Report - cuevana-3.buzz/pelicula/no-manches-frida-2-1554596Z/

Report Overview

Submitted URL
cuevana-3.buzz/pelicula/no-manches-frida-2-1554596Z/
IP
172.67.145.145
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-10 18:47:03
Access
public
Website Title
Ver No manches Frida 2 (2019) Online en Español y Latino - Cuevana 3
Final URL
cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
34

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
flawerosion.com	unknown	2021-05-12	2021-05-29	2024-04-21	860 B	25 kB	172.240.253.132
ocsp.r2m03.amazontrust.com	unknown	2007-05-11	2023-02-21	2024-05-09	338 B	942 B	143.204.53.97
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-05-09	868 B	840 B	3.124.83.201
customarydesolate.com	unknown	2024-05-06	2024-05-07	2024-05-08	486 B	467 B	172.240.127.234
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	418 B	7.6 kB	142.250.74.138
cuevana-3.buzz	unknown	unknown	No data	No data	506 B	1.9 kB	172.67.145.145
bleachimpartialtrusted.com	unknown	2024-05-06	2024-05-07	2024-05-08	3.3 kB	23 kB	192.243.59.20
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12	2024-05-09	882 B	89 kB	45.133.44.10
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-05-09	1.5 kB	846 B	192.243.59.12
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	440 B	2.1 kB	104.17.24.14
static-assets.bamgrid.com	19125	2012-07-25	2022-12-12	2024-05-10	1.1 kB	74 kB	3.164.240.92
exasperationincorporate.com	unknown	2024-05-06	2024-05-07	2024-05-08	3.3 kB	37 kB	172.240.108.84
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15	2024-05-09	2.9 kB	259 kB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.0 kB	33 kB	216.58.207.227
cuevana-3.lat	unknown	2024-05-09	2023-02-21	2024-02-22	6.3 kB	89 kB	172.67.211.190
i1.wp.com	6037	1997-03-28	2012-09-27	2024-05-09	6.6 kB	168 kB	192.0.77.2
disclosestockingsprestigious.com	unknown	2024-04-29	2024-04-30	2024-05-08	8.1 kB	13 kB	192.243.59.12
cdn.yourwebbars.com	62037	2020-08-21	2021-01-29	2024-05-09	477 B	1.2 kB	104.26.7.19
downstairsnegotiatebarren.com	unknown	2024-03-04	2024-03-04	2024-05-09	820 B	173 kB	188.114.97.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-10	medium	bleachimpartialtrusted.com	Sinkholed
2024-05-10	medium	exasperationincorporate.com	Sinkholed
2024-05-10	medium	bleachimpartialtrusted.com	Sinkholed
2024-05-10	medium	exasperationincorporate.com	Sinkholed
2024-05-10	medium	bleachimpartialtrusted.com	Sinkholed
2024-05-10	medium	exasperationincorporate.com	Sinkholed
2024-05-10	medium	customarydesolate.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	unseenreport.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed
2024-05-10	medium	disclosestockingsprestigious.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	unknown	196 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 2f9c22cd2bf85bd5a58c75dd3aea249f f99c07a5e8f813980530b9f52233d72582039c62 a74e34143e66f691734bf95a00e7f6e67fd5d5d15439fcf536c7c48f9bfaca54 Loading...

	downstairsnegotiatebarren.com/sfp.js	86 kB	2024-03-29	2024-05-17
Pretty URL downstairsnegotiatebarren.com/sfp.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-29 13:13:34 Last Seen2024-05-17 14:49:08 Times Seen3553 Hash f4a2f8f9f99541c6f105bbd0a025bd40 1f8e3eff12168fdd9e719adfc098d24a45b6916a b717cb04231a10d425fd55b73c85a5407119c6826a8bac94142fddfff6958716 Loading...

	unknown	145 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 29002b9dd6c8b8c7135b9598440f37db 85831f193d4923e8eac87360c16fba954e53fb51 e79f4fb41f942a3af38f860d8d3d7f5150139cf99fa7f5d1f2e9be50dd7172c2 Loading...

	unknown	9.7 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:47:10 Times Seen2 Hash 63337d83ec94524ac0df78d1b6001b8b bd3b07e7bbd9fa92b3acfe6d6cb9f4089fa15a05 a473887abf14455e2286bf580614d811b6ec1d807ec4e5b2c4ff6f3d6b11fed3 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/	262 B	2024-04-24	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash 9c8b8228385e0386f33390703e78850b 2cb4c24984b2aae9d220d7962955fef4afe7578b f4f1e5d9a3c784ce73d7822799b51a211883a6fe14ec6a4928b67dd9fa755f46 Loading...

	flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js	31 kB	2024-05-10	2024-05-10
Pretty URL flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:11 Times Seen2 Hash 19eeb233138220007606d40f8012a6e8 4ede35aae1cc608c3cafeb2b79bdb7c4ce632e32 ee3e512e414b8ee0d7da19dd851fa27930c65b293224feab7b9a911c03d13fc6 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/	262 B	2024-04-24	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash f5192bfc16769d2180c017ef350e7aec 4c591cd14e583b7b1c02ec334c241b50a8048b35 bd5e3736034ca38dcba0d1da7b8162bfce00d6bb1d27cdd7558505b9a17c4f66 Loading...

	cuevana-3.lat/assets/js/global.js	3.4 kB	2023-03-09	2024-05-17
Pretty URL cuevana-3.lat/assets/js/global.js IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:36:30 Last Seen2024-05-17 10:15:26 Times Seen36 Hash 89cb627cc51bd26db054b60ac778f08d d5f233a2c077418add3401b7d1e44ffba065a91a c4e49f1f6b6eb188c301ecd71b88e46cc8bef5ece6246f235d51481ed37bd666 Loading...

	unknown	145 B	2024-04-24	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:10 Times Seen3 Hash a636a436e345bc0f6b6c7bd4dafd4f65 0a28d862476caca444c401b4eaa9cf2910caf54b 4480f26a5ea54660e9163a16fe178f3e4db5cc3e7a359e5382169d7db388b15e Loading...

	flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js	31 kB	2024-05-10	2024-05-10
Pretty URL flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js IP 172.240.253.132 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:11 Times Seen2 Hash f1febfd95fbd2ae32c94ec33cb5285cf d1bc16b9f43c57c07f8be749b489cb68621b220c edb3411eb2f12ebdb232509b4ec7df784e54e0e2085f972acd95eca0fe80c794 Loading...

	cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/	461 B	2024-05-10	2024-05-10
Pretty URL cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/ IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-10 20:40:55 Last Seen2024-05-10 20:47:10 Times Seen2 Hash 6116382d3cf7a3277ef6b697e570995f d335817bbc4c5d3c6dc388efcc6787df07f51896 c3f42008407872bad43e43f20b9fff92d92a97f3d4a9b80344ba4c9fd3f86096 Loading...

	cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js	3.7 kB	2023-03-07	2024-05-19
Pretty URL cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:46 Last Seen2024-05-19 13:34:54 Times Seen1305 Hash 3ad5caa5616445685659f934407a9472 e8797e351e12d40326abbb1054fa42e141b9c16b ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312 Loading...

	exasperationincorporate.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js	84 kB	2024-05-10	2024-05-10
Pretty URL exasperationincorporate.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:11 Times Seen2 Hash 0306e3f600911b20a2034626cdabb60a 18128fdceb6958fdb376916a299edb7d97b5657e a67f73bb5d300e6d273228e51eba550a26f4b2fb00918a8178bf3a529eaaf44f Loading...

	unknown	3.4 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:10 Times Seen1 Hash 373837e9fcb15d3c7ff3e2264da707df 51ef5e4cd26b377a10a6f7d428518d02da306f09 31561159b7c199e43f6b8c2087ea3ed9faf76dcdcbe2ae6a4a97f22b2297e280 Loading...

	cuevana-3.lat/assets/js/sidebar.js	243 B	2023-03-10	2024-05-17
Pretty URL cuevana-3.lat/assets/js/sidebar.js IP 172.67.211.190 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 14:31:36 Last Seen2024-05-17 10:15:25 Times Seen25 Hash 3f33cca2f0ef61b2a2b18030c86cbb2a 3dc3593259f8019a11f84677f1652d67632dca37 c9ec3c90473e7e7cc1fe8ab0c27e218bdb62ee47ead46bf7ccbd3e0ddb767fb5 Loading...

	bleachimpartialtrusted.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js	44 kB	2024-05-10	2024-05-10
Pretty URL bleachimpartialtrusted.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js IP 192.243.59.20 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:11 Times Seen2 Hash a22889504871d64754a14f9e4e7b7f91 a020712a217d73e9a15264dd540b988066fc1fad 38d9944a17dbe3fad163a0d42bb0c20d21cb81abdfb7f6eb1413b4ffa31e67f5 Loading...

	unknown	3.3 kB	2024-05-10	2024-05-10
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:10 Times Seen1 Hash afe243c619eef950cf537e8796dfc9c6 e59f0d308e7c7430df3ddb8cf3fc6f3b6ccf7ef6 9b9247e23cb3cacc3fbc8bf23c8d03c9ab2245fbdac366be59755bf2d9e43470 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 660c4e6fd6367ab7b4a9cd05c8cdc026	2.1 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:47:10 Last Seen2024-05-10 20:47:11 Times Seen1 Hash 660c4e6fd6367ab7b4a9cd05c8cdc026 f88c3642ebd937167c657dfae91d5405e20ffb14 1f7353c17872eea819dd001b2b927e3bb8a5dba1e75c01a829605fef0329eb95 Loading...

	#2 Eval - cd913e66a0b9779a95aefe66e9e45d76	2.1 kB	2024-05-10	2024-05-10
Pretty Observations First Seen2024-05-10 20:47:11 Last Seen2024-05-10 20:47:11 Times Seen1 Hash cd913e66a0b9779a95aefe66e9e45d76 8111d6b34d93bc32ad20929094f9f266f47c836d 4a45caf913663473813a392b9a60a7df15780c91eff3996356546c359d585609 Loading...

		Size	First Seen	Last Seen
	#1 Write - fa6215f98b72fbf63158b8f46b55f2a5	107 B	2024-04-24	2024-05-10
Pretty Observations First Seen2024-04-24 04:43:55 Last Seen2024-05-10 20:47:11 Times Seen3 Hash fa6215f98b72fbf63158b8f46b55f2a5 6bfb754ab0366caae2f602f69c8537a5c247c192 fb1f888ff846932f5609fef506ca542b2e3f3ff881c274b3b5c0ba4c12d6cef7 Loading...

	#2 Write - 12026209352cf3f3a098b30069c4d25b	107 B	2024-04-24	2024-05-10
Pretty Observations First Seen2024-04-24 04:43:54 Last Seen2024-05-10 20:47:11 Times Seen3 Hash 12026209352cf3f3a098b30069c4d25b 42381ee7d478d0642e0cfbb57e7797835ba7028e 3db30715e9be129bfa8e19a82ec8e221ef48da70fe70c4696ef77f7303770776 Loading...

HTTP Transactions (66)

URL IP Response Size

cuevana-3.lat/icon/castellano.png

172.67.211.190

200 OK

272 B

URL GET HTTP/3
cuevana-3.lat/icon/castellano.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
272 B (272 bytes)
Hash
ab18c42d44d9cc5a1f5f8dd9ba3007ee
ab631a304f025ecea3e5af608b60eacd4e3cd12a
7d6675cea82cd93ddfe945dfe384411a76f5cd135156b07a846e91c07913562d

HTTP Headers

GET /icon/castellano.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 272
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "110-63107999-9e7ee6;;;"
last-modified: Thu, 01 Sep 2022 09:21:29 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZRDMadUp1%2BKO29Ma7pLDDDPPTvFjEoN%2Fiwvv0T5cdDrCdFR3VygO0DBRiH%2FcOO%2FWe1PVA1Z3OBZBiTOXh5Sd1D19leqVvrmayurE4OhSJTkznSKk27pTB2b%2BCoJMdZgB"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17da9f6c569c-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/play.png

172.67.211.190

200 OK

3.4 kB

URL GET HTTP/3
cuevana-3.lat/icon/play.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 140 x 140, 8-bit colormap, non-interlaced
Size
3.4 kB (3356 bytes)
Hash
6d714fc573cd2ee7698326231da3731d
b662ce1cc1e70cd96806b7eabcd79ba3c339187a
62f1e98ad70f5b2cc3863a644d636d015adfcb803181ff6d31423bc542cfe330

HTTP Headers

GET /icon/play.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 3356
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "d1c-65108060-9e7ed8;;;"
last-modified: Sun, 24 Sep 2023 18:30:56 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4qzGBolKVAwMlPG2Ycc16Tzio0VVgK43vrDNrZWoXaZa2C%2BdKIPR3plKK25yf2IXaLEFKs3pRHSeHpQ6fx8CP%2FM4i8NZHCm27VzEuOUaovzK5BbMWS4TqagqlSIkdPg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17daaf83569c-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/youtube.png

172.67.211.190

200 OK

168 B

URL GET HTTP/3
cuevana-3.lat/icon/youtube.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 4-bit colormap, non-interlaced
Size
168 B (168 bytes)
Hash
30dc65552b4e2a6915ae32f512ad7d2d
329082a2a63f5cfb25da72486c7330f238294ee9
b4ff92df8c0a6c0916502e3e363d4d6c3b29430ba05d71ecb2da9c0b9f952a67

HTTP Headers

GET /icon/youtube.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 168
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "a8-63107a74-9e7ee2;;;"
last-modified: Thu, 01 Sep 2022 09:25:08 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZsHsQZ9Nmr%2BbMWeZRPm%2B%2BkzrdcXBip7GWy1F68VDm3kzC7fNgH202skONprJ5f9ZRCveg3fqpBj4r1yYYYn5PRojne7lI2Zk8RvqLFYHYVjMPP%2BMEKqwa0OSqsXOHBGK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17daaf80569c-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/latino.png

172.67.211.190

200 OK

420 B

URL GET HTTP/3
cuevana-3.lat/icon/latino.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
420 B (420 bytes)
Hash
58f7dfa9c36fe02e90e49725826bac5a
5810e268f7f9ac7c64e89ad07e5cb9a53ebee66b
169f703de20781d404d1ed8c8d8b0aab0d74eccd65533ae14cf1bac83140cb7d

HTTP Headers

GET /icon/latino.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 420
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "1a4-6310782c-9e7edb;;;"
last-modified: Thu, 01 Sep 2022 09:15:24 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V6qJFvRVAezJIB8NqXsky1W482xyT9%2FM6Txldk7Gv4aaaGLzunmFAmLwUQgZKxGdqj9wO3SZuw8UnfBZxOPz5TXdahdFB3bCmK%2FgI5CbxlbG%2BXHq6OcuPfRb7jM2AVUY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17da9f67569c-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.buzz/pelicula/no-manches-frida-2-1554596Z/

172.67.145.145

301 Moved Permanently

1.3 kB

URL User Request GET HTTP/2
cuevana-3.buzz/pelicula/no-manches-frida-2-1554596Z/
IP
172.67.145.145:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectcuevana-3.buzz
Fingerprint20:F3:FA:E5:89:EB:9C:18:7E:58:1E:15:D8:AA:39:37:54:78:D7:BF
ValidityMon, 06 May 2024 16:56:50 GMT - Sun, 04 Aug 2024 16:56:49 GMT

File type
data
Size
1.3 kB (1266 bytes)
Hash
55bfb6076137be72df03e59ffdc06773
5510b5184ab8111da8c9dcaac6ab591776bc03ea
664cb9553c1b9355c775495e3c1ff8025dbd1fa261bc11167c80ec526a2358af

HTTP Headers

GET /pelicula/no-manches-frida-2-1554596Z/ HTTP/1.1
Host: cuevana-3.buzz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Fri, 10 May 2024 18:46:36 GMT
content-type: text/html
location: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pHaLhkGkmUcEpKudVr22W1C38EkllzsAe2tNyMEQKLKkMR2%2Fjc%2BTrCg6IoWOHKkhNqhY0Aqh6b4hvU1tJQVahxa%2FMMktg4%2BfGzpWy1w29%2B1VahBAWDjXvmIeYnu%2BpcbsRw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c17cc3f13b4f1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuevana-3.lat/logo.png

172.67.211.190

200 OK

1.7 kB

URL GET HTTP/3
cuevana-3.lat/logo.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 240 x 60, 8-bit colormap, non-interlaced
Size
1.7 kB (1651 bytes)
Hash
ac098c3779eaa821043230fc8622201d
809df0158b1c3d37bd508e48cef6c58992956417
4d01e0d4d1b75ad128c3c91ab7e57b5e59b6033e829b6473f76c0c3060b4633b

HTTP Headers

GET /logo.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 1651
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:40 GMT
etag: "673-65d6066f-9018d5;;;"
last-modified: Wed, 21 Feb 2024 14:19:27 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2RrqYNsOCpINSgu95H89DtqNvvd7OISxKcMZkMOEw4IYdSThpy%2B6xz6hVjmURbV8WavCrEU7PvVlbECR8w%2BgsehusqyzeQqb8vSy5%2FoRQGpEtdLOgRS4x2ME2Xx%2Fo4PG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17daefdb569c-OSL
alt-svc: h3=":443"; ma=86400

i1.wp.com/www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg

192.0.77.2

200 OK

8.9 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.9 kB (8934 bytes)
Hash
9f4d3dfbb5c019d2b1d3165eea56a41c
7883fccdf141a2191cad250afa887f0fdba9d8a8
3790799a4254b20b1a759c5aca754f5b83ebc5c51538f6f31a348712fc77547f

HTTP Headers

GET /www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 8934
last-modified: Fri, 03 Nov 2023 17:42:11 GMT
expires: Mon, 03 Nov 2025 05:42:11 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/ncKCQVXgk4BcQV6XbvesgZ2zLvZ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "4592777226d65bb6"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg

192.0.77.2

200 OK

5.6 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.6 kB (5604 bytes)
Hash
a028e9d22271409d17a467918f962ee8
7d0186d02c4a56fd2459ca1fb0566163b6e1bf7c
a263cc43d1f446a0d3e014494a41f7e9bde44614f6f2968c27b0edd3dc4f12e6

HTTP Headers

GET /www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 5604
last-modified: Tue, 27 Feb 2024 22:51:10 GMT
expires: Fri, 27 Feb 2026 10:51:10 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/iExe6Meo3xMYcSUQiH5UqXboPiY.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "09cfe2d820a48f84"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg

192.0.77.2

200 OK

6.0 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.0 kB (6008 bytes)
Hash
3f60e99ee83fd5dc29740f045141671e
1e9cba68f202e1af96d0733709d4b5b2aa3bd32e
2d572ae9254252826fe542ad9ab18b466dce5d52fed4ca10fb674b48b281c91e

HTTP Headers

GET /www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 6008
last-modified: Tue, 23 Apr 2024 19:11:30 GMT
expires: Fri, 24 Apr 2026 07:11:30 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/q1DDwFuWeQlwR0lcjFiEsM8iRkd.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f92d98682bc6c3c6"
vary: Accept
x-nc: HIT arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg

192.0.77.2

200 OK

4.3 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x277, Scaling: [none]x[none], YUV color, decoders should clamp
Size
4.3 kB (4274 bytes)
Hash
3ecd81660212c85b58d7d1f57e309b18
b4ac2974973f25b0bfbc367e57324a38f908449a
f2bc234a501dccdba2ca4117f7a07c58a9896b5f3befcc50684bba9a90bb390a

HTTP Headers

GET /www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 4274
last-modified: Wed, 08 May 2024 08:34:16 GMT
expires: Fri, 08 May 2026 20:34:16 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/x7phbLV4IpiOo3P8GUoGpz9Pjw0.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3320465286aa836d"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg

192.0.77.2

200 OK

8.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.2 kB (8156 bytes)
Hash
e27e4855d9095c9c97c4ac18f8e8fd35
4b240681af1e241057b9318b15c861f52ac4be91
cb23d75221fbf6fb26176f4165faf323d7fbc340f06597fae47b5f45e969d48d

HTTP Headers

GET /www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 8156
last-modified: Sat, 16 Mar 2024 15:38:46 GMT
expires: Tue, 17 Mar 2026 03:38:46 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/ceiGl0SNZpR01o5lfYImt2QgKuq.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "e8941383baef29f2"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg

192.0.77.2

200 OK

5.9 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.9 kB (5854 bytes)
Hash
c7587a8c52991f45ea255541715f430f
b0b7de730e57c8a1268a2050283f536c96ad6ffc
360cf0640303a55ed928d3a476b16224dd90d3170b2ba6d6da453d48d8794644

HTTP Headers

GET /www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 5854
last-modified: Tue, 16 Apr 2024 21:23:31 GMT
expires: Fri, 17 Apr 2026 09:23:31 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/rpnZlagXNjWh6GUMmGosC5MHrYy.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "9ab287378b7cdbc5"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg

192.0.77.2

200 OK

5.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.2 kB (5166 bytes)
Hash
1be730fdefa8632e52c7f249af8054a7
92b057446be0869d192842846064c65a52fffe26
c9342f614febdc4f80f8f01b15c44e1ebba64927ce90a745d00f490f4127bd62

HTTP Headers

GET /www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 5166
last-modified: Sun, 14 Apr 2024 05:04:51 GMT
expires: Tue, 14 Apr 2026 17:04:51 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/gvpU4eMgDC6LpWLxnqGW3uMFDx3.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b0e59699d33e4d87"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg

192.0.77.2

200 OK

8.3 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
8.3 kB (8252 bytes)
Hash
d2789911d9796e010b3db54a442d9099
f2928eb006eff169bafae773479b8758b7817f29
34ef241731233e277da882a489ffdb80a46cc7e2737f38ccae068602ec948bf6

HTTP Headers

GET /www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 8252
last-modified: Fri, 03 May 2024 13:19:58 GMT
expires: Mon, 04 May 2026 01:19:58 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/vdd4TBvrKLQ2HSBkvgy4GdcyWjy.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "b2a9c6fe3c6bdc91"
vary: Accept
x-nc: HIT arn 2
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg

192.0.77.2

200 OK

6.6 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x264, Scaling: [none]x[none], YUV color, decoders should clamp
Size
6.6 kB (6602 bytes)
Hash
f7de3b130b5843e7475fe30c1422f3c0
556558225067e907f9427c17b32682b220899518
bc4b602cf00ca9fb222e87f228eae8916b7bdca26569a466351d74a8ccf36e64

HTTP Headers

GET /www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 6602
last-modified: Fri, 19 Apr 2024 14:09:25 GMT
expires: Mon, 20 Apr 2026 02:09:25 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/r8L3fUvftNeqPMCITdXJfiXbFBU.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "f2850a833a48559a"
vary: Accept
x-nc: HIT arn 5
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg

192.0.77.2

200 OK

2.2 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x265, Scaling: [none]x[none], YUV color, decoders should clamp
Size
2.2 kB (2226 bytes)
Hash
3dc604330557bf7572bb905c58dc3a43
56f20bdf5f867b6ed66f34708bbc54aac18491d5
c672e670585f6819735bd4e4891d8c2a5c73287d2424f381a4e82c728b129fbf

HTTP Headers

GET /www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 2226
last-modified: Mon, 22 Apr 2024 14:15:09 GMT
expires: Thu, 23 Apr 2026 02:15:09 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/dFxjlcejJxSusT82UZl6QfVOgBA.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d68301ce5b13ffa0"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/rG7rDoTe1ZEa936eonDCkV76nkx.jpg

192.0.77.2

200 OK

12 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/rG7rDoTe1ZEa936eonDCkV76nkx.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (11530 bytes)
Hash
c792395aafc69dcd870ca9d14207e3bf
ea11368de64065d93466298c17aac3defeddde09
150217333ea5eeaaa1fe8d6a8c77255fecbd40262f4c9effb0eca0efad924f70

HTTP Headers

GET /www.themoviedb.org/t/p/w185/rG7rDoTe1ZEa936eonDCkV76nkx.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 11530
last-modified: Thu, 22 Feb 2024 06:30:28 GMT
expires: Sat, 21 Feb 2026 18:30:28 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/rG7rDoTe1ZEa936eonDCkV76nkx.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "1412a52f21837b02"
vary: Accept
x-nc: HIT arn 6
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg

192.0.77.2

200 OK

5.5 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.5 kB (5484 bytes)
Hash
d401d7b5406048e1bb45f16bf428bc4e
9bcfe714c9b156100417537fd4f88c048803c299
ad1b9c2faf795e946027780a2e510f912c2a014e4f40a12a1d27678bd676c3af

HTTP Headers

GET /www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 5484
last-modified: Sat, 06 Apr 2024 15:35:37 GMT
expires: Tue, 07 Apr 2026 03:35:37 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/6QR2FOCQr41gSduN70WulRIhJb7.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "3be39198640d210e"
vary: Accept
x-nc: HIT arn 1
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg

192.0.77.2

200 OK

5.1 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 185x278, Scaling: [none]x[none], YUV color, decoders should clamp
Size
5.1 kB (5050 bytes)
Hash
de3762805a3f8988de9a93909cf757b9
4cf9f2fa69e124ad17cadbe50e4c4d83a68d9b6a
41d354be0990d33ed68008ede554e0f335a7aab78ad093953f7b7fe2a0d7a016

HTTP Headers

GET /www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 5050
last-modified: Thu, 11 Apr 2024 15:46:22 GMT
expires: Sun, 12 Apr 2026 03:46:22 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w185/1wIp3yBijtgEpQrHZLqoX5laGLJ.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "d4e57b5f090c270e"
vary: Accept
x-nc: HIT arn 8
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js

104.17.24.14

200 OK

1.1 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/instant.page/5.1.0/instantpage.min.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3683), with no line terminators
Size
1.1 kB (1105 bytes)
Hash
3ad5caa5616445685659f934407a9472
e8797e351e12d40326abbb1054fa42e141b9c16b
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

HTTP Headers

GET /ajax/libs/instant.page/5.1.0/instantpage.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 1105
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5ece4c80-e63"
last-modified: Wed, 27 May 2020 11:18:24 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 858707
expires: Wed, 30 Apr 2025 18:46:38 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Bpj8QGmVjRoJlLSdbQU4a3UXNX7QMwnw1Ax3NrcrsvBnvR9PxqvTbqea0jUGUttHZyP5cM9sW8XR9u0wPphCZk8hyJ5BrjpyGVfRxDqGHfuEQ4ipC0vqgI9Gv0%2FAzji2iiAqkw7x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 881c17db5b9556b1-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

static-assets.bamgrid.com/fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2

3.164.240.92

200 OK

42 kB

URL GET HTTP/2
static-assets.bamgrid.com/fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2
IP
3.164.240.92:443
ASN
#0

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerAmazon
Subject*.bamgrid.com
Fingerprint5F:6A:DA:DB:6D:4E:CB:83:75:16:7B:81:6D:31:85:E4:96:56:16:E7
ValidityWed, 12 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 42284, version 1.0
Size
42 kB (42284 bytes)
Hash
8c900afcd8a9418271094b90126ffa64
eef8599f852ca801c620762f2924dac07072ccc9
f6e757fc68943cf4b16fc3fa4b165662891c44c8ae0786d418022d5e345b7d80

HTTP Headers

GET /fonts/avenir/Avenir-Heavy/Avenir-Heavy-05.8c900afcd8a9418271094b90126ffa64.woff2 HTTP/1.1
Host: static-assets.bamgrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana-3.lat/
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 42284
date: Thu, 09 May 2024 16:15:49 GMT
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Apr 2024 15:26:02 GMT
etag: "8c900afcd8a9418271094b90126ffa64"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-version-id: HI1WUO8Qkpu9elQ_spapvGKVr_sfycDZ
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 52b109b1375547c721208eb7c7b3185a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: zGF0ESGZ-Zygvg5xryWZySIS0RB3ioqmGWvHLRXG_9xSkTNRVm57fw==
age: 95450
timing-allow-origin: *
X-Firefox-Spdy: h2

static-assets.bamgrid.com/fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2

3.164.240.92

200 OK

30 kB

URL GET HTTP/2
static-assets.bamgrid.com/fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2
IP
3.164.240.92:443
ASN
#0

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerAmazon
Subject*.bamgrid.com
Fingerprint5F:6A:DA:DB:6D:4E:CB:83:75:16:7B:81:6D:31:85:E4:96:56:16:E7
ValidityWed, 12 Jul 2023 00:00:00 GMT - Thu, 08 Aug 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 30344, version 1.0
Size
30 kB (30344 bytes)
Hash
8c6e15565760efae86de48644cfd9b71
4fb0af97ef902a0f163ad47f6b2130240fb994ba
3c6b2b561767911c306bb7195606d149d6c7412485d1cf172df32902f52546f6

HTTP Headers

GET /fonts/avenir/Avenir-Roman/Avenir-Roman-12.8c6e15565760efae86de48644cfd9b71.woff2 HTTP/1.1
Host: static-assets.bamgrid.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cuevana-3.lat/
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 30344
date: Thu, 09 May 2024 16:15:49 GMT
access-control-allow-origin: *
access-control-allow-methods: HEAD, GET
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Fri, 26 Apr 2024 15:26:02 GMT
etag: "8c6e15565760efae86de48644cfd9b71"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
x-amz-version-id: toPKOPg6QoEpHbDj56Un1r5y6ALUXrOE
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 52b109b1375547c721208eb7c7b3185a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN53-P2
x-amz-cf-id: BxyEgEK8X4IyrU-DsKbxY6lM3HkcdDESWDmyR5dxw253EA5I3BpEwA==
age: 95450
timing-allow-origin: *
X-Firefox-Spdy: h2

i1.wp.com/www.themoviedb.org/t/p/w1280/1TPzecXAb5uCqmscA6WaQqKMmvV.jpg

192.0.77.2

200 OK

77 kB

URL GET HTTP/2
i1.wp.com/www.themoviedb.org/t/p/w1280/1TPzecXAb5uCqmscA6WaQqKMmvV.jpg
IP
192.0.77.2:443
ASN
#2635 AUTOMATTIC

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x720, Scaling: [none]x[none], YUV color, decoders should clamp
Size
77 kB (76842 bytes)
Hash
205e3273adb71a65da6f7583b1ff6c39
b3ec415835a689393aa5b0e2c7cb6cda62e47b36
5977b2e4d7be0dd1abd1c3788ef955bc2fc5c4619b836e7ccc5f0a4b50a6cb46

HTTP Headers

GET /www.themoviedb.org/t/p/w1280/1TPzecXAb5uCqmscA6WaQqKMmvV.jpg HTTP/1.1
Host: i1.wp.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/webp
content-length: 76842
last-modified: Fri, 10 May 2024 18:46:38 GMT
expires: Mon, 11 May 2026 06:46:38 GMT
cache-control: public, max-age=63115200
link: <http://www.themoviedb.org/t/p/w1280/1TPzecXAb5uCqmscA6WaQqKMmvV.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "c95ae3e376d2c485"
vary: Accept
x-nc: MISS arn 7
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2

flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js

172.240.253.132

200 OK

12 kB

URL GET HTTP/1.1
flawerosion.com/d2b747987612e7f594f92285b3e4e4f3/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectflawerosion.com
Fingerprint15:29:86:F1:77:14:F8:B2:4C:FC:94:E1:E4:04:9B:FF:07:C5:F9:E7
ValiditySat, 27 Apr 2024 06:54:38 GMT - Fri, 26 Jul 2024 06:54:37 GMT

File type
JavaScript source, ASCII text, with very long lines (31310), with no line terminators
Size
12 kB (11835 bytes)
Hash
f1febfd95fbd2ae32c94ec33cb5285cf
d1bc16b9f43c57c07f8be749b489cb68621b220c
edb3411eb2f12ebdb232509b4ec7df784e54e0e2085f972acd95eca0fe80c794

HTTP Headers

GET /d2b747987612e7f594f92285b3e4e4f3/invoke.js HTTP/1.1
Host: flawerosion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 6acedaf86b62e6b185c04083ff5c3374
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js

172.240.253.132

200 OK

12 kB

URL GET HTTP/1.1
flawerosion.com/2326ee323678b68aae8836941e20a70e/invoke.js
IP
172.240.253.132:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectflawerosion.com
Fingerprint15:29:86:F1:77:14:F8:B2:4C:FC:94:E1:E4:04:9B:FF:07:C5:F9:E7
ValiditySat, 27 Apr 2024 06:54:38 GMT - Fri, 26 Jul 2024 06:54:37 GMT

File type
JavaScript source, ASCII text, with very long lines (31313), with no line terminators
Size
12 kB (11843 bytes)
Hash
19eeb233138220007606d40f8012a6e8
4ede35aae1cc608c3cafeb2b79bdb7c4ce632e32
ee3e512e414b8ee0d7da19dd851fa27930c65b293224feab7b9a911c03d13fc6

HTTP Headers

GET /2326ee323678b68aae8836941e20a70e/invoke.js HTTP/1.1
Host: flawerosion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4c8b142746df507cee7463ac4aee6dfe
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.r2m03.amazontrust.com/

143.204.53.97

471 B

URL
ocsp.r2m03.amazontrust.com/
IP
143.204.53.97:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
f7a3aabaedd5c95463e85c2d7682d410
715b2bd7dd959bb3423d71b22c43302b7a18a3a5
55ab8ca84eb2c090ff2a4eb9ebc48ce053c3f38261d66bded94f03719a384335

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Fri, 10 May 2024 18:46:39 GMT
Last-Modified: Fri, 10 May 2024 17:30:45 GMT
Server: ECAcc (ska/F790)
X-Cache: Miss from cloudfront
Via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iu1o3Asd9GwpnPR2iNdYfBbMCU-CqGnYEwKGvBdW22ZnidHg2tx-4Q==
Age: 4554

proftrafficcounter.com/stats

3.124.83.201

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.83.201:443
ASN
#16509 AMAZON-02

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f0fb87e46fa65ade6a3d4941a132b2e6
99968fdfdbdd23a71738a58744ceefeea245bab6
4142f5e3070316eed97d0930dd5bd779f1d38bc8f1962a5a2e1f9c7fb28de3b6

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cuevana-3.lat
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d8e00e17-d15a-4020-a303-8ebae0a3a5da:1:1; expires=Mon, 08 May 2034 18:46:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

3.124.83.201

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
3.124.83.201:443
ASN
#16509 AMAZON-02

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
8314c23850162c8fa918ff745e590eae
4e68335d090f02b9f2fcf6cd5c93c2a73f8ea203
45740307c420b8975bc0da4a30a97042ac7306e82f00c6779d07f80404ef984b

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:39 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://cuevana-3.lat
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; expires=Mon, 08 May 2034 18:46:39 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

cuevana-3.lat/icon/lazyload.gif

172.67.211.190

200 OK

53 B

URL GET HTTP/3
cuevana-3.lat/icon/lazyload.gif
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
GIF image data, version 89a, 1 x 1
Size
53 B (53 bytes)
Hash
26206732aca5e92d398cfaffe3cf4162
d8a13bfed35405dcfaced74c3d0a46e705f461a2
1eddc73cd37d151291adc510a4a547c4b0248b5bf7d368fcf4b73840a75b819a

HTTP Headers

GET /icon/lazyload.gif HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:39 GMT
content-type: image/gif
content-length: 53
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "35-63107d29-9e7ed9;;;"
last-modified: Thu, 01 Sep 2022 09:36:41 GMT
cf-cache-status: HIT
age: 1159
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPxYMrJWXDxm2jVXj0xcuJ6yiKY%2FxOxL94zEWA8TBPphdpkn3FryM8p4ATeUAhl%2FP0hnco%2FFNa2m%2F%2B%2FoBM%2BU6aFYUS5a03wiJh7mCn7s2Zvk4zuLByIAQ1321K6Bj8je"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17e199a4569c-OSL
alt-svc: h3=":443"; ma=86400

bleachimpartialtrusted.com/watch.1511592188316.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1

192.243.59.20

307 Temporary Redirect

0 B

URL GET HTTP/1.1
bleachimpartialtrusted.com/watch.1511592188316.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectbleachimpartialtrusted.com
Fingerprint13:E9:1E:BA:56:EE:4E:57:E9:B4:0D:01:06:CD:11:31:C2:0B:D6:B9
ValidityMon, 06 May 2024 08:04:15 GMT - Sun, 04 Aug 2024 08:04:14 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1511592188316.js?key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1 HTTP/1.1
Host: bleachimpartialtrusted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Location: https://bleachimpartialtrusted.com/watch.1511592188316.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=e38d5d786018d331606b2a9ec24c466677dcd0b2c5f98b3e2df2be9cba3990d0aa0cc9e5fae8c1b19832394d5c185db9e89feb2809a467848e0eea419d3b0bdc84c5db2a47cbfc0cce2603445a70e0bf2292e9f262f1a83e62bdd064ab4a&tz=0&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1
Set-Cookie: u_pl=22697752; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5Nzc1MiwiayI6ImQyYjc0Nzk4NzYxMmU3ZjU5NGY5MjI4NWIzZTRlNGYzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ3hlNHl0YXEiLCJjcGtzIjp7IjI5IjoiYzM3YjRmZjNhZjYxYjUxMDA4ZGM5NmZhMDdkYzY4YTQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VldmFuYS0zLmxhdC9wZWxpY3VsYS9uby1tYW5jaGVzLWZyaWRhLTItMTU1NDU5NlovIiwiYXIiOltdfX0.yWNvAR4G3EcrMxgnNz3Lz0dMrTCkFa_xyjrbYhesEKI; expires=Fri, 10 May 2024 18:47:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: b70b0c77728d12a09f141fa382497ef2
Strict-Transport-Security: max-age=0; includeSubdomains

cuevana-3.lat/icon/apple-touch-icon.png

172.67.211.190

200 OK

3.9 kB

URL GET HTTP/3
cuevana-3.lat/icon/apple-touch-icon.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
3.9 kB (3922 bytes)
Hash
d11ad25d125c2b1469ff3bcc0cf2b0a9
9eb034e0e54ce024361142bd77001b468430c8b9
aba51d5d8ffbdecc8e84b98efa0c837b39daa2d539143bc185c25267f4bc6c2f

HTTP Headers

GET /icon/apple-touch-icon.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk; dom3ic8zudi28v8lr6fgphwffqoz0j6c=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:40 GMT
content-type: image/png
content-length: 3922
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:06:05 GMT
etag: "f52-638b6090-9e7ee1;;;"
last-modified: Sat, 03 Dec 2022 14:43:28 GMT
cf-cache-status: HIT
age: 3740
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y%2Ba%2B45ToV51nO7h6mzgRjsqZguG%2FD3k6KFnrQ0f2uhDFYRMHrEJtP14RYLZ8L%2FnQYfEn%2FRBKZaAFl2c0%2F4BnjAHUlJLMuEybr6lvceKeQpRVtd9NLt8pWbjtKPjGl%2Fw5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17e46eb8569c-OSL
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/icon/favicon-16x16.png

172.67.211.190

200 OK

1.3 kB

URL GET HTTP/3
cuevana-3.lat/icon/favicon-16x16.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
1.3 kB (1277 bytes)
Hash
c58458466daf98b34a86777d4935b440
a01cfcf9f7c9a121f0672c2c4be28904d766efb8
bbcb75f4fd63059bf6ce95d11cce349bd457fbbb75ec617bcdc83304b103bb18

HTTP Headers

GET /icon/favicon-16x16.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk; dom3ic8zudi28v8lr6fgphwffqoz0j6c=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:40 GMT
content-type: image/png
content-length: 1277
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:51 GMT
etag: "4fd-638b62f8-9e7edd;;;"
last-modified: Sat, 03 Dec 2022 14:53:44 GMT
cf-cache-status: HIT
age: 6560
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w7bqfXNs%2BMrlk9eFVgKuJgxkeOJYhDFRQ98xokzsb0hN3kprZ3JAbSTZced5HvZpZeNZxizViX3wKPwUnPEWxQbZX55jmgEvMEqy6C4dIeETpIGIn7fYCNgB8iq2ozVV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17e46ebc569c-OSL
alt-svc: h3=":443"; ma=86400

exasperationincorporate.com/watch.1077512077221.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1

172.240.108.84

307 Temporary Redirect

0 B

URL GET HTTP/1.1
exasperationincorporate.com/watch.1077512077221.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectexasperationincorporate.com
Fingerprint29:93:4B:D4:EC:F4:64:10:C0:DD:6E:12:94:2B:33:D7:71:A6:AC:23
ValidityMon, 06 May 2024 08:00:27 GMT - Sun, 04 Aug 2024 08:00:26 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1077512077221.js?key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&tz=0&dev=e&res=14.2071&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1 HTTP/1.1
Host: exasperationincorporate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Location: https://exasperationincorporate.com/watch.1077512077221.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=a04dc25ebb4a442eaaca380c87613156651cb3929719a21fb2b8c34170e0230e1da2a4f305163422cd697d87ae690937c54fd9322bd33899c72a09baa6bcd8cb3e12d681520eab7d1bc5ad07bee69620ac5bfe55d34af64542f42b364ea3&tz=0&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
Set-Cookie: u_pl=22697731; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5NzczMSwiayI6IjIzMjZlZTMyMzY3OGI2OGFhZTg4MzY5NDFlMjBhNzBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoidXA2Y3BiY2ptIiwiY3BrcyI6eyIyOCI6IjEwYWViMjY3NzQ2YjllYTYyMjllMTIyMzM4MzI0N2NiIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1ZXZhbmEtMy5sYXQvcGVsaWN1bGEvbm8tbWFuY2hlcy1mcmlkYS0yLTE1NTQ1OTZaLyIsImFyIjpbXX19.1X4lGm-Q8OhZzLpQ8UF06zlGRUBGcBq182xz7u40PIU; expires=Fri, 10 May 2024 18:47:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4ee7f3ec2467cc619852e52b82bbbaff
Strict-Transport-Security: max-age=0; includeSubdomains

bleachimpartialtrusted.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js

192.243.59.20

200 OK

16 kB

URL GET HTTP/1.1
bleachimpartialtrusted.com/c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectbleachimpartialtrusted.com
Fingerprint13:E9:1E:BA:56:EE:4E:57:E9:B4:0D:01:06:CD:11:31:C2:0B:D6:B9
ValidityMon, 06 May 2024 08:04:15 GMT - Sun, 04 Aug 2024 08:04:14 GMT

File type
JavaScript source, ASCII text, with very long lines (44098), with no line terminators
Size
16 kB (15812 bytes)
Hash
a22889504871d64754a14f9e4e7b7f91
a020712a217d73e9a15264dd540b988066fc1fad
38d9944a17dbe3fad163a0d42bb0c20d21cb81abdfb7f6eb1413b4ffa31e67f5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c3/7b/4f/c37b4ff3af61b51008dc96fa07dc68a4.js HTTP/1.1
Host: bleachimpartialtrusted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:39 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: fbd014719e3cdb6542e8c066f9e84c17
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

exasperationincorporate.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js

172.240.108.84

200 OK

30 kB

URL GET HTTP/1.1
exasperationincorporate.com/10/ae/b2/10aeb267746b9ea6229e1223383247cb.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectexasperationincorporate.com
Fingerprint29:93:4B:D4:EC:F4:64:10:C0:DD:6E:12:94:2B:33:D7:71:A6:AC:23
ValidityMon, 06 May 2024 08:00:27 GMT - Sun, 04 Aug 2024 08:00:26 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
30 kB (30379 bytes)
Hash
0306e3f600911b20a2034626cdabb60a
18128fdceb6958fdb376916a299edb7d97b5657e
a67f73bb5d300e6d273228e51eba550a26f4b2fb00918a8178bf3a529eaaf44f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /10/ae/b2/10aeb267746b9ea6229e1223383247cb.js HTTP/1.1
Host: exasperationincorporate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6002a78f571b051365e0ff1525dcf31
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

bleachimpartialtrusted.com/watch.1511592188316.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=e38d5d786018d331606b2a9ec24c466677dcd0b2c5f98b3e2df2be9cba3990d0aa0cc9e5fae8c1b19832394d5c185db9e89feb2809a467848e0eea419d3b0bdc84c5db2a47cbfc0cce2603445a70e0bf2292e9f262f1a83e62bdd064ab4a&tz=0&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1

192.243.59.20

200 OK

2.1 kB

URL GET HTTP/1.1
bleachimpartialtrusted.com/watch.1511592188316.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=e38d5d786018d331606b2a9ec24c466677dcd0b2c5f98b3e2df2be9cba3990d0aa0cc9e5fae8c1b19832394d5c185db9e89feb2809a467848e0eea419d3b0bdc84c5db2a47cbfc0cce2603445a70e0bf2292e9f262f1a83e62bdd064ab4a&tz=0&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectbleachimpartialtrusted.com
Fingerprint13:E9:1E:BA:56:EE:4E:57:E9:B4:0D:01:06:CD:11:31:C2:0B:D6:B9
ValidityMon, 06 May 2024 08:04:15 GMT - Sun, 04 Aug 2024 08:04:14 GMT

File type
JavaScript source, ASCII text, with very long lines (2663)
Size
2.1 kB (2111 bytes)
Hash
b89c61778904e8b586a6ce809085d7cc
995ac91833f9a5c4e9de1431755adb20e075ed8b
e3add182fd4033e6b4a113b4c025cb9b49d426f42b2d95c872949e9c43d360ac

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1511592188316.js?dev=e&key=d2b747987612e7f594f92285b3e4e4f3&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=e38d5d786018d331606b2a9ec24c466677dcd0b2c5f98b3e2df2be9cba3990d0aa0cc9e5fae8c1b19832394d5c185db9e89feb2809a467848e0eea419d3b0bdc84c5db2a47cbfc0cce2603445a70e0bf2292e9f262f1a83e62bdd064ab4a&tz=0&uuid=d8e00e17-d15a-4020-a303-8ebae0a3a5da%3A1%3A1 HTTP/1.1
Host: bleachimpartialtrusted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
Referer: https://cuevana-3.lat/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22697752; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5Nzc1MiwiayI6ImQyYjc0Nzk4NzYxMmU3ZjU5NGY5MjI4NWIzZTRlNGYzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiZ3hlNHl0YXEiLCJjcGtzIjp7IjI5IjoiYzM3YjRmZjNhZjYxYjUxMDA4ZGM5NmZhMDdkYzY4YTQifSwidCI6MX0sInUiOnsidSI6MSwiYXUiOjEsImQiOnsiaWQiOjc5OTU0MTk2LCJpZHMiOiIiLCJpYyI6ZmFsc2UsIm4iOiJEZXNrdG9wLEVtdWxhdG9yIiwidiI6IlVua25vd24iLCJtIjoiVW5rbm93biIsImYiOjEsImZuIjoiRGVza3RvcCIsIm9pZCI6MTgxMTAsIm9uIjoiTGludXgiLCJvdiI6IlVua25vd24iLCJiaWQiOjExNjY3MCwiYm4iOiJGaXJlZm94IiwiYnYiOiI5Ni4wIiwid3YiOmZhbHNlLCJlIjp0cnVlLCJhYiI6ZmFsc2V9LCJjIjp7ImlkIjoxNjIsImMiOiJOTyIsIm4iOiJOb3J3YXkifSwiYSI6ZmFsc2UsImNyIjp7Im4iOiJCbGl4IFNvbHV0aW9ucyJ9LCJ4ZiI6IiIsIml4ZiI6ZmFsc2UsImlneGYiOmZhbHNlLCJ1cCI6dHJ1ZSwiciI6Imh0dHBzOi8vY3VldmFuYS0zLmxhdC9wZWxpY3VsYS9uby1tYW5jaGVzLWZyaWRhLTItMTU1NDU5NlovIiwiYXIiOltdfX0.yWNvAR4G3EcrMxgnNz3Lz0dMrTCkFa_xyjrbYhesEKI
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d8e00e17-d15a-4020-a303-8ebae0a3a5da:1:1; expires=Fri, 17 May 2024 18:46:40 GMT; secure; SameSite=None
iprc5ecf880de044b0b5a0081a17f327acda=3570421; expires=Fri, 10 May 2024 22:46:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
pdhtkv32=true; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
uncs32=1; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 649688f97e4b4b6de66e3fcee057ca0b
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

exasperationincorporate.com/watch.1077512077221.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=a04dc25ebb4a442eaaca380c87613156651cb3929719a21fb2b8c34170e0230e1da2a4f305163422cd697d87ae690937c54fd9322bd33899c72a09baa6bcd8cb3e12d681520eab7d1bc5ad07bee69620ac5bfe55d34af64542f42b364ea3&tz=0&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1

172.240.108.84

200 OK

2.0 kB

URL GET HTTP/1.1
exasperationincorporate.com/watch.1077512077221.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=a04dc25ebb4a442eaaca380c87613156651cb3929719a21fb2b8c34170e0230e1da2a4f305163422cd697d87ae690937c54fd9322bd33899c72a09baa6bcd8cb3e12d681520eab7d1bc5ad07bee69620ac5bfe55d34af64542f42b364ea3&tz=0&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectexasperationincorporate.com
Fingerprint29:93:4B:D4:EC:F4:64:10:C0:DD:6E:12:94:2B:33:D7:71:A6:AC:23
ValidityMon, 06 May 2024 08:00:27 GMT - Sun, 04 Aug 2024 08:00:26 GMT

File type
JavaScript source, ASCII text, with very long lines (2532)
Size
2.0 kB (2049 bytes)
Hash
9c936386552b598c5af0e1b327110911
9300da59b2827a7ae70a69dcf16f78990668bd76
eafa9b61938a00c38227c89b6abeb8c2b828c5fde508748834913b84c143b8f8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /watch.1077512077221.js?dev=e&key=2326ee323678b68aae8836941e20a70e&kw=%5B%22ver%22%2C%22no%22%2C%22manches%22%2C%22frida%22%2C%222%22%2C%222019%22%2C%22online%22%2C%22en%22%2C%22espa%C3%B1ol%22%2C%22y%22%2C%22latino%22%2C%22-%22%2C%22cuevana%22%2C%223%22%5D&pst=1715366860&refer=https%3A%2F%2Fcuevana-3.lat%2Fpelicula%2Fno-manches-frida-2-1554596Z%2F&res=14.2071&rmtc=t&shu=a04dc25ebb4a442eaaca380c87613156651cb3929719a21fb2b8c34170e0230e1da2a4f305163422cd697d87ae690937c54fd9322bd33899c72a09baa6bcd8cb3e12d681520eab7d1bc5ad07bee69620ac5bfe55d34af64542f42b364ea3&tz=0&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1 HTTP/1.1
Host: exasperationincorporate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
Referer: https://cuevana-3.lat/
DNT: 1
Connection: keep-alive
Cookie: u_pl=22697731; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyMjY5NzczMSwiayI6IjIzMjZlZTMyMzY3OGI2OGFhZTg4MzY5NDFlMjBhNzBlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjozNjY2MjcxLCJwaWQiOjEzNTM5ODUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoidXA2Y3BiY2ptIiwiY3BrcyI6eyIyOCI6IjEwYWViMjY3NzQ2YjllYTYyMjllMTIyMzM4MzI0N2NiIn0sInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL2N1ZXZhbmEtMy5sYXQvcGVsaWN1bGEvbm8tbWFuY2hlcy1mcmlkYS0yLTE1NTQ1OTZaLyIsImFyIjpbXX19.1X4lGm-Q8OhZzLpQ8UF06zlGRUBGcBq182xz7u40PIU
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; expires=Fri, 17 May 2024 18:46:40 GMT; secure; SameSite=None
iprca6c3661ec154cd3d733a13b113bc97ec=5191640; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
pdhtkv23=true; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
uncs23=1; expires=Sat, 11 May 2024 18:46:40 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d6beb985486b8bb1e8a563e59422decb
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

customarydesolate.com/pixel/purst?dl=0&th=0&sc=0&rs=4099&rd=4099&fd=715&bv=24.5.6485&tmpl=136

172.240.127.234

200 OK

0 B

URL GET HTTP/1.1
customarydesolate.com/pixel/purst?dl=0&th=0&sc=0&rs=4099&rd=4099&fd=715&bv=24.5.6485&tmpl=136
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectcustomarydesolate.com
Fingerprint00:D2:0D:86:8E:FB:C8:79:46:C6:0E:E5:71:C7:50:AC:0E:C1:D1:F8
ValidityMon, 06 May 2024 08:18:02 GMT - Sun, 04 Aug 2024 08:18:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=4099&rd=4099&fd=715&bv=24.5.6485&tmpl=136 HTTP/1.1
Host: customarydesolate.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Fri, 10 May 2024 18:46:40 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.cloudimagesb.com/cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg

45.133.44.10

200 OK

64 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 728x90, components 3
Size
64 kB (63639 bytes)
Hash
c416d00adf54f22a0a7059110288f1ba
041feade34f9021e60d153b9d82d3d2c5ac8c945
3d5e90fa0e3b161d4b31e354eefebe2e01913b4510ef7975a88be2a39a711d93

HTTP Headers

GET /cti/4d/d9/00/4dd9001a8b835337ba6f030efe1c7f96/1711621579.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:41 GMT
content-type: image/jpeg
content-length: 63639
server: nginx/1.21.6
last-modified: Thu, 28 Mar 2024 10:26:28 GMT
etag: "660545d4-f897"
expires: Sun, 12 May 2024 18:46:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg

45.133.44.10

200 OK

25 kB

URL GET HTTP/2
cdn.cloudimagesb.com/cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg
IP
45.133.44.10:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
FingerprintC6:F3:21:F0:21:7D:7E:96:0F:E8:46:7A:5E:C5:3F:D1:52:B0:67:B0
ValidityFri, 22 Mar 2024 03:01:35 GMT - Thu, 20 Jun 2024 03:01:34 GMT

File type
JPEG image data, baseline, precision 8, 320x50, components 3
Size
25 kB (24714 bytes)
Hash
d465d02b90e928dfd9d9846e102a9dac
22f7333777bec813bd9a7b870913a2b79b6d2fe4
e393d4f1c6b5d4973e157f0f10764b92037dc18239500f42b72bed8ecef462fd

HTTP Headers

GET /cti/43/ff/51/43ff51c07da75eaedd548042d5154cfe/1658930770.jpg HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:41 GMT
content-type: image/jpeg
content-length: 24714
server: nginx/1.21.6
last-modified: Wed, 27 Jul 2022 14:06:18 GMT
etag: "62e1465a-608a"
expires: Sun, 12 May 2024 18:46:41 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

unseenreport.com/pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=c37b4ff3af61b51008dc96fa07dc68a4&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 86aae8334d4448d0ccdf6351ffa9a0c2
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18

192.243.59.12

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
Fingerprint71:46:15:FD:76:6A:F5:5B:51:06:CC:93:DD:D8:63:E3:8B:10:BF:13
ValidityFri, 22 Mar 2024 07:32:41 GMT - Thu, 20 Jun 2024 07:32:40 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=551bf68c-2286-4a84-a644-060460c325e8&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=10aeb267746b9ea6229e1223383247cb&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=18 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:41 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: aecca9593779390c7a098f566e24c19c
Strict-Transport-Security: max-age=0; includeSubdomains

disclosestockingsprestigious.com/sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1

192.243.59.12

200 OK

7.9 kB

URL GET HTTP/1.1
disclosestockingsprestigious.com/sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type
JSON text data
Size
7.9 kB (7862 bytes)
Hash
434bec5b8648ee55bfb6b2339918b40b
647878e12a5ff068932e311761493be72138e389
543d7baab35338ae2506a516d8e46f3129837f75257f4c35bfa37fae0fb770da

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=c37b4ff3af61b51008dc96fa07dc68a4&uuid=551bf68c-2286-4a84-a644-060460c325e8%3A3%3A1 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://cuevana-3.lat
Access-Control-Allow-Origin: https://cuevana-3.lat
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=22850642; expires=Sat, 11 May 2024 18:46:47 GMT; secure; SameSite=None
uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; expires=Fri, 17 May 2024 18:46:47 GMT; secure; SameSite=None
pdhtkv=true; expires=Sat, 11 May 2024 18:46:48 GMT; secure; SameSite=None
uncs=1; expires=Sat, 11 May 2024 18:46:48 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sat, 11 May 2024 18:46:48 GMT; secure; SameSite=None
uncs29=1; expires=Sat, 11 May 2024 18:46:48 GMT; secure; SameSite=None
slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]; expires=Fri, 10 May 2024 18:46:53 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 48bc4c578da66d0e35654f185ba683e6
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

disclosestockingsprestigious.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStnqwHURQlNxEGEVSS3e3u6emZMeBiTFYW12xMFAWDsbqqelJOdVdT1T092VMwIDmOguix980mIRqCXgWjzAQ8LIgZ8bCIe4t3EQNeRGZcsvgP9f%2Bv9wpevf8%2F2ir2iI%2BC7p54XW9Kpehyc8mtP%2F%2BO5x2rr8u0GNQH7fB8GByrm%2F6LnXDJfaH%2BqmA9vey7nut6rldflUbEerA8AyGzmx1vqeMuBf6S1wwwMP%2FvbeHAUge8v0eehOTThTvOYUg2Rpp8dULYXq6zoyeTQtFcG%2FT59bfSXqrLFMlBGRsHcXp9nw1t767ehk6vzuVC9x8QIzklzg%2B3EaXX90Ui6m%2FPdUYKIkXEH0HZH0OoMSQdg%2BnLkPwuARjHqQ2kybVT2pT04n8onaFTsnD%2FT8hyShZ%2BO4w0uXVcyUH9rFZFLnVqMYgryMEYsjtGVkyQb9YgywlY%2FiEk%2F5Es319HmmxvWKUh%2Be6zzaYXxWGbLfp%2BO1wMaDtYpGEQLLqhG4Qua%2FhN0Z4bJOUYMh5DiSGoPYTCOiikgyJ2UGQOEr5bZ57ntVzOqNvuMNbgLRGF3PVoK%2Fao54ZtFGz2hyHybAimhmDmEjJzCT358ZQ4Dx%2BBKb6HvVDB8hpsPiXOG5%2BizyuUgqC0BCUlKCVBmROU%2FeoqV9a31TWubBF5%2B9nfz41qpPPuFr2q865ICagZwvBqK9sjT8ycdM7dPIOe2K2zRisK4rhB49CLmp7rtjnrhDF1W5yFbRrAygrS1kCtg005Ja0%2FziOTU3L4hoOITmDVBEw6oMXToGUFeqHCZnqLFaJPU7rYWEp0JMF1hSxfQH7R2VJ75Kn5NDcuWwi2s%2FLP5JfnHqMTMFMhMxU%2BkHcIuurK6IwuyfYZXVry9UaWy0Ru0tmkz%2BY0Fw998Zq4WGrD107Y4Y2X2QyYlTffFDZfpymXadeSL49LzoVZ1YYJ8u2afVtEpwt74Xhh0iJbP%2F3K6lqSGWGt1OkYVN49%2BRmYnJLHvzs3X%2BGj796DNGOYokJS7JD9gNQTsOwSbLaz8teR2qNr37wHqwmMOuBEmYOyqEbGjw4ulSRQ4qCnUQUrdlZ%2B%2F%2FvXZ3669z4i8cCOkaGz11RWW%2FYKuqYGml9GmlTomwp9VYGqIWxxaJRnZmfl58Y8EKnaKFKmth0poz6Zmzw7DKzcrbcaDZeGnabXalHRigK%2FHYcep9QPQj8MaQO5ncYv9T7%2FFwAA%2F%2F8BAAD%2F%2F7AqzJWcBAAA

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStnqwHURQlNxEGEVSS3e3u6emZMeBiTFYW12xMFAWDsbqqelJOdVdT1T092VMwIDmOguix980mIRqCXgWjzAQ8LIgZ8bCIe4t3EQNeRGZcsvgP9f%2Bv9wpevf8%2F2ir2iI%2BC7p54XW9Kpehyc8mtP%2F%2BO5x2rr8u0GNQH7fB8GByrm%2F6LnXDJfaH%2BqmA9vey7nut6rldflUbEerA8AyGzmx1vqeMuBf6S1wwwMP%2FvbeHAUge8v0eehOTThTvOYUg2Rpp8dULYXq6zoyeTQtFcG%2FT59bfSXqrLFMlBGRsHcXp9nw1t767ehk6vzuVC9x8QIzklzg%2B3EaXX90Ui6m%2FPdUYKIkXEH0HZH0OoMSQdg%2BnLkPwuARjHqQ2kybVT2pT04n8onaFTsnD%2FT8hyShZ%2BO4w0uXVcyUH9rFZFLnVqMYgryMEYsjtGVkyQb9YgywlY%2FiEk%2F5Es319HmmxvWKUh%2Be6zzaYXxWGbLfp%2BO1wMaDtYpGEQLLqhG4Qua%2FhN0Z4bJOUYMh5DiSGoPYTCOiikgyJ2UGQOEr5bZ57ntVzOqNvuMNbgLRGF3PVoK%2Fao54ZtFGz2hyHybAimhmDmEjJzCT358ZQ4Dx%2BBKb6HvVDB8hpsPiXOG5%2BizyuUgqC0BCUlKCVBmROU%2FeoqV9a31TWubBF5%2B9nfz41qpPPuFr2q865ICagZwvBqK9sjT8ycdM7dPIOe2K2zRisK4rhB49CLmp7rtjnrhDF1W5yFbRrAygrS1kCtg005Ja0%2FziOTU3L4hoOITmDVBEw6oMXToGUFeqHCZnqLFaJPU7rYWEp0JMF1hSxfQH7R2VJ75Kn5NDcuWwi2s%2FLP5JfnHqMTMFMhMxU%2BkHcIuurK6IwuyfYZXVry9UaWy0Ru0tmkz%2BY0Fw998Zq4WGrD107Y4Y2X2QyYlTffFDZfpymXadeSL49LzoVZ1YYJ8u2afVtEpwt74Xhh0iJbP%2F3K6lqSGWGt1OkYVN49%2BRmYnJLHvzs3X%2BGj796DNGOYokJS7JD9gNQTsOwSbLaz8teR2qNr37wHqwmMOuBEmYOyqEbGjw4ulSRQ4qCnUQUrdlZ%2B%2F%2FvXZ3669z4i8cCOkaGz11RWW%2FYKuqYGml9GmlTomwp9VYGqIWxxaJRnZmfl58Y8EKnaKFKmth0poz6Zmzw7DKzcrbcaDZeGnabXalHRigK%2FHYcep9QPQj8MaQO5ncYv9T7%2FFwAA%2F%2F8BAAD%2F%2F7AqzJWcBAAA
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRRStnqwHURQlNxEGEVSS3e3u6emZMeBiTFYW12xMFAWDsbqqelJOdVdT1T092VMwIDmOguix980mIRqCXgWjzAQ8LIgZ8bCIe4t3EQNeRGZcsvgP9f%2Bv9wpevf8%2F2ir2iI%2BC7p54XW9Kpehyc8mtP%2F%2BO5x2rr8u0GNQH7fB8GByrm%2F6LnXDJfaH%2BqmA9vey7nut6rldflUbEerA8AyGzmx1vqeMuBf6S1wwwMP%2FvbeHAUge8v0eehOTThTvOYUg2Rpp8dULYXq6zoyeTQtFcG%2FT59bfSXqrLFMlBGRsHcXp9nw1t767ehk6vzuVC9x8QIzklzg%2B3EaXX90Ui6m%2FPdUYKIkXEH0HZH0OoMSQdg%2BnLkPwuARjHqQ2kybVT2pT04n8onaFTsnD%2FT8hyShZ%2BO4w0uXVcyUH9rFZFLnVqMYgryMEYsjtGVkyQb9YgywlY%2FiEk%2F5Es319HmmxvWKUh%2Be6zzaYXxWGbLfp%2BO1wMaDtYpGEQLLqhG4Qua%2FhN0Z4bJOUYMh5DiSGoPYTCOiikgyJ2UGQOEr5bZ57ntVzOqNvuMNbgLRGF3PVoK%2Fao54ZtFGz2hyHybAimhmDmEjJzCT358ZQ4Dx%2BBKb6HvVDB8hpsPiXOG5%2BizyuUgqC0BCUlKCVBmROU%2FeoqV9a31TWubBF5%2B9nfz41qpPPuFr2q865ICagZwvBqK9sjT8ycdM7dPIOe2K2zRisK4rhB49CLmp7rtjnrhDF1W5yFbRrAygrS1kCtg005Ja0%2FziOTU3L4hoOITmDVBEw6oMXToGUFeqHCZnqLFaJPU7rYWEp0JMF1hSxfQH7R2VJ75Kn5NDcuWwi2s%2FLP5JfnHqMTMFMhMxU%2BkHcIuurK6IwuyfYZXVry9UaWy0Ru0tmkz%2BY0Fw998Zq4WGrD107Y4Y2X2QyYlTffFDZfpymXadeSL49LzoVZ1YYJ8u2afVtEpwt74Xhh0iJbP%2F3K6lqSGWGt1OkYVN49%2BRmYnJLHvzs3X%2BGj796DNGOYokJS7JD9gNQTsOwSbLaz8teR2qNr37wHqwmMOuBEmYOyqEbGjw4ulSRQ4qCnUQUrdlZ%2B%2F%2FvXZ3669z4i8cCOkaGz11RWW%2FYKuqYGml9GmlTomwp9VYGqIWxxaJRnZmfl58Y8EKnaKFKmth0poz6Zmzw7DKzcrbcaDZeGnabXalHRigK%2FHYcep9QPQj8MaQO5ncYv9T7%2FFwAA%2F%2F8BAAD%2F%2F7AqzJWcBAAA HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c24b1f7fbb8549c4a9a52cdd71e0379b
Strict-Transport-Security: max-age=0; includeSubdomains

disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=83

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=83
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.yourwebbars.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Findex.html&l=1444&fd=83 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif

188.114.96.1

200 OK

206 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/confetti.gif
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
GIF image data, version 89a, 480 x 360
Size
206 kB (206291 bytes)
Hash
0b33face774f2203446507ce5f075538
1dd3522529bce7739df0687f47f5bc84356698a0
ac345899461d5634d25c47281b10e3c1886abb33019e2ce8140573a79e9f52f2

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/confetti.gif HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: image/gif
content-length: 206291
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-325d3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864435
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7iMg5wC9Zaq8aDGL239l%2BepIJiouuMWMmNeU9uND1M51a5KqT5pmzVOZPAVUmOALvRCkFBUrSzMTxZKxktE7E8mTPEntM31Iub98JTRrg9oa9P6WXE%2BDZza3Tk3U%2FsrwrN3WOCxXkuyM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c18192a3756c6-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4

188.114.96.1

206 Partial Content

34 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ISO Media, MP4 Base Media v1 [ISO 14496-12:2003]
Size
34 kB (34238 bytes)
Hash
69e52ff16a779d8ab66a1156cc50ab23
27f8897a2acc3bcfd319c267d137aaa4650fb3c5
2048e8325f6d17e0fefb2226c4191a9e300c562f2bc46543ac616d49ff971d61

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/bonus-stars-6593305-5446274.mp4 HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Accept-Encoding: identity
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 206 Partial Content
date: Fri, 10 May 2024 18:46:48 GMT
content-type: video/mp4
content-length: 34238
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: "65aa8644-85be"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 864426
content-range: bytes 0-34237/34238
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jDzUQ9RDGYjSufSH6NsixKUFDUuTvhsl1yCoqV8XYmf8V6K7iIANicM1ETN%2B3tFrYvt%2BLtX2mFu7QRpD5ozlsBAJqP%2BkmMceWXraOXCdZ98OJRN4TfajDBWhBWgqi0e8VqEcKnAuNTeT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c18194a7956c6-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css

188.114.96.1

200 OK

4.9 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/animate.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text
Size
4.9 kB (4863 bytes)
Hash
49a38187f94418e173e4bcc50c96dc4b
b64e899d0c6bbb13e6f63e191b77b3eb5e5a6293
92db03d6a48c8756e15b1b2ffb9d1ea5aae5e2d9a706b630f93f73e3debbb3b0

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-13365"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 37151
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A4I%2B5j7Uhb3CBfYvDb1C3%2FpN8TZeEM0S3oKwKiIRHQ05gm72CY5cDwGcNrTBovFXV79qmPWXzGFtkffmr%2FCh0j7oSRXHuFMHIbezcrEytTqY1MxD40h4sumYoEYRFmwSq4QrC4yTf3ge"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c181858961bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js

188.114.96.1

200 OK

3.7 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/js/script.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
Unicode text, UTF-8 text
Size
3.7 kB (3748 bytes)
Hash
d943b190d575fbacd2190a6c68ac5414
612abd865a7368e2af9f36be39ea79d3fac0bd15
78dfd0ad0dde93524dbca9e6e500bac9027b762e1d8d0b94574b75a654704ff8

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: application/javascript
last-modified: Tue, 20 Feb 2024 10:37:31 GMT
etag: W/"65d480eb-24fa"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 67806
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sr%2BecYikiMT%2B7fgItJ%2Feg5Ev63Zr6PD9JNhjvPNNEy4nYSNOWuMutw3NkCKYVVfjXLx4cWtui8Ev1eAqAVRNExxzpx5SqfNxVC6C4V5qupwpq5Obtv%2BIL%2B7hUysYmDZIOJENw6fyqfQq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c181868a51bfe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

disclosestockingsprestigious.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURQlNxEGEVSS3e2e6emZNeBiTFYW12xMFAWDsf56U051V1PVPT3ZUzAgOY6C6LH3m01CNAS9CkaZCXhYEDPiYRH3Fu8iBryIzLhk8R3qvVffV%2FDV995HW8UeaaCguydeN5tKa7rYWvDrz78TBMfqayot%2BvV%2BJzofhcfqtvfiUrTgv1B%2FVfKuWWz4ge8HflBfUVbGpr84BaGym0vBwpK%2FEDYWglaIvv1%2F7woPjnoQvT3yJJSYzN3xDkPxEdLkqxPSdXOTHT2ZFJrmxqInrr%2BVdlNTpkgOyth6iNPr%2B2wYd3flNkx6dSYXpveAyNSEeD%2FcBkuv74sE623PdDINmYKJR1D2RpB6BEVH4OYylLhLAC5wah1pcu2UsSW9%2BB9Kp%2BiEzN3%2FE6qckLnfDiNNbh3Xql8%2Fa3SRK5M69OMKqj%2BC2hghK8bIN2tQ5Rg8%2FxBK%2FEgW768hTbbXnTZQYvfZVitgcdTh841GJ5oPaSecp1EYzvuRH0Y%2BbzZasjMzSKkRVDyClgNQdwiF81AoD0Xsocg8JGK3zoMgaPuCU7%2BzxHlTtCWLhB%2FQdhzQwI86KPj0DwPk2QBcD8DtJWT2Errq4wnxHj4CW3wPd6GCEzW4fEK8Nz5FT1QoJUHpCEpKUCqCMicoe9VVoV3DVdeEdgUL9nNjPzerock3tuhVk2%2FIlIDaAayotrI98sTUSe%2FczTPoyt06b7ZZGMdNGkcBawW%2B3xF8KYqp3xY86tAQTlVQrgbqPGyqCWn%2FcR6ZmpDDNzwwOobTY3DlgRZPg5YV6IUKm%2BktXsgeTel8cyExTEGYClk%2Bh%2Fyit6X3yFOzaa5fdpB8Z%2Fmf8S%2FPPUbH4LZCZit8oO4QbOgrwzOmJNtnTOnI1%2BtZrhK1SaeTPpvTXD70xWvyYmmsWD3hBjde5lNgWt58U7p8jaZCpRuOfHlcCSHtirFckm9X3duSnS7cheOFTYts7fQrK6tJZqVzyqQjUHX35GfgakIe%2F%2B7cbIWPvnsPyo5giwpJsUP2A8qMwbNLcNnO8l9Hao%2BufvMenCGw%2BoDDMg9lUQ1tgx1cakWg5UFPWQUnd5Z%2F%2F%2FvXZ3669z6YfGDH0NLpa6qqLXcFG7YGml9GmlTo2Qo9XYHqAVxxaJhndmf55%2BYswHRtyLStbTNt9Sczk6eHhVO79aYv2kzGss1k2ApjyQVrtZjPY86aotPhyN0kfqn7%2Bb8AAAD%2F%2FwEAAP%2F%2FMP4ZfZwEAAA%3D

192.243.59.12

200 OK

7 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURQlNxEGEVSS3e2e6emZNeBiTFYW12xMFAWDsf56U051V1PVPT3ZUzAgOY6C6LH3m01CNAS9CkaZCXhYEDPiYRH3Fu8iBryIzLhk8R3qvVffV%2FDV995HW8UeaaCguydeN5tKa7rYWvDrz78TBMfqayot%2BvV%2BJzofhcfqtvfiUrTgv1B%2FVfKuWWz4ge8HflBfUVbGpr84BaGym0vBwpK%2FEDYWglaIvv1%2F7woPjnoQvT3yJJSYzN3xDkPxEdLkqxPSdXOTHT2ZFJrmxqInrr%2BVdlNTpkgOyth6iNPr%2B2wYd3flNkx6dSYXpveAyNSEeD%2FcBkuv74sE623PdDINmYKJR1D2RpB6BEVH4OYylLhLAC5wah1pcu2UsSW9%2BB9Kp%2BiEzN3%2FE6qckLnfDiNNbh3Xql8%2Fa3SRK5M69OMKqj%2BC2hghK8bIN2tQ5Rg8%2FxBK%2FEgW768hTbbXnTZQYvfZVitgcdTh841GJ5oPaSecp1EYzvuRH0Y%2BbzZasjMzSKkRVDyClgNQdwiF81AoD0Xsocg8JGK3zoMgaPuCU7%2BzxHlTtCWLhB%2FQdhzQwI86KPj0DwPk2QBcD8DtJWT2Errq4wnxHj4CW3wPd6GCEzW4fEK8Nz5FT1QoJUHpCEpKUCqCMicoe9VVoV3DVdeEdgUL9nNjPzerock3tuhVk2%2FIlIDaAayotrI98sTUSe%2FczTPoyt06b7ZZGMdNGkcBawW%2B3xF8KYqp3xY86tAQTlVQrgbqPGyqCWn%2FcR6ZmpDDNzwwOobTY3DlgRZPg5YV6IUKm%2BktXsgeTel8cyExTEGYClk%2Bh%2Fyit6X3yFOzaa5fdpB8Z%2Fmf8S%2FPPUbH4LZCZit8oO4QbOgrwzOmJNtnTOnI1%2BtZrhK1SaeTPpvTXD70xWvyYmmsWD3hBjde5lNgWt58U7p8jaZCpRuOfHlcCSHtirFckm9X3duSnS7cheOFTYts7fQrK6tJZqVzyqQjUHX35GfgakIe%2F%2B7cbIWPvnsPyo5giwpJsUP2A8qMwbNLcNnO8l9Hao%2BufvMenCGw%2BoDDMg9lUQ1tgx1cakWg5UFPWQUnd5Z%2F%2F%2FvXZ3669z6YfGDH0NLpa6qqLXcFG7YGml9GmlTo2Qo9XYHqAVxxaJhndmf55%2BYswHRtyLStbTNt9Sczk6eHhVO79aYv2kzGss1k2ApjyQVrtZjPY86aotPhyN0kfqn7%2Bb8AAAD%2F%2FwEAAP%2F%2FMP4ZfZwEAAA%3D
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYgcRRSunqwHURQlNxEGEVSS3e2e6emZNeBiTFYW12xMFAWDsf56U051V1PVPT3ZUzAgOY6C6LH3m01CNAS9CkaZCXhYEDPiYRH3Fu8iBryIzLhk8R3qvVffV%2FDV995HW8UeaaCguydeN5tKa7rYWvDrz78TBMfqayot%2BvV%2BJzofhcfqtvfiUrTgv1B%2FVfKuWWz4ge8HflBfUVbGpr84BaGym0vBwpK%2FEDYWglaIvv1%2F7woPjnoQvT3yJJSYzN3xDkPxEdLkqxPSdXOTHT2ZFJrmxqInrr%2BVdlNTpkgOyth6iNPr%2B2wYd3flNkx6dSYXpveAyNSEeD%2FcBkuv74sE623PdDINmYKJR1D2RpB6BEVH4OYylLhLAC5wah1pcu2UsSW9%2BB9Kp%2BiEzN3%2FE6qckLnfDiNNbh3Xql8%2Fa3SRK5M69OMKqj%2BC2hghK8bIN2tQ5Rg8%2FxBK%2FEgW768hTbbXnTZQYvfZVitgcdTh841GJ5oPaSecp1EYzvuRH0Y%2BbzZasjMzSKkRVDyClgNQdwiF81AoD0Xsocg8JGK3zoMgaPuCU7%2BzxHlTtCWLhB%2FQdhzQwI86KPj0DwPk2QBcD8DtJWT2Errq4wnxHj4CW3wPd6GCEzW4fEK8Nz5FT1QoJUHpCEpKUCqCMicoe9VVoV3DVdeEdgUL9nNjPzerock3tuhVk2%2FIlIDaAayotrI98sTUSe%2FczTPoyt06b7ZZGMdNGkcBawW%2B3xF8KYqp3xY86tAQTlVQrgbqPGyqCWn%2FcR6ZmpDDNzwwOobTY3DlgRZPg5YV6IUKm%2BktXsgeTel8cyExTEGYClk%2Bh%2Fyit6X3yFOzaa5fdpB8Z%2Fmf8S%2FPPUbH4LZCZit8oO4QbOgrwzOmJNtnTOnI1%2BtZrhK1SaeTPpvTXD70xWvyYmmsWD3hBjde5lNgWt58U7p8jaZCpRuOfHlcCSHtirFckm9X3duSnS7cheOFTYts7fQrK6tJZqVzyqQjUHX35GfgakIe%2F%2B7cbIWPvnsPyo5giwpJsUP2A8qMwbNLcNnO8l9Hao%2BufvMenCGw%2BoDDMg9lUQ1tgx1cakWg5UFPWQUnd5Z%2F%2F%2FvXZ3669z6YfGDH0NLpa6qqLXcFG7YGml9GmlTo2Qo9XYHqAVxxaJhndmf55%2BYswHRtyLStbTNt9Sczk6eHhVO79aYv2kzGss1k2ApjyQVrtZjPY86aotPhyN0kfqn7%2Bb8AAAD%2F%2FwEAAP%2F%2FMP4ZfZwEAAA%3D HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 708d44d47c6561e6aafab081267eb40c
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 551891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html

104.26.7.19

200 OK

480 B

URL GET HTTP/2
cdn.yourwebbars.com/sb/notifications/gambling/default/android-btn/8/index.html
IP
104.26.7.19:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint84:82:6E:35:03:D4:C4:FC:BA:08:CD:C8:E6:A3:97:A9:20:2F:F5:49
ValiditySun, 23 Jul 2023 00:00:00 GMT - Mon, 22 Jul 2024 23:59:59 GMT

File type
HTML document, ASCII text
Size
480 B (480 bytes)
Hash
988cd00695890a395de736ef1f43180a
fc35045adb5a0bb89e9150574db517cffb44b0c9
100f83963832c14a85c4d7095f0279b0962b83ee6323481ece9b1b2b39515036

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/index.html HTTP/1.1
Host: cdn.yourwebbars.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 66614
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TzP2OdE0psFRmJ7Yu3wubJCIGFg7ExveRVriqG%2B6SH%2Bt5VzDE7sFtYI7iAQ%2F5Z0OiPoEeY19YEM8CeaSASePlogeo3qmcPYTeF1LKUawxhSn0qoUSJqbr1fpFyl4SPSqSwKT%2BlI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c18178ceb5684-OSL
content-encoding: br
X-Firefox-Spdy: h2

disclosestockingsprestigious.com/pixel/sbs?c=1

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/pixel/sbs?c=1
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 147109
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/

172.67.211.190

200 OK

65 kB

URL User Request GET HTTP/2
cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type

Size
65 kB (64919 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pelicula/no-manches-frida-2-1554596Z/ HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
set-cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wBUj6FCDCqhUnMn%2Fkm9XiV9smsym9VMwsbEbNHeKfl7Uev0wco3ZIKwjDLpNPBmlLN%2FtwWKNkpoIl2SGQZ8ynh33zuhUx8zH%2BhfsvEem8kq9cL9fPR0DiMuzbE7%2B6pMm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c17cfb8840b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuevana-3.lat/icon/english.png

172.67.211.190

200 OK

448 B

URL GET HTTP/3
cuevana-3.lat/icon/english.png
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
PNG image data, 16 x 16, 8-bit colormap, non-interlaced
Size
448 B (448 bytes)
Hash
8b904914d7955aa5f273bbcf1022ee06
77578061cb1da0bc8c4677745a30f335c629de46
4de58f794756044da3ad12af4e3146aff32a5bf6a9eeb618db00223a71b99f04

HTTP Headers

GET /icon/english.png HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: image/png
content-length: 448
cache-control: public, max-age=43200
expires: Fri, 10 May 2024 05:05:41 GMT
etag: "1c0-63107a22-9e7ede;;;"
last-modified: Thu, 01 Sep 2022 09:23:46 GMT
cf-cache-status: HIT
age: 3742
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pAOXM6dBFUJxTaYuwjNkOITXLcnaVngUqfFWyc4ljncFc%2BPZeV3GQd90k16eAOUzuuG2t3bHMf6cvaRDRkS%2BzZYCMWcHkKxpVifi3j9iwN8k6yxCwaaZP9Dclh2Ek%2BHE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17daaf70569c-OSL
alt-svc: h3=":443"; ma=86400

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 9380ef83c6fa8ef8b8819b7e4076090f
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 18:46:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMIDDTe9m4o4%2FuF8wotBzJy%2FIqphnGUikNpun4FyMnHDBDVvaTNvDqY4cS81XYlnEESYnvoRlu72hzu1OCFLwi6uD5%2BU6OEwmol9sni%2FVpcXrEmtYtJoTAWUxbrktdIyPeERiuP%2BX7huy51Mb%2FGXOg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17e5387556ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cuevana-3.lat/assets/js/global.js

172.67.211.190

200 OK

3.4 kB

URL GET HTTP/3
cuevana-3.lat/assets/js/global.js
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
JavaScript source, ASCII text, with very long lines (3482), with no line terminators
Size
3.4 kB (3414 bytes)
Hash
540b629c9aa3f4c13b0e968aeae3d226
9d340ef42b08d48326298eae0a1369b845b74f5a
aadf769d4d5067c1b6d50e1911d8ce411c9c3d310c948aa904f587f762942cfc

HTTP Headers

GET /assets/js/global.js HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: text/javascript
etag: W/"d56-63124b07-9e7ebd;br"
last-modified: Fri, 02 Sep 2022 18:27:19 GMT
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hf9dnUK0mI1v33pzeuqDJdYST1nRcnTdP7%2B7UPfXTDH2c3bztouBysSt9ggd2BV7OO9hZ0HaxrE2rqUq969xNZG9T0FibZxx0MBTELqYVja9n%2Bhr7tk3OIFQs%2FRH9aix"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c17daefdd569c-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

cuevana-3.lat/assets/js/sidebar.js

172.67.211.190

200 OK

243 B

URL GET HTTP/3
cuevana-3.lat/assets/js/sidebar.js
IP
172.67.211.190:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana-3.lat
Fingerprint0F:75:EF:D0:E1:DB:A3:E8:C8:FB:86:82:40:D2:C2:AD:B8:2F:6C:29
ValidityThu, 09 May 2024 14:53:53 GMT - Wed, 07 Aug 2024 14:53:52 GMT

File type
JavaScript source, ASCII text, with no line terminators
Size
243 B (243 bytes)
Hash
bd79c69138514ff300af02dfdaabc791
380df86e0652d840fcc1c89e525a13842c8b6c9d
e5bfce3c16b913bcfc8e1cfb5b197691f8749cc308ddf005a5cc9fdfb06c660a

HTTP Headers

GET /assets/js/sidebar.js HTTP/1.1
Host: cuevana-3.lat
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Cookie: PHPSESSID=brnhsb7vleejks0va3q76knluk
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:38 GMT
content-type: text/javascript
etag: "f3-63124c14-9e7ebe;gz"
last-modified: Fri, 02 Sep 2022 18:31:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: HIT
age: 3742
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MtNhmuuDqS2RV6i2N5TA4r3w5LAPMRdt0gHkbREg6SdG8k5OQV57XV5AA7mAkHoFrVDLN5PzP3Q74V8%2BW%2FUF%2Fwelb%2FK8csczpp6gGAoBuHt%2FbpEstyH1ydyq1tehK1Qb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 881c17daefde569c-OSL
alt-svc: h3=":443"; ma=86400

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg

188.114.96.1

200 OK

1.3 kB

URL GET HTTP/3
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/img/close.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
24937fd159a21f2e91207d5788e86c70
1b07e0334cc16c5cd659de56314bd2188e3a82f9
b38a482faa1471a520d231f954412ee0293b0401610af1392038be206dc51b8a

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 868792
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29nDopbe5eflp%2FSDzL9pSN56CQHpB20ZuMnomOjuAlmobD0WFSkgUW1pcmg2gs4vEwIb%2FjxbLP6Vp%2BpvEB6XmXDXCa4L75zUt6l3WmMaUymF7mNvzvlDzrd7P2lshbyHzedbFIP9i1Xs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c18192a3356c6-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=63

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=63
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fjs%2Fscript.js&l=7986&fd=63 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=70

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=70
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fstyle.css&l=3348&fd=70 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css

188.114.96.1

200 OK

3.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/notifications/gambling/default/android-btn/8/css/style.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint3D:29:39:2C:F1:E5:C6:EF:54:F5:70:B5:CF:A8:C2:75:4D:89:72:13
ValidityMon, 15 Apr 2024 15:02:18 GMT - Sun, 14 Jul 2024 15:02:17 GMT

File type
ASCII text, with very long lines (3556), with no line terminators
Size
3.3 kB (3348 bytes)
Hash
5a37dc16b8eecffd5e7e805fee49218c
4187086691ead46033b8f2e76c4efdb611137949
436f451c35127aa88f59b29f7c8df41b3822dc16ada4d685fbeb537ecbbe914c

HTTP Headers

GET /sb/notifications/gambling/default/android-btn/8/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://cuevana-3.lat
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:48 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:25:08 GMT
etag: W/"65aa8644-d14"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: HIT
age: 67806
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HFeW%2FfKrPH6BWtHxnOEflHfZfK64studA9mGlNi6%2BCOS6ghB3h8SrnZ%2B4s29fbjgfbx%2BjNJU2tBoDv7rgd43%2FQGjqJOgLvzHEDMsduIS%2BXyvbAVpmbqxRBWk%2FVf0JmMYwHfEwMxQpgn8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c181868a31bfe-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

downstairsnegotiatebarren.com/sfp.js

188.114.97.1

200 OK

86 kB

URL GET HTTP/2
downstairsnegotiatebarren.com/sfp.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdownstairsnegotiatebarren.com
Fingerprint5D:DB:CB:C6:CE:2A:8B:34:7D:BC:43:74:33:1D:5F:77:48:F7:BC:1B
ValidityThu, 02 May 2024 21:26:34 GMT - Wed, 31 Jul 2024 21:26:33 GMT

File type

Size
86 kB (85611 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: downstairsnegotiatebarren.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 18:46:40 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 418564b85a5ef7fc11ae648cfcf04304
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Fri, 10 May 2024 18:46:40 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AO3iWVo%2FNoYpeNvInaYRCF21%2FE17gFMuRTePH6cHuCvMe9xTUqks3Kz5pdOGxcOOnZ9qGOcnU1zEMGv1H%2FrcuKcoLnMazjZj7wvlTv%2Fy4F0rUtXUIP59aPn7qOyLPw283SQH%2F3OZqdGTZPhpB2nlpw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 881c17e588e356ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.138

200 OK

7.0 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (7193), with no line terminators
Size
7.0 kB (7004 bytes)
Hash
16b49a99486594c0b42d9bd7821deb2c
2fb46e5e86d6b37d4497cc04bfd89b3cb33a276a
3f3540952441e06ef81189cf63d46bac242804e386779dbb0cdd78ed10025c21

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 18:46:48 GMT
date: Fri, 10 May 2024 18:46:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=64

192.243.59.12

200 OK

0 B

URL GET HTTP/1.1
disclosestockingsprestigious.com/pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=64
IP
192.243.59.12:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://cuevana-3.lat/pelicula/no-manches-frida-2-1554596Z/
Certificate
IssuerLet's Encrypt
Subjectdisclosestockingsprestigious.com
Fingerprint20:72:8C:30:EF:A7:E9:42:F4:69:4D:6F:83:5A:F6:44:B2:14:1F:F6
ValidityMon, 29 Apr 2024 13:01:45 GMT - Sun, 28 Jul 2024 13:01:44 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbls?bv=24.6.6370&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fgambling%2Fdefault%2Fandroid-btn%2F8%2Fcss%2Fanimate.css&l=78693&fd=64 HTTP/1.1
Host: disclosestockingsprestigious.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cuevana-3.lat/
Cookie: u_pl=22850642; uid_id2=551bf68c-2286-4a84-a644-060460c325e8:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slecc37b4ff3af61b51008dc96fa07dc68a4=[5210995,5210994]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Fri, 10 May 2024 18:46:48 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (21)

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN