095BauZlhXDH2jp0zKBxH42S1b2lQvHGf4NlfvfW9HIDzE%2B6rqAahmwIoBA6sTeH%2FCukad30HRYrMb%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708aeb509-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/fonts/fontawesome/fa-solid-900.woff2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.garotasonline.net
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: font/woff2
content-length: 79444
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: "13654-63599f1e-2805119;;;"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
accept-ranges: bytes
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htdEK%2B45epVZgzcPkIya9iSpVday2wz%2B0AZZvlWJ%2BRNVnMJKpdJs939BCT0i6SrJ6vWosfmCHR7JJYW%2BpVGsdTPSjj1sU9MsNc8mm23TsL0fwNnTzqbhQPDfp%2Fe1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca8b91b523-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2022/11/HB-MotoristadosSonhos-Bebecito-JuniorRodrigues-220x150.png
172.67.70.80403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2022/11/HB-MotoristadosSonhos-Bebecito-JuniorRodrigues-220x150.png
IP 172.67.70.80:0
GET /wp-content/s/2022/11/HB-MotoristadosSonhos-Bebecito-JuniorRodrigues-220x150.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:14 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mys4RhVqZTApOu%2Bkds8aNNSGnKd%2BA%2BUFyFjVtmAKCGwAdaDFZkgJlksGoaEQsXicnoS2TQPqnninpada9UBtoMwmdQ5rHICYjQ%2BIKgjcrFHlEWq%2FI2HSrNhBQtDu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d179fdfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP 104.26.5.174:0
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"609e-63599f11-26c0c27;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qi%2B01SixJQdVGe%2BTiflwgUK%2BW2HgKe9F5IVsNJ4nK3PtFEWthJ7M9IKpeuuUhkLuCNcHp9ul2744VYDoVWWnFuof6x25GWet6WNxghvfkeMkcPBB7idRAzB0zgr6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b1b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"57c9-63599f1e-28051fd;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2Bd6%2BQIZmHA%2Fb%2FPo5o5APq0ENQeJVSrgQXvGZBpwL8FePyWffIbG7%2FRfp5Ym%2FVMI27Y%2FWJjoLMLZA%2FRMXca%2BnsIq0E5bvXEl3Kuc0BFcIDPYGev51VoQrlUKxpz4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b5b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/css/ie/ie-lt-10.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:12 GMT
etag: W/"3c54-63599f1e-280521b;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uquh9t2xWGlyYIlYxPfBnSmWemM1O5dThDK%2FTX2gv7tfqzRc0%2BVTGMcddPB3uUJr89DHt17kVCxsKul3zLKQ1mgmdw5NhiNutGTDQe%2Bhu%2Bp8GPVzIFzWWwXuvemR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dd9fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2e37-63599f1e-280518f;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2e47A1ICldr113%2BpAsL1HzKctS%2BejtCq76mOXjyMobe%2Fh4ZhvMjejx8pNTRq8hEl4eQvkvjyaLp0rnV%2FNHMA22JyQL2c%2F67mF8E45JiG7NKWvWxMECCUxuY1lAu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1ddffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
stats.wp.com/e-202248.js
192.0.76.3200 OK 0 B IP 192.0.76.3:0
GET /e-202248.js HTTP/1.1
Host: stats.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"62f6b688-3508"
content-encoding: br
expires: Mon, 20 Nov 2023 01:50:03 GMT
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
access-control-allow-origin: *
x-nc: HIT arn
X-Firefox-Spdy: h2
image.staticpng.com/?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif
104.21.78.12200 OK 0 B URL HTTP/2 image.staticpng.com/?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif
IP 104.21.78.12:0
GET /?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif HTTP/1.1
Host: image.staticpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: image/gif
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:13 GMT; Max-Age=86400
PHPSESSID=0pvnenl2d9da6t38i4rhph3jlp; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BdDGchYT1xVa%2BPymFb0bHN73x867de4DZmsJrrYMAMeupD%2FxWkwxDFV%2FINu10i2Ds9AFyeJqp0lZDbYyFe7sISHkjbae3Qst7p2dfvr4bkEx2blc%2BegLFbMQzIdJXpfjBCFIdaWT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029cac9ccb50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 104.26.5.174:0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"194b-63599f11-26a0604;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3p7hm7VZfmqtx69O6dslN%2FKZcMa%2BkP79ecs7n%2Fa%2F47dl0e%2Bu80lizBp5sko8FGjm3xK8wuUEy5v2tCl7cyD4C2UVQt8b2SpXtRP1kss8tzWyEYVcDpAQRtT%2BXtR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b2b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
172.64.108.13200 OK 0 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css
IP 172.64.108.13:0
GET /sb/notifications/utility/default/us/blog/Progamerage/simple_bubbleicon/7/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.tv
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:18 GMT
content-type: text/css
last-modified: Mon, 31 Jan 2022 14:46:40 GMT
etag: W/"61f7f650-2516"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1590579
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4z%2BM%2Beaq%2BJkcN%2Bk5eGzr58tk%2BwcD8wPx9tglcilFCMcrsglPyT8leFynS9D3s6RoGKiGSNj6k7d5Lu2jDbkRNFOkye45WlFM8q4UJnqI5iBikvCVp8cZrT2%2BLZX21RaaqZQ41YMOmT86"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029eb0f6876c6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
testingmetriksbre.ru/netu.php
104.26.0.119200 OK 0 B URL HTTP/2 testingmetriksbre.ru/netu.php
IP 104.26.0.119:0
GET /netu.php HTTP/1.1
Host: testingmetriksbre.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfFte5kH2NJC21zFy6Cr1u2M5SIhhS9amo6phScwFn6leu8K7WG7e%2BdVKkDWuhhekOTxtIcqEmHhi7g0Zt1EiTAEl%2FQAT%2F9E6ZQyhODhDvXSzAmARvnwk5nX5cIe6PEZBgvuZIpR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dd9cdeb506-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2aca3-63599f1e-28052d0;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I4FYR1iBf78NcUQ2F7ezxJ67OPxY5NMgrhyQzd7mJd9t9PtLz9gqXJFEOS8AS7%2BQ%2BTOC1ruVRsHSCRs8i%2BG1Hsk%2BJ7xSB8iX5PGWfhj%2FUl5MXui4Y9knojQxFPUp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1ddbfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"3b78-63599f1e-28052d4;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dzGpqaqZUC9ZRux4x6TCT2ai1SLM5KyJe0e%2FrTG0buyRgOIx71ZgV6syjrSW17wkXqIaJjLluWiepB05e8MnR4uCdeIUSlL3MYi3Oz%2BHUN8oXxewXCySPEIQ1971"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a4b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/css/plugins/shortcodes.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2d99-63599f1e-280521e;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PweB43YuzqGlDrwrzict9m1HLJwsaonsQMZsJJ9TsDmYWVOazJP21t4ZLeslXFSb3qxqp9ZK%2B5OxH5KuNsFxuADXZHxWOABFzddNKRYm4eKVhR2VlWkrqzw7l5JI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de0fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
image.staticpng.com/?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif
104.21.78.12200 OK 0 B URL HTTP/2 image.staticpng.com/?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif
IP 104.21.78.12:0
GET /?url=http%3A%2F%2Fstatic1.cameraprive.com%2Fbr%2Fbanners%2Fguys%2Fcameraprive-600x250-1.gif HTTP/1.1
Host: image.staticpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: image/gif
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:15 GMT; Max-Age=86400
PHPSESSID=a4vhkiubituglufrobamvucrlr; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwOLx3hiJOyB%2BeYNx15YpbFKtVdsG5TEYcb5IZCLcipbzz1mxY8mh3bYNb3oz8oe5n7cwROgZyRKds6vRKj9rDnBkuBHycLfGf8%2FiVEHeAYnidK7VtRlzfgiaErP64suJdp3O6VG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029d86c05b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/
104.26.5.174200 OK 0 B IP 104.26.5.174:0
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029d93ad5b509-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sr%2BfgVy8TrrLSwL2V5e7feMPpm0PJRfjH0tWU8EKFx6ZWJ3fUsOoiZmGLGNqqpJ0HJVZtfi5Fzcmht6b8Xa2Bh7jo1K8Xxg8FMm%2FFpfPId0b%2F9N42nz2wC04RNZJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
IP 172.67.70.80:0
GET /wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"194b-63599f11-26a0604;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHIPrr4Q94wfe1RElTLW8IyGdxockKJudxD40R166mN4WaRu0JFTHJodjBY5A3LzgZ9ww0JQqY54eGSPdssAfeRpu0xNIH38aRTBuPn6TmXAL0V%2BBJzkBSKlHZ%2Fq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1deafab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/print.css?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/css/print.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"87f-63599f1e-28052cf;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEwrN0qBrnzAN4ZoQepVIcanKPU4lW7QoSExRY9OPGCp6nF9cxTo1DV%2F0dhNy5DCw0Midb%2BW93UQMSxQJxQG1wDFWU0TIfAFsQEKmO5KrthqutWNCCkJxoBfo9T3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ceb8a3fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
image.staticpng.com/?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg
104.21.78.12200 OK 0 B URL HTTP/2 image.staticpng.com/?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg
IP 104.21.78.12:0
GET /?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg HTTP/1.1
Host: image.staticpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: image/jpeg
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:15 GMT; Max-Age=86400
PHPSESSID=lcji0hsph4ooul3i78420s390h; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=htqdwoFZcKZbna6Pnad7ITmIrAAd7dUJlnmvS1%2FEDaipMX2O5Xw9DzsNPTeMbuHQBm9yUFcLmLUT6nkrN7ETAIpBcG1fULOsbAY7JBXzKgaImZGx1xRJfAZe4NmDxf1aE1R%2B7xmB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029d86c06b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
video.putinho.net/embed/S2OM2on722Y/MAP-AndyOnassis-VictorDAngelo.mp4
172.67.70.80404 Not Found 0 B URL HTTP/2 video.putinho.net/embed/S2OM2on722Y/MAP-AndyOnassis-VictorDAngelo.mp4
IP 172.67.70.80:0
GET /embed/S2OM2on722Y/MAP-AndyOnassis-VictorDAngelo.mp4 HTTP/1.1
Host: video.putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html
cf-ray: 774029cef8bcfab8-OSL
cache-control: private, no-cache, max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
cf-apo-via: origin,host
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VIkLiDrHlGdSgA6ajhxvIvMv2kVvTsWkrz2gfAkpwtqKhQRn2VW8p243D5FyTJYnROdY5xNY00woGzkMHmFxl9Ll6LJazbCIq0Lo%2BD1U1oAIykro3rO5hz07bbpo1huyAfJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/
104.26.5.174200 OK 0 B IP 104.26.5.174:0
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029d93ad9b509-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fKhN9OKJp%2Fsgky0%2BNZQyUyeVXlw3kQQ1uZkIEbqAZp%2FtXWZDsut9s3o0EXQ6NyatGfzbOXQO7dxMKSpdZk%2BuIpYX5em17lZxymP9ffWMvMnIfTYRaacJ8kIGYpnR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/images/bg-dots.png
104.26.5.174403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/images/bg-dots.png
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/images/bg-dots.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XAYexQfobGNHhhYEPGkkxef5qxNvISCVOSDl%2BaDx%2FGKil6aJByFR%2FlillEpEadeMaIWv9MEsBEfPKd3fG9XQmCkw130kpi0IqDiUeortsCTnPppIVscSArJcWfB3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dbfd37b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"13e0f-63599f1e-28051f7;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ls54VHwGa71ykkh77mBof%2BrbHhTKnC%2B2GnbKM%2Ff6tU9tCW1ZZIG39s3Bs6Uh%2BPt3H5Dmo4CsqX9PeiwVEFmh7oKTrOUVJ4HzNsBxcd59ApRqJXISKhUuIHGkM6E"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df0fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 172.67.70.80:0
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"48b9-63599f11-26a05aa;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgbSx9VlBKc0WO7oPU%2Fo3rm%2FQlafEHxQYwduCYp05GKCNWoLNK0e%2BEeJYXfd1nzDEnBk25Z5X3uqcTZGW3utiFHTo95VXb%2BYw1IKlTyJfnzupbcXcuwLvM4JjmwM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dfcfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"2bad-63599f1e-280520c;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0PinGLRHVq24LGcV94GBOrp2R5wnyaa57NIA2m3RpNgN8g6J8NRNWf%2B6ryEvkqCaktE%2FlOCdkxErcCi5t%2BAznFha4p%2Bisgbz%2BTZx6P8RzEJPMbmDeOM6f2x32De0"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df3fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6
IP 172.67.70.80:0
GET /wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.6 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"609e-63599f11-26c0c27;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysqx1eUxpot6Qozhij1t4BrAc58eD2ouDW5Csztl2k9nH51K2Q%2FtvUbOBc7TXc5%2Bp4KXlfOpmwzfoqRO9ex8ge0gQaoR8nBquzRHJzrnO2tvcAGEmmN9s2yrQl2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de9fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156
IP 104.26.5.174:0
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"29ed-638962fc-26a0ac9;gz"
last-modified: Fri, 02 Dec 2022 02:29:16 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FFvr%2FiwuJe5pef0lLts%2F77u8BIxq4hOuG306dldY1Had51UrwGvQzfNiToH%2FLz%2BszAwUDJuztpM0%2F3xrmTS%2Fif7JbQUXLTJLkqUPmQkgBUypIkeTiP8TEE4LmSZS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718bfb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
awqwuiwmse.com/lv/esnk/1939995/code.js
62.122.171.6200 OK 0 B URL HTTP/2 awqwuiwmse.com/lv/esnk/1939995/code.js
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /lv/esnk/1939995/code.js HTTP/1.1
Host: awqwuiwmse.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/javascript
last-modified: Tue, 15 Nov 2022 12:20:41 GMT
vary: Accept-Encoding
etag: W/"63738419-1aaa0"
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2
putinho.net/
104.26.5.174200 OK 0 B IP 104.26.5.174:0
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.sexoaovivo.org/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029d88a08b509-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hwyugStSk6B0DkFcQ3JJ6os%2BpQdB4RkD5OhzVKYICIWsVQ99Q9RU2FutjzubiThlCLpItQGFzVPX6KLIGPySiFa8Nk1i5rTmbz208VLB7%2Blo8mIfu0VaYj7Z%2F1hH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
bg4nxu2u5t.com/get/1940432?zoneid=1940432&jp=_cl4f1v31cixvhorrqr6i0k&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3487152114675222
62.122.171.6200 OK 0 B URL HTTP/2 bg4nxu2u5t.com/get/1940432?zoneid=1940432&jp=_cl4f1v31cixvhorrqr6i0k&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3487152114675222
IP 62.122.171.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /get/1940432?zoneid=1940432&jp=_cl4f1v31cixvhorrqr6i0k&nojs=0&ix=0&abvar=0&t=0&x=1280&y=939&wcks=1&wgl=0&cnvs=1&os=0&md=0&bb=0&lang=en-US&pf=Linux%20x86_64&cd=24&isRef=1&sp=0&cid=3487152114675222 HTTP/1.1
Host: bg4nxu2u5t.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: text/javascript
vary: Accept-Encoding
x-route-id: config
set-cookie: UID=22120318438276ac808cb84ed99c8ff8661a; Path=/; Expires=Sun, 03 Dec 2023 23:43:16 GMT; HttpOnly; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua,ua,sec-ch-ua-platform,ua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156
IP 172.67.70.80:0
GET /wp-content/plugins/akismet/_inc/akismet-frontend.js?ver=1669948156 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"29ed-638962fc-26a0ac9;gz"
last-modified: Fri, 02 Dec 2022 02:29:16 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5JsDdjh3t0vEiNk6D5PxNuI16vehOlpvmYE5DW%2BIp1RIdrvVBFewMtbem1nOEFkG%2BnNSsdCIF2gD0QfSgRrQV9jbIbMgQEeCn1Qvmlcu%2Fhy88DU2Cc2S2CXZar0u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1dfbfab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2022/11/MIO-Aquelarelaxxxada-EduardoLima-RodrigoWeeh-220x150.png
172.67.70.80403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2022/11/MIO-Aquelarelaxxxada-EduardoLima-RodrigoWeeh-220x150.png
IP 172.67.70.80:0
GET /wp-content/s/2022/11/MIO-Aquelarelaxxxada-EduardoLima-RodrigoWeeh-220x150.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:14 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zu9T6ZXyRwxn%2F6w6xRxdn%2Fc%2FB64LS0uG%2BknjTXsRKwT8szFKu%2B0KUhssD%2FDXPhRrP2KtNT6vDPMbvBsCYMZUbIHeOW5nJl7OgXojX3JUxqhF5Pt%2FDFFJ4a2iUuok"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d179fffab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4
172.67.70.80301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4
IP 172.67.70.80:0
GET /wp-content/plugins/-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.cbeb46ec26877b0ea6c1396842a050f2,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kZ%2FVooi%2FwbHmmysXq8Bk2E%2Be01UFNcYW%2FygqdN8C%2FSqPY6hsRMePgv2Oz0o%2FDvVZ%2BIfi1Zf5E0gcspEdP6kBZDZWD%2BV655sG9ZahfgmcADSixkTmPCt%2B%2B5hW6Nzl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de7fab8-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4
104.26.5.174301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 104.26.5.174:0
GET /wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.7c343771fdb7eb68d3f03a61071adb5f,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMYKXg7GK%2F%2Bp%2F6G0d0f2sjMiMDpzccAZyXioJ6kaaT8tQWPMXq5AZnJ0aohGIvsQQAm5r2XYfzrPSokHamhVsoKqcD32h6xAxCqfnLXLE8JYpGjbZzo6Jj%2FCjUN4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b4b509-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2022/11/XVR-EduardoMenzorra-Juninho-220x150.png
104.26.5.174403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2022/11/XVR-EduardoMenzorra-Juninho-220x150.png
IP 104.26.5.174:0
GET /wp-content/s/2022/11/XVR-EduardoMenzorra-Juninho-220x150.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glND4icWn7YZVZikULU%2BZ1bSnWjf2SmCTteLKgUvV3WFAU1eoS%2FjUlUrfh%2FtCHLwMdRqvCO%2B2Ncx3Bo0Xx7Wehk%2B2%2FKyUQP9JyeOy4b%2BBjaEVIHECa32jWsHKxKc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dc5da0b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/s/2019/12/putinho.2020.png
172.67.70.80403 Forbidden 0 B URL HTTP/2 putinho.net/wp-content/s/2019/12/putinho.2020.png
IP 172.67.70.80:0
GET /wp-content/s/2019/12/putinho.2020.png HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
vary: Referer, Accept-Encoding
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fz2gvZY1sxFhg6O%2B9RwQOG7GVvUS%2Bck9yzztTDpscCnbcMTnFPO8sidVDgD2f2BDk68NGRNISXnVcp3B%2F0eROm0OjGWiikPfLH47ssFWDQyjPtx0vlxHeVPPF7FW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca6e29fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 172.67.70.80:0
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"15e54-6361d7aa-26a074e;gz"
last-modified: Wed, 02 Nov 2022 02:36:26 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Bb5c78hMDW9DjQw5si7aZVNOZ%2BS1oagkJ63YoKajVTs1SaAC2BcxjFbeiCKkqqjHRQlHx4PK9L06QalfbrK807GdnleUujA2JSwMQrNxHaRaUiP0zP2OHhFq%2FoX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de4fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
webstatsg.com/www/delivery/afr.php?zoneid=57
172.67.219.140200 OK 0 B URL HTTP/2 webstatsg.com/www/delivery/afr.php?zoneid=57
IP 172.67.219.140:0
GET /www/delivery/afr.php?zoneid=57 HTTP/1.1
Host: webstatsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Sun, 03-Dec-2023 23:43:13 GMT; Max-Age=31536000; path=/; secure; SameSite=none
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMuCAjZ1Hat4%2FF4iE88wluXONt0lb7hOY3O80Gh%2Ftb1ykSTdbL0yOcKFfncwnCela%2FIntaYjEhjy0x%2FIc0LolEydV%2BaNpSKVmjsWN9m%2BWq1bkL%2BeTPeXDGFOUpRZfA0h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029cf8cceb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"d37e-63599f1e-280522c;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JXzZPRhMU%2FKnld828CwxZ9ElrzFxfhFpQzyMO4h0iyrjikBVlrHxE5LVzfzBHqFOr2vz9pLG%2Fr51nOGr%2BECBkr90anen5%2Bo%2BPos99aqWA8mVnJhNCL8yjYJkq79N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708a3b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
172.67.70.80200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10
IP 172.67.70.80:0
GET /wp-content/themes/jannah/assets/js/single.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:13 GMT
etag: W/"15ad-63599f1e-2805200;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MFDlg%2FnM2z%2F%2BHchWaLrvvvVE9jttNjcKXZX8Hu538OCnIpnRIzOyHDBkOnrHROvZYUQ%2Fw4eJss8AwKDFaUnkAbvBSL4tlUqxM1q%2F68N2gDYFUx5jsmXb6kKBoeRS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1df5fab8-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/
172.67.70.80200 OK 0 B IP 172.67.70.80:0
GET / HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://putinho.garotasonline.net/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
cf-ray: 774029ccbf94fab8-OSL
link: <https://putinho.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-apo-via: origin,host
x-litespeed-cache: hit
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rz913NU%2Fd9HUDucfpFhLv%2Fk6RVc4gd2kpIfxhD7wMqK6zAf%2Bj%2B1VSDj%2FjcGqyl%2FYMfaKzPvpmCPZ1dOeXQEUZh9WJ1ba0ZU8GvwvrTMRTSo%2B3R3Gy112fTlLF4qf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/js/ie.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"1c60-63599f1e-2805213;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3MfuPe7U2AxxKhF%2F7QxCMEoJuRptWFzgb0%2FozGmcnCvgN3eKhxE5JcBNGju9ea%2BdvfCe2WqEaKImF0CKbFQNecRKvGRqIdP6zLObqwNs4SZybLylFU0GWKmOGLqV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708b0b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/js/shortcodes.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2bad-63599f1e-280520c;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V0pApm2cKPzeHbp4Aj5%2BGGj0L3vLchYoHDA6gaWro%2F6ezs1PwCFsWbkgSN0qVAXtwuwktfgqkFgOGzs%2BcEbCw%2FhVpRMv5bW4Bfmhefh4Jcfaagq5s9Jkf446cQf7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718bab509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/js/sliders.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"c0a7-63599f1e-28051fe;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BGn004aip7uwqCpp9e%2FcaXmyKpMzeqVwody%2BihRNpOE%2BWGRP3lqSFrOmNwe0pfdM3POcWfMYFp0ydc%2Bb8XyCIjl6hp9qZ1rq5E686L66Y9TD8BtGU5gNPzgsiCgh"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718b9b509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.ttf HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://putinho.sexoaovivo.org
Connection: keep-alive
Referer: https://putinho.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-font-ttf
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"9e0c-63599f1e-2805125;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fBtW5GO8X9RXkz5NwjA6gUzljPMeV9dqUtw%2BoC9a3AiT7UtRK%2FtjEqxpbIp2YxQnqQRzucgq%2BkxirI%2BKGo4l2Dj4jF7k3XwfWf5TAuk60LMZ7Fs3FD3RKSUdy4VF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029dc4ec70b49-OSL
X-Firefox-Spdy: h2
hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=48902292
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=48902292
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=48902292 HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
Cookie: uid=y1oAq6tmHs45uL-sK-2IRkJiYVuJ6W3y; dom3ic8zudi28v8lr6fgphwffqoz0j6c=2ee5bce7-ed4b-4bf9-8863-1ae447cc1313%3A3%3A1; sb_main_a6b0b8925d9b3a4154c035c24b4ed97e=1; sb_count_a6b0b8925d9b3a4154c035c24b4ed97e=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=parkingridiculous.com
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=JdT9XBD6E29wiE0MCx6r; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 23:43:18 GMT
date: Sat, 03 Dec 2022 23:43:17 GMT
content-type: application/json
access-control-allow-origin: *
x-inferno-location: banner
content-encoding: gzip
vary: Accept-Encoding
X-Firefox-Spdy: h2
static1.cameraprive.com/scripts/jquery.float.min.js
104.17.117.68200 OK 0 B URL HTTP/2 static1.cameraprive.com/scripts/jquery.float.min.js
IP 104.17.117.68:0
GET /scripts/jquery.float.min.js HTTP/1.1
Host: static1.cameraprive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: application/javascript
last-modified: Fri, 02 Aug 2019 20:10:44 GMT
vary: Accept-Encoding
etag: W/"5d4498c4-1fe8"
expires: Thu, 23 Mar 2023 08:31:38 GMT
cache-control: max-age=31104000
x-robots-tag: noindex, nofollow, nosnippet, noarchive
content-encoding: gzip
cf-cache-status: HIT
age: 13150376
server: cloudflare
cf-ray: 774029cbcfaab4ed-OSL
X-Firefox-Spdy: h2
hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
190.115.19.71200 OK 0 B URL HTTP/2 hqq.tv/player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no
IP 190.115.19.71:0
ASN #262254 DDOS-GUARD CORP.
GET /player/embed_player.php?vid=UElSbE1KejNIMDdmWC9jRzZJQXlJQT09&autoplay=no HTTP/1.1
Host: hqq.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ddos-guard
set-cookie: __ddg1_=swyTsYz98gCmoIwWVr7m; Domain=.hqq.tv; HttpOnly; Path=/; Expires=Sun, 03-Dec-2023 23:43:15 GMT
date: Sat, 03 Dec 2022 23:43:14 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.tv>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//signal.netu.tv>; rel=dns-prefetch; crossorigin,<//wss.commentsengine.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//deliver.vkcdnservice.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
x-origin-location: player
cache-control: public, stale-if-error=30, max-age=30
content-encoding: gzip
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
webstatsg.com/www/delivery/afr.php?zoneid=56
104.21.38.59200 OK 0 B URL HTTP/2 webstatsg.com/www/delivery/afr.php?zoneid=56
IP 104.21.38.59:0
GET /www/delivery/afr.php?zoneid=56 HTTP/1.1
Host: webstatsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:16 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
expires: 0
access-control-allow-origin: *
p3p: CP="CUR ADM OUR NOR STA NID"
set-cookie: OAID=01000111010001000101000001010010; expires=Sun, 03-Dec-2023 23:43:16 GMT; Max-Age=31536000; path=/; secure; SameSite=none
strict-transport-security: max-age=15768000;
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B7g4HzOrmoC3NPb%2FCTAzVziymDemjRUyj66ExF640zOlPohV9N5nzAOz1dATnCdPYEStFoBAw8s7wa8ii6uMW7MuUXSkDR2vWHJJJ%2BZEfLPSUuDxJn1H%2BKZYxxSR7pw%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029da8d09b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
IP 104.26.5.174:0
GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"4198-63599f1e-28051fa;gz"
last-modified: Wed, 26 Oct 2022 20:57:02 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGJVPwOU0JOrNbnFJ3PbLgmY6itRy%2B%2BchMN2cvNAa4kNI6xk%2FPvy89lGnpUGjcajsv7nn0xVrozcHaxjYRjfxtZYgMsQ3QQvov3NwmFoQ3lBDAEAh%2FqtNuprod9I"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d718bbb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
putinho.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
104.26.5.174200 OK 0 B URL HTTP/2 putinho.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 104.26.5.174:0
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.sexoaovivo.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=604800
expires: Sat, 10 Dec 2022 23:43:15 GMT
etag: W/"2bd8-63599f11-26a06f3;gz"
last-modified: Wed, 26 Oct 2022 20:56:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2B3Q2WpYNVsOxFVHkyKU7ChMqtXGHonzErIq6%2BaJ%2Be5AO5p19qly8APkTSGHB2h0NfZb%2BPETxT%2B4JIzlyDs2MczD6dQZgHWvwfigD264q3%2BJlPFKCwgzK6BATkWe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029d708adb509-OSL
content-encoding: br
X-Firefox-Spdy: h2
image.staticpng.com/?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg
104.21.78.12200 OK 0 B URL HTTP/2 image.staticpng.com/?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg
IP 104.21.78.12:0
GET /?url=https%3A%2F%2Fwww.meninosonline.net%2Fimagens%2Fputinho1150.jpg HTTP/1.1
Host: image.staticpng.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: image/jpeg
set-cookie: view=1; expires=Sun, 04-Dec-2022 23:43:13 GMT; Max-Age=86400
PHPSESSID=aaglepf65r6o8436l5ue536qj7; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jw9vM6BM3kbaxi8%2FNAZnudRWpCs936VEMs%2BPrBIfZSxSjsXE9XJj%2FPMCk4S9kThJyC5Fj%2BhG0RW4mjcw4bU2gvvSIM%2F3F2hAvDqLsTg5Y0tSxNWzzqDibSBeYmyMJtV2k5qBiPJa"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 774029cac9c3b50b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4
172.67.70.80301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4
IP 172.67.70.80:0
GET /wp-content/plugins/-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.df25da0f3637c022e9aad7c7ac2f9bc6,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q1NjRElGrHnBIjyzNf03br9xXWpeiOIpNMX7BhGJ3DePF6o5MOMR4oTLWNFe3hgGIgSvjd0LCMx4gdK8KlzwzRtbEFuQIskR9r2GlDF556U1DydQJG4oa7FB5%2BhN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1de6fab8-OSL
X-Firefox-Spdy: h2
putinho.net/wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4
172.67.70.80301 Moved Permanently 0 B URL HTTP/2 putinho.net/wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4
IP 172.67.70.80:0
GET /wp-content/plugins/-form-7/modules/recaptcha/index.js?ver=5.6.4 HTTP/1.1
Host: putinho.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://putinho.garotasonline.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
date: Sat, 03 Dec 2022 23:43:13 GMT
content-type: text/html; charset=UTF-8
location: https://putinho.net
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-litespeed-cache-control: public,max-age=3600
x-litespeed-tag: 713_HTTP.404,713_404,713_URL.7c343771fdb7eb68d3f03a61071adb5f,713_
x-litespeed-cache: miss
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f5UQK3jZackitXntDR9Iwqmhq6pmQuzyZWKGjWKqZ1uEeR1McqVibpO3P7ZwcvWifWrQvW%2B5P8JywDAD%2Buxokd8sA2u34XzQMbdhv1qU7HPN2wEemgiA8bNyCH0P"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 774029ca1deefab8-OSL
X-Firefox-Spdy: h2