www.vertuspeliculas.com/temas/default/img/milogo.png
200 OK 13 kB URL GET HTTP/3 www.vertuspeliculas.com/temas/default/img/milogo.png
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
File type PNG image data, 334 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 5aa52ec2b3739f9d28ee16c997fed5ec
f382c687e0144d2d7e13821c7414a2911f3a72bf
9dbfced8fbf3d6721cf24ba3af6082cb80000bbc92931374ac5f3f60a27ca691
GET /temas/default/img/milogo.png HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/png
content-length: 12669
cache-control: public, max-age=604800
expires: Sun, 03 Dec 2023 11:27:04 GMT
last-modified: Wed, 05 Apr 2017 11:01:41 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 553523
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04%2BtcgevgaxQJJsEX%2FGRxhvV3ts6Ei6RJ7Nlm9%2Fg%2BubuN3Hqdyn6A9ScIBNfG4OFgNRawsX%2BDbHtYvpdnWHuXNwNkbah8rtmv%2BTekdTC5g4xemb9gbqtbdGXGMIuX9cBn74Wm4fnMuPIPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6917d8fceb503-OSL
alt-svc: h3=":443"; ma=86400
www.vertuspeliculas.com/temas/default/img/rating_on.gif
200 OK 1.0 kB URL GET HTTP/3 www.vertuspeliculas.com/temas/default/img/rating_on.gif
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
File type GIF image data, version 89a, 16 x 16\012- data
Hash 1e483d25aa3a2c769c7e680eb75b52a3
2dfe501fc81cd6939bd014cedb41af85b4e3c7af
be1b058eb9e3fef483e425718456e8bc58fda7d4a81de0d6e794b1e03dfdbd01
GET /temas/default/img/rating_on.gif HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/gif
content-length: 1009
cache-control: public, max-age=604800
expires: Wed, 06 Dec 2023 23:03:24 GMT
last-modified: Wed, 05 Apr 2017 11:01:42 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 252543
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5xKcB8Cg4RcvpjvAU%2Fks%2ByCZk8zX%2F21ye8EhvIkWqKMURCBgXhwocEVNNWpQij%2Bxi4J3Z7291g4qqpSG6NcCVVPTlDdH3QcD9F21j9PUmP85T1RwFx1%2FXh6k2nkMpGT7q1Y93O21vcyKHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6917dc85ab503-OSL
alt-svc: h3=":443"; ma=86400
code.jquery.com/jquery-1.11.2.min.js
200 OK 33 kB URL GET HTTP/2 code.jquery.com/jquery-1.11.2.min.js
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (32047)
Hash 5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
GET /jquery-1.11.2.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-176bb"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 02 Dec 2023 21:12:29 GMT
age: 6749350
x-served-by: cache-lga13622-LGA, cache-bma1683-BMA
x-cache: HIT, HIT
x-cache-hits: 33, 425521
x-timer: S1701551549.099167,VS0,VE0
vary: Accept-Encoding
content-length: 33262
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/vABed5SpGx6jgE3oHZYqNVsu6v4.jpg
200 OK 36 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/vABed5SpGx6jgE3oHZYqNVsu6v4.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 7e59c65584d86f95b94329efbe8d2ff4
3182a712f7fe6f490df1ba13de0c914b1dcc8e9b
bc89efa22fe9027c92863174e86a54e006c281633cd90bdb2c321de009260894
GET /t/p/w300/vABed5SpGx6jgE3oHZYqNVsu6v4.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 36440
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6560e716-8e58"
last-modified: Fri, 24 Nov 2023 18:10:30 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 703
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/24/2023 19:44:21
cdn-edgestorageid: 863
cdn-status: 200
cdn-requestid: fc57a978f046c11afa1d541823949ba2
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
3.bp.blogspot.com/-vSjljZP5dOk/UnVs_WYJMqI/AAAAAAAACmY/6_YHHjTeXRc/s320/espanol.png
200 OK 775 B URL GET HTTP/2 3.bp.blogspot.com/-vSjljZP5dOk/UnVs_WYJMqI/AAAAAAAACmY/6_YHHjTeXRc/s320/espanol.png
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type PNG image data, 51 x 50, 8-bit colormap, non-interlaced\012- data
Hash a57e65083c11888cd46989d1cacb1e39
b33c29f43ba42824f672bdf25150f3b48c6a803a
03bc559539be026b1020115ec76cede08d62551a254fd722d0d94f9295562f7f
GET /-vSjljZP5dOk/UnVs_WYJMqI/AAAAAAAACmY/6_YHHjTeXRc/s320/espanol.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="espanol.png"
x-content-type-options: nosniff
server: fife
content-length: 775
x-xss-protection: 0
date: Sat, 02 Dec 2023 19:09:54 GMT
expires: Sun, 03 Dec 2023 19:09:54 GMT
cache-control: public, max-age=86400, no-transform
age: 7355
etag: "va69"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/wFCnsUHSeAqbVwmVZhJ93gVA8tb.jpg
200 OK 22 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/wFCnsUHSeAqbVwmVZhJ93gVA8tb.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x444, components 3\012- data
Hash e5472a5b790e93657edc2869bd4723cf
ed3c2edf1c08aa85f559fce9d6d699b2badfe3ed
bad39186598c7fe0e08919122157907e958a26fbc1855d9bf15d00e4e1c35ded
GET /t/p/w300/wFCnsUHSeAqbVwmVZhJ93gVA8tb.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 22471
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "649df5b1-57c7"
last-modified: Thu, 29 Jun 2023 21:20:49 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 354
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/22/2023 11:10:04
cdn-edgestorageid: 1079
cdn-status: 200
cdn-requestid: 4a1e7e5577efd46777720088493c7f7d
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/6shiIHV2XjDK5yErHhoeMphwpwP.jpg
200 OK 18 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/6shiIHV2XjDK5yErHhoeMphwpwP.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash b453eada61ac2ebb679587c92c9616c8
b74289d3c1f7655120245ba318dfb594b9105c2e
7469f72d74d658bdf413c3e950016abfbf7cdc7206fcac8f8fa49279a47eaf06
GET /t/p/w300/6shiIHV2XjDK5yErHhoeMphwpwP.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 17576
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "650434b3-44a8"
last-modified: Fri, 15 Sep 2023 10:40:51 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 563
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/15/2023 10:57:33
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requestid: 2e2bca82de5f396b22dafbda68e8da5f
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2
200 OK 18 kB URL GET HTTP/3 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type Web Open Font Format (Version 2), TrueType, length 18028, version 1.589\012- data
Hash 448c34a56d699c29117adc64c43affeb
ca35b697d99cae4d1b60f2d60fcd37771987eb07
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
GET /bootstrap/3.3.6/fonts/glyphicons-halflings-regular.woff2 HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.vertuspeliculas.com
DNT: 1
Connection: keep-alive
Referer: https://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: font/woff2
content-length: 18028
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: "448c34a56d699c29117adc64c43affeb"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:59:01
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 1049
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 85831ccf9b619b28590efba5f5a45010
cdn-cache: HIT
cf-cache-status: HIT
age: 797705
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82f6917f6a6d5688-OSL
alt-svc: h3=":443"; ma=86400
www.googletagmanager.com/gtag/js?id=G-M22GJ5JH9Q
200 OK 90 kB URL GET HTTP/2 www.googletagmanager.com/gtag/js?id=G-M22GJ5JH9Q
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (3651)
Hash 58b5e1bcb0dbbd0c5e0aff55418aeba5
fcfbb074d1ddac6a114b92c55ad60f827e6a80b8
4c1f78dee558b8de7a2903ff28be33faf40503d25e796d964fa7fa221025409a
GET /gtag/js?id=G-M22GJ5JH9Q HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 21:12:29 GMT
expires: Sat, 02 Dec 2023 21:12:29 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89738
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/ggFsajUBbUlOtKgWU9EjKfPOGSP.jpg
200 OK 22 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/ggFsajUBbUlOtKgWU9EjKfPOGSP.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 65bbd15ae47f79a7bf3fa0d3f3001af4
8c2d0fb227e80f425d5f05725bbd1aaaee67761a
4cca71a38df521b521746e58e910e414fe59ffb83d3e6dff38de6c7c8dcaa60d
GET /t/p/w300/ggFsajUBbUlOtKgWU9EjKfPOGSP.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 21640
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65651b90-5488"
last-modified: Mon, 27 Nov 2023 22:43:28 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 695
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2023 08:33:50
cdn-edgestorageid: 1053
cdn-status: 200
cdn-requestid: 3e1d0811c704f784c371e232912de1d7
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/19UbYIT9WEQS5qSD3BREDxVXk8g.jpg
200 OK 15 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/19UbYIT9WEQS5qSD3BREDxVXk8g.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 16e45c8679d04e08ce3ccb007d273bdb
ac5aa07bd8e2aa76442359822c38f63e1cd280bf
3bcd02e22cf2a8ffb979e01c240fcf3917c59241aa4c1390862ff51cc2ccc77c
GET /t/p/w300/19UbYIT9WEQS5qSD3BREDxVXk8g.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 15438
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "654e85bd-3c4e"
last-modified: Fri, 10 Nov 2023 19:34:21 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 719
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/10/2023 19:36:27
cdn-edgestorageid: 1054
cdn-status: 200
cdn-requestid: e30c5e631b4a13dd2c3b265ffe14a907
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/uDx3YfFDEAZfK8wMZ1MzvXsnywF.jpg
200 OK 19 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/uDx3YfFDEAZfK8wMZ1MzvXsnywF.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash ae16f48722f832770552dc63ecb348a0
bfa1ed7f18270919521fce9c8a73804666d9dc65
ad42b3ded062f9c61934ee51f9de1ebb744a72663b52f88e8e559ca670b2af32
GET /t/p/w300/uDx3YfFDEAZfK8wMZ1MzvXsnywF.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 18917
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "64adf60d-49e5"
last-modified: Wed, 12 Jul 2023 00:38:37 GMT
cdn-storageserver: NY-267
cdn-requestpullsuccess: True
cdn-fileserver: 629
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/05/2023 06:18:22
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: 5d2e3e2f36705d4ea0eee056fb46b416
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/oSAdS03j8zbjv35gKdjrIL5snw1.jpg
200 OK 16 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/oSAdS03j8zbjv35gKdjrIL5snw1.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x444, components 3\012- data
Hash faebe1c97727c0db1249146b4db7c36d
7665f229ec882644a5dbc01ad2124d7f56ab38cf
2866604c1cff6133b87cb9704e556d590fc05ab8a6577f38406ae784276621e1
GET /t/p/w300/oSAdS03j8zbjv35gKdjrIL5snw1.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 15951
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "64f005f7-3e4f"
last-modified: Thu, 31 Aug 2023 03:16:07 GMT
cdn-storageserver: NY-268
cdn-requestpullsuccess: True
cdn-fileserver: 695
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2023 22:01:27
cdn-edgestorageid: 1076
cdn-status: 200
cdn-requestid: 065caa003e7cb4ce6a3bcff133187703
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/oDJ1Jl0vbbrsZd7HAMMmcY3rh7B.jpg
200 OK 29 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/oDJ1Jl0vbbrsZd7HAMMmcY3rh7B.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 3ede0e3d1a15a50b5cad44983c445d8e
c659b7444d51bdae0b122bd6a0e4e2c706926259
979e15b49adb0d9758a950505f69c1980eca46d7b1d0952cd090d67bea4b3fd2
GET /t/p/w300/oDJ1Jl0vbbrsZd7HAMMmcY3rh7B.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 29316
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
alt-svc: h3=":443"
cache-control: public, max-age=31919000
etag: 3ede0e3d1a15a50b5cad44983c445d8e
last-modified: Tue, 14 Nov 2023 18:20:49 GMT
perma-cache: MISS
imagery: degrade=79, sample=2x2, difference=1.174
cache-tag: oDJ1Jl0vbbrsZd7HAMMmcY3rh7B
cdn-proxyver: 1.04
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 11/14/2023 18:45:20
cdn-edgestorageid: 1055
cdn-status: 200
cdn-requestid: 867ac11d939c07a9be925267a5d3914f
cdn-cache: HIT
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/aUBw4YOmew5lwsAqbOJ9CG7tmDN.jpg
200 OK 18 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/aUBw4YOmew5lwsAqbOJ9CG7tmDN.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 45890b45a34f491fa9ba354535478ffc
2f61ff3f1047d8742b097963a00c957d659c18ee
fa3077d324e8186f7057944851fbcc4ddf0409dce04640e64f0a55d1e00d00cb
GET /t/p/w300/aUBw4YOmew5lwsAqbOJ9CG7tmDN.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 18486
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "6544eedd-4836"
last-modified: Fri, 03 Nov 2023 13:00:13 GMT
cdn-storageserver: NY-427
cdn-requestpullsuccess: True
cdn-fileserver: 717
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/03/2023 19:24:28
cdn-edgestorageid: 1078
cdn-status: 200
cdn-requestid: 1effd6792c56505a5966946f4449037a
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/kSMAS7AyXCFOPFWaw8eJOnk2YBr.jpg
200 OK 33 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/kSMAS7AyXCFOPFWaw8eJOnk2YBr.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 1b05a31123d4e0aced4f7e814cc2e9da
f7e3aa00df21d8beda79cf5f6a4c3a5ccbb508db
5fb7b1f2c16fb4350b186ade6a4eb8fb9e67a73d27640de63b9bd3b52bb9ce86
GET /t/p/w300/kSMAS7AyXCFOPFWaw8eJOnk2YBr.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 32887
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "65626830-8077"
last-modified: Sat, 25 Nov 2023 21:33:36 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 426
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 12/01/2023 20:24:58
cdn-edgestorageid: 1077
cdn-status: 200
cdn-requestid: c99c7fcb54474e9d7eada2c706f950b8
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/k0TjTcPfifQXjpTbE7cueD4XFas.jpg
200 OK 37 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/k0TjTcPfifQXjpTbE7cueD4XFas.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3\012- data
Hash 391f3f9b8bbe7db832f8b54c7298869d
cb759fb634858a4adc99403c652bd70b28f13769
b7ba9cac36487ae43df3d74c19b8f8dae20d8058cbe203f27534b932af3a2902
GET /t/p/w300/k0TjTcPfifQXjpTbE7cueD4XFas.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 36554
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "650c7944-8eca"
last-modified: Thu, 21 Sep 2023 17:11:32 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 629
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 09/22/2023 03:41:51
cdn-edgestorageid: 756
cdn-status: 200
cdn-requestid: a03d6f603cedf38c3b5fd547d4b44854
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
image.tmdb.org/t/p/w300/f3L3nKsx5wGr620c1QQKTk6h0JX.jpg
200 OK 38 kB URL GET HTTP/2 image.tmdb.org/t/p/w300/f3L3nKsx5wGr620c1QQKTk6h0JX.jpg
IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintCF:B7:E8:C7:7D:07:EB:E8:16:FA:B8:1B:32:66:3E:29:66:0A:5D:01
ValidityThu, 30 Nov 2023 13:08:23 GMT - Wed, 28 Feb 2024 13:08:22 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x427, components 3\012- data
Hash d4a89b131ee538b2c77f91f9053f80a3
7de2df146a0e5db3535938619c4c9232f32187eb
2e4233fc1e2e233bb3c2516cffffc664531f02fa4d9f8ae6188a8faf35f9108e
GET /t/p/w300/f3L3nKsx5wGr620c1QQKTk6h0JX.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: image/jpeg
content-length: 38516
server: BunnyCDN-DE1-1047
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "63bc422b-9674"
last-modified: Mon, 09 Jan 2023 16:34:51 GMT
cdn-storageserver: NY-430
cdn-requestpullsuccess: True
cdn-fileserver: 267
perma-cache: HIT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-cachedat: 11/30/2023 14:57:09
cdn-edgestorageid: 1077
cdn-status: 200
cdn-requestid: bb283ef0bf3699b255a47faba4d82bcc
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
1.bp.blogspot.com/-ChpCvir6vaw/UnVs_RIPb-I/AAAAAAAACmQ/vIaVfKWoloA/s320/sub.png
200 OK 1.1 kB URL GET HTTP/2 1.bp.blogspot.com/-ChpCvir6vaw/UnVs_RIPb-I/AAAAAAAACmQ/vIaVfKWoloA/s320/sub.png
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type PNG image data, 55 x 50, 8-bit colormap, non-interlaced\012- data
Hash f23d93dff3c9fe27157e237617f7f851
eaddfee6018bbd00ae76be46eaa7aa8d05b98db4
15b38d5ac21cf0de6f8334b74104bc0fd2b4372589be2339f42b30eb8c34a198
GET /-ChpCvir6vaw/UnVs_RIPb-I/AAAAAAAACmQ/vIaVfKWoloA/s320/sub.png HTTP/1.1
Host: 1.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="sub.png"
x-content-type-options: nosniff
server: fife
content-length: 1144
x-xss-protection: 0
date: Sat, 02 Dec 2023 19:09:53 GMT
expires: Sun, 03 Dec 2023 19:09:53 GMT
cache-control: public, max-age=86400, no-transform
age: 7356
etag: "va67"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
3.bp.blogspot.com/-3-0WwpsF2bE/UnVs_Qi1NkI/AAAAAAAACmU/vgNx_6hWgRE/s320/latino.png
200 OK 750 B URL GET HTTP/2 3.bp.blogspot.com/-3-0WwpsF2bE/UnVs_Qi1NkI/AAAAAAAACmU/vgNx_6hWgRE/s320/latino.png
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type PNG image data, 51 x 50, 8-bit colormap, non-interlaced\012- data
Hash ef20052906f6b4a404b8ea7132254bb5
35a98b4f5826d83fb1b7725d7e2dc32498ca6dc8
a0522d2449a22c7bb499984630e06033af0913c705dad4503a6fd2a766fa5223
GET /-3-0WwpsF2bE/UnVs_Qi1NkI/AAAAAAAACmU/vgNx_6hWgRE/s320/latino.png HTTP/1.1
Host: 3.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="latino.png"
x-content-type-options: nosniff
server: fife
content-length: 750
x-xss-protection: 0
date: Sat, 02 Dec 2023 19:09:54 GMT
expires: Sun, 03 Dec 2023 19:09:54 GMT
cache-control: public, max-age=86400, no-transform
age: 7355
etag: "va68"
content-type: image/png
vary: Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
4.bp.blogspot.com/-1HM7bS4qvpA/UVMpPneaXTI/AAAAAAAACA4/sbwkJkylYzM/s1600/v3-b_r3_c4.png
200 OK 197 B URL GET HTTP/2 4.bp.blogspot.com/-1HM7bS4qvpA/UVMpPneaXTI/AAAAAAAACA4/sbwkJkylYzM/s1600/v3-b_r3_c4.png
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type PNG image data, 1 x 21, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e9281eeba23519ffc389b46bfd049e5
716a4c515b5fd51aa8e557664aa148f3ecd19e58
ee2d19a280bef0c13940af040db456d0d30023dd780259e3ea1897eb478b624f
GET /-1HM7bS4qvpA/UVMpPneaXTI/AAAAAAAACA4/sbwkJkylYzM/s1600/v3-b_r3_c4.png HTTP/1.1
Host: 4.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
content-disposition: inline;filename="v3-b_r3_c4.png"
x-content-type-options: nosniff
server: fife
content-length: 197
x-xss-protection: 0
date: Sat, 02 Dec 2023 20:13:19 GMT
expires: Sun, 03 Dec 2023 20:13:19 GMT
cache-control: public, max-age=86400, no-transform
etag: "v80f"
content-type: image/png
vary: Origin
age: 3550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
syndication.optimizesrv.com/ads-iframe-display.php?idzone=2898&type=468x60&p=https%3A//www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html&dt=1701551554693&sub=&sub3=2902&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
200 OK 671 B URL GET HTTP/1.1 syndication.optimizesrv.com/ads-iframe-display.php?idzone=2898&type=468x60&p=https%3A//www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html&dt=1701551554693&sub=&sub3=2902&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
IP
ASN #60781 LeaseWeb Netherlands B.V.
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectoptimizesrv.com
Fingerprint88:6F:1F:7A:58:F9:32:38:5F:9F:D8:86:7F:B2:C6:D5:A9:3B:0F:65
ValidityThu, 05 Oct 2023 15:31:55 GMT - Wed, 03 Jan 2024 15:31:54 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1305), with no line terminators
Hash d45f90a8375b0408a89390090a9df3d9
2009b9d74c4d989525f3fac61dce58e6a2c8b18e
69069200cdc2ced18af2cec897c2bf6f35af7192519bf4cd85e487b32908bda9
GET /ads-iframe-display.php?idzone=2898&type=468x60&p=https%3A//www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html&dt=1701551554693&sub=&sub3=2902&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22 HTTP/1.1
Host: syndication.optimizesrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 02 Dec 2023 21:12:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
Pragma: no-cache
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%22656b9dbddebee2.660456571630993790%22%3B%7D; expires=Mon, 01 Dec 2025 21:12:29 GMT; path=; domain=.adnation.com; Secure; SameSite=none
impressions=cxbmsbocnxgxmexcbrbobgeioslmrxbmnxgxmexcbsexegeicxbmsbcenxgxmexroamoxgeimrblxocenxgxmexssrsrxgeicxbmsbxcnxgxmexrsexmxgeimrblxelonxgxmexsxrlocgeimrblxxxbnxgxmexsxrlocgeimrblxxmbnxgxmexsaesebgeimrblxosonxgxmeelxlmxbgeicxbmsboenxgxmexcbrbosgeimrblxelenxgxmexsaesebgeimrblxosanxgxmexsxrlocgeioslmroemnxgxmexrsexmxgeimrblxxrbnxgxmexsxrlocgeimcersxeonxgxmeelarbbageimrblxxoonxgxmexssrsrxgeimrblxosenxgxmexsxrlocgeimrblxxmanxgxmexsxrloogeimrblxoebnxgxmexxssbamgeimrblxxbanxgxmexsasxobgeimrblxxxanxgxmexsxrloogeicaxsscmbnxgxmexoossargeimrblxxoenxgxmexsaesebgeimrblxxmonxgxmexsrormegeimcclsxxonxgxmexersxeegeislsaroornxgxmexeaxrsbgeimrblxoxonxgxmexsxrlocgeimcersxrenxgxmexeaemrogeibxxlecaonxgxmexeacccsgeimrblxosbnxgxmexoossargeimrblxebbnxgxmexssrsrxgeimrblxxaenxgxmexsasxobgeisaeeasslnxgxmexebaexogeimcersxbbnxgxmexebaexogeimcersxrbnxgxmexebaexogeimrblxxbonxgxmexsrormegeimrblxoscnxgxmexsxrlocgeimrblxoobnxgxmexxsblacgeirbabxabbnxgxmexcarcsbgeimrblxelcnxgxmexoxslomgeimrblxoeanxgxmexsasxobgeimcclsxxcnxgxmexsxrlocgeimcclsxmanxgxmexssrsrxgeimrblxxmcnxgxmexsasxobgeimrblxxbcnxgxmexoslbcrgeimrblxoxenxgxmexsxrloogeimrblxxacnxgxmexsxrlosgeimrblxxaonxgxmexsxrlocgeimrblxoconxgxmexrxxcsageimrblxxbenxgxmexssrsrxgeimcersxbcnxgxmexsmcaebgeimcclsxmenxgxmexcaxesbgeimcclsxobnxgxmexcaaebegeimcclsoeenxgxmexcbsexegeimcersxcanxgxmexcaeabegeibxocmmrenxgxmexcarcsbgxcceibaeasboenxgxmexcarcslgxcceimcclsxaonxgxmexcaaebegeibeomexxbnxmgxmexcamcargxcceimeemcmaenogxmexcamlmlgxcceimrxaemeonxgxmexcamlbegxcceibxbaraaancgxmexcabbrogxcceibaeasleenxgxmexcabbbrgxcceibloxlmxonxgxmexcabbbrgxcceibxrlmscanxgxmexcabbbrgxcceiarmcbbbbnxgxmexcmxlcsgxcceibrlecbrbncgxmexcmxlcsgxcceicloaecoanxgxmexcmxlcsgxcceicxexraernxgxmexcmxlcsgxcceibxrlmscbnxgxmexcmobeegxcceibxcbmlbcnxgxmexcmolsbgxcceibxcbmllanxgxmexcmmlmegxcceimcclsxlenxgxmexcbrbobgeimcclsxsenxgxmexcbsexegeibblcblobnsgxmexcbsexxgxcceimbealcscnxgxmexcbsexxgxcceibxbalrmanxgxmexcbsexsgxcceicloaxxaanxgxmexcbsaxegxcceibxocmmcenxgxmexcbrmmagxcceimcclsxlcnxgxmexcbrbosgeibbmrsrlcnxgxmexcbmoeogxcceibxrlmsccnxgxmexcbmoeogxcceibbbocllonxgxmexcbbosbgxcceibxrlmssansgxmexcbbscagxcceicloaecoenxgxmexcbblobgxcceimaceoeoonxgxmexclcsmrgxcceibleereaonagxmexclrxxlgxcceibleereaenagxmexclrxxlgxcceimbbcemoanxegxmexclbxrbgxcceimclsaoxbnmgxmexcllxlxgxcceibbmcecbanxgxmexclllcegxcceiblsxrorenxgxmexclllcegxcceibbrxclcenxgxmexclllcegxcceiblxcooocnxgxmexclllcegxcceibbrxbrmbnxgxmexclllcegxcceibmabxxaonxgxmexreerscgxcceibexabcronxgxmexreerscgxcceibexabcrbnxgxmexreerscgxcceimrxaemeenxgxmexreerscgxcceibcbarrbenxgxmexreeallgxcceibrxecmxbnsgxmexreebrrgxcceibobmlleenagxmexrexleegxcceibxrceomonbgxmexreooolgxcceibblxcmbanxxgxmexreooolgxcceibblxcmbbnxegxmexresosogxcceimeembescnxgxmexremcsbgxcceibobmllxcnagxmexremrxogxcceicloaecocnxgxmexremrxogxcceimeembecenxgxmexreloeogxcceimeembesonxgxmexreloeogxcceiberrmlbcnogxmexreloeogxcceiboelxbrcnxgxmexrxemalgxcceiboelxbronxgxmexrxemalgxcceibleereaanmgxmexrxemalgxcceimcclsxlonxgxmexrxxcsageiocmlcbssnxgxmexrxoelogxcceibxcxeceanxgxmexrxoelogxcceibmrorsxanxgxmexrxoelogxcceibmrorsoonxgxmexrxoelogxcceimrxccosanxgxmexrxsxlrgxcceiallxlmocncgxmexrxslsmgxcceibelrcsscnxgxmexrxmxacgxcceibacolrxbnxgxmexrxmxacgxcceibbmrsrbbnxgxmexroroabgxcceibxscllrcnxgxmexroraxlgxcceimcclsxsonxgxmexroamoxgeibmoaeabansgxmexromelagxcceimllmcsbcnxgxmexrobesagxcceiblsxroaenxgxmexrobaaogxcceiblsxrorbnxgxmexrobaaogxcceibaosaamanxgxmexroblmrgxcceialaroxrcnxgxmexrolemlgxcceibloacacbnxgxmexrolasmgxcceibxbsalaonxgxmexrolasmgxcceibxlclbrbnxgxmexrolasmgxcceiallxlmconxgxmexrsexlagxcceibbmrsrlanxgxmexrsexlagxcceimromobabnxgxmexrsxmxlgxcceimaceoesanxgxmexrsorlrgxcceibaaoarmenagxmexrsrmemgxcceibbmrsrlenxgxmexrsrlregxcceibxocmmconxgxmexrsaxeegxcceibslarmcanagxmexrsasmegxcceimlalacobnxgxmexrsmeoagxcceicloaxxabnxgxmexrsmecxgxcceibrarbbaonagxmexrsbbrbgxcceibrarbbaenrgxmexrsbbrbgxcceibblxcmbcnagxmexrsbbrbgxcceibxrlmscenxgxmexrslomogxcceiclmlmxobnxgxmexrslcexgxcceialsxlaeonxgxmexrslceogxcceicloaxxmenxgxmexrccarcgxcceicxmecmcanxgxmexrccarcgxcceicloaxxacnxgxmexrccarrgxcceibobmllxonogxmexrcclxogxcceimrmbbolonogxmexrcrsaagxcceibleereacnogxmexrcmmosgxcceiberrmlmenxgxmexrcmmrlgxcceicloaxxxanxgxmexrcmmrlgxcceibxsmlooanxgxmexrcmmrlgxcceicloaxxmonxgxmexrcmmrlgxcceicloaxxoanxgxmexrcmmrlgxcceibxscllmanxgxmexrclbacgxcceiaelcsoconxgxmexrreocrgxcceibxlsblbenxgxmexrreocrgxcceibxrlmssbnxgxmexrreocrgxcceibxocmmcbnxgxmexrreocrgxcceibbacbxxcnxgxmexrreocagxcceibxbalrlonxgxmexrreorrgxcceibrxecmxanrgxmexrrxxlogxcceicbxcexbonxgxmexrrxxlrgxcceixemsxbnxgxmexrrxrclgxcce; expires=Sun, 03 Dec 2023 21:12:29 GMT; path=/; domain=.adnation.com; Secure; SameSite=none
Accept-CH:
X-Robots-Tag: noindex, follow
Content-Encoding: gzip
2.bp.blogspot.com/-CuXNMqn56Jo/V1wsl_7AHHI/AAAAAAAAF6c/aVD-v9lzVAYTrLct75WuyajINb9aXUZdgCLcB/s1600/v3-b_r5_c8.jpg
200 OK 811 B URL GET HTTP/2 2.bp.blogspot.com/-CuXNMqn56Jo/V1wsl_7AHHI/AAAAAAAAF6c/aVD-v9lzVAYTrLct75WuyajINb9aXUZdgCLcB/s1600/v3-b_r5_c8.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectmisc-sni.blogspot.com
Fingerprint07:E2:99:33:66:25:16:0A:1D:C3:C7:18:D8:82:4A:F0:37:40:E1:5B
ValidityMon, 23 Oct 2023 11:23:28 GMT - Mon, 15 Jan 2024 11:23:27 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 106x155, components 3\012- data
Hash a9fa36673b774ff54144962392e59a12
e05116896ad477fc5924d54c8bcabea8fb8600e5
8d0cb67c2fd95ab8270007d45a9ba8b50dde19e1d6d16483484a5d3e1c8b279b
GET /-CuXNMqn56Jo/V1wsl_7AHHI/AAAAAAAAF6c/aVD-v9lzVAYTrLct75WuyajINb9aXUZdgCLcB/s1600/v3-b_r5_c8.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
access-control-expose-headers: Content-Length
etag: "v17a9"
expires: Sun, 03 Dec 2023 21:12:30 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="v3-b_r5_c8.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:30 GMT
server: fife
content-length: 811
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.vertuspeliculas.com/temas/default/css/main.css
200 OK 8.2 kB URL GET HTTP/3 www.vertuspeliculas.com/temas/default/css/main.css
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
File type ASCII text, with very long lines (31352), with no line terminators
Hash 86da8ea90e0376c367e0b8cdc46c60d9
fb0f2868b8b2f70a113be862560afc8128bbb802
2b3079c449e63e405bfd8bd0c54282643659f6691b7965fda42c7b781b33e47c
GET /temas/default/css/main.css HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 09 Dec 2023 19:09:51 GMT
last-modified: Fri, 04 Jan 2019 15:44:25 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 7356
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqgcla8cykRIpOcoXBLOhmJ4yIXL0DLrhTRh0cHmByEQJbDY%2B47RVoCEEy4RBg3h%2FaPDcbr%2FOegLUlsc9wf91xZe8Nte0mWqyl8E22jCI8ceumcavBFT9l%2BoPD1zR5y6q7WQ%2BsQELibHzg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6917d8fcdb503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
ok.ru/res/js/lib/require-2.1.11_9483d567.js
200 OK 5.8 kB URL GET HTTP/2 ok.ru/res/js/lib/require-2.1.11_9483d567.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (16739)
Hash a3b7b498db7bb3a7223ed7d511025184
2c7a1293ea511961443d5a45dc5932cfc2531501
9987c2582b2c41478c45c53d971bd797ac1a7f1e3c253aecc6f9f1975212ec90
GET /res/js/lib/require-2.1.11_9483d567.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript
content-length: 5786
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:30 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ok.ru/res/js/classic_801c7059.js
200 OK 12 kB URL GET HTTP/2 ok.ru/res/js/classic_801c7059.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (43048)
Hash 5e144bfd8a7ee9647db47238a38a4c82
8e5bc4c12ddd01450f36937660b2ca0fba55ca4b
9b0f3bd097e68cbc152122d282c34a6942d4cd553e60070fea5dde01727200f3
GET /res/js/classic_801c7059.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript
content-length: 11986
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:30 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
200 OK 28 kB URL GET HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 27958
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb09ed3-15d84"
last-modified: Mon, 04 May 2020 23:01:39 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 833932
expires: Thu, 21 Nov 2024 21:12:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OWkkw82Wz4pFjb%2BRZqyecmJeWb3scZNotLWIjVwXpKDkFLPucbG64ZJTf8D7%2BMGdWcsK%2Fp13ypq2W3w6bQRo%2F6xtsi38bXhhz2PpBLc06DDOpTO%2FjdfEBORIIMSBHoBh7YC%2BJBUl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 82f69186fc3056aa-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-QR91EVF36D
200 OK 93 kB URL GET HTTP/3 www.googletagmanager.com/gtag/js?id=G-QR91EVF36D
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint37:42:10:B7:89:70:45:51:80:81:66:CE:95:21:72:5D:46:0B:E2:34
ValidityMon, 23 Oct 2023 11:18:19 GMT - Mon, 15 Jan 2024 11:18:18 GMT
File type ASCII text, with very long lines (5955)
Hash 5b906190de4dbd73305c16aa83e1fb8c
badf5bb007e4f7b0d389318ff07c65b79feca789
2bad57e35431e3221ae23d32f472b76dacc10ebfd7ef1bc04462b7a6003c26d8
GET /gtag/js?id=G-QR91EVF36D HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 02 Dec 2023 21:12:30 GMT
expires: Sat, 02 Dec 2023 21:12:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 93026
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hqq.to/ad/top/popunder.js
200 OK 21 B URL GET HTTP/2 hqq.to/ad/top/popunder.js
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 533a813ddb8f84d7e018bf8e6296c44d
8c95af23d5dc502f1bc3395a6d2e339e696c0d3e
a499068cf858aa2cd9b077e2e354b6bf8435eaa8e44c2047f403c7283031977f
GET /ad/top/popunder.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
content-length: 21
last-modified: Wed, 15 Sep 2021 14:06:22 GMT
etag: "6141fdde-15"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
accept-ranges: bytes
X-Firefox-Spdy: h2
upstream.to/assets/js/xupload.js?v=1.3.1
200 OK 10 kB URL GET HTTP/2 upstream.to/assets/js/xupload.js?v=1.3.1
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerLet's Encrypt
Subjectupstream.to
FingerprintB8:21:F4:ED:87:A2:E8:E2:E9:03:E7:73:1B:BC:09:7B:61:2D:47:6C
ValidityThu, 16 Nov 2023 20:29:28 GMT - Wed, 14 Feb 2024 20:29:27 GMT
Hash 95c3c5f2a1b2d2f996cc7a6be2a7499d
fa7e4ff85b39a479195bd455fe58bb89cd78058b
e18ab4c3adc7868989e87b58e6dcaeaf6d5e636cf53fac532584643c429caae2
GET /assets/js/xupload.js?v=1.3.1 HTTP/1.1
Host: upstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/embed-41j4uqrs875z.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
set-cookie: __ddg1_=BqnryT12buwDeiw46K1d; Domain=.upstream.to; HttpOnly; Path=/; Expires=Sun, 01-Dec-2024 21:12:30 GMT
date: Sat, 02 Dec 2023 21:12:30 GMT
last-modified: Tue, 28 Feb 2023 05:05:31 GMT
etag: "2857-5f5bb8b7a78c9"
accept-ranges: bytes
content-length: 10327
content-type: application/javascript
X-Firefox-Spdy: h2
upstream.to/assets/css/front.css?v=1.1.6
200 OK 247 kB URL GET HTTP/2 upstream.to/assets/css/front.css?v=1.1.6
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerLet's Encrypt
Subjectupstream.to
FingerprintB8:21:F4:ED:87:A2:E8:E2:E9:03:E7:73:1B:BC:09:7B:61:2D:47:6C
ValidityThu, 16 Nov 2023 20:29:28 GMT - Wed, 14 Feb 2024 20:29:27 GMT
File type ASCII text, with very long lines (719)
Size 247 kB (246919 bytes)
Hash d2163d4a88d2c0b3b71a3649593846ad
04c84d48ab053da0b1cd1d02902208f82b93c69a
86bc3f618291c77d982e8d1119e013c030b5dbdc580edc4a46f1b2504491aec1
GET /assets/css/front.css?v=1.1.6 HTTP/1.1
Host: upstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/embed-41j4uqrs875z.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
set-cookie: __ddg1_=AezbPqN7HJZulBQxVwNh; Domain=.upstream.to; HttpOnly; Path=/; Expires=Sun, 01-Dec-2024 21:12:30 GMT
date: Sat, 02 Dec 2023 21:12:30 GMT
last-modified: Tue, 28 Feb 2023 05:05:25 GMT
etag: "3c487-5f5bb8b25408f"
accept-ranges: bytes
content-length: 246919
content-type: text/css
X-Firefox-Spdy: h2
upstream.to/assets/images/image-404.png
200 OK 147 kB URL GET HTTP/2 upstream.to/assets/images/image-404.png
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerLet's Encrypt
Subjectupstream.to
FingerprintB8:21:F4:ED:87:A2:E8:E2:E9:03:E7:73:1B:BC:09:7B:61:2D:47:6C
ValidityThu, 16 Nov 2023 20:29:28 GMT - Wed, 14 Feb 2024 20:29:27 GMT
File type PNG image data, 887 x 592, 8-bit/color RGBA, non-interlaced\012- data
Size 147 kB (147091 bytes)
Hash 6452cd1952993d216dea30b081743a72
0ea3d1743c5fbea44cd52ae2f72b85be82d15646
a640d6b2e3ac62ed6f30787e473e9987f9df8039bb0b5948c63ad2257fc244a1
GET /assets/images/image-404.png HTTP/1.1
Host: upstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/embed-41j4uqrs875z.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
set-cookie: __ddg1_=aQCZJo4gmuzoePO0wrZM; Domain=.upstream.to; HttpOnly; Path=/; Expires=Sun, 01-Dec-2024 21:12:30 GMT
date: Sat, 02 Dec 2023 21:12:30 GMT
last-modified: Tue, 28 Feb 2023 05:05:28 GMT
etag: "23e93-5f5bb8b55938d"
accept-ranges: bytes
content-length: 147091
content-type: image/png
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
200 OK 24 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type ASCII text, with very long lines (65371)
Hash 2f624089c65f12185e79925bc5a7fc42
8eb176c70b9cfa6871b76d6dc98fb526e7e9b3de
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
GET /bootstrap/3.3.6/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"2f624089c65f12185e79925bc5a7fc42"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:48:20
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 755
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 455985e84def5b01c1ff875ffa4ec273
cdn-cache: HIT
cf-cache-status: HIT
age: 578757
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82f6917d9a3a0b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
b46e3222.aacdn.net/library/7/f39dd55f782d67fe07cb8be9ebae2f9f288a0490.webp
200 OK 2.5 kB URL GET HTTP/2 b46e3222.aacdn.net/library/7/f39dd55f782d67fe07cb8be9ebae2f9f288a0490.webp
IP
ASN #60068 Datacamp Limited
Requested by https://syndication.optimizesrv.com/ads-iframe-display.php?idzone=2898&type=468x60&p=https%3A//www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html&dt=1701551554693&sub=&sub3=2902&tags=&cookieconsent=true&screen_resolution=1280x1024&el=%22
Certificate IssuerLet's Encrypt
Subjectaacdn.net
Fingerprint18:36:9D:C0:11:9A:7B:40:8B:C4:E8:84:CE:03:90:CA:BA:77:A8:CA
ValidityThu, 05 Oct 2023 14:54:50 GMT - Wed, 03 Jan 2024 14:54:49 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 468x60, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ddcdf5b1dc90673ca4d713d26b8b54da
f39dd55f782d67fe07cb8be9ebae2f9f288a0490
6a150ec67fa08abfd7bb8ba6e8056e06c20c5443d7933ef961b203f252677e43
GET /library/7/f39dd55f782d67fe07cb8be9ebae2f9f288a0490.webp HTTP/1.1
Host: b46e3222.aacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://syndication.optimizesrv.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: image/webp
content-length: 2544
last-modified: Sat, 11 Jun 2022 10:16:22 GMT
etag: "62a46b76-9f0"
accept-ch:
expires: Wed, 16 Oct 2024 20:32:17 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
server: CDN77-Turbo
x-77-nzt: EQwBuUwJFAHXba48AA
x-77-nzt-ray: af5856306e946850be9d6b654c85dc32
x-accel-expires: @1729110737
x-accel-date: 1697574737
x-cache-lb: HIT
x-age-lb: 3976813
x-77-pop: stockholmSE
x-77-cache: HIT
x-77-age: 3976813
accept-ranges: bytes
X-Firefox-Spdy: h2
commentsmodule.com/js/js.load.1.js?177375464165023
200 OK 0 B URL GET HTTP/2 commentsmodule.com/js/js.load.1.js?177375464165023
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectcommentsmodule.com
FingerprintFB:D4:66:A8:AE:18:5F:8C:FE:B0:5E:D5:8D:88:CA:1B:63:0A:16:67
ValidityThu, 12 Oct 2023 20:21:07 GMT - Wed, 10 Jan 2024 20:21:06 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /js/js.load.1.js?177375464165023 HTTP/1.1
Host: commentsmodule.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hqq.to/
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
content-length: 0
last-modified: Thu, 14 Apr 2022 12:20:52 GMT
etag: "625811a4-0"
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
x-cache-status-inferno-s: HIT
x-inferno-location: static
cf-cache-status: HIT
age: 833072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wnHWjRV%2Ft2Kl5ThCzfMVPcZvshktywerodUPioHfwvtpT0Z6ho6UcfuQTjW3reOeIrzYnQx38VqGw7t4uYjXDJ0HdBipDluIBLDV3bOs2C657Gucycrc2xeNEoDN%2BddPT2TdJ0o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
access-control-allow-origin: *
server: cloudflare
cf-ray: 82f69189ac4d56a5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
200 OK 9.3 kB URL GET HTTP/2 unpkg.com/progressbar.js@1.1.0/dist/progressbar.min.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (29325)
Hash 013916ab61482481d8de9742a0f95bee
546bb742502faa36f8c2bb954c2f028187660404
73cdea3ea0691f9ac4150be0c937dc2ee7eaa10205168a84e41ef5c9e05784b7
GET /progressbar.js@1.1.0/dist/progressbar.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"7315-VGu3QlAvqjb4wruVTC8CgYdmBAQ"
via: 1.1 fly.io
fly-request-id: 01HFTT9KCTZ41V3VWBXBAR6DX1-arn
cf-cache-status: HIT
age: 918249
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82f6918788d55691-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
200 OK 35 kB URL GET HTTP/2 fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 34852, version 1.0\012- data
Hash 0e8eefb4549a2edf26c560cb9845952e
8d0b1718aacad934fd0043c87cbc54aa091396bf
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
GET /s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://upstream.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34852
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 23:21:57 GMT
expires: Fri, 29 Nov 2024 23:21:57 GMT
cache-control: public, max-age=31536000
age: 165034
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
st.mycdn.me/res/i/video/stub/na_74.png
200 OK 17 kB URL GET HTTP/2 st.mycdn.me/res/i/video/stub/na_74.png
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.mycdn.me
Fingerprint2E:0D:A0:C3:73:22:EE:41:29:80:7E:43:6C:5C:5D:00:00:D5:2B:4C
ValidityFri, 11 Aug 2023 04:51:21 GMT - Wed, 11 Sep 2024 04:51:20 GMT
File type PNG image data, 74 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash e6eace150a3180b01fd0e1362fc91729
e139eab878f802a3c107c8d78e48ac6b866d4abc
d3e9f9b35b9dda7b4043b49b6ede0326536681dd301cd6ab9629b050b9aa9a6d
GET /res/i/video/stub/na_74.png HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://st.mycdn.me/res/css/prod/videoembed/videoembed.9f06c2f1.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: image/png
content-length: 17052
last-modified: Wed, 23 Mar 2022 12:15:51 GMT
vary: Accept-Encoding
expires: Sun, 01 Dec 2024 21:12:31 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ok.ru/res/js/app/capture_5f689327.js
200 OK 675 B URL GET HTTP/2 ok.ru/res/js/app/capture_5f689327.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (1522)
Hash aaed395496fb7a8393688d1d21f9be54
56f451376f8a6bab2f37dc1329897beb66852a52
20e6474fa7c9f1e7f0d2caec481216ed7713c459730db9a441e5fc9a7e965ed3
GET /res/js/app/capture_5f689327.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/javascript
content-length: 675
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:31 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
hqq.to/styles/global/embed_player.3.css?130
200 OK 2.2 kB URL GET HTTP/2 hqq.to/styles/global/embed_player.3.css?130
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 9b9d0673535e16ad6c3465ac50d76919
b8d43af7796da4fc9486c8cd114c0c337df850b2
719f13f8f5b124a44ddaef0c841e8ba36e2fb63c82b689778e301b6fe30d7ddf
GET /styles/global/embed_player.3.css?130 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: text/css; charset=UTF-8
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 22:16:37 GMT
etag: W/"5fd14cc5-1701"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAy5cZqCQ71Giy1U5UAQp0uvr9zP5KID4YvkBPseypH5DSlz8rEzG_HUcrUt71d32xxuK2VFyG1LbZdPaPunPcTVO_bwJwrNDXbvcNe1DkCVdlKqVPZF_aH2l91OgPeO63XmFefB_vDq76ppbduHdMqaDxhHiqkZq3hGtfcCw9C61QRoayp9iNxdxK/s512/A_Christmas_Miracle_for_Daisy_poster_usa.jpg
200 OK 91 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAy5cZqCQ71Giy1U5UAQp0uvr9zP5KID4YvkBPseypH5DSlz8rEzG_HUcrUt71d32xxuK2VFyG1LbZdPaPunPcTVO_bwJwrNDXbvcNe1DkCVdlKqVPZF_aH2l91OgPeO63XmFefB_vDq76ppbduHdMqaDxhHiqkZq3hGtfcCw9C61QRoayp9iNxdxK/s512/A_Christmas_Miracle_for_Daisy_poster_usa.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash f157e5ff2a9d232ded0ae3b1f59bdc5c
5c4525240fca3614010607dc4db81123612e08c0
6313e6caea7ac0537ae5c3936c97d29028c0fbf57a49304ea3e672b7aa3b7cc3
GET /img/b/R29vZ2xl/AVvXsEiAy5cZqCQ71Giy1U5UAQp0uvr9zP5KID4YvkBPseypH5DSlz8rEzG_HUcrUt71d32xxuK2VFyG1LbZdPaPunPcTVO_bwJwrNDXbvcNe1DkCVdlKqVPZF_aH2l91OgPeO63XmFefB_vDq76ppbduHdMqaDxhHiqkZq3hGtfcCw9C61QRoayp9iNxdxK/s512/A_Christmas_Miracle_for_Daisy_poster_usa.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4c77"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="A_Christmas_Miracle_for_Daisy_poster_usa.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 91077
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwXzgs3WqPq8xQwHmHGY6xxR5-pIN-ftfY9j4XZ8nVHT2SIYB8rtxf1NX3u9mlMbruhWc7oLquTpBNq7xecOong4UvoDZ4F2TgW5Ivj3j-yF9mtiBVtjQIVZz1dhgmuJIRLq2ozZKpcXgNJkHrwTLaUZb9_JZZsauxlhb32EG0uJTXEmdChOCwrkkw/s512/A_Kindhearted_Christmas_poster_canada.jpg
200 OK 60 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwXzgs3WqPq8xQwHmHGY6xxR5-pIN-ftfY9j4XZ8nVHT2SIYB8rtxf1NX3u9mlMbruhWc7oLquTpBNq7xecOong4UvoDZ4F2TgW5Ivj3j-yF9mtiBVtjQIVZz1dhgmuJIRLq2ozZKpcXgNJkHrwTLaUZb9_JZZsauxlhb32EG0uJTXEmdChOCwrkkw/s512/A_Kindhearted_Christmas_poster_canada.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash 9cd29d7411a5483ec796c1edf466e27c
1d33620c75424a13d95339962be81cb331646fde
c3d818c4818637df4bb10c4cca03d7780499866314f912ec7c18b5631fb1390f
GET /img/b/R29vZ2xl/AVvXsEgwXzgs3WqPq8xQwHmHGY6xxR5-pIN-ftfY9j4XZ8nVHT2SIYB8rtxf1NX3u9mlMbruhWc7oLquTpBNq7xecOong4UvoDZ4F2TgW5Ivj3j-yF9mtiBVtjQIVZz1dhgmuJIRLq2ozZKpcXgNJkHrwTLaUZb9_JZZsauxlhb32EG0uJTXEmdChOCwrkkw/s512/A_Kindhearted_Christmas_poster_canada.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4c75"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="A_Kindhearted_Christmas_poster_canada.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 60199
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFg7IPpkL1evrM3o4DblJ0EqcR68hGvwjFP9dFSOxUXMcB9UFErjtiom9MGL8xTq7-xya3IhXdnc8sWK7haDgLtaMYQag6pRWFb9jsWzntKc1CLIcoBf_ArIKzJoFaa6ToTNACSLDHeesg-ZrXX6B73_GNYLEaNzdjVASfrGwKVZ6AIdc_qNaCCTSq/s512/Its_A_Wonderful_Binge_poster_usa.jpg
200 OK 80 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhFg7IPpkL1evrM3o4DblJ0EqcR68hGvwjFP9dFSOxUXMcB9UFErjtiom9MGL8xTq7-xya3IhXdnc8sWK7haDgLtaMYQag6pRWFb9jsWzntKc1CLIcoBf_ArIKzJoFaa6ToTNACSLDHeesg-ZrXX6B73_GNYLEaNzdjVASfrGwKVZ6AIdc_qNaCCTSq/s512/Its_A_Wonderful_Binge_poster_usa.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash 712f495db9a88e97b37943d46214aef8
c01c42d57a89f9fa606d5bc48b2d257ed19b8515
38b2e94662d1a44542f2d4034025d4e0a81b7366a1897aec61b4bda2d1251415
GET /img/b/R29vZ2xl/AVvXsEhFg7IPpkL1evrM3o4DblJ0EqcR68hGvwjFP9dFSOxUXMcB9UFErjtiom9MGL8xTq7-xya3IhXdnc8sWK7haDgLtaMYQag6pRWFb9jsWzntKc1CLIcoBf_ArIKzJoFaa6ToTNACSLDHeesg-ZrXX6B73_GNYLEaNzdjVASfrGwKVZ6AIdc_qNaCCTSq/s512/Its_A_Wonderful_Binge_poster_usa.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4cbb"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Its_A_Wonderful_Binge_poster_usa.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 79542
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nVGOgd_vvhMFAn3JrwH-vQDKx1LrBoifReThzpDxsGAQYM2H-H6Cx8oDPEa9QoqNg20dnatZMqqas6fZG0gTomqrddj8vF4GsOyFLyjQ8LD1M4BS5ImlhWxFS0Rcxmp7TJPJfQRbdpZVkABvqzrNGrDTTy_c8bGwlRXZ7BwZDsK5rWA7JOJUUAJRWA/s512/I_Believe_in_Santa_poster_usa.jpg
200 OK 49 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj2nVGOgd_vvhMFAn3JrwH-vQDKx1LrBoifReThzpDxsGAQYM2H-H6Cx8oDPEa9QoqNg20dnatZMqqas6fZG0gTomqrddj8vF4GsOyFLyjQ8LD1M4BS5ImlhWxFS0Rcxmp7TJPJfQRbdpZVkABvqzrNGrDTTy_c8bGwlRXZ7BwZDsK5rWA7JOJUUAJRWA/s512/I_Believe_in_Santa_poster_usa.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash ecfe8d83f795efb6c7844d24b9ad1e9d
f48a7c2871937b513e6307e06e7f6a64801c0baa
bef3abbfd8dbda9f3c01e965993b9ab0d7ca012d5f5e331de37a86f0c3451047
GET /img/b/R29vZ2xl/AVvXsEj2nVGOgd_vvhMFAn3JrwH-vQDKx1LrBoifReThzpDxsGAQYM2H-H6Cx8oDPEa9QoqNg20dnatZMqqas6fZG0gTomqrddj8vF4GsOyFLyjQ8LD1M4BS5ImlhWxFS0Rcxmp7TJPJfQRbdpZVkABvqzrNGrDTTy_c8bGwlRXZ7BwZDsK5rWA7JOJUUAJRWA/s512/I_Believe_in_Santa_poster_usa.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v18a"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="I_Believe_in_Santa_poster_usa.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 49426
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
hqq.to/cdn-cgi/trace
404 Not Found 146 B IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0
GET /cdn-cgi/trace HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: text/html; charset=UTF-8
content-length: 146
x-origin-location: /
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: /
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO-haEWTm-vUyHmCCyRmmgUOhW1XoP9HRpiiYRRSnEAYEEFnrDc42Nv5_IqZxUj7OcLjL4ubuMUq9WvmtUHtJFT3Oz4MKlNcRm_-_dqcddympDAtD89XOKul_UM-7arPmb6BUxsHLFTDYhadw8pR2nj-rDWIt9LkCUz9ytqB5aYyO1x8B23kJKjjh3/s3000/MV5BZDg5NTM0YTktNDdhNy00NmVkLTlhODAtMGYxMzQ1MGJhYTM3XkEyXkFqcGdeQXVyMTU4MTk5MjA0._V1_.jpg
200 OK 666 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhO-haEWTm-vUyHmCCyRmmgUOhW1XoP9HRpiiYRRSnEAYEEFnrDc42Nv5_IqZxUj7OcLjL4ubuMUq9WvmtUHtJFT3Oz4MKlNcRm_-_dqcddympDAtD89XOKul_UM-7arPmb6BUxsHLFTDYhadw8pR2nj-rDWIt9LkCUz9ytqB5aYyO1x8B23kJKjjh3/s3000/MV5BZDg5NTM0YTktNDdhNy00NmVkLTlhODAtMGYxMzQ1MGJhYTM3XkEyXkFqcGdeQXVyMTU4MTk5MjA0._V1_.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], progressive, precision 8, 2000x3000, components 3\012- data
Size 666 kB (666524 bytes)
Hash c9b908bb40fba378f7a2aadaabcafdf9
756c37840f6aa518c0728ab119574083c95af4a5
acd9fdfecb7bd09badb587036bbb305638f7a10be02e2ad15c9edbbbfb517a1d
GET /img/b/R29vZ2xl/AVvXsEhO-haEWTm-vUyHmCCyRmmgUOhW1XoP9HRpiiYRRSnEAYEEFnrDc42Nv5_IqZxUj7OcLjL4ubuMUq9WvmtUHtJFT3Oz4MKlNcRm_-_dqcddympDAtD89XOKul_UM-7arPmb6BUxsHLFTDYhadw8pR2nj-rDWIt9LkCUz9ytqB5aYyO1x8B23kJKjjh3/s3000/MV5BZDg5NTM0YTktNDdhNy00NmVkLTlhODAtMGYxMzQ1MGJhYTM3XkEyXkFqcGdeQXVyMTU4MTk5MjA0._V1_.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4c5e"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="MV5BZDg5NTM0YTktNDdhNy00NmVkLTlhODAtMGYxMzQ1MGJhYTM3XkEyXkFqcGdeQXVyMTU4MTk5MjA0._V1_.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 666524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkh8jwV-feSYWL-gCyamQVZrQYMnSVtJ8fLRhBsE44dv1XzWptTkdU7Cqi0ckyhBUrgAPYNnkvKNaY0Ph46S9M-I4Pe9hAI9TlR4jz7U00Os5YVpl9AfAL9U9ZZD2ZNrVHqedBESgJKjdj_wE6ZmudrDz6dTCKiLwGoakPZ39MZWgXeZbNni4GqCelkw/s512/The_12_Days_of_Christmas_Eve_poster_usa.jpg
200 OK 58 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhkh8jwV-feSYWL-gCyamQVZrQYMnSVtJ8fLRhBsE44dv1XzWptTkdU7Cqi0ckyhBUrgAPYNnkvKNaY0Ph46S9M-I4Pe9hAI9TlR4jz7U00Os5YVpl9AfAL9U9ZZD2ZNrVHqedBESgJKjdj_wE6ZmudrDz6dTCKiLwGoakPZ39MZWgXeZbNni4GqCelkw/s512/The_12_Days_of_Christmas_Eve_poster_usa.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash fdc94b7a733ea60a15a5f6b1ac366595
06068d34faf21aac88f73083880e056b77710cac
bfdb57bf41a67f55be967a29cdb1a5f559e9aae351e191b5ea806c7988ba71ed
GET /img/b/R29vZ2xl/AVvXsEhkh8jwV-feSYWL-gCyamQVZrQYMnSVtJ8fLRhBsE44dv1XzWptTkdU7Cqi0ckyhBUrgAPYNnkvKNaY0Ph46S9M-I4Pe9hAI9TlR4jz7U00Os5YVpl9AfAL9U9ZZD2ZNrVHqedBESgJKjdj_wE6ZmudrDz6dTCKiLwGoakPZ39MZWgXeZbNni4GqCelkw/s512/The_12_Days_of_Christmas_Eve_poster_usa.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v1a6"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="The_12_Days_of_Christmas_Eve_poster_usa.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 58234
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZYo_M5Ii7eFLXN-ySOYlteSURUZz4YCallG-QEx6vFNZbLiTrDJsYY-DzNIWIAZF6xiAiNOeAcfkjFl8DMtlYKJuxYj4gjmO2QwKAx2s_Lm8dTSeTlGcsrfbeUvaLIG2Fjt9mIUy-wQOknRupaCFEzmyP71D3dA177YEbVt_NtXwvBG9PFpUaGF14/s512/Navidad_en_Vivo_poster_mexico.jpg
200 OK 65 kB URL GET HTTP/2 blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZYo_M5Ii7eFLXN-ySOYlteSURUZz4YCallG-QEx6vFNZbLiTrDJsYY-DzNIWIAZF6xiAiNOeAcfkjFl8DMtlYKJuxYj4gjmO2QwKAx2s_Lm8dTSeTlGcsrfbeUvaLIG2Fjt9mIUy-wQOknRupaCFEzmyP71D3dA177YEbVt_NtXwvBG9PFpUaGF14/s512/Navidad_en_Vivo_poster_mexico.jpg
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subject*.googleusercontent.com
Fingerprint2E:01:38:64:37:3C:F9:F4:3C:95:49:F1:9E:D9:61:5F:63:48:CF:CE
ValidityMon, 23 Oct 2023 11:23:50 GMT - Mon, 15 Jan 2024 11:23:49 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=4, orientation=upper-left, software=Google], baseline, precision 8, 394x512, components 3\012- data
Hash d50557a7589e5ddb748c0aa8d9fcf64d
c7058c0ce83b46f27111388faa7996bdd709be4b
d6e277eda0224e353e3b4f31258010b048e2c4f8768b4b7faf88ca797b954986
GET /img/b/R29vZ2xl/AVvXsEhZYo_M5Ii7eFLXN-ySOYlteSURUZz4YCallG-QEx6vFNZbLiTrDJsYY-DzNIWIAZF6xiAiNOeAcfkjFl8DMtlYKJuxYj4gjmO2QwKAx2s_Lm8dTSeTlGcsrfbeUvaLIG2Fjt9mIUy-wQOknRupaCFEzmyP71D3dA177YEbVt_NtXwvBG9PFpUaGF14/s512/Navidad_en_Vivo_poster_mexico.jpg HTTP/1.1
Host: blogger.googleusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: image/jpeg
vary: Origin
access-control-expose-headers: Content-Length
etag: "v4ca5"
expires: Sun, 03 Dec 2023 21:12:31 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Navidad_en_Vivo_poster_mexico.jpg"
x-content-type-options: nosniff
date: Sat, 02 Dec 2023 21:12:31 GMT
server: fife
content-length: 65398
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ok.ru/res/js/app/OKVideo_de31ee45.js
200 OK 5.3 kB URL GET HTTP/2 ok.ru/res/js/app/OKVideo_de31ee45.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (16084)
Hash 67b0e39859af2910f56d7ebf1f770c12
6ee224018d9146fc46201310bae31e50b7c22e2e
c903bbb446395bd69fb0038cbd722e189e49c51228a0074092cc37c5c1e6d5c5
GET /res/js/app/OKVideo_de31ee45.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 5334
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=8819004
200 OK 2 B URL GET HTTP/2 hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=8819004
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=8819004 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=29699672
200 OK 2 B URL GET HTTP/2 hqq.to/ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=29699672
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /ad/banner/_adsense_/_adserver/_adview_.ad.json?adzone=top&adsize=300x250&advid=29699672 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/json
content-length: 2
server: Google Frontend
access-control-allow-origin: *
x-inferno-location: banner
X-Firefox-Spdy: h2
ok.ru/res/js/lib/jquery-1.8.3_9a61997f.js
200 OK 30 kB URL GET HTTP/2 ok.ru/res/js/lib/jquery-1.8.3_9a61997f.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type Unicode text, UTF-8 text, with very long lines (36291)
Hash 6f84f817d2171348bad6f698e665727d
308c4b78ce059e113743244e24ddb9b320293e2e
9c6f796a442a19a17e46356c731d5883a8f2f5c2c45010e6d0694a3cad738134
GET /res/js/lib/jquery-1.8.3_9a61997f.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 29956
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
hqq.to/js/video.counters.2.js?117
200 OK 2.8 kB URL GET HTTP/2 hqq.to/js/video.counters.2.js?117
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 56d8279ee632a1740ad16a1a0ea60e1b
a988000d2b396ac018654d29466dbc6c8eedaf79
031efdb6466bf0e310fa646b85cb708e1d838d8edf48f6a790f429118dbd03bc
GET /js/video.counters.2.js?117 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 06 Feb 2022 19:35:56 GMT
etag: W/"6200231c-2b8"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
ok.ru/res/js/b/primary_ff6a4e9.js
200 OK 28 kB URL GET HTTP/2 ok.ru/res/js/b/primary_ff6a4e9.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type Unicode text, UTF-8 text, with very long lines (54831)
Hash 88f7c3f0ee1094d01f385f1564aa7e26
c2970012c12e6617dc0cba590206a9e58ac3df4a
24691f814e9e1f3a9ddf88e1d9dba41379b9f5cfdc58f7329478854064aa3c85
GET /res/js/b/primary_ff6a4e9.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 27928
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ok.ru/res/js/b/music2_f49e9523.js
200 OK 5.8 kB URL GET HTTP/2 ok.ru/res/js/b/music2_f49e9523.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (19439)
Hash 543e9ad14f0245ea12083e476b8e0653
0dc3c70c3f59da19dfbf75e8554b52fc82641454
66e2d48bf20eaeb4aa1859334ef33885bc9b3b899ca5299c7c7be9221c422878
GET /res/js/b/music2_f49e9523.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 5786
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
ok.ru/res/js/app/CurrentUserCfg_a412e224.js
200 OK 448 B URL GET HTTP/2 ok.ru/res/js/app/CurrentUserCfg_a412e224.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (1040)
Hash db9ed780c05b981a9e3c7e72cd15aadd
ff09939d7fe2a55267987a0de51d9c81544942ea
011b7516858ffe5359b854ea3653600ed2dc3b172645cdb2f478230a760cc86f
GET /res/js/app/CurrentUserCfg_a412e224.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 448
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
i0.wp.com/cdn-s1.cfglobalcdn.com/flv/api/files/thumbs_new/2022/12/07/1670435225uyw08/1670435225uyw08-640x480-1.jpg
200 OK 18 kB URL GET HTTP/2 i0.wp.com/cdn-s1.cfglobalcdn.com/flv/api/files/thumbs_new/2022/12/07/1670435225uyw08/1670435225uyw08-640x480-1.jpg
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.wp.com
Fingerprint5D:DB:6E:AA:9E:A8:4A:C3:10:A5:DA:89:DC:1C:BB:D1:87:5F:E1:D2
ValidityTue, 28 Nov 2023 00:00:00 GMT - Sat, 28 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1280x544, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash df726b3e02d332acb85a03a7b5be2d36
8acc7ad106b396d9101a942f7b80434cbb952628
506d0425ca0b39667c44e97e822bec171f72726ce0e253bf45d189afc58ed088
GET /cdn-s1.cfglobalcdn.com/flv/api/files/thumbs_new/2022/12/07/1670435225uyw08/1670435225uyw08-640x480-1.jpg HTTP/1.1
Host: i0.wp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: image/webp
content-length: 17794
last-modified: Sat, 02 Dec 2023 21:12:32 GMT
expires: Tue, 02 Dec 2025 09:12:32 GMT
cache-control: public, max-age=63115200
link: <http://cdn-s1.cfglobalcdn.com/flv/api/files/thumbs_new/2022/12/07/1670435225uyw08/1670435225uyw08-640x480-1.jpg>; rel="canonical"
x-content-type-options: nosniff
etag: "ca2c5860c31c0ff2"
vary: Accept
x-nc: MISS arn 3
alt-svc: h3=":443"; ma=86400
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
timing-allow-origin: *
X-Firefox-Spdy: h2
hqq.to/player/get_player_image.php
200 OK 12 kB URL POST HTTP/2 hqq.to/player/get_player_image.php
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type gzip compressed data, from Unix\012- data
Hash 777132987d6190cddff20c1828e0eb3a
99a5e8c216934763721e0dbdcad33dabe1694316
c9108cf5f2c0ca463e947ccfef63375a24ff73657d86183364f4e28d57c24aff
POST /player/get_player_image.php HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
X-Requested-With: XMLHttpRequest
Content-Length: 73
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/json
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
pragma: no-cache
x-image-colors-src: 0
x-file-located: temp, filename:../files/temp/video_images/8/0/1670435225uyw08-1.jpg
x-clickarr-add-e: 1
x-image-size: 42024
x-image-colors: 0
x-img-cr: j
x-origin-location: get_image
cache-control: no-store, no-cache, must-revalidate, max-age=0
content-encoding: gzip
server: Google Frontend
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
200 OK 14 kB URL GET HTTP/1.1 alleviatepracticableaddicted.com/a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectalleviatepracticableaddicted.com
FingerprintED:76:D1:B6:BE:61:8A:98:95:2B:12:51:D5:59:4B:2A:4E:E6:C9:BD
ValiditySun, 29 Oct 2023 06:03:48 GMT - Sat, 27 Jan 2024 06:03:47 GMT
File type ASCII text, with very long lines (37865), with no line terminators
Hash 0377f8ca0fac4bff0b682f22668aaca1
1d2e969d2d85b82cd28ee2b2bc37a9247f37c046
854dbf2c9196baddf8b594e31788e86974d5e5cd2e258863160426b7a6648e03
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /a6/b0/b8/a6b0b8925d9b3a4154c035c24b4ed97e.js HTTP/1.1
Host: alleviatepracticableaddicted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 02 Dec 2023 21:12:33 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: a5add61728d835c47e114412e09b5adf
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.r2m03.amazontrust.com/
471 B URL ocsp.r2m03.amazontrust.com/
IP
Hash 5b4490819d11e3ad23a5c0df1f587ddf
5735c5a6636e15403f8a1e74efd7199fd014437d
ddb64a8f4718e95e9a68ed479caf068f0ef4e51bb217028797cc30d1aa819133
POST / HTTP/1.1
Host: ocsp.r2m03.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=7200
Date: Sat, 02 Dec 2023 21:12:33 GMT
Last-Modified: Sat, 02 Dec 2023 20:28:17 GMT
Server: ECAcc (ska/F757)
X-Cache: Miss from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: QC7msv3t1WWLJPgeU3zdGy9bJ0bsksPWolNe13usKkTITcSi5ycCWw==
Age: 2656
proftrafficcounter.com/stats
200 OK 40 B URL GET HTTP/2 proftrafficcounter.com/stats
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerAmazon
Subjectproftrafficcounter.com
FingerprintE3:9F:79:6F:80:C0:BF:F8:C4:EB:45:F3:E9:0F:A7:41:F6:0C:05:E6
ValidityTue, 21 Nov 2023 00:00:00 GMT - Thu, 19 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 9906b66fefe65257b7cf2d793311a60a
fe555aba3c31ec55125444a3dae1bee995e91996
527f5bfb4377a298aab47e0f3ec70231eae8db32521b3199c1f70574bef099d4
GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:33 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://hqq.to
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=4f54738f-b62b-4d62-af66-d0068a4f1443:3:1; expires=Tue, 29 Nov 2033 21:12:33 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
whileinferioryourself.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
200 OK 23 kB URL GET HTTP/1.1 whileinferioryourself.com/0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectwhileinferioryourself.com
Fingerprint71:16:93:F6:A4:85:D4:02:C9:16:B4:BC:1C:A2:3B:F9:6F:F6:F6:57
ValidityTue, 28 Nov 2023 10:49:34 GMT - Mon, 26 Feb 2024 10:49:33 GMT
File type ASCII text, with very long lines (59648), with no line terminators
Hash f7010a51cd7ca8715873d57e5dadad3e
69a24fa8275acf57eacc1e8303fd63bf38ba78ba
f0d09d387c92bd8ffd8003b8ea52d0a58a1c66bf9e1ddebbaf15f2fdc8bafdb3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /0a/6e/9a/0a6e9a96058c7f39edbf4999920d05a3.js HTTP/1.1
Host: whileinferioryourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 02 Dec 2023 21:12:34 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 351542e8221fb26d891cee5b08acecda
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
friendshipmale.com/sfp.js
200 OK 32 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:33 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: c9e4bbc050da60259dc201ebdbd0d538
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 02 Dec 2023 21:12:33 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vMHpygeTY8S6IAH%2F%2FmrpwYWEeUz3hVzvekszCh9f2hk7U9H0SNOPUn1hok6SSME%2FyTR%2BttSCYpU4Sk6HGiYSJJRGOJKArHrgU%2FjaS7hBejDVAc2s5juk0tYKvSizifMLKrGjdU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f6919b281bb505-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
whileinferioryourself.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l1xYS8qXgSFAT0omEn3TPf8cA%2Br6xoJxiTsruTkoaqrelJOdVenqnt6klPYBdnjePMidN4kG9Qg7h%2BwIB0vElh0PEhA808IexNkJgOj36G%2F7%2FX7Du%2B9r748yC%2BIh5yeb36q96RSdDmou7W3t2TCdWFr6%2Fdrnlt3b9a2ZNLyb9aG048ZvOe5Qd19p%2FaxCPt6ueF6ruu5Xm1FGhHp4fKMhUxPul6969b9Rt0LfAzN%2F7HNHVjqgA8uyCuQfPLC9i9PIMMKSfzjHWH7mU7f%2FSjOFc20wYAff5b0E10kiBdjZBxEyfF8G9pOCPn6CnRyPHcAPTicOgCTE%2BL84YElx3OZYIOjS6VMQSRg%2FAaKQQWhKkhaIdQPIflvBAg51jeQxI%2FXtSno7iVLp%2ByEXHv%2BN2QxIdf%2BehVJ%2FMNtJYe1e1rlmdSJxTAqIYcVZK9Cmp8i23Mgi1OE2QNI%2FowsP19DEh9uWKUh%2BflbfhT47WYnWmKtBlvyeauxRKNWa4m7bqtD%2Fcjz%2FeYsIikryKiCEiNQexW5dZBLB3nkIE8dxPy8RoNu5LrtiEXNZscPw7DZDMOg0%2BIBb%2FqdyEUeTj2MkKUjhGqE0OwjNfvoyxFM%2FhPsdgnLHdiMYMBLFIKgsAQFJSgkQZERFIPyiCvbsOVjrmzOvHlvzHuzHOusd0CPdNYTCQE1o4P0grw8Dc%2B5%2FuAEfXFeoy3msk63EfAua1LfC%2FzQbQZhw2e%2B4N22gJUlpL0Cah3syQl5%2FWkdqZyQFz%2F%2FE4yewqpThPIl0PwN0GLcbrig22O%2F42IvOaE8V9nS9s5OPdPgukSaXUO26xyoC%2FLa7IjvV9chwrNbv5JZITQlUlPiC%2FkzQU89Gt%2FVBTm8qwtLnmykmYzlHp0e%2BF5GM3H1u0%2FEbqENX71jR99%2BEE6J6XhyX9hsjSZcJj1Lvr8tORdmRZtQkKerdkuwzdxu385Nkqdrmx%2BurMapEdZKnVSgckJItYNQTsiNf57NHu%2BbJoE0FUxeIs7PyLwg9SnCdB82Xei3msCoxQ5LHRR5OTYNtvipJIESC0xZCfsfzBbzgX2EnnFAs4dI4hIDU2KgSlA1gs2vjrPUnN36vTkrMOWMmTLOIVNGfXUZrpXnNRFEbiTchmBRl0Vt6vJu5HcZ7XqizQLqIbMT0f%2Bm%2BhcAAP%2F%2FAQAA%2F%2F%2BLK7GQlAQAAA%3D%3D
200 OK 7 B URL GET HTTP/1.1 whileinferioryourself.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l1xYS8qXgSFAT0omEn3TPf8cA%2Br6xoJxiTsruTkoaqrelJOdVenqnt6klPYBdnjePMidN4kG9Qg7h%2BwIB0vElh0PEhA808IexNkJgOj36G%2F7%2FX7Du%2B9r748yC%2BIh5yeb36q96RSdDmou7W3t2TCdWFr6%2Fdrnlt3b9a2ZNLyb9aG048ZvOe5Qd19p%2FaxCPt6ueF6ruu5Xm1FGhHp4fKMhUxPul6969b9Rt0LfAzN%2F7HNHVjqgA8uyCuQfPLC9i9PIMMKSfzjHWH7mU7f%2FSjOFc20wYAff5b0E10kiBdjZBxEyfF8G9pOCPn6CnRyPHcAPTicOgCTE%2BL84YElx3OZYIOjS6VMQSRg%2FAaKQQWhKkhaIdQPIflvBAg51jeQxI%2FXtSno7iVLp%2ByEXHv%2BN2QxIdf%2BehVJ%2FMNtJYe1e1rlmdSJxTAqIYcVZK9Cmp8i23Mgi1OE2QNI%2FowsP19DEh9uWKUh%2BflbfhT47WYnWmKtBlvyeauxRKNWa4m7bqtD%2Fcjz%2FeYsIikryKiCEiNQexW5dZBLB3nkIE8dxPy8RoNu5LrtiEXNZscPw7DZDMOg0%2BIBb%2FqdyEUeTj2MkKUjhGqE0OwjNfvoyxFM%2FhPsdgnLHdiMYMBLFIKgsAQFJSgkQZERFIPyiCvbsOVjrmzOvHlvzHuzHOusd0CPdNYTCQE1o4P0grw8Dc%2B5%2FuAEfXFeoy3msk63EfAua1LfC%2FzQbQZhw2e%2B4N22gJUlpL0Cah3syQl5%2FWkdqZyQFz%2F%2FE4yewqpThPIl0PwN0GLcbrig22O%2F42IvOaE8V9nS9s5OPdPgukSaXUO26xyoC%2FLa7IjvV9chwrNbv5JZITQlUlPiC%2FkzQU89Gt%2FVBTm8qwtLnmykmYzlHp0e%2BF5GM3H1u0%2FEbqENX71jR99%2BEE6J6XhyX9hsjSZcJj1Lvr8tORdmRZtQkKerdkuwzdxu385Nkqdrmx%2BurMapEdZKnVSgckJItYNQTsiNf57NHu%2BbJoE0FUxeIs7PyLwg9SnCdB82Xei3msCoxQ5LHRR5OTYNtvipJIESC0xZCfsfzBbzgX2EnnFAs4dI4hIDU2KgSlA1gs2vjrPUnN36vTkrMOWMmTLOIVNGfXUZrpXnNRFEbiTchmBRl0Vt6vJu5HcZ7XqizQLqIbMT0f%2Bm%2BhcAAP%2F%2FAQAA%2F%2F%2BLK7GQlAQAAA%3D%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectwhileinferioryourself.com
Fingerprint71:16:93:F6:A4:85:D4:02:C9:16:B4:BC:1C:A2:3B:F9:6F:F6:F6:57
ValidityTue, 28 Nov 2023 10:49:34 GMT - Mon, 26 Feb 2024 10:49:33 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRit3l1xYS8qXgSFAT0omEn3TPf8cA%2Br6xoJxiTsruTkoaqrelJOdVenqnt6klPYBdnjePMidN4kG9Qg7h%2BwIB0vElh0PEhA808IexNkJgOj36G%2F7%2FX7Du%2B9r748yC%2BIh5yeb36q96RSdDmou7W3t2TCdWFr6%2Fdrnlt3b9a2ZNLyb9aG048ZvOe5Qd19p%2FaxCPt6ueF6ruu5Xm1FGhHp4fKMhUxPul6969b9Rt0LfAzN%2F7HNHVjqgA8uyCuQfPLC9i9PIMMKSfzjHWH7mU7f%2FSjOFc20wYAff5b0E10kiBdjZBxEyfF8G9pOCPn6CnRyPHcAPTicOgCTE%2BL84YElx3OZYIOjS6VMQSRg%2FAaKQQWhKkhaIdQPIflvBAg51jeQxI%2FXtSno7iVLp%2ByEXHv%2BN2QxIdf%2BehVJ%2FMNtJYe1e1rlmdSJxTAqIYcVZK9Cmp8i23Mgi1OE2QNI%2FowsP19DEh9uWKUh%2BflbfhT47WYnWmKtBlvyeauxRKNWa4m7bqtD%2Fcjz%2FeYsIikryKiCEiNQexW5dZBLB3nkIE8dxPy8RoNu5LrtiEXNZscPw7DZDMOg0%2BIBb%2FqdyEUeTj2MkKUjhGqE0OwjNfvoyxFM%2FhPsdgnLHdiMYMBLFIKgsAQFJSgkQZERFIPyiCvbsOVjrmzOvHlvzHuzHOusd0CPdNYTCQE1o4P0grw8Dc%2B5%2FuAEfXFeoy3msk63EfAua1LfC%2FzQbQZhw2e%2B4N22gJUlpL0Cah3syQl5%2FWkdqZyQFz%2F%2FE4yewqpThPIl0PwN0GLcbrig22O%2F42IvOaE8V9nS9s5OPdPgukSaXUO26xyoC%2FLa7IjvV9chwrNbv5JZITQlUlPiC%2FkzQU89Gt%2FVBTm8qwtLnmykmYzlHp0e%2BF5GM3H1u0%2FEbqENX71jR99%2BEE6J6XhyX9hsjSZcJj1Lvr8tORdmRZtQkKerdkuwzdxu385Nkqdrmx%2BurMapEdZKnVSgckJItYNQTsiNf57NHu%2BbJoE0FUxeIs7PyLwg9SnCdB82Xei3msCoxQ5LHRR5OTYNtvipJIESC0xZCfsfzBbzgX2EnnFAs4dI4hIDU2KgSlA1gs2vjrPUnN36vTkrMOWMmTLOIVNGfXUZrpXnNRFEbiTchmBRl0Vt6vJu5HcZ7XqizQLqIbMT0f%2Bm%2BhcAAP%2F%2FAQAA%2F%2F%2BLK7GQlAQAAA%3D%3D HTTP/1.1
Host: whileinferioryourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334956; uid_id2=4f54738f-b62b-4d62-af66-d0068a4f1443:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 02 Dec 2023 21:12:34 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3242cc5cabe5758600c6494dd33fd6b7
Strict-Transport-Security: max-age=0; includeSubdomains
banquetunarmedgrater.com/advertisers.js
200 OK 0 B URL GET HTTP/2 banquetunarmedgrater.com/advertisers.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint92:8E:AD:72:AC:AD:3B:21:99:CD:21:A0:9F:BD:F2:AF:0D:98:D8:57
ValidityThu, 09 Nov 2023 11:40:15 GMT - Wed, 07 Feb 2024 11:40:14 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:34 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: bf330707524973114c1d7740273cb0f4
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 02 Dec 2023 21:12:34 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cE%2BdxLbnnnAEHtiaFKWCs5LnPaTfjUx1FabDn7ms4r4snOOYF0FIwDVtYYTLLUbjKr%2FG2d46TUbzNKrlI3EXOOJZWbWlCskQt%2F%2Blt3O5oHVmkqfcxeXoNegRJz0oZCejkawUVNtK7VTd1tk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a1b9d85696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
friendshipmale.com/sfp.js
200 OK 49 kB URL GET HTTP/2 friendshipmale.com/sfp.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 924e967bca1d599992556a8d139b1c5a
222b09dbf164ddc03d39100fd0524a22018d28b2
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:34 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 3d52c45dfe078f3c2ad6794ddd05c691
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 02 Dec 2023 21:12:34 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foV%2FLsMEUWo0wAXWzCnG1A8hdcov%2FXUmrMTgKVD%2FlqWZDOJAg%2FXE2h52MT99NaI5cAh0i4NrPQ2%2FjIRRA7UCv1sPbTA2t2%2FNaW5XqHrPgRJStzR%2BTGkVhascUZ75fnk8mcE6%2F0k%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a08e901c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
www.vertuspeliculas.com/favicon.ico
200 OK 6.0 kB URL GET HTTP/3 www.vertuspeliculas.com/favicon.ico
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
File type MS Windows icon resource - 2 icons, 32x32, 32 bits/pixel, 16x16, 32 bits/pixel\012- data
Hash 9403e85f80cdcb6f76af253e27fd8e8c
565197062022262214dc9e663e1ad56a71357ee9
f847762215842741ee0e496843b5b554406e179b6c939dc4e508b5cdfa5091bc
GET /favicon.ico HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57; _ga_M22GJ5JH9Q=GS1.1.1701551554.1.0.1701551554.0.0.0; _ga=GA1.1.889568180.1701551555
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Mon, 04 Dec 2023 11:16:35 GMT
last-modified: Fri, 24 Mar 2017 13:32:17 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 467753
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0jYPJyKb5sCCIcWPtcXcNktOpT8xoF9wJ7OOk0DebmnB3MqUqR%2FG7QjM8xfoUpJdmO8O%2FpB5eJeeFj3aR9f1c9rGdiQDslNgYD8GBQ2vWoGNSg22rRFxFyCfhXUWH0qKZrAu5Kp5xD9P1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f69185af46b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
200 OK 39 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 6451b63b68b5068db02571051f6f6a30
32badef5d69090b4d2ea7b300bb5264938e198ef
b1b0a314a2d4924b2849fec48b7863ccc68413e58330d99f6ad901bfa6282819
GET /si/05/c8/20/05c820d9ce67af6dea2e5441dbe3e8f9/1683231080.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: image/png
content-length: 39220
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:11:29 GMT
etag: "64541171-9934"
expires: Mon, 04 Dec 2023 21:12:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
200 OK 65 kB URL GET HTTP/2 cdn.cloudimagesb.com/si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint71:EC:C0:22:20:76:60:90:92:4C:5C:F3:AD:17:3C:41:B5:00:25:AF
ValidityThu, 23 Nov 2023 05:00:53 GMT - Wed, 21 Feb 2024 05:00:52 GMT
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 887812a53b8ea2dbad33f6ae105b8c2d
f83d97ef46827200fa62093ed09b4b6fa25b26d8
9443edf293511b0732211234002c799508a2bfc63a3e28a57d7b12ee30f277e9
GET /si/b3/dd/fd/b3ddfd7cf6f212b3bce3129fb7a007fc/1683231156.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: image/png
content-length: 64601
server: nginx/1.21.6
last-modified: Thu, 04 May 2023 20:12:45 GMT
etag: "645411bd-fc59"
expires: Mon, 04 Dec 2023 21:12:35 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
omitpollenending.com/pixel/purst?dl=0&th=0&sc=0&rs=5040&rd=5040&fd=881&bv=23.11.v.8&tmpl=136
200 OK 0 B URL GET HTTP/1.1 omitpollenending.com/pixel/purst?dl=0&th=0&sc=0&rs=5040&rd=5040&fd=881&bv=23.11.v.8&tmpl=136
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectomitpollenending.com
Fingerprint41:41:67:08:03:DF:C6:78:85:C2:46:A8:88:D7:2B:2E:48:A2:91:B2
ValidityTue, 28 Nov 2023 08:10:50 GMT - Mon, 26 Feb 2024 08:10:49 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/purst?dl=0&th=0&sc=0&rs=5040&rd=5040&fd=881&bv=23.11.v.8&tmpl=136 HTTP/1.1
Host: omitpollenending.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sat, 02 Dec 2023 21:12:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:13:56 GMT
expires: Thu, 28 Nov 2024 21:13:56 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 259119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 16 kB URL GET HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 30 Nov 2023 04:57:34 GMT
expires: Fri, 29 Nov 2024 04:57:34 GMT
cache-control: public, max-age=31536000
age: 231301
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
whileinferioryourself.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lUQMZKPiRlBo0IWC01Nf%2FWUW0RgjwZiEJJKVi%2FdVPc9%2BXa%2FyXlVXz6yGBCTLdudGqDk9k0EdxPyAgNS4kYGg7UIGdP6EkJ0g3dPQehd176lzF%2Bec%2B77cKU5IgIIe3%2FrUbCmt6Xqr6TfevqdSYUrXuHG3EfhN%2F2Ljnkrb8cXGeP6xo%2FcCv9X032l8LPnArId%2B4PuBHzSuKisTM15fsFDZQS9o9vxmHDaDVoyx%2FT92hQdHPYjRCXkFSsxe2PjlCRSvkQ5%2FvCLdIDfZux8NC01zYzES%2B5%2Blg9SUKYarMbEeknR%2FuQ3jZoR8fQYm3V86gBntzh2AqRnx%2FgjA0v2lTLDR3qlSpiFTMHEB5aiG1DUUrcHNQyjxGwG4wI2bSIePbxhb0s1Tls7ZGTn3%2FG%2BockbO%2FfUq0uEPl7UaN%2B4YXeTKpA7jpIIa11D9GllxiHzLgyoPwfMHUOIZWX9%2BHelw96bTBkocvxUnrbgTdZM11g7ZWiza4RpN2u014fvtLo2TII6jRURK1VBJDS0noO4sCuehUB6KxEOReRiK4wZt9RLf7yQsiaJuzDmPIs5b3bZoiSjuJj4KPvcwQZ5NwPUE3G4js9sYqAls8RPcRgUnPLicYCQqlJKgdAQlJSgVQZkTlKNqT2gXuuqx0K5gwbKHyx5VU5P3d%2BieyfsyJaB2spOdkJfn4XnnHxxgII8btM181u2FLdFjEY2DVsz9qMXDmMVS9DoSTlVQ7gyo87ClZuT1p01kakZe%2FPxPMHoIpw%2FB1UugxRug5bQT%2BqAb07jrYys9oKLQ%2BdrG%2FfvN3ECYCll%2BDvmmt6NPyGuLI75fn4fkR5d%2BJYsCtxUyW%2BEL9TNBXz%2Ba3jYl2b1tSkee3MxyNVRbdH7gOznN5dnvPpGbpbHi2hU3%2BfYDPifm48Fd6fLrNBUq7Tvy%2FWUlhLRXjeWSPL3m7kl2q3AblwubFtn1Wx9evTbMrHROmbQGVTNC6vvgakYu%2FPNs8XjftCmUrWGLCsPiiCwLyhyCZ9tw2Uq%2FMwRWr3ZY5qEsqqkN2eqnVgRarjBlFdx%2FMFvNO%2B4R%2BtYDzR8iHVYY2QojXYHqCVxxdppn9ujS79GiwLQ3Zdp6u0xb%2FdVpuE4dN1pBLLus2%2BFCMMlF0AmjbuT7oRBxpyeDHnI3k4Nv6n8BAAD%2F%2FwEAAP%2F%2FnyM%2FdpQEAAA%3D
200 OK 7 B URL GET HTTP/1.1 whileinferioryourself.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lUQMZKPiRlBo0IWC01Nf%2FWUW0RgjwZiEJJKVi%2FdVPc9%2BXa%2FyXlVXz6yGBCTLdudGqDk9k0EdxPyAgNS4kYGg7UIGdP6EkJ0g3dPQehd176lzF%2Bec%2B77cKU5IgIIe3%2FrUbCmt6Xqr6TfevqdSYUrXuHG3EfhN%2F2Ljnkrb8cXGeP6xo%2FcCv9X032l8LPnArId%2B4PuBHzSuKisTM15fsFDZQS9o9vxmHDaDVoyx%2FT92hQdHPYjRCXkFSsxe2PjlCRSvkQ5%2FvCLdIDfZux8NC01zYzES%2B5%2Blg9SUKYarMbEeknR%2FuQ3jZoR8fQYm3V86gBntzh2AqRnx%2FgjA0v2lTLDR3qlSpiFTMHEB5aiG1DUUrcHNQyjxGwG4wI2bSIePbxhb0s1Tls7ZGTn3%2FG%2BockbO%2FfUq0uEPl7UaN%2B4YXeTKpA7jpIIa11D9GllxiHzLgyoPwfMHUOIZWX9%2BHelw96bTBkocvxUnrbgTdZM11g7ZWiza4RpN2u014fvtLo2TII6jRURK1VBJDS0noO4sCuehUB6KxEOReRiK4wZt9RLf7yQsiaJuzDmPIs5b3bZoiSjuJj4KPvcwQZ5NwPUE3G4js9sYqAls8RPcRgUnPLicYCQqlJKgdAQlJSgVQZkTlKNqT2gXuuqx0K5gwbKHyx5VU5P3d%2BieyfsyJaB2spOdkJfn4XnnHxxgII8btM181u2FLdFjEY2DVsz9qMXDmMVS9DoSTlVQ7gyo87ClZuT1p01kakZe%2FPxPMHoIpw%2FB1UugxRug5bQT%2BqAb07jrYys9oKLQ%2BdrG%2FfvN3ECYCll%2BDvmmt6NPyGuLI75fn4fkR5d%2BJYsCtxUyW%2BEL9TNBXz%2Ba3jYl2b1tSkee3MxyNVRbdH7gOznN5dnvPpGbpbHi2hU3%2BfYDPifm48Fd6fLrNBUq7Tvy%2FWUlhLRXjeWSPL3m7kl2q3AblwubFtn1Wx9evTbMrHROmbQGVTNC6vvgakYu%2FPNs8XjftCmUrWGLCsPiiCwLyhyCZ9tw2Uq%2FMwRWr3ZY5qEsqqkN2eqnVgRarjBlFdx%2FMFvNO%2B4R%2BtYDzR8iHVYY2QojXYHqCVxxdppn9ujS79GiwLQ3Zdp6u0xb%2FdVpuE4dN1pBLLus2%2BFCMMlF0AmjbuT7oRBxpyeDHnI3k4Nv6n8BAAD%2F%2FwEAAP%2F%2FnyM%2FdpQEAAA%3D
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectwhileinferioryourself.com
Fingerprint71:16:93:F6:A4:85:D4:02:C9:16:B4:BC:1C:A2:3B:F9:6F:F6:F6:57
ValidityTue, 28 Nov 2023 10:49:34 GMT - Mon, 26 Feb 2024 10:49:33 GMT
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSTYscVRR9lUQMZKPiRlBo0IWC01Nf%2FWUW0RgjwZiEJJKVi%2FdVPc9%2BXa%2FyXlVXz6yGBCTLdudGqDk9k0EdxPyAgNS4kYGg7UIGdP6EkJ0g3dPQehd176lzF%2Bec%2B77cKU5IgIIe3%2FrUbCmt6Xqr6TfevqdSYUrXuHG3EfhN%2F2Ljnkrb8cXGeP6xo%2FcCv9X032l8LPnArId%2B4PuBHzSuKisTM15fsFDZQS9o9vxmHDaDVoyx%2FT92hQdHPYjRCXkFSsxe2PjlCRSvkQ5%2FvCLdIDfZux8NC01zYzES%2B5%2Blg9SUKYarMbEeknR%2FuQ3jZoR8fQYm3V86gBntzh2AqRnx%2FgjA0v2lTLDR3qlSpiFTMHEB5aiG1DUUrcHNQyjxGwG4wI2bSIePbxhb0s1Tls7ZGTn3%2FG%2BockbO%2FfUq0uEPl7UaN%2B4YXeTKpA7jpIIa11D9GllxiHzLgyoPwfMHUOIZWX9%2BHelw96bTBkocvxUnrbgTdZM11g7ZWiza4RpN2u014fvtLo2TII6jRURK1VBJDS0noO4sCuehUB6KxEOReRiK4wZt9RLf7yQsiaJuzDmPIs5b3bZoiSjuJj4KPvcwQZ5NwPUE3G4js9sYqAls8RPcRgUnPLicYCQqlJKgdAQlJSgVQZkTlKNqT2gXuuqx0K5gwbKHyx5VU5P3d%2BieyfsyJaB2spOdkJfn4XnnHxxgII8btM181u2FLdFjEY2DVsz9qMXDmMVS9DoSTlVQ7gyo87ClZuT1p01kakZe%2FPxPMHoIpw%2FB1UugxRug5bQT%2BqAb07jrYys9oKLQ%2BdrG%2FfvN3ECYCll%2BDvmmt6NPyGuLI75fn4fkR5d%2BJYsCtxUyW%2BEL9TNBXz%2Ba3jYl2b1tSkee3MxyNVRbdH7gOznN5dnvPpGbpbHi2hU3%2BfYDPifm48Fd6fLrNBUq7Tvy%2FWUlhLRXjeWSPL3m7kl2q3AblwubFtn1Wx9evTbMrHROmbQGVTNC6vvgakYu%2FPNs8XjftCmUrWGLCsPiiCwLyhyCZ9tw2Uq%2FMwRWr3ZY5qEsqqkN2eqnVgRarjBlFdx%2FMFvNO%2B4R%2BtYDzR8iHVYY2QojXYHqCVxxdppn9ujS79GiwLQ3Zdp6u0xb%2FdVpuE4dN1pBLLus2%2BFCMMlF0AmjbuT7oRBxpyeDHnI3k4Nv6n8BAAD%2F%2FwEAAP%2F%2FnyM%2FdpQEAAA%3D HTTP/1.1
Host: whileinferioryourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334956; uid_id2=4f54738f-b62b-4d62-af66-d0068a4f1443:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 02 Dec 2023 21:12:35 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: c5abba9e4f2a1a9ec0523535809180a8
Strict-Transport-Security: max-age=0; includeSubdomains
whileinferioryourself.com/pixel/sbs?c=1
200 OK 0 B URL GET HTTP/1.1 whileinferioryourself.com/pixel/sbs?c=1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectwhileinferioryourself.com
Fingerprint71:16:93:F6:A4:85:D4:02:C9:16:B4:BC:1C:A2:3B:F9:6F:F6:F6:57
ValidityTue, 28 Nov 2023 10:49:34 GMT - Mon, 26 Feb 2024 10:49:33 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /pixel/sbs?c=1 HTTP/1.1
Host: whileinferioryourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Cookie: u_pl=17334956; uid_id2=4f54738f-b62b-4d62-af66-d0068a4f1443:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 02 Dec 2023 21:12:35 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
sadjklq.com/netu.php
200 OK 1.2 kB IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectsadjklq.com
Fingerprint72:69:F9:BF:D9:20:23:59:4D:E4:C9:75:C9:BA:4F:D7:3D:E8:70:27
ValidityWed, 22 Nov 2023 23:37:41 GMT - Tue, 20 Feb 2024 23:37:40 GMT
File type ASCII text, with very long lines (1189), with no line terminators
Hash 13b0a09aa5b291f7dd6fc0ba8f31f5be
d04d79218633faf8299456a1737362dd87d0f439
ae6e57169c43ef9ac33d4cd95f5dbb87a38496cdcc5f0fae101679bcfe2841dd
GET /netu.php HTTP/1.1
Host: sadjklq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
x-powered-by: PHP/7.1.33
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mvHRIiMtPbzPmHU8twwYFTwtVOonYV%2BrijVMMpKmiIpAn84t2%2FoGnE%2FVjln%2BZGFqiwUCjjtskyYNFKgDVmDyv%2FYtvImXBEeCivaZ1iHC1qTG8H6JGL2aaPlr%2BhSfgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f691906c5cb4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
200 OK 4.0 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/img/close.png
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/dating/default/us/desk-all/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: image/png
content-length: 4022
last-modified: Tue, 14 Apr 2020 14:09:22 GMT
etag: "5e95c412-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 311477
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JpACfgBS7zGfo%2Bk3yBUR1OR6LeA0ti9K8T9WPCklKObtpHJl9lR5eiO1iutRTsyzJpDAncAKTgiVkkjIxRLtPWIycX%2Beqm%2BfOTsfzR3NWNJ0uFdFF3ZIfx9mD8q8lDhhzRY9hJoo4VBL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a3d9aa4885-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
hqq.to/js/websocket_ip.min.js
200 OK 4.6 kB URL GET HTTP/2 hqq.to/js/websocket_ip.min.js
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (4798), with no line terminators
Hash 7c354bd309d3152f26fd4c61b1f7eb2b
2dc50304cfaecb57148a5001827f8e0b19acb9ca
f88d924353140c3c8cbfd2ce7f128539408029907fadeaa0f5cb81c4fde1e1e8
GET /js/websocket_ip.min.js HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 20 Jan 2023 13:44:36 GMT
etag: W/"63ca9ac4-121c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
200 OK 386 B URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/js/script.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (399), with no line terminators
Hash 022602a468da44628060800173771da2
9be813fbfebbcb2aa46d8c6b8abec68b3d16c89c
6742c376e658c34d09b2dc5772bd798e3cd52bb265758bac5bce184f8ee7b5cc
GET /sb/notifications/dating/default/us/desk-all/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: application/javascript
last-modified: Tue, 14 Apr 2020 14:09:27 GMT
etag: W/"5e95c417-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 80690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKELOChRQ%2BhTrlTfxep7sBLa2w9ObP919k8QpSjlzjhrxkZu%2FkKbqcA3K4i%2FIhdl5IlSOczUOZt%2FCTQclvgEfGnSZmbziefbFUS2n5BEBNpKJha0EryZBZ1ANegHLeuF68YjgGWsOFeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a3583c5312-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
200 OK 5.8 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/style.css
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
File type ASCII text, with very long lines (6136), with no line terminators
Hash 9f80fb73071a2440f4592b4422167a7a
bbd9cd5f77ec53153284f71655920f35815c6c4b
0a1eda0aa145d20b7434500ebb9087051733b0e11eb2187a237a2891b0973b9d
GET /sb/notifications/dating/default/us/desk-all/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: text/css
last-modified: Fri, 27 Aug 2021 11:38:00 GMT
etag: W/"6128ce98-169c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 80690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1GcUqkeyWgAWMV6fF8t7HOfZKGIdUree0IqA77tQOxmboGnon7uLsKNkp4PySOBkV%2Bw6%2FGThcx2q%2FrsB%2F3L7HIl5rj65WgBBgoK%2BP8W55fTMayo4InfMcQM%2Fq59AeI0SohSbG6yeRfrF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a368555312-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ok.ru/videoembed/4703031200372
200 OK 74 kB URL GET HTTP/2 ok.ru/videoembed/4703031200372
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (62836)
Hash ee1b85d49fb42ab42d006ae7d9759e73
14c4f66597316d535588542b449bf3e29b34ba77
af1ba4e23edfaeae2d7894ba7430601934a6348e8c017da842c1e4910542c21c
GET /videoembed/4703031200372 HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: text/html;charset=UTF-8
vary: Accept-Encoding
set-cookie: bci=-6038057255174536632; Domain=.ok.ru; Expires=Fri, 21 Dec 2091 00:26:37 GMT; Path=/; Secure; HttpOnly
_statid=6b5791d7-8406-4410-a95e-f1030aa7006b; Domain=.ok.ru; Expires=Fri, 21 Dec 2091 00:26:37 GMT; Path=/; Secure; HttpOnly
landref=www.vertuspeliculas.com; Domain=.ok.ru; Path=/; Secure
__last_online=1701551550070; Expires=Fri, 21 Dec 2091 00:26:37 GMT; Path=/; Secure
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
last-modified: Thu, 08 Jun 2023 18:23:31 GMT
cache-control: no-cache, no-store
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: br
X-Firefox-Spdy: h2
hqq.to/js/script_33.10.js?16
200 OK 7.0 kB URL GET HTTP/2 hqq.to/js/script_33.10.js?16
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (7101), with no line terminators
Hash 32e16f45a036927c198ef05879a785ec
b551aff286616dccba9b624a73eff430538a76ed
bdcbe7674526ab9b68258d86dca84c3c9259c0c60016a47b1adf84e08dea32cc
GET /js/script_33.10.js?16 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Cookie: uid=s5YYEO_Vx7zW*TqlrJWP9cuU0hecGl83
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 07 Oct 2023 10:41:14 GMT
etag: W/"652135ca-1b3c"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
whileinferioryourself.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=4f54738f-b62b-4d62-af66-d0068a4f1443%3A3%3A1
200 OK 6.3 kB URL GET HTTP/1.1 whileinferioryourself.com/sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=4f54738f-b62b-4d62-af66-d0068a4f1443%3A3%3A1
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectwhileinferioryourself.com
Fingerprint71:16:93:F6:A4:85:D4:02:C9:16:B4:BC:1C:A2:3B:F9:6F:F6:F6:57
ValidityTue, 28 Nov 2023 10:49:34 GMT - Mon, 26 Feb 2024 10:49:33 GMT
File type Unicode text, UTF-8 text, with very long lines (6350), with no line terminators
Hash 152710a6410b799518d4552095973125
4d20bd46f13780b6cec3442c6f08df293a02b536
a1975e42d645d1d8ab95ef63eb168b9b27327d1d47e4f8789d1f03a204f388ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /sbar.json?key=a6b0b8925d9b3a4154c035c24b4ed97e&uuid=4f54738f-b62b-4d62-af66-d0068a4f1443%3A3%3A1 HTTP/1.1
Host: whileinferioryourself.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 02 Dec 2023 21:12:34 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://hqq.to
Access-Control-Allow-Origin: https://hqq.to
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17334956; expires=Sun, 03 Dec 2023 21:12:34 GMT; secure; SameSite=None
uid_id2=4f54738f-b62b-4d62-af66-d0068a4f1443:3:1; expires=Sat, 09 Dec 2023 21:12:34 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 03 Dec 2023 21:12:34 GMT; secure; SameSite=None
uncs=1; expires=Sun, 03 Dec 2023 21:12:34 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 03 Dec 2023 21:12:34 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 03 Dec 2023 21:12:34 GMT; secure; SameSite=None
sleca6b0b8925d9b3a4154c035c24b4ed97e=[4243976]; expires=Sat, 02 Dec 2023 21:12:39 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d65a7fc64ff3b6d0926dca980800e4f9
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
200 OK 1.3 kB URL GET HTTP/2 cdn.barscreative1.com/sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html
IP
ASN #39572 DataWeb Global Group B.V.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerLet's Encrypt
Subjectcdn.barscreative1.com
Fingerprint55:06:B7:F1:EF:E9:55:FB:7C:8C:4F:5D:DB:05:C9:15:19:90:9B:2F
ValiditySat, 11 Nov 2023 03:00:51 GMT - Fri, 09 Feb 2024 03:00:50 GMT
File type HTML document text\012- HTML document, ASCII text, with very long lines (1388), with no line terminators
Hash 1e11fba825d4244ebfc11b9784c9744f
86f24edfd397e9f4d65e589ceb97196b71d2d828
7737a119c12f495c4f32f75686c087c59387d5f851ec8c5443a385dda8c5df76
GET /sb/au/24/54/4e/24544ed07f7394384bbb75023b9b0b3a/1591713925.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:34 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Sat, 07 May 2022 03:21:27 GMT
etag: W/"6275e5b7-4fa"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 02 Dec 2023 22:12:34 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
upstream.to/embed-41j4uqrs875z.html
200 OK 2.7 kB URL GET HTTP/2 upstream.to/embed-41j4uqrs875z.html
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectupstream.to
FingerprintB8:21:F4:ED:87:A2:E8:E2:E9:03:E7:73:1B:BC:09:7B:61:2D:47:6C
ValidityThu, 16 Nov 2023 20:29:28 GMT - Wed, 14 Feb 2024 20:29:27 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (2875), with no line terminators
Hash 306d0064ac7c10d04c460e8a95ee8966
a0a8820c076d4b2fa46b902afb21708d2a1b0529
d737bb99273668dca8172271f342c047aad2f58bcaa38b29246faa6012f57bce
GET /embed-41j4uqrs875z.html HTTP/1.1
Host: upstream.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: ddos-guard
strict-transport-security: max-age=31536000
date: Sat, 02 Dec 2023 21:12:30 GMT
expires: Fri, 01 Dec 2023 21:12:30 GMT
set-cookie: __ddg1_=0B16FeMFcpEmZFaPf8U6; Domain=.upstream.to; HttpOnly; Path=/; Expires=Sun, 01-Dec-2024 21:12:30 GMT
lang=1; domain=.upstream.to; path=/; HttpOnly
content-type: text/html; charset=UTF-8
X-Firefox-Spdy: h2
hqq.to/js/embed.232.js?736
200 OK 174 kB URL GET HTTP/2 hqq.to/js/embed.232.js?736
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
Size 174 kB (173807 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /js/embed.232.js?736 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sat, 18 Nov 2023 19:14:49 GMT
etag: W/"65590d29-2a6ef"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
videocdnmetrika.com/f.php?sid=212040
200 OK 0 B URL GET HTTP/2 videocdnmetrika.com/f.php?sid=212040
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectvideocdnmetrika.com
Fingerprint65:C2:6F:7C:ED:59:22:15:7F:47:FD:32:BD:2B:DB:FB:34:68:26:E6
ValiditySun, 26 Nov 2023 13:44:21 GMT - Sat, 24 Feb 2024 13:44:20 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /f.php?sid=212040 HTTP/1.1
Host: videocdnmetrika.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.1.33
cache-control: no-store, no-cache, must-revalidate, max-age=0
x-robots-tag: noindex
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJQTPlsOz5sq8%2F4wiYwTzT751T6bX94nwIkIM%2BaYdZLVJcFzn86Hp7jZ1LO9g2IXMMfH02KffYMPUFrCHoRewph%2Fe8NaUAY6ElI2QQvE6nNPl4SJOlXG16XwJOd3miOkO%2FIC6Lmw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6919188180b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
200 OK 37 kB URL GET HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectbootstrapcdn.com
Fingerprint34:BC:91:5F:B9:EC:32:2C:D9:73:C7:88:C3:6C:FB:77:E7:70:8D:04
ValidityThu, 30 Nov 2023 00:15:17 GMT - Wed, 28 Feb 2024 00:15:16 GMT
File type ASCII text, with very long lines (32003)
Hash c5b5b2fa19bd66ff23211d9f844e0131
791aa054a026bddc0de92bad6cf7a1c6e73713d5
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
GET /bootstrap/3.3.6/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"c5b5b2fa19bd66ff23211d9f844e0131"
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-cachedat: 10/31/2023 18:51:17
cdn-proxyver: 1.04
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 874
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 9340496eb92efbb51c4cbfe31c0a2d1a
cdn-cache: HIT
cf-cache-status: HIT
age: 925346
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 82f6917e1a880b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
st.mycdn.me/res/css/prod/videoembed/videoembed.9f06c2f1.css
200 OK 16 kB URL GET HTTP/2 st.mycdn.me/res/css/prod/videoembed/videoembed.9f06c2f1.css
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.mycdn.me
Fingerprint2E:0D:A0:C3:73:22:EE:41:29:80:7E:43:6C:5C:5D:00:00:D5:2B:4C
ValidityFri, 11 Aug 2023 04:51:21 GMT - Wed, 11 Sep 2024 04:51:20 GMT
File type ASCII text, with very long lines (15831), with no line terminators
Hash 9f06c2f19e517b712b7dba8f051e480e
3e6a269e1faea4fb1ce80218a4c4d6a906022f06
6a6b080c0346d82cb2547b91a0b465cb7adae9c66258ab00d2bb30f7f128f8f9
GET /res/css/prod/videoembed/videoembed.9f06c2f1.css HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: text/css; charset=utf-8
content-length: 3193
last-modified: Wed, 29 Nov 2023 15:03:35 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:30 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
ok.ru/res/js/app/VideoEmbed_bc0da08a.js
200 OK 888 B URL GET HTTP/2 ok.ru/res/js/app/VideoEmbed_bc0da08a.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (915), with no line terminators
Hash e1bfa7412dfd687ee13772e092c37679
f234287f1469ab541625e2a255c1e8bd20296d44
bd193bcb13a11bc41881338afd9887b42a53d4765b8fe72d82c51c676de92bee
GET /res/js/app/VideoEmbed_bc0da08a.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:31 GMT
content-type: application/javascript
content-length: 360
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:31 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
www.vertuspeliculas.com/temas/default/js/script.js
200 OK 2.4 kB URL GET HTTP/3 www.vertuspeliculas.com/temas/default/js/script.js
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
File type ASCII text, with very long lines (2663), with no line terminators
Hash bf6ef8f1c1649403b4082eabda929861
0efbb0e4485345de2fce0fb142004d7232c984db
6e9d5a55222d7387d459d952e030d07ab6eae7b48289a1bbfd22d129fe3a8e76
GET /temas/default/js/script.js HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Tue, 05 Dec 2023 18:17:44 GMT
last-modified: Wed, 05 Apr 2017 11:00:46 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 356082
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YseL791EKNH18fQ91DMuDAk7uXBJtbruibYZoyNJjKURmmZ7Ep%2BF5uGynF0UXa7ExjBjcZTN0B6wKS2WHORM2enAsSVqcXZULFOGMaQVSgADz8Dz%2FwNI9C%2FxWqaVOlz8Wgbd30YqeHSQ9A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6917e18c1b503-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
200 OK 5.6 kB URL GET HTTP/2 fonts.googleapis.com/css2?family=Ubuntu:wght@400;500;700&display=swap
IP
Requested by https://upstream.to/embed-41j4uqrs875z.html
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (5808), with no line terminators
Hash 7e063b64d0252393b29a176f69004cc9
787ba000ef17c10b6d4c37f8919cc7b24f46d12d
02ff1f0cc9b42eb095cb80c63e643e90de2c696bd29d2c61d8e5bc66229c133b
GET /css2?family=Ubuntu:wght@400;500;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://upstream.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Dec 2023 21:12:30 GMT
date: Sat, 02 Dec 2023 21:12:30 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js
200 OK 5.8 kB URL GET HTTP/2 st.mycdn.me/static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.mycdn.me
Fingerprint2E:0D:A0:C3:73:22:EE:41:29:80:7E:43:6C:5C:5D:00:00:D5:2B:4C
ValidityFri, 11 Aug 2023 04:51:21 GMT - Wed, 11 Sep 2024 04:51:20 GMT
File type ASCII text, with very long lines (5972), with no line terminators
Hash 708a3446b2af33d65f3e023128770c2d
c5aa734bbdb26b796d66db82ee00507ff1e3a36d
c48e76269e21f77f2efb6fb09154b0b7b9722072fdcee6975edf6a04d2a4f150
GET /static/MegaPlayer/10-12-1/okVideoPlayerUtils.min.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 2358
last-modified: Wed, 17 May 2023 19:27:19 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
hqq.to/js/video.jquery_plugs/modernizr.js?12
200 OK 1.2 kB URL GET HTTP/2 hqq.to/js/video.jquery_plugs/modernizr.js?12
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (1245), with no line terminators
Hash 8daca638b6ea732f6375341d2dfe9811
73369521d8d8b5a3bbc30c158b2e9ca6ba37b9d1
23ae5f08dc1f05ecdb72298c9cf2eaf5670f088356903bec72f39520389dc0ba
GET /js/video.jquery_plugs/modernizr.js?12 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 03 Jun 2018 17:19:35 GMT
etag: W/"5b142327-4cb"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
200 OK 79 kB URL GET HTTP/2 cdn.creative-bars1.com/sb/notifications/dating/default/us/desk-all/css/animate.css
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT
Hash 80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429
GET /sb/notifications/dating/default/us/desk-all/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hqq.to
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:35 GMT
content-type: text/css
last-modified: Tue, 14 Apr 2020 14:09:21 GMT
etag: W/"5e95c411-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 80690
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C6EYk8v09OTDzFvQkdZhzRrYvn2dT9vSQwSNyBwyhhjcfNrIm4rFcUKoQvQX5qMICzYI8KvH1wDu%2BwF8nLehD9SOcTfpE7N%2BxuydFAwhSSzs%2FXbHapcpeRUs7FJyNd8mWbUaz%2BBygWSl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82f691a358475312-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
200 OK 27 kB URL User Request GET HTTP/2 www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
IP
Certificate IssuerGoogle Trust Services LLC
Subjectvertuspeliculas.com
Fingerprint91:AD:1F:DE:3E:77:9B:C8:B8:4A:D6:12:9B:9F:4F:E3:7B:3A:C2:69
ValiditySat, 21 Oct 2023 03:32:36 GMT - Fri, 19 Jan 2024 03:32:35 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pelicula/tu-navidad-o-la-mia.html HTTP/1.1
Host: www.vertuspeliculas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=lhi6o2mdst48mrpifoqpr7fk57; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2QverhxufJX66tR%2F12C8pZW3%2BACXeCcrdJdQbMlZWoqi691hT2f4%2ByAQCmgORh%2BnfkgwwVgWED4HYNemet04zQU5B%2F9fiJqdYUKcIFaHDRcMwo0edCx%2F088uniecJmBwmh%2FgDWYwnS2VYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 82f6917a0b39b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mixdrop.co/e/3nge0g37c6nln8
0 B URL GET mixdrop.co/e/3nge0g37c6nln8
IP
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /e/3nge0g37c6nln8 HTTP/1.1
Host: mixdrop.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
unpkg.com/jquery@2.2.4/dist/jquery.min.js
200 OK 86 kB URL GET HTTP/2 unpkg.com/jquery@2.2.4/dist/jquery.min.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (32065)
Hash 2f6b11a7e914718e0290410e85366fe9
69bb69e25ca7d5ef0935317584e6153f3fd9a88c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
GET /jquery@2.2.4/dist/jquery.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Fri, 20 May 2016 17:24:42 GMT
etag: W/"14e4a-abtp4lyn1e8JNTF1hOYVPz/ZqIw"
via: 1.1 fly.io
fly-request-id: 01HG7A5H86SEST4VJG58SVVY7Z-arn
cf-cache-status: HIT
age: 498953
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82f6918798e65691-OSL
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
200 OK 6.8 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (7013), with no line terminators
Hash 49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09
GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 02 Dec 2023 21:12:35 GMT
date: Sat, 02 Dec 2023 21:12:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hqq.to/e/F8jvvAlemfxd
200 OK 149 kB IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
Size 149 kB (149260 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /e/F8jvvAlemfxd HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-robots-tag: 'none, noindex, nofollow, noarchive, nosnippet, noodp, notranslate, noimageindex'
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
p3p: policyref="http://www.example.com/w3c/p3p.xml", CP="CURa ADMa DEVa CONo HISa OUR IND DSP ALL COR"
link: <//hqq.to>; rel=preconnect; crossorigin, <//global.stun.twilio.com>; rel=dns-prefetch; crossorigin, <//counter.yadro.ru>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//stun2.l.google.com>; rel=dns-prefetch; crossorigin, <//unpkg.com>; rel=preconnect; crossorigin, <//mc.yandex.ru>; rel=preconnect; crossorigin, <//cdn.jsdelivr.net>; rel=preconnect; crossorigin, <//wss.commentsmodule.com>; rel=dns-prefetch; crossorigin, <//www.gstatic.com>; rel=preconnect; crossorigin, <//imasdk.googleapis.com>; rel=preconnect; crossorigin, <//storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin,<//a.labadena.com>; rel=preconnect; crossorigin, <//deliver.vkcdnservice.com>; rel=preconnect; crossorigin,<//vkcdnservice.appspot.com.storage.googleapis.com>; rel=preconnect; crossorigin, <//www.google.com>; rel=preconnect; crossorigin, <//www.recaptcha.net>; rel=preconnect; crossorigin, <//cdnjs.cloudflare.com>; rel=preconnect; crossorigin
pragma: no-cache
x-origin-location: player
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno: MISS
x-inferno-location: player
x-inferno-limit-req: PASSED
X-Firefox-Spdy: h2
unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
200 OK 3.1 kB URL GET HTTP/2 unpkg.com/jquery.cookie@1.4.1/jquery.cookie.js
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintF7:B6:41:CA:15:FD:D1:0C:27:39:55:5D:C5:CE:3F:1C:A6:BB:9D:6F
ValidityTue, 02 May 2023 00:00:00 GMT - Wed, 01 May 2024 23:59:59 GMT
File type ASCII text, with very long lines (3441), with no line terminators
Hash c70a657c6ff1764a238929b6e46fb8e4
e2a8eb96b388abf14690ea14fe4af3f600296235
466840a5176a0d6bd70e2d5ade5928ad656ca6b9cd3040a241e33478c63f5813
GET /jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sun, 27 Apr 2014 20:04:54 GMT
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
via: 1.1 fly.io
fly-request-id: 01HFXFQD761P7QTCC22CPCK305-arn
cf-cache-status: HIT
age: 828669
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 82f6918788ce5691-OSL
content-encoding: br
X-Firefox-Spdy: h2
ok.ru/res/js/app/GwtConfig_828bddda.js
200 OK 626 B URL GET HTTP/2 ok.ru/res/js/app/GwtConfig_828bddda.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.ok.ru
Fingerprint66:20:81:B9:D0:20:96:BF:13:93:E6:76:FF:C4:19:BD:F6:29:0E:A3
ValidityWed, 04 Oct 2023 08:36:03 GMT - Wed, 02 Oct 2024 09:21:02 GMT
File type ASCII text, with very long lines (639), with no line terminators
Hash fee44dc6cd3a562a4c92df74767e39e8
87bb3c49a8a36cbaaa472bda5c87d4ef38ac88e2
de3bc73b0948b72a248a1d33d6234725a90b84f95dda5891cfd6c71ef05cf26d
GET /res/js/app/GwtConfig_828bddda.js HTTP/1.1
Host: ok.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ok.ru/videoembed/4703031200372
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:32 GMT
content-type: application/javascript
content-length: 335
last-modified: Wed, 29 Nov 2023 10:02:00 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:32 GMT
cache-control: max-age=31536000
timing-allow-origin: *
X-Firefox-Spdy: h2
st.mycdn.me/static/music/0-4-26-29/model.js
200 OK 89 kB URL GET HTTP/2 st.mycdn.me/static/music/0-4-26-29/model.js
IP
Requested by https://ok.ru/videoembed/4703031200372
Certificate IssuerGlobalSign nv-sa
Subject*.mycdn.me
Fingerprint2E:0D:A0:C3:73:22:EE:41:29:80:7E:43:6C:5C:5D:00:00:D5:2B:4C
ValidityFri, 11 Aug 2023 04:51:21 GMT - Wed, 11 Sep 2024 04:51:20 GMT
File type ASCII text, with very long lines (55076)
Hash 1233f51d03360aacfa7b43003bd61014
2acf4a51c064c867d78a6335b201c7bab0b92afc
0e7539bdcb6a14a5e22f0afb3ec837ed9c5356794f1431072dfada76a8916762
GET /static/music/0-4-26-29/model.js HTTP/1.1
Host: st.mycdn.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ok.ru/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: apache
date: Sat, 02 Dec 2023 21:12:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 21051
last-modified: Tue, 14 Nov 2023 14:23:13 GMT
vary: Accept-Encoding
content-encoding: br
expires: Sun, 01 Dec 2024 21:12:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
timing-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
a.optimizesrv.com/ads.js
200 OK 1.9 kB IP
ASN #60068 Datacamp Limited
Requested by https://www.vertuspeliculas.com/pelicula/tu-navidad-o-la-mia.html
Certificate IssuerLet's Encrypt
Subjectoptimizesrv.com
Fingerprint88:6F:1F:7A:58:F9:32:38:5F:9F:D8:86:7F:B2:C6:D5:A9:3B:0F:65
ValidityThu, 05 Oct 2023 15:31:55 GMT - Wed, 03 Jan 2024 15:31:54 GMT
File type ASCII text, with very long lines (2080), with no line terminators
Hash b590308f4f8ff42cd0c25d84bb49a4cb
6079d44479dfecf461c12b9c0007c8ee1d46779b
f515c2baf582a6c8e0f35bf4ccb9742987beffc8032e24821edd9ea3bb8ed7b0
GET /ads.js HTTP/1.1
Host: a.optimizesrv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.vertuspeliculas.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:29 GMT
content-type: application/javascript
vary: Accept-Encoding
etag: W/"6fcab1a12eeac6e8d699b4e1613"
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: Thu, 30 Nov 2023 17:56:52 GMT
cache-control: max-age=10800
x-robots-tag: noindex, follow
access-control-allow-origin: *
x-77-nzt: A7lMCQ03NzfeRScAALlMCgk3Nzf/OQoAANRmOJk3Nzf/FwEAAA
x-77-nzt-ray: c0a4cc282a12ecc8bd9d6b65d9d62113
x-accel-expires: @1701561620
x-accel-date: 1701541496
x-77-cache: HIT
x-77-age: 12949
content-encoding: gzip
server: CDN77-Turbo
x-cache-lb: HIT, REVALIDATED
x-age-lb: 2617, 10053
x-77-pop: stockholmSE
X-Firefox-Spdy: h2
hqq.to/js/adv/fuckadblock.js?2
200 OK 14 kB URL GET HTTP/2 hqq.to/js/adv/fuckadblock.js?2
IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type ASCII text, with CRLF line terminators
Hash 626be86ed51eef8b8b4038b6dcb8fcb2
229b2c503c8a0acc4bb1b423c895fc30330a0723
7e5965a6eb681ef5f8a59dacd6e8c8263dcbbb512e441e532fee942a90c4c7ea
GET /js/adv/fuckadblock.js?2 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 27 Aug 2019 17:39:04 GMT
etag: W/"5d656ab8-369e"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
hqq.to/js/d_check.js?35
200 OK 3.5 kB IP
ASN #262254 DDOS-GUARD CORP.
Requested by https://hqq.to/e/F8jvvAlemfxd
Certificate IssuerSectigo Limited
Subject*.hqq.to
Fingerprint3A:33:0A:E7:38:7D:10:B0:C1:D8:33:9C:C7:D0:F0:B0:9B:06:02:A0
ValidityThu, 23 Mar 2023 00:00:00 GMT - Sat, 23 Mar 2024 23:59:59 GMT
File type ASCII text, with very long lines (3599), with no line terminators
Hash 47dd2e972f0059419379ce10022af024
664d680f87701f4aa0b32f6bee82ed57ab992afc
41ac5f66afda4f18ce3423349e6a070dab8cbcd99ed9ad1101f82fbc6b24f5fa
GET /js/d_check.js?35 HTTP/1.1
Host: hqq.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/e/F8jvvAlemfxd
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 02 Dec 2023 21:12:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Sun, 01 Oct 2023 06:10:30 GMT
etag: W/"65190d56-d80"
access-control-allow-origin: *
access-control-allow-credentials: true
accessing-static: 1
cache-control: public, max-age=31536000, stale-while-revalidate=30, stale-if-error=30
pragma: cache
content-encoding: gzip
server: Google Frontend
x-cache-status-inferno-s: HIT
x-inferno-location: static
X-Firefox-Spdy: h2
duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
0 B URL GET duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion/favicon.ico
IP
Requested by https://hqq.to/e/F8jvvAlemfxd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /favicon.ico HTTP/1.1
Host: duckduckgogg42xjoc72x3sjasowoarfbgcmvfimaftt6twagswzczad.onion
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hqq.to/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
188.114.96.1
95.211.229.248
104.17.24.14
18.157.203.0
172.67.165.184
190.115.19.71
185.76.9.25
185.178.208.135
0.0.0.0