Report - www12.cuevana3.ch/11404/feast-ii-atrapados-ii

Report Overview

Visited public
2023-09-23 20:39:59
Tags
URL
www12.cuevana3.ch/11404/feast-ii-atrapados-ii
Finishing URL
ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
IP / ASN
172.67.73.79
#13335 CLOUDFLARENET
Title
Ver Feast II (Atrapados II) (2008) Online | Cuevana 3 Peliculas Online

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ssl.p.jwpcdn.com	2512	2012-08-07	2017-01-30 06:00:14	2023-09-23 05:27:00	414 B	16 kB	151.101.194.114
gourgoldpieceso.com	unknown	unknown	No data	No data	2.2 kB	2.3 kB	188.114.97.1
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-23 05:09:29	999 B	2.1 kB	142.250.74.67
my.rtmark.net	9054	2014-10-29	2015-02-04 10:54:57	2023-09-23 05:11:31	985 B	1.5 kB	139.45.195.8
platform.bidgear.com	30367	2011-08-30	2016-07-27 13:51:48	2023-09-23 10:48:24	1.3 kB	5.7 kB	104.26.3.107
api.movcloud.net	45353	2020-04-11	2020-05-05 19:55:01	2023-09-18 18:21:02	423 B	817 B	172.67.210.193
push-sdk.net	unknown	2022-10-25	2022-11-02 01:04:10	2023-09-22 11:43:58	873 B	15 kB	157.90.33.121
pelisplay.io	unknown	2023-06-14	2019-02-04 23:55:42	2023-09-19 06:38:05	3.1 kB	814 kB	172.67.70.219
gloacmug.net	unknown	2023-07-15	2023-07-15 14:44:45	2023-09-23 11:32:19	1.5 kB	30 kB	139.45.197.245
d37tb4r0t9g99j.cloudfront.net	unknown	2008-04-25	2023-07-25 16:15:44	2023-09-19 06:38:33	1.1 kB	56 kB	54.230.241.222
idohethisisathllea.com	unknown	2023-08-27	2023-09-13 21:57:38	2023-09-13 21:57:39	1.4 kB	2.6 kB	52.85.242.22
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-09-23 05:48:04	3.7 kB	11 kB	142.250.74.109
use.fontawesome.com	942	2012-10-18	2017-01-30 05:43:25	2023-09-23 05:10:32	1.0 kB	156 kB	172.64.103.11
pogothere.xyz	unknown	2022-08-22	2022-09-04 21:11:25	2023-09-23 08:45:39	840 B	104 kB	172.64.133.29
imp9.bidgear.com	34078	2011-08-30	2021-03-15 12:09:09	2023-09-23 12:10:21	1.6 kB	3.4 kB	104.26.3.107
dt.raggledordures.com	unknown	2023-06-08	2023-06-08 09:24:17	2023-09-19 06:38:05	420 B	1.5 kB	142.91.159.89
whulsaux.com	unknown	2023-01-04	2023-01-04 17:10:35	2023-09-21 17:53:18	1.9 kB	33 kB	139.45.197.244
www12.cuevana3.ch	unknown	unknown	2023-07-19 09:03:55	2023-09-19 05:19:05	501 B	759 B	104.26.6.217
www.googletagmanager.com	75	2011-11-11	2013-05-22 04:07:37	2023-09-23 07:48:37	1.8 kB	301 kB	142.250.74.168
g.jwpsrv.com	113622	2012-10-04	2018-01-19 14:34:33	2023-09-20 06:58:42	538 B	325 B	151.101.194.114
if.pelisplay.io	unknown	2023-06-14	2023-06-14 17:42:50	2023-09-17 08:42:14	581 B	647 B	172.67.70.219
ww1.cuevana3.ch	unknown	unknown	2023-09-20 07:46:32	2023-09-23 15:58:16	8.2 kB	546 kB	104.26.6.217
pelisimg.online	unknown	2022-11-23	2022-11-23 03:36:11	2023-09-19 06:38:04	455 B	48 kB	172.67.68.26

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-23	medium	whulsaux.com	Sinkholed
2023-09-23	medium	whulsaux.com	Sinkholed
2023-09-23	medium	whulsaux.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (45)

	URL	From	Size	First Seen	Last Seen
	pelisplay.io/js/jw8.9/jwplayer.js?v=1.6	ScriptElement	109 kB	2023-03-07	2024-09-19
Pretty URL pelisplay.io/js/jw8.9/jwplayer.js?v=1.6 IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06 Last Seen2024-09-19 21:57 Times Seen78 Hash d21721173f070a01a0f8120fad5a889b 6ddb1c434f41ec3968ca2fdcd4b87cf0562b41b3 3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9 Loading...

	pelisplay.io/js/jw8.9/provider.hlsjs.js	ScriptElement	313 kB	2023-03-07	2024-09-19
Pretty URL pelisplay.io/js/jw8.9/provider.hlsjs.js IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06 Last Seen2024-09-19 21:57 Times Seen78 Hash 15f611be6ff382db1034a3f94cbd5e6a 0ebf30d81fb97fb62d828c57bda21b73e5b48734 fee72764da4f138b46e1f7787918d0dae1627a83e8ed59502753fd340a8ba6d9 Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	1.7 kB	2023-03-08	2024-08-21
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 23:43 Last Seen2024-08-21 09:32 Times Seen50 Hash 555bf7306fd3ad5836321a380d7e57cd f8fc4ee8809c23485b4c7007723aa54134699435 17d6183d61bf94f2a01eeaa514d9983763fafe7a281cd8c8729140cf4574dbf7 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	115 B	2023-03-08	2024-12-24
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:53 Last Seen2024-12-24 23:42 Times Seen95 Hash e5bd17b94943195249ca2bb98d0c77c2 1f6dc361965cfeb23c0e1cb9530c297c78963733 24fcbf4bc116d27abc67431ba3c22227e6fa07c6b98ef7ac89033bc7cf603357 Loading...

	pelisplay.io/player/js/jquery.min.js?v=1.6	ScriptElement	86 kB	2023-03-07	2025-02-01
Pretty URL pelisplay.io/player/js/jquery.min.js?v=1.6 IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-02-01 17:45 Times Seen496 Hash ed72e2a6ae1afb03eb3e917c2dbe2b50 b23ec2f5041209e5d1d567740fe5ad323688b76a f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780 Loading...

	moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js		1.7 kB	2023-05-05	2025-05-11
Pretty URL moz-extension://94b86a3e-a8f5-4509-b451-a3e524e5069f/lib/shim_messaging_helper.js IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-11 09:54 Times Seen54803 Hash 865f01cbb34eb505834e826380d7dc2e c239ccc37191f1be78dfaa6bb3f1da5d314fdf9e 30ed6392b8de4590bd974a4a797ee0b12b382f2141738115bfd2d692cfa6ec17 Loading...

	platform.bidgear.com/ads.php?domainid=5786&sizeid=17&zoneid=6326	ScriptElement	548 B	2024-08-21	2024-08-21
Pretty URL platform.bidgear.com/ads.php?domainid=5786&sizeid=17&zoneid=6326 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash e080dfc0d44be2230e335a47af5e150a aa6f2cfcb290c288687c12c89f560d1bd2f10ecb dacc404cc4452623c3b2c13805ffbc0f7edc0b110e56c571d8579ed827cf4779 Loading...

	connect.facebook.net/es_LA/sdk.js#xfbml=1&version=v3.2&appId=164766160851609	ScriptElement	17 kB	2023-05-05	2025-05-11
Pretty URL connect.facebook.net/es_LA/sdk.js#xfbml=1&version=v3.2&appId=164766160851609 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-05 22:33 Last Seen2025-05-11 09:54 Times Seen54201 Hash b938e0b835c600209bdaae9d8ccda6d7 d5ee79d277057e05f002a18381722b5eb75d3883 d1b95aeb57c3285042e1e24c00cc56a8560d16daf7ee5cdfd5c75296b21ac91b Loading...

	gloacmug.net/5/5737819	ScriptElement	70 kB	2023-09-23	2023-09-23
Pretty URL gloacmug.net/5/5737819 IP 139.45.197.245 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash 319c0066e2f8e7ff7301ebdcc5113d50 54544910283f54082bc89adc3f19bde39c1732dd 0e6f7a5cdcc3871972ff3ffd8426c3442240d12596cca790ae2b5c0af10ade61 Loading...

	pelisplay.io/js/jw8.9/jwplayer.core.controls.js	ScriptElement	279 kB	2023-03-07	2024-09-19
Pretty URL pelisplay.io/js/jw8.9/jwplayer.core.controls.js IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06 Last Seen2024-09-19 21:57 Times Seen78 Hash 7f4630fbe6f360083d55d3440f61d111 f705b7321b7e598bb3e4c45eb2965b8172c3b537 81d08468f247ab230ea5a091d643143eb1979ced04581584e892aaeaa33a587a Loading...

	www.googletagmanager.com/gtag/js?id=G-6BGCTHHZDS&l=dataLayer&cx=c	ScriptElement	228 kB	2023-09-23	2023-09-23
Pretty URL www.googletagmanager.com/gtag/js?id=G-6BGCTHHZDS&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash 59562533bdd3b29ea34c17eb5549dd14 e953e549568aed02a398e7332033498676550409 7bc9ce2a4b5683f54dc0a5cff6aa68fe6b6cd46bde315176ebd020158f272b76 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	310 B	2023-03-13	2024-12-24
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 23:12 Last Seen2024-12-24 23:42 Times Seen75 Hash baad9739bc64d6d4cc47e1e4585bb065 fdcf51504b3815d73644fc58c867ed69e939003f b203875da912f8f38ed0b51b6a6b9a00a400dc382246d819dc7c674b8c39f973 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	59 B	2023-03-12	2024-12-24
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:34 Last Seen2024-12-24 23:42 Times Seen87 Hash de28078543da464ef12cb314c4d16673 0b6dc7dc601130dbf13b14a122f098643f92ea91 91df46e3660dcfd6d6d097faf2a767f5a4ce2ce3ee9d695003b7e24b8d8fcafd Loading...

	www.google-analytics.com/analytics.js	ScriptElement	4.7 kB	2023-04-11	2025-05-11
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:24 Times Seen341075 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	d37tb4r0t9g99j.cloudfront.net/?trbtd=994416	ScriptElement	168 kB	2023-09-23	2023-09-23
Pretty URL d37tb4r0t9g99j.cloudfront.net/?trbtd=994416 IP 54.230.241.222 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash cf306de1bb5f4f697f747a32e9399a5f e4e26e0913716f89514c02f05049e621c37f7037 a2181ccac1d87f694cbd09cae97a3e6028315080c2465ad493ccb4e01b1a8405 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	279 B	2024-08-21	2024-08-21
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash d061974f2573d445b7d7ce5ecaf470e9 9a4d53f14a016238cc0ba87e24574a48adc9de36 480a7f95de8cf9e2caef52c7bdb91f6ce284f1f982d4397351625eda4998b8f3 Loading...

	whulsaux.com/tag.min.js	ScriptElement	80 kB	2023-09-19	2023-09-25
Pretty URL whulsaux.com/tag.min.js IP 139.45.197.244 ASN #9002 RETN Limited Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-19 15:45 Last Seen2023-09-25 15:53 Times Seen96 Hash a3b25ba8316f38d39cbf075d179aad71 9ee5f28a77d2bf3eaa59865c259e8d5c5d6cf272 311c51da9b45e9b6d879e703d48b0324b6921919659a430735032711fb7126cd Loading...

	ww1.cuevana3.ch/11404/sandbox%20eval%20code		147 B	2023-04-11	2025-05-11
Pretty URL ww1.cuevana3.ch/11404/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07 Last Seen2025-05-11 10:24 Times Seen341877 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	273 B	2023-03-08	2024-08-21
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-08 02:53 Last Seen2024-08-21 09:32 Times Seen51 Hash 51ead1a0cbab7a9e9ed69995063257c3 00da5944d5602a8cea542aaa18fdd0316cbc0540 23fd44d7160c51d4ce07fca3368b0474c956f0475d918d74ef939e46339cc096 Loading...

	d37tb4r0t9g99j.cloudfront.net/AVHREd3Y3GyoRSSAdIEpPbUBwRkByHjcYGCRJNEY0DRA1MhI4RxYkARUSYgMMMEl0URo1GiNKUDEaJ0pHchUgFUtgUjAHGT9JKxwUMwUhBgU1BGICF2kZKw0fOBglUkQSQWpHU2ZEbA9HZVF3NVNmRCgeGCEMYUVGLExyKEBgUXc1U2ZENgFTZzV1R096RG-1SRGQTIRQdO1F2MURkRXRHR2RFYUVGMh02EhA7DGFFMGVFdVlGcgF5Rg	ScriptElement	843 B	2023-09-23	2023-09-23
Pretty URL d37tb4r0t9g99j.cloudfront.net/AVHREd3Y3GyoRSSAdIEpPbUBwRkByHjcYGCRJNEY0DRA1MhI4RxYkARUSYgMMMEl0URo1GiNKUDEaJ0pHchUgFUtgUjAHGT9JKxwUMwUhBgU1BGICF2kZKw0fOBglUkQSQWpHU2ZEbA9HZVF3NVNmRCgeGCEMYUVGLExyKEBgUXc1U2ZENgFTZzV1R096RG-1SRGQTIRQdO1F2MURkRXRHR2RFYUVGMh02EhA7DGFFMGVFdVlGcgF5Rg IP 54.230.241.222 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash d36cf76a9d55be2741de0fd3dd218244 e6913e2258fbecc5f09a3ca1eae4aaea68f245c6 3964449d9a7f8836503ca3b930af8ebdcfa5928a268f8d688da375b8d35a7471 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	820 B	2023-03-12	2024-12-24
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:34 Last Seen2024-12-24 23:42 Times Seen87 Hash 8f5bf5d28dd98b24b745ea6751622461 c29d3a0994670dc4c0c1183b4a4f401f09a5dbd3 746fd20bc9d02d5bf613d4014c02d6ce8b267b5c59bfbc614c84ca18caebda80 Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	154 B	2023-03-12	2024-08-21
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-12 16:34 Last Seen2024-08-21 09:30 Times Seen14 Hash c2ba07781852f545a3c1c83e52644a79 a1e249784fa95b2b54257cfd9213879a2754112c a87715f54d721c11c79e734e9c0e2d1ee5c9200ddff1104c66f7b9f9536365f3 Loading...

	platform.bidgear.com/ads.php?domainid=6991&sizeid=17&zoneid=7797	ScriptElement	539 B	2024-08-21	2024-08-21
Pretty URL platform.bidgear.com/ads.php?domainid=6991&sizeid=17&zoneid=7797 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash 6c1c64027a736b4b2242b73842c422eb dd687b6e09a9dc2b2947fd365a2ecb7d45608bd9 55bff0e76e2b42ff34ca922de70d93d1540372321b387e63d7ccd31b30ed89eb Loading...

	ssl.p.jwpcdn.com/player/v/8.9.2/jwpsrv.js	ScriptElement	53 kB	2023-03-07	2025-05-05
Pretty URL ssl.p.jwpcdn.com/player/v/8.9.2/jwpsrv.js IP 151.101.194.114 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:19 Last Seen2025-05-05 18:34 Times Seen222 Hash 9ce4655dbc7b8410f510da753f3be441 eca19a305bcc0901be83cdc88f9d1f1030636738 f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7 Loading...

	platform.bidgear.com/async.php?domainid=5786&sizeid=2&zoneid=6858&k=1695501579634	ScriptElement	2.7 kB	2024-08-21	2024-08-21
Pretty URL platform.bidgear.com/async.php?domainid=5786&sizeid=2&zoneid=6858&k=1695501579634 IP 104.26.3.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash e15529f84e2ea7d64ffef993a10e332b b12d4378e5d5f4a8d8ee03b723c56a785387b4ee ad23c06260fadefb62965735fc7e718c806c92d24cbe7a7b8d6d62b9c069434c Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	386 B	2023-07-16	2024-08-21
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 05:39 Last Seen2024-08-21 05:55 Times Seen1 Hash 22cf70db63470a1d627abc74a197562b 88339383d679b117ad19963b0004ac715984ab82 7990b156b350a014cd07877f069277936dd234fc751adb639fbcc22e97ae4f66 Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	59 kB	2023-06-20	2024-08-21
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-20 23:55 Last Seen2024-08-21 09:32 Times Seen38 Hash 2e3144e20a3d7ca6807fb507952d1867 16314da4daf78f06eae24550eba8b03d8cd96103 0ad0140d86e89c7b7bb8bf469be9c0299ec620b401aeb009bc9e9a67fece8eb5 Loading...

	ww1.cuevana3.ch/static/cdn/bct-public.js?v=2.3	ScriptElement	46 kB	2023-03-12	2024-12-24
Pretty URL ww1.cuevana3.ch/static/cdn/bct-public.js?v=2.3 IP 104.26.6.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:34 Last Seen2024-12-24 23:42 Times Seen87 Hash fff33af90dea13ff6a179ce5c80a1126 2bea0194d58d6b8d84c4224bf4762a62d8847a50 e01d80f20a88e84420c158b48c39174fab30e1fa8bc0ef8a3cfdf2a07fa93386 Loading...

	www.googletagmanager.com/gtag/js?id=UA-151873175-1	ScriptElement	189 kB	2023-09-23	2023-09-23
Pretty URL www.googletagmanager.com/gtag/js?id=UA-151873175-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash 34ba28d3b71d200941e6ff85685bfd6b c7176daef1234905ebbf2a9da83e4dac6c7b480f 72033a5063d89c1c23114ef0074db5c7b5a40ded3c1460052f5224d170cebef5 Loading...

	www.googletagmanager.com/gtag/js?id=UA-162086921-1	ScriptElement	189 kB	2023-09-23	2023-09-23
Pretty URL www.googletagmanager.com/gtag/js?id=UA-162086921-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash b4bb90974af13582df7c06ca9970bde2 8ba13fca392f9a6435c744ae5e86593fca91eae9 adbed8cd997ab9da3d4ed93fc015ff2f90a499ce7a9fb2f9e5e85eb373191104 Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	447 B	2023-06-20	2024-08-21
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-06-20 23:55 Last Seen2024-08-21 09:32 Times Seen38 Hash 13716c93831bc11f744c3e883d986867 769c9597e0e76c71551d8d13fa08ca4a7494e330 fa2c9378d629260b239a7b2e8a29d8e1898fc9e4da53e804e6b67723a91a524e Loading...

	idohethisisathllea.com/VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI	ScriptElement	3.0 kB	2024-08-21	2024-08-21
Pretty URL idohethisisathllea.com/VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI IP 52.85.242.22 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash db695a9ab1ae0f7040e64b4cf9dff6f2 f9c86229c1d6b757bcd467539653b89bdd641060 6da0828d62547abe6e6c0c156408f7ae25e274e35307d27f54b708027f02390a Loading...

	www.googletagmanager.com/gtag/js?id=G-9F4CN4GH2B&l=dataLayer&cx=c	ScriptElement	220 kB	2023-09-23	2023-09-23
Pretty URL www.googletagmanager.com/gtag/js?id=G-9F4CN4GH2B&l=dataLayer&cx=c IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 22:40 Last Seen2023-09-23 22:40 Times Seen1 Hash ea54350e222fdfd7e0ddf22841937271 7e42faf911665f99cc60e64e8ecefb56320d90ec 53be9919619fe3faa8dda0c2ec37190d1165d36c19b17eaeeba467d5496b053f Loading...

	dt.raggledordures.com/tfV1aVkhjL8iyoL1/61515	ScriptElement	5 B	2023-03-07	2025-05-11
Pretty URL dt.raggledordures.com/tfV1aVkhjL8iyoL1/61515 IP 142.91.159.89 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:14 Last Seen2025-05-11 10:25 Times Seen6012 Hash f7a2939527fd9e68723da600e96d76bd a9e717b6364d2895ee0a716050db32ca0ef1bb42 d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a Loading...

	ww1.cuevana3.ch/11404/feast-ii-atrapados-ii	ScriptElement	713 B	2023-03-13	2024-12-24
Pretty URL ww1.cuevana3.ch/11404/feast-ii-atrapados-ii IP 172.67.73.79 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 23:12 Last Seen2024-12-24 23:42 Times Seen86 Hash 2ddbc1e7fcfe34245163ba34e1650377 06a3b1e1b838852a9118482461bd23f0b16e7139 a9c00acf3b05426658568ddf5d464ad93c7e3e497a9af98831484da0a7fdd5ab Loading...

	ww1.cuevana3.ch/static/cdn/owl.js	ScriptElement	44 kB	2023-03-07	2025-05-11
Pretty URL ww1.cuevana3.ch/static/cdn/owl.js IP 104.26.6.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:34 Last Seen2025-05-11 06:03 Times Seen345 Hash 883f41b48b014cb22784f5b09729ec8b c1a9ff684662647040971f4926db914e2cee6ea9 4388c2b7009bc437605e6ff62c170faf788b1d8b8800717223160bbacec0ae5f Loading...

	ww1.cuevana3.ch/static/cdn/loadMoreResults.js	ScriptElement	1.7 kB	2023-03-07	2025-05-11
Pretty URL ww1.cuevana3.ch/static/cdn/loadMoreResults.js IP 104.26.6.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:22 Last Seen2025-05-11 06:03 Times Seen95 Hash 3b5f05cb700b6f065d243a5c4516ba17 c8f6d9c33b67b5014e15bbe75ef7f729c29bcba1 fa733679e530b478ff221b3cbf3cad590e459d42f999710522433f938348e761 Loading...

	push-sdk.net/f/sdk.js?z=829726	ScriptElement	52 kB	2023-07-21	2023-12-07
Pretty URL push-sdk.net/f/sdk.js?z=829726 IP 157.90.33.121 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-21 05:21 Last Seen2023-12-07 23:41 Times Seen65 Hash aa7723ddc86d39d9a0819c16f4edd278 95e35d7cf2399ca66a4ca5d8e5317415ecf8c06a 0bf3637d1dd3b7acff96a15a58a4887e3eed934818e54e0aa460a39b8e342ae7 Loading...

	pelisplay.io/play?id=ODY0MDU=	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL pelisplay.io/play?id=ODY0MDU= IP 172.67.70.219 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:25 Times Seen4653300 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	api.movcloud.net/v1/count/movie/es/episode/86405	ScriptElement	0 B	0001-01-01	2025-05-11
Pretty URL api.movcloud.net/v1/count/movie/es/episode/86405 IP 172.67.210.193 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-11 10:25 Times Seen4653300 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ww1.cuevana3.ch/static/cdn/jquery.js	ScriptElement	87 kB	2023-03-07	2025-05-11
Pretty URL ww1.cuevana3.ch/static/cdn/jquery.js IP 104.26.6.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:33 Last Seen2025-05-11 06:03 Times Seen285 Hash b72afe07a6f6f477120f3b0803d0a983 78ef8329a917d65f8bedf5e1336724c6f5b80404 f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e Loading...

	ww1.cuevana3.ch/static/js/hamfunction.js?v=2.3	ScriptElement	1.3 kB	2023-03-12	2024-12-24
Pretty URL ww1.cuevana3.ch/static/js/hamfunction.js?v=2.3 IP 104.26.6.217 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 16:34 Last Seen2024-12-24 23:42 Times Seen73 Hash e78690213ce561cd930dbac6299f6303 33d563ac21489094ec9c1cd3e2af796c0622a98b f8ff1c29d461bee3eecc4ca23a6f03ecee85c6b9054e37d721d8666b2b43c1f4 Loading...

		Size	First Seen	Last Seen
	#1 Write - 4b2c32ff249f53d4d82c4c308a2124a4	515 B	2024-08-21 05:55	2024-08-21 05:55
Pretty Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash 4b2c32ff249f53d4d82c4c308a2124a4 7beaa57f116433cec3096ec004a047e1dd0e33a9 f4695738b159902ab91f60fc7f8d83988912c7977b7bcecbe46bd6265acfaa05 Loading...

	#2 Write - 7437dfa9656f27a08188c308adb7553c	420 B	2024-08-21 05:55	2024-08-21 05:55
Pretty Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash 7437dfa9656f27a08188c308adb7553c 05103111b9c0b0de71e3aab69262a59a44068a6b 1119c2a172f446a75c9bbc593af6759753399701e5188c27a27381f02a711066 Loading...

	#3 Write - 105e23d383932c8ff8da0cca1308ca43	522 B	2024-08-21 05:55	2024-08-21 05:55
Pretty Observations First Seen2024-08-21 05:55 Last Seen2024-08-21 05:55 Times Seen1 Hash 105e23d383932c8ff8da0cca1308ca43 05482ea16e2714b26a8ea1d86fa9ee017fb85298 1cd00657b5abe5cf1f7d1587c462266b02483131c7db9ba5822421554b9e9e36 Loading...

HTTP Transactions (70)

URL IP Response Size

www12.cuevana3.ch/11404/feast-ii-atrapados-ii

104.26.6.217

301 Moved Permanently

178 B

URL User Request GET HTTP/2
www12.cuevana3.ch/11404/feast-ii-atrapados-ii
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

HTTP Headers

GET /11404/feast-ii-atrapados-ii HTTP/1.1
Host: www12.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 23 Sep 2023 20:39:38 GMT
content-type: text/html
location: http://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4eGp4ON1iEmnR3yEAS3FYlEp3o8%2BrcMl6x3d1lH6T08O%2B%2Bpz3sBjAj%2FKnYzh6ujTstIQO0dZmxYZ45LNUtP4SxNbF%2FYFHo4ggB%2FgLalg6HjPZxr4VOstHgaPFON%2FIaXN6fHu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b59920e8735697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/loading.gif

104.26.6.217

200 OK

14 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/img/loading.gif
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
GIF image data, version 89a, 250 x 250\012- data
Size
14 kB (13952 bytes)
Hash
34cc62d1df1c8328f56ae7a7acf2e83a
afb49cf3ebd59e0a02b33ef8f0c1f4ea2cefe1fc
c4492147e1e36bd65d7237c1961a3dc3505852b195bd9fd0ca042b3e7427bb65

HTTP Headers

GET /static/img/loading.gif HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/gif
content-length: 13952
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-3680"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o3nNgFQbDXuvLTEQCKYHhxDXxpeDg7fy4Bbr0kyLCg3Kw8JB1FW1y9DhX0kCYu2OBroiQzTAPNLTSL0Pe3vkTXWkMHUt%2BoBypQP798xPejVUKF14EMCZzHNrZvY7qSyZIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599264ec25697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/cuevana3.png

104.26.6.217

200 OK

4.7 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/img/cuevana3.png
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
4.7 kB (4675 bytes)
Hash
30ecf26d81b4d18a7a568d42e674705e
c846ca657d113edcdb68ae7e53b8ecede50a15cb
f856cb85a867ba1f60a337dbbb095142c0590b426b30c5d35dcbbbd158b79927

HTTP Headers

GET /static/img/cuevana3.png HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/png
content-length: 4675
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-1243"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4125
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zatLeZGGaIfkuhSjBJ%2Bb2yPp%2FAdzXpit0IiFIKHecFSgWeA4jgHYc7pIe6PGBcZIcZ2Iv5iblybYRUMLcQ4Bp7Qe8kzoahpoYDOjxm%2FuRFdmc9QQ593KBL0iIpwRxmX5MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599264ebf5697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/cuevana-logo.png

104.26.6.217

200 OK

5.8 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/img/cuevana-logo.png
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
PNG image data, 240 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5783 bytes)
Hash
a60e73427dd677b3a22ff75d7a989317
69d9c3b34502c3455ef4a70480a5eb78bb185be8
bb8b54eb1859167182f80670354003360d5380d3ac9315a5c7be2bf3e250df07

HTTP Headers

GET /static/img/cuevana-logo.png HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/png
content-length: 5783
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-1697"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LA%2FgMH31Nchvf0%2BrDPuQJOLPIBkEyf8vk%2FIqhCuYt2AJ4JMUEtzPTofN3r1g29B%2B%2FKxL0eZx0PZso3NmJVlF6cTcohuMq2gvtHGZhOCcCFDD3upiJBVv%2BiKEfZ79Rt6mLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599264ec45697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/google.png

104.26.6.217

200 OK

1.5 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/img/google.png
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
PNG image data, 27 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1546 bytes)
Hash
39fa61abc6882900163b6aac110681ac
c8de5c8663686c6678c8f53dcfd46b980e6e309a
6405e410140d23417d9dd63cb53590188906b0b79bab039d3d0bec253e950993

HTTP Headers

GET /static/img/google.png HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/png
content-length: 1546
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-60a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4124
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F3ucii4YuW4uI9hgS80bIiBVwlEV%2FB3Cp3%2BQh9NhwwSGqlZaMWESBZHCHQTVqlz89D1bxNSYHPsI3vc55mwK3OFgMB7FLD3Yq6QN0ST%2B4RC9dw%2F6aXDG9iw4db7hvhASKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599265eca5697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/css/footer.css?v=2.3

104.26.6.217

200 OK

12 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/css/footer.css?v=2.3
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (54384), with no line terminators
Size
12 kB (12142 bytes)
Hash
f79afdef6b4bfa003028cdef4fffdff1
3e53151b0aa9c2c7d6b5ae1382cac00d5b7bdd06
3fddef2f6536f7548e8f496800e05ecbf6d4ccf364a446585af93742c47f03a3

HTTP Headers

GET /static/css/footer.css?v=2.3 HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-d470"
cache-control: max-age=14400
cf-cache-status: HIT
age: 5846
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j4QsjeLzUP9xaoiRzYc0vGS%2B1yB6E8IzZ7FJ5LGsq1iGbGC0k4ztEwB1uscFqHdoCQEcBXfmpNBT2vX3QnG9U6afx%2FdwwgZJJENPqfqC0R%2FN%2FtK3%2B9nXJKB8d7VAXj%2BHWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599265ed35697-OSL
content-encoding: br
X-Firefox-Spdy: h2

pelisimg.online/cover/feast-ii-atrapados-ii-1603837507.jpg

172.67.68.26

200 OK

47 kB

URL GET HTTP/2
pelisimg.online/cover/feast-ii-atrapados-ii-1603837507.jpg
IP
172.67.68.26:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE8:BD:F1:D4:FA:85:A7:00:87:E3:98:2F:48:F9:3C:59:50:95:BD:16
ValiditySun, 26 Mar 2023 00:00:00 GMT - Sun, 24 Mar 2024 23:59:59 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 80", baseline, precision 8, 326x480, components 3\012- data
Size
47 kB (47295 bytes)
Hash
75c308c4900880bf7ccdaafaee2990e4
9835011cb0f2e9fa98e06414aa3eec098cac02af
3e13fd8e1238c3c653ba9e6f337a7c296e14a30554d935a66f3c248768bcb066

HTTP Headers

GET /cover/feast-ii-atrapados-ii-1603837507.jpg HTTP/1.1
Host: pelisimg.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/jpeg
content-length: 47295
last-modified: Tue, 27 Oct 2020 22:26:12 GMT
etag: "5f989e84-b8bf"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nMz9jvwMfAqc7w9oz8AQayVPVL0NAvYqG7x1Ad%2F0EgnuIrA%2BbASD%2BTiV0dxS8WsP%2BlBFQURB2ayCcHmUZnASgDaZUZUrGRIHvoL4wthtsdQz1%2F6X26X7XdDUFKbjHVdqww%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b59926ddd0b52d-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-151873175-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=UA-151873175-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (69001 bytes)
Hash
34ba28d3b71d200941e6ff85685bfd6b
c7176daef1234905ebbf2a9da83e4dac6c7b480f
72033a5063d89c1c23114ef0074db5c7b5a40ded3c1460052f5224d170cebef5

HTTP Headers

GET /gtag/js?id=UA-151873175-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 20:39:39 GMT
expires: Sat, 23 Sep 2023 20:39:39 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69001
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/cdn/bct-public.js?v=2.3

104.26.6.217

200 OK

11 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/cdn/bct-public.js?v=2.3
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
Unicode text, UTF-8 text, with very long lines (4261)
Size
11 kB (11001 bytes)
Hash
fff33af90dea13ff6a179ce5c80a1126
2bea0194d58d6b8d84c4224bf4762a62d8847a50
e01d80f20a88e84420c158b48c39174fab30e1fa8bc0ef8a3cfdf2a07fa93386

HTTP Headers

GET /static/cdn/bct-public.js?v=2.3 HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-b47b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGjNPiZ3k03SZvGEl9c5lzC6XHt2042Dcl5KwNjdgw%2Fxr8xx4HqcpsAwhcKMblK9u5Ha9oZrBHV5IiYv1SOhS6OGljwlhzpML5hDFkz80WbzYkmfgKLGcnYSFw43ynUy7w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599266edf5697-OSL
content-encoding: br
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=6326&uuid=54ad42112d6944d88793e4da09025512&p=58&g=NO&token=4a44335432&tbg=1695501579

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=6326&uuid=54ad42112d6944d88793e4da09025512&p=58&g=NO&token=4a44335432&tbg=1695501579
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6326&uuid=54ad42112d6944d88793e4da09025512&p=58&g=NO&token=4a44335432&tbg=1695501579 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NfzEeRsqG6LP0xmmBQ4abdgg6vPFFNdyn6C%2F%2BR0cSnTczldWo3cX0PzwKHaNyNVqun7uY1TcvGm7Fi0S4B7aCoIf1bXm9HqslnTamqhxp%2F9%2B%2BezeJfm0kFJNNnoFl4a4aoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b59929c80d56c5-OSL
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=6858&uuid=7fbdd60c5f534d10a41be0963d159393&p=85&g=NO&token=4a44335432&tbg=1695501579

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=6858&uuid=7fbdd60c5f534d10a41be0963d159393&p=85&g=NO&token=4a44335432&tbg=1695501579
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=6858&uuid=7fbdd60c5f534d10a41be0963d159393&p=85&g=NO&token=4a44335432&tbg=1695501579 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EIwWNYYp0wjOjVrWbNfdg6o4X7U4CWn7CmZU%2Bc75pWmewPKjeq1Dn4ZthErFJHGt3uC8PqJI1yeNXBBndjL1rPnhbDVgo3arnpd4f%2BAjZ3oRJyx7NbQ8K03l7MsSpBIA1%2BU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b59929c80956c5-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/css/style.css?v=2.3

104.26.6.217

200 OK

76 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/css/style.css?v=2.3
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (398)
Size
76 kB (75728 bytes)
Hash
24df92520e1e521265c44b8d95773200
3f4ab7ad585c6b84cfe75e5e335dff25e05b8289
d2fa8b5aedda1415c6bb937b7aa43ecf40c08c3e49f3c4ad7481bfd33634f6bc

HTTP Headers

GET /static/css/style.css?v=2.3 HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: text/css
last-modified: Wed, 15 Mar 2023 05:41:38 GMT
vary: Accept-Encoding
etag: W/"64115a92-11b9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=edHhuG9pLI5RYjOXEJCaWefLCHawFS1cGwHdoUKLySnZKwcMTgBboJfmR5xQgzx%2B7GR52M4b%2BSkNDsS%2FK2hK3cWnK57FsLXNdEfUdQPlfKuAyRk8GUr4YbLOqwjxDqmuCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599263ebb5697-OSL
content-encoding: br
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/css/app.css?v=2.3

104.26.6.217

200 OK

127 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/css/app.css?v=2.3
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
127 kB (126811 bytes)
Hash
0ec6a477de32046ded58986b0c012972
ce360c8b1190c99f7316c1a6fc604089839b104e
a18679f3856329baa5760744efdb36bcd9074d0ac7fb57392df5ce4908428fb3

HTTP Headers

GET /static/css/app.css?v=2.3 HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: text/css
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-22555"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oH%2Bw25yT7F%2B7qrrZlDHVh5W88p3CnokXIArMUFuL5gfNAl1C1T1RAGQN%2FiIunJazQpXmbFR0dap%2Bz%2BCFTIeRgH6UwdkEF%2FoRwfkA9oJJwohkyGmPmunfhlqxqk8M%2FmwTyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599263eb95697-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-9F4CN4GH2B&l=dataLayer&cx=c

142.250.74.168

200 OK

79 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-9F4CN4GH2B&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (5788)
Size
79 kB (79070 bytes)
Hash
ea54350e222fdfd7e0ddf22841937271
7e42faf911665f99cc60e64e8ecefb56320d90ec
53be9919619fe3faa8dda0c2ec37190d1165d36c19b17eaeeba467d5496b053f

HTTP Headers

GET /gtag/js?id=G-9F4CN4GH2B&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 20:39:40 GMT
expires: Sat, 23 Sep 2023 20:39:40 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

push-sdk.net/f/sdk.js?z=829726

157.90.33.121

200 OK

14 kB

URL GET HTTP/2
push-sdk.net/f/sdk.js?z=829726
IP
157.90.33.121:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
Fingerprint23:59:5B:DB:F5:9D:B8:FA:49:80:48:0D:26:F3:E8:0A:8E:68:AC:BF
ValidityMon, 21 Aug 2023 03:30:52 GMT - Sun, 19 Nov 2023 03:30:51 GMT

File type
Unicode text, UTF-8 text, with very long lines (51737), with no line terminators
Size
14 kB (14071 bytes)
Hash
aa7723ddc86d39d9a0819c16f4edd278
95e35d7cf2399ca66a4ca5d8e5317415ecf8c06a
0bf3637d1dd3b7acff96a15a58a4887e3eed934818e54e0aa460a39b8e342ae7

HTTP Headers

GET /f/sdk.js?z=829726 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 14071
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

dt.raggledordures.com/tfV1aVkhjL8iyoL1/61515

142.91.159.89

200 OK

25 B

URL GET HTTP/1.1
dt.raggledordures.com/tfV1aVkhjL8iyoL1/61515
IP
142.91.159.89:443
ASN
#7979 SERVERS-COM

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectdt.raggledordures.com
Fingerprint05:D2:F8:F4:3A:AF:07:AD:05:8D:13:65:F0:B4:FF:9E:51:F9:14:D8
ValidityWed, 16 Aug 2023 23:33:35 GMT - Tue, 14 Nov 2023 23:33:34 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
f7a2939527fd9e68723da600e96d76bd
a9e717b6364d2895ee0a716050db32ca0ef1bb42
d810f5146f4cd1517512a6e31946e764a73c58fb01427aae88d42cc2ae28718a

HTTP Headers

GET /tfV1aVkhjL8iyoL1/61515 HTTP/1.1
Host: dt.raggledordures.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 23 Sep 2023 20:39:40 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Accept-ch: sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://ww1.cuevana3.ch
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for, x-requested-with, cache-control, pragma, expires
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jU1Sg0AQhSH8RQ1oV3EAj8AQMcnSTVbegZphGhwD06lmQuLtHa3S3fteffVeEASr8hHCJY0husgGnl8aXe97Ve31tsZq34vda9UoIbp6u1PycIA7M7dOqhFdDOt5kuxat8SwGdAim67tSGMOT976a06WrjaGRLG0Oodk8saYQ6aYrjNyGUFs5YSQHQ1jTzdvyE9iiIQQPhvrc1jBiuYyKu4heTf2cis2aVAUaQAP51G6nnhqjfaYDCw1QvgG6046HIi%2FINM4nxydAWjU7b%2F%2Fe5qMP2uQalxM55HcB%2FI3ouZOdQ%3D%3D; expires=Sun, 24-Sep-2023 20:39:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJwVyM0KgkAUhuE5hxiIJPjCC%2FAKTMsWbrNl6MIrMIsYGObIzNjP3WeLd%2FG8SilOE7CZkNRlXhd5dcjLUwV6gtsOPDroVvx7%2BII8uDiCvcOmC1ayRmYXlz9i9TfIYHu25pP1YudoxAXw0roZbvaxv%2FRX0KQJHEUzONxTBXrp3Q9e7B3R; expires=Sun, 24-Sep-2023 20:39:40 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

push-sdk.net/event?z=829726

157.90.33.121

200 OK

0 B

URL POST HTTP/2
push-sdk.net/event?z=829726
IP
157.90.33.121:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.net
Fingerprint23:59:5B:DB:F5:9D:B8:FA:49:80:48:0D:26:F3:E8:0A:8E:68:AC:BF
ValidityMon, 21 Aug 2023 03:30:52 GMT - Sun, 19 Nov 2023 03:30:51 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=829726 HTTP/1.1
Host: push-sdk.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:40 GMT
content-length: 0
access-control-allow-origin: https://ww1.cuevana3.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/cropped-favicon-1-32x32.png

104.26.6.217

200 OK

993 B

URL GET HTTP/2
ww1.cuevana3.ch/static/img/cropped-favicon-1-32x32.png
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
993 B (993 bytes)
Hash
3d8e8d34146a64e3e2f58660f7dc1c39
4169d2484f1ae2e8eb4a47c39bef4e7db4c30321
bea29e0130d9568137ca3c590a2748c244abb51a032bc985374c3b883a164079

HTTP Headers

GET /static/img/cropped-favicon-1-32x32.png HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4; more_options=1; _ga_9F4CN4GH2B=GS1.1.1695501580.1.0.1695501580.0.0.0; _ga=GA1.1.684908966.1695501581
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: image/png
content-length: 993
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: "61d24c07-3e1"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7120
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FOzCJqrxAaqB%2B3UiD4dIfbZ9GlgPWwZnzdVPUucmEaSKRngqon6HgPz%2FWjZ5VrmoLJXjORCzEYHpIi8SbBD5KeWb37rdOZ8%2F%2BG%2FzpwwBYnSso3Pbr50cnsk%2FDqyZdadDw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b5992e780b5697-OSL
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/cdn/owl.js

104.26.6.217

200 OK

12 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/cdn/owl.js
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (44174), with no line terminators
Size
12 kB (11913 bytes)
Hash
883f41b48b014cb22784f5b09729ec8b
c1a9ff684662647040971f4926db914e2cee6ea9
4388c2b7009bc437605e6ff62c170faf788b1d8b8800717223160bbacec0ae5f

HTTP Headers

GET /static/cdn/owl.js HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-ac8e"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xC5wC9Z4yXKtoKmSBuI6ETEeYtbmKhJUd6EE4KszZQNqBU1LU3VayhP4XawMm82TJijDtEbWELkiQHu9TFxJeVErLxpJUvUzKTk%2FV8wvctwGI93bAfZO8%2BA5gsZGmaPqsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599265ed95697-OSL
content-encoding: br
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-162086921-1

142.250.74.168

200 OK

69 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-162086921-1
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (4179)
Size
69 kB (68914 bytes)
Hash
b4bb90974af13582df7c06ca9970bde2
8ba13fca392f9a6435c744ae5e86593fca91eae9
adbed8cd997ab9da3d4ed93fc015ff2f90a499ce7a9fb2f9e5e85eb373191104

HTTP Headers

GET /gtag/js?id=UA-162086921-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 20:39:40 GMT
expires: Sat, 23 Sep 2023 20:39:40 GMT
cache-control: private, max-age=900
last-modified: Sat, 23 Sep 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 68914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gloacmug.net/5/5737819

139.45.197.245

200 OK

26 kB

URL GET HTTP/2
gloacmug.net/5/5737819
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectgloacmug.net
Fingerprint59:4F:3D:30:13:16:37:32:2C:17:A9:37:92:F2:C1:A6:C8:5C:89:C1
ValiditySat, 15 Jul 2023 04:09:42 GMT - Fri, 13 Oct 2023 04:09:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
26 kB (25901 bytes)
Hash
319c0066e2f8e7ff7301ebdcc5113d50
54544910283f54082bc89adc3f19bde39c1732dd
0e6f7a5cdcc3871972ff3ffd8426c3442240d12596cca790ae2b5c0af10ade61

HTTP Headers

GET /5/5737819 HTTP/1.1
Host: gloacmug.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/javascript
x-trace-id: e990604adb0b52de1b776ee02a8a41de
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=30d4bce4d1b34256b784cd8bd00265b1; expires=Sun, 22 Sep 2024 20:39:40 GMT; path=/; secure; SameSite=None
oaidts=1695501580; expires=Sun, 22 Sep 2024 20:39:40 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

pelisplay.io/video/img/bg/icon.png

172.67.70.219

200 OK

20 kB

URL GET HTTP/2
pelisplay.io/video/img/bg/icon.png
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type
PNG image data, 29 x 21, 8-bit/color RGBA, non-interlaced\012- data
Size
20 kB (19864 bytes)
Hash
f7073693ae0abee71dcbe6b4683d15a0
1f6ee14fc2bfe7184568aac31ef9d247b6ffbdde
43e1a200a6912f591d8e5a05adbe01193487924bda0efaa94d8cf29ecb302609

HTTP Headers

GET /video/img/bg/icon.png HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: image/png
content-length: 19864
last-modified: Thu, 17 Feb 2022 02:59:22 GMT
etag: "620dba0a-4d98"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6834
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAHukqycaVeBVtvFfImS8TsL%2F1TJiqxuaSDWzEAiaaXM3W7l9dLQWyskjd%2FSLKKwdc9hj93xIt7Cv66l2EhqFD0ToMzVQgYIemUzEahGv%2F1tjuy2gtFxzvZJwe2IfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599316aa95697-OSL
X-Firefox-Spdy: h2

ssl.p.jwpcdn.com/player/v/8.9.2/jwpsrv.js

151.101.194.114

200 OK

16 kB

URL GET HTTP/2
ssl.p.jwpcdn.com/player/v/8.9.2/jwpsrv.js
IP
151.101.194.114:443
ASN
#54113 FASTLY

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type
ASCII text, with very long lines (52722)
Size
16 kB (16060 bytes)
Hash
9ce4655dbc7b8410f510da753f3be441
eca19a305bcc0901be83cdc88f9d1f1030636738
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7

HTTP Headers

GET /player/v/8.9.2/jwpsrv.js HTTP/1.1
Host: ssl.p.jwpcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Wed, 25 Nov 2020 15:46:29 GMT
etag: "9ce4655dbc7b8410f510da753f3be441"
content-type: application/javascript
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sat, 23 Sep 2023 20:39:41 GMT
via: 1.1 varnish
age: 3233
x-served-by: cache-bma1638-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1695501581.133622,VS0,VE0
vary: Accept-Encoding
access-control-allow-origin: *
content-length: 16060
X-Firefox-Spdy: h2

imp9.bidgear.com/rec?t=1&z=7797&uuid=dec7805e5e4a4a2b8fc0051441764b4a&p=100&g=NO&token=4a44335432&tbg=1695501580

104.26.3.107

200 OK

599 B

URL GET HTTP/2
imp9.bidgear.com/rec?t=1&z=7797&uuid=dec7805e5e4a4a2b8fc0051441764b4a&p=100&g=NO&token=4a44335432&tbg=1695501580
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1x1, components 3\012- data
Size
599 B (599 bytes)
Hash
ca49a7e783b806a4e8576ea80346203d
6fe9d083221dae98f6c76f7121c37bc884b02d82
3e9a98dd5f0a28ff4a059f33d760264a6db02786666ac1692095ebb976f5da28

HTTP Headers

GET /rec?t=1&z=7797&uuid=dec7805e5e4a4a2b8fc0051441764b4a&p=100&g=NO&token=4a44335432&tbg=1695501580 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: image/jpeg
content-length: 599
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvLmlvqwLKYe6ZGYcrum7z6Z51WZV25wi04LA%2B3JboyuWu%2F%2B%2BPpheIP5EkFLpZTZI37HAZD%2BvI10dhzqfsshss8igT0hxjlk3JG9CS47Y2SYnT0miA3bS2A6M9l2V0XRLRQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5993169a856c5-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-6BGCTHHZDS&l=dataLayer&cx=c

142.250.74.168

200 OK

81 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=G-6BGCTHHZDS&l=dataLayer&cx=c
IP
142.250.74.168:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint00:ED:16:68:8D:DB:14:8B:43:01:81:CA:83:9A:AE:5B:24:AB:11:18
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
ASCII text, with very long lines (5788)
Size
81 kB (81188 bytes)
Hash
59562533bdd3b29ea34c17eb5549dd14
e953e549568aed02a398e7332033498676550409
7bc9ce2a4b5683f54dc0a5cff6aa68fe6b6cd46bde315176ebd020158f272b76

HTTP Headers

GET /gtag/js?id=G-6BGCTHHZDS&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 23 Sep 2023 20:39:41 GMT
expires: Sat, 23 Sep 2023 20:39:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 81188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

g.jwpsrv.com/g/gcid-0.1.2.html?notrack

151.101.194.114

204 No Content

0 B

URL GET HTTP/2
g.jwpsrv.com/g/gcid-0.1.2.html?notrack
IP
151.101.194.114:443
ASN
#54113 FASTLY

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGlobalSign nv-sa
Subject*.jwplayer.com
FingerprintAB:15:C6:40:38:53:10:D6:CD:12:E9:B3:27:A9:9A:A9:79:8D:B2:9A
ValidityWed, 30 Aug 2023 18:09:48 GMT - Mon, 30 Sep 2024 18:09:47 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /g/gcid-0.1.2.html?notrack HTTP/1.1
Host: g.jwpsrv.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: Varnish
retry-after: 0
content-type: text/html; charset=utf-8
accept-ranges: bytes
date: Sat, 23 Sep 2023 20:39:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1638-BMA
x-cache: HIT
x-cache-hits: 0
x-timer: S1695501581.387178,VS0,VE1
access-control-allow-origin: *
X-Firefox-Spdy: h2

d37tb4r0t9g99j.cloudfront.net/?trbtd=994416

54.230.241.222

200 OK

55 kB

URL GET HTTP/2
d37tb4r0t9g99j.cloudfront.net/?trbtd=994416
IP
54.230.241.222:443
ASN
#16509 AMAZON-02

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (15948)
Size
55 kB (54790 bytes)
Hash
cf306de1bb5f4f697f747a32e9399a5f
e4e26e0913716f89514c02f05049e621c37f7037
a2181ccac1d87f694cbd09cae97a3e6028315080c2465ad493ccb4e01b1a8405

HTTP Headers

GET /?trbtd=994416 HTTP/1.1
Host: d37tb4r0t9g99j.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-length: 54790
date: Sat, 23 Sep 2023 20:39:41 GMT
access-control-allow-origin: *
cache-control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
content-encoding: gzip
pragma: no-cache
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gMpDtMKT2jVDZ4ZknUEYD1hnOKJ5-VHyIonTgTv54WB_BsBl7jyA_Q==
X-Firefox-Spdy: h2

gourgoldpieceso.com/TkpTOVFhdTBKbC8PFQoFCiICXQQqfhB/PTQYG2wQGSQRaTcPC3VNOCp3agBlentlHyEnLm4Idz0+Mk0kPXdiHzggLDwEdzh3YhdiemRgDX9+bCYEYGg+I1g2c3t1SSU6Jm4IZ3d/Zglge3JiAGV5

188.114.97.1

204 No Content

0 B

URL GET HTTP/2
gourgoldpieceso.com/TkpTOVFhdTBKbC8PFQoFCiICXQQqfhB/PTQYG2wQGSQRaTcPC3VNOCp3agBlentlHyEnLm4Idz0+Mk0kPXdiHzggLDwEdzh3YhdiemRgDX9+bCYEYGg+I1g2c3t1SSU6Jm4IZ3d/Zglge3JiAGV5
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectgourgoldpieceso.com
Fingerprint2F:6C:A4:39:D1:55:B5:C3:E1:69:AB:2B:9A:94:A6:6C:EA:FB:0A:F9
ValidityWed, 13 Sep 2023 06:21:57 GMT - Tue, 12 Dec 2023 06:21:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /TkpTOVFhdTBKbC8PFQoFCiICXQQqfhB/PTQYG2wQGSQRaTcPC3VNOCp3agBlentlHyEnLm4Idz0+Mk0kPXdiHzggLDwEdzh3YhdiemRgDX9+bCYEYGg+I1g2c3t1SSU6Jm4IZ3d/Zglge3JiAGV5 HTTP/1.1
Host: gourgoldpieceso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 23 Sep 2023 20:39:41 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtoTLlGQM0w2KrNRq3xwg92ZtLnj4%2FqGiFm820aG2Pj6aN%2BMOKtwLmybXMefN2GTpAND5sXwQS0%2FkZviKtgQTY%2FnyJC7qa1svxW%2BGvRjOIykSvIetaysL2HdamVh1qT4mBvWfrNb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599364aaa5685-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

idohethisisathllea.com/VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI

52.85.242.22

200 OK

1.2 kB

URL GET HTTP/2
idohethisisathllea.com/VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI
IP
52.85.242.22:443
ASN
#16509 AMAZON-02

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerAmazon
Subjectidohethisisathllea.com
Fingerprint85:DD:DD:23:88:CB:8B:EE:0A:E8:28:AD:8D:6A:15:CA:6B:85:DA:DF
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (3028), with no line terminators
Size
1.2 kB (1179 bytes)
Hash
837cf203060a75e075fdf511cbe88e05
383c58bdb9dc04572a1774aa95cc7474f2c67e8a
aa720432a8b533da8e3de916578284f6eb806d97a067f4d6e7e648282b744064

HTTP Headers

GET /VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI HTTP/1.1
Host: idohethisisathllea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html
content-length: 1179
date: Sat, 23 Sep 2023 20:39:41 GMT
server: openresty/1.17.8.2
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
content-encoding: gzip
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a370d34019720f60dd35cbe89cb3994a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: b5JO6LIs3m0dcQ3u_SHs4g68h8ywcZK3u9nA9evB_k0WzhVX4gniRQ==
X-Firefox-Spdy: h2

pelisplay.io/play?id=ODY0MDU=

172.67.70.219

200 OK

0 B

URL GET HTTP/2
pelisplay.io/play?id=ODY0MDU=
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /play?id=ODY0MDU= HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.13
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CvrfYLtd2ChS%2B6M16Re6DwrGEvVjtXAjeIwE%2Fh5N5Em28uHXoHBESQr%2FUVA7MexvUhM0E8Z5PWI5si07lCoTDBRj7%2B86L5jS65HbrJP5Y%2FkvAM6llaBcaso2xRDgWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599367fac5697-OSL
content-encoding: br
X-Firefox-Spdy: h2

gourgoldpieceso.com/eG4wTWlXUVM+VBlcWA4KPRZkFVoIJlUhXB4NZSVZLzhANzsWWhY5ABxTCXRdTF8GaxkRCg18TwsaUTkcC1MDawAWCF9wChQHUyZPDlMBY1pMQAN5R0hIRXBYXhpALA5FXxY9HQwCDXxfQVsFfVhNVgJ9X0g

188.114.97.1

204 No Content

0 B

URL GET HTTP/3
gourgoldpieceso.com/eG4wTWlXUVM+VBlcWA4KPRZkFVoIJlUhXB4NZSVZLzhANzsWWhY5ABxTCXRdTF8GaxkRCg18TwsaUTkcC1MDawAWCF9wChQHUyZPDlMBY1pMQAN5R0hIRXBYXhpALA5FXxY9HQwCDXxfQVsFfVhNVgJ9X0g
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectgourgoldpieceso.com
Fingerprint2F:6C:A4:39:D1:55:B5:C3:E1:69:AB:2B:9A:94:A6:6C:EA:FB:0A:F9
ValidityWed, 13 Sep 2023 06:21:57 GMT - Tue, 12 Dec 2023 06:21:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /eG4wTWlXUVM+VBlcWA4KPRZkFVoIJlUhXB4NZSVZLzhANzsWWhY5ABxTCXRdTF8GaxkRCg18TwsaUTkcC1MDawAWCF9wChQHUyZPDlMBY1pMQAN5R0hIRXBYXhpALA5FXxY9HQwCDXxfQVsFfVhNVgJ9X0g HTTP/1.1
Host: gourgoldpieceso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 204 No Content
date: Sat, 23 Sep 2023 20:39:42 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Rga9pOIkFqIZyDJEoK%2FdVj7LmA87xErUMz2wTSRUBUnWfuRv%2FgDUlrasabUw7E40ROwAT4zVEhHyvRikQWmpTQ2NIxd6atuyDnoDeagejCPJMqEFVx81a1D7xVajHxK6dRtS8Fn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599381fbf5691-OSL
alt-svc: h3=":443"; ma=86400

whulsaux.com/tag.min.js

139.45.197.244

200 OK

25 kB

URL GET HTTP/2
whulsaux.com/tag.min.js
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
25 kB (25218 bytes)
Hash
a3b25ba8316f38d39cbf075d179aad71
9ee5f28a77d2bf3eaa59865c259e8d5c5d6cf272
311c51da9b45e9b6d879e703d48b0324b6921919659a430735032711fb7126cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /tag.min.js HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 25218
content-encoding: br
x-trace-id: bd2017b2672613cd3d9500b3a3255256
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
last-modified: Tue, 19 Sep 2023 12:04:07 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

d37tb4r0t9g99j.cloudfront.net/AVHREd3Y3GyoRSSAdIEpPbUBwRkByHjcYGCRJNEY0DRA1MhI4RxYkARUSYgMMMEl0URo1GiNKUDEaJ0pHchUgFUtgUjAHGT9JKxwUMwUhBgU1BGICF2kZKw0fOBglUkQSQWpHU2ZEbA9HZVF3NVNmRCgeGCEMYUVGLExyKEBgUXc1U2ZENgFTZzV1R096RG-1SRGQTIRQdO1F2MURkRXRHR2RFYUVGMh02EhA7DGFFMGVFdVlGcgF5Rg

54.230.241.222

200 OK

597 B

URL GET HTTP/2
d37tb4r0t9g99j.cloudfront.net/AVHREd3Y3GyoRSSAdIEpPbUBwRkByHjcYGCRJNEY0DRA1MhI4RxYkARUSYgMMMEl0URo1GiNKUDEaJ0pHchUgFUtgUjAHGT9JKxwUMwUhBgU1BGICF2kZKw0fOBglUkQSQWpHU2ZEbA9HZVF3NVNmRCgeGCEMYUVGLExyKEBgUXc1U2ZENgFTZzV1R096RG-1SRGQTIRQdO1F2MURkRXRHR2RFYUVGMh02EhA7DGFFMGVFdVlGcgF5Rg
IP
54.230.241.222:443
ASN
#16509 AMAZON-02

Requested by
https://idohethisisathllea.com/VDlFSTQ1WyYkCzUEJ29BJlV4bAYSHHcPUGcOMSsAJgkxcFNtAC9nVzhWMC1SJlYrPRo6XDFsBhJ4EwFmEV12EAcTQCobZwd4IQBxJGknHHYjay4LTRxTJhBzF2sPB3ENCQEbdWV0LQAABkEcInUGbBYQUxl0CAxYZGwXJgUTUAsCYRB8JAMEJHEmIWEzfxA9UwFTBAFzAAAPAkwjbAg+YTx7IhwFFn4MCnJmUh8CQ2RfCgtTOGwuGGcFbjUBYWZjACt1bXEfH3JndxMHWQZ6IixzF3wIEGECfgkMTC1yAAtTAWEmeGFmYwAHUxJtHzNiZWt1cAIGfmh4ZwZ+FB19BmghBgUSCwgcZj9rHRt8BgsXD20BbwIEXGQLACF1Y30CD3IZfhMPUAJVAipTEgwXLhI+SionRGlJdAttMEgALVhnaxY+dTI
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (843), with no line terminators
Size
597 B (597 bytes)
Hash
d36cf76a9d55be2741de0fd3dd218244
e6913e2258fbecc5f09a3ca1eae4aaea68f245c6
3964449d9a7f8836503ca3b930af8ebdcfa5928a268f8d688da375b8d35a7471

HTTP Headers

GET /AVHREd3Y3GyoRSSAdIEpPbUBwRkByHjcYGCRJNEY0DRA1MhI4RxYkARUSYgMMMEl0URo1GiNKUDEaJ0pHchUgFUtgUjAHGT9JKxwUMwUhBgU1BGICF2kZKw0fOBglUkQSQWpHU2ZEbA9HZVF3NVNmRCgeGCEMYUVGLExyKEBgUXc1U2ZENgFTZzV1R096RG-1SRGQTIRQdO1F2MURkRXRHR2RFYUVGMh02EhA7DGFFMGVFdVlGcgF5Rg HTTP/1.1
Host: d37tb4r0t9g99j.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://idohethisisathllea.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-length: 597
date: Sat, 23 Sep 2023 20:39:42 GMT
access-control-allow-origin: *
cache-control: max-age=31556926
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 86C8k6wQQjyM9RWUrWVUEXwtNrGRQ_VRW_yl0Jpcv8d7plLupJ7wDQ==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a919451a4b737e61a8d4798732bd25ca
81887ca8ba5721aae92b25155ee72fb2950bc328
85f10626a1276cce94e6e3fd439fb0d982645177ba3ed0cb9d554ce6432bd16f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 20:39:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.67

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
a919451a4b737e61a8d4798732bd25ca
81887ca8ba5721aae92b25155ee72fb2950bc328
85f10626a1276cce94e6e3fd439fb0d982645177ba3ed0cb9d554ce6432bd16f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 20:39:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:GrkIt4hbXXXBYQhAT5X1eIyLmnS1gA:qpr7kNXONcLPIHlb; Expires=Mon, 22-Sep-2025 20:39:42 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd8IOtpRdYYO1IycJWi2ck9gXtFkqbknS2-QO5Az3ZAFVy_DeReBM-lu0TCJMj-5h_rqQxxxg
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-DQwvyK70WyrjngI_fVaiDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

idohethisisathllea.com/utx?cb=R2URJhI8MCQq&top=pelisplay.io&tid=994416

52.85.242.22

204 No Content

0 B

URL GET HTTP/2
idohethisisathllea.com/utx?cb=R2URJhI8MCQq&top=pelisplay.io&tid=994416
IP
52.85.242.22:443
ASN
#16509 AMAZON-02

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerAmazon
Subjectidohethisisathllea.com
Fingerprint85:DD:DD:23:88:CB:8B:EE:0A:E8:28:AD:8D:6A:15:CA:6B:85:DA:DF
ValidityWed, 13 Sep 2023 00:00:00 GMT - Fri, 11 Oct 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /utx?cb=R2URJhI8MCQq&top=pelisplay.io&tid=994416 HTTP/1.1
Host: idohethisisathllea.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 23 Sep 2023 20:39:42 GMT
server: openresty/1.17.8.2
access-control-allow-credentials: true
access-control-allow-origin: https://pelisplay.io
cache-control: no-store, no-cache, must-revalidate, no-transform
pragma: no-cache
p3p: CP="NID DSP ALL COR"
set-cookie: ut=x; Expires=Sat, 23 Sep 2023 20:40:42 GMT; Max-Age=60
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-cache: Miss from cloudfront
via: 1.1 a370d34019720f60dd35cbe89cb3994a.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: 9_1c9FuMsy7btUFbKayfbCTOvxUSkYkifbV2PgOV08Gm0hxl2qf9kg==
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=79ea33855f214b919fd42c8724aa489b

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=79ea33855f214b919fd42c8724aa489b
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
JSON data\012- , ASCII text
Size
65 B (65 bytes)
Hash
5e9c35e892d3cbb124c1afd09c41d7fc
d4647500266d5d4ed9ce6c5ec9105b905f588fd9
768fd59060c1bc73f5ff9314f8aefaaaf4e826548eb007d369635421380d6b49

HTTP Headers

GET /gid.js?userId=79ea33855f214b919fd42c8724aa489b HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Cookie: ID=30d4bce4d1b34256b784cd8bd00265b1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://pelisplay.io
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=30d4bce4d1b34256b784cd8bd00265b1; expires=Sun, 22 Sep 2024 20:39:42 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail

142.250.74.109

302 Found

0 B

URL GET HTTP/2
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:faGw9ilNEKkxsuQXDrM5tFdnCfMU-w:ZTIgXHYpySCVW_9g; Expires=Mon, 22-Sep-2025 20:39:42 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfsiVaPZnzitdRpCuSc2lrP-nFnZTuTZU23mM2QuehU3i6uGXWRtbkO4zDf2uvXl-nCYY77pQ
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-security-policy: script-src 'nonce-D-1Bcsrxm9akbvnnOBegOg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.67

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8e0560c46747530b07f20c3704aecf0c
30e8a5e5b62c28ed29ef6408f9044f2d8a911db5
e5b8c6bd88bfb832b0b14cf3e17048b546cbf82d7de8d539f8fdad12794b3cb8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 23 Sep 2023 20:39:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd8IOtpRdYYO1IycJWi2ck9gXtFkqbknS2-QO5Az3ZAFVy_DeReBM-lu0TCJMj-5h_rqQxxxg

142.250.74.109

302 Found

408 B

URL GET HTTP/2
accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd8IOtpRdYYO1IycJWi2ck9gXtFkqbknS2-QO5Az3ZAFVy_DeReBM-lu0TCJMj-5h_rqQxxxg
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint2F:C1:71:0A:05:D9:0F:38:EF:D1:16:F7:50:AF:41:48:6B:F9:BA:B5
ValidityMon, 04 Sep 2023 08:23:30 GMT - Mon, 27 Nov 2023 08:23:29 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (399)
Size
408 B (408 bytes)
Hash
7a62be5407887e29daddf2344e3c065e
bd8f5d72245fb13c14710485dbc86c9ee10b3667
db0eb80d9bdec16d787ad3b8ed2431e0a9aea81f94e20763c09afb73e6c57183

HTTP Headers

GET /InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=AYZoVhd8IOtpRdYYO1IycJWi2ck9gXtFkqbknS2-QO5Az3ZAFVy_DeReBM-lu0TCJMj-5h_rqQxxxg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:KSqkdiJ7507A4C1zBgtFpKOGiVW7Ew:TYmCN47W-jBGXR1z;Path=/;Expires=Mon, 22-Sep-2025 20:39:42 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcFv0-nG3EMjwuqJQL2YlrkUB7YM9cClCM83DZenXbBaJIdKhczyDqcnZspPSOaChiOYfEmWw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2114743945%3A1695501582673138&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-1ODcBMwbrtIHpkpl1LG6yA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 408
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfsiVaPZnzitdRpCuSc2lrP-nFnZTuTZU23mM2QuehU3i6uGXWRtbkO4zDf2uvXl-nCYY77pQ

142.250.74.109

302 Found

404 B

URL GET HTTP/3
accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfsiVaPZnzitdRpCuSc2lrP-nFnZTuTZU23mM2QuehU3i6uGXWRtbkO4zDf2uvXl-nCYY77pQ
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (395)
Size
404 B (404 bytes)
Hash
dbf10957819304f49aec20a2540b342e
75db7da31f2c36c0064135cdd89cba761d50ac49
1d57792dd4d937d4a102410744954744fae630108a7ef313bb6ec3b4f0d8e00e

HTTP Headers

GET /InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=AYZoVhfsiVaPZnzitdRpCuSc2lrP-nFnZTuTZU23mM2QuehU3i6uGXWRtbkO4zDf2uvXl-nCYY77pQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:nAntBFjr-BU8KI_rwepj5uxanB2BkQ:V478cPituuHVWcrv;Path=/;Expires=Mon, 22-Sep-2025 20:39:42 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcvbAUwLt9CirXvP7jlXBW5g5VVkb5RNhiZgzLa9YrFUj_tg17m6nTUGoXysQZa93DhTUOYWg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-788394756%3A1695501582777356&theme=glif
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'nonce-jkOHA06imbYmWsmTn0gW0w' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 404
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

gourgoldpieceso.com/cXp0ZFBeRRcXbSMsHCEfJA5NBmMGNRI8EgceAyIqFUgEVRRCEVIQORVHTV1kRUtCQiAYHklVdgIOFRAlAkdHVGBAXB0KNh5HRFRgQFwCWWFfSUBKY0VUREIlTEhEXWhESUdWY0RCQlJlQk1SECAQHUlVdgEOAAhtQExNUWVBS0FcY0NOTA

188.114.97.1

204 No Content

0 B

URL POST HTTP/3
gourgoldpieceso.com/cXp0ZFBeRRcXbSMsHCEfJA5NBmMGNRI8EgceAyIqFUgEVRRCEVIQORVHTV1kRUtCQiAYHklVdgIOFRAlAkdHVGBAXB0KNh5HRFRgQFwCWWFfSUBKY0VUREIlTEhEXWhESUdWY0RCQlJlQk1SECAQHUlVdgEOAAhtQExNUWVBS0FcY0NOTA
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectgourgoldpieceso.com
Fingerprint2F:6C:A4:39:D1:55:B5:C3:E1:69:AB:2B:9A:94:A6:6C:EA:FB:0A:F9
ValidityWed, 13 Sep 2023 06:21:57 GMT - Tue, 12 Dec 2023 06:21:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /cXp0ZFBeRRcXbSMsHCEfJA5NBmMGNRI8EgceAyIqFUgEVRRCEVIQORVHTV1kRUtCQiAYHklVdgIOFRAlAkdHVGBAXB0KNh5HRFRgQFwCWWFfSUBKY0VUREIlTEhEXWhESUdWY0RCQlJlQk1SECAQHUlVdgEOAAhtQExNUWVBS0FcY0NOTA HTTP/1.1
Host: gourgoldpieceso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/3 204 No Content
date: Sat, 23 Sep 2023 20:39:43 GMT
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovcpWQPAQ0NGSKlNdRe9NT5fYvS8EZL%2BI3I%2FEt1UlSEZ3azOLHihTGkvIicaY2tcbrC%2Fde1S7vYcXcfSHO0smTflafPHKIqmy31DdyOEfTzQRDeYR3o%2Bvq%2B08aUdpezKrcc7xScf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5993dde6a5691-OSL
alt-svc: h3=":443"; ma=86400

pelisplay.io/player/css/main.css?v=1.6

172.67.70.219

200 OK

1.9 kB

URL GET HTTP/2
pelisplay.io/player/css/main.css?v=1.6
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type
ASCII text, with very long lines (1990), with no line terminators
Size
1.9 kB (1889 bytes)
Hash
7a88db092936fea3076c74d060284245
331b5551a9a7365457a64959f6e5985fc99a293b
0930f15aa9aba32f117625dbec16d6342fdcc0a445a035b76de790d7e35eb697

HTTP Headers

GET /player/css/main.css?v=1.6 HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: text/css
last-modified: Thu, 17 Feb 2022 02:59:22 GMT
vary: Accept-Encoding
etag: W/"620dba0a-761"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWDXHci%2BATPbL6lxsyzLCfw2KMz%2FGsPFsUd3XmLuzyFsswlNCXwcu4zOeECD0GF%2FLQt2PMmMCFtkNx3k8Q5QHx2fWXlf%2Bkju2dB3pScyWiUlGkp9pRoMYD4Q66KeqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992f48905697-OSL
content-encoding: br
X-Firefox-Spdy: h2

whulsaux.com/5/6058166/?oo=1&aab=1

139.45.197.244

200 OK

2.8 kB

URL GET HTTP/2
whulsaux.com/5/6058166/?oo=1&aab=1
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (3052), with no line terminators
Size
2.8 kB (2808 bytes)
Hash
a598b15704d03c143c56bfc9308be427
f7806ce54b6e3163bf8082c7de66c0fc1c2f45a3
6c22fb89975aee020e396360215378e3c8bc1c5a42972c5cad0ff8ad0567f271

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /5/6058166/?oo=1&aab=1 HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: application/json
x-trace-id: 6dc666832cc97dd4fe1c0d12ef2546a3
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://sr7pv7n5x.com>; rel="preconnect dns-prefetch"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://pelisplay.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=79ea33855f214b919fd42c8724aa489b; expires=Sun, 22 Sep 2024 20:39:42 GMT; path=/; secure; SameSite=None
oaidts=1695501582; expires=Sun, 22 Sep 2024 20:39:42 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcvbAUwLt9CirXvP7jlXBW5g5VVkb5RNhiZgzLa9YrFUj_tg17m6nTUGoXysQZa93DhTUOYWg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-788394756%3A1695501582777356&theme=glif

142.250.74.109

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcvbAUwLt9CirXvP7jlXBW5g5VVkb5RNhiZgzLa9YrFUj_tg17m6nTUGoXysQZa93DhTUOYWg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-788394756%3A1695501582777356&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcvbAUwLt9CirXvP7jlXBW5g5VVkb5RNhiZgzLa9YrFUj_tg17m6nTUGoXysQZa93DhTUOYWg&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-788394756%3A1695501582777356&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-VtkoqnqeBtwfLxq_c-yO8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2

172.64.103.11

200 OK

74 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.3/webfonts/fa-brands-400.woff2
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint23:04:2D:9B:C5:BA:9D:AA:AC:6A:FD:14:B0:96:18:D6:EB:A5:B3:65
ValidityFri, 01 Sep 2023 05:27:58 GMT - Thu, 30 Nov 2023 05:27:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 74288, version 1.0\012- data
Size
74 kB (74288 bytes)
Hash
eac60e8a656781e13d2a674b4d9051c0
0039be9d8a99d1e5cf200ca3e08757692020460e
eed474a49bdbf745c19e463f070e67977c1ab27835603eb749d9e5c249cf81f8

HTTP Headers

GET /releases/v5.6.3/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: font/woff2
content-length: 74288
x-amz-id-2: JcMb7uPyYbkCO5rKuIzXHCFfybR7MHkiqJtGOJyLSORx/0AkF++OTKlkWIovG/SFosdjMar703Q=
x-amz-request-id: ZRS2221RRZ0SRRRP
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "eac60e8a656781e13d2a674b4d9051c0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 313487
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWkNtKiB8FJJ0%2BbNO8A9uhV07wH08RW%2B%2BqM%2FfLMn1NmimGkVZI6dSE3Pu3dK%2Fasvt%2FAb7bbMv4ouAc8LMIUhmMUDk%2B5AxPmQTte0EAHNlQxP9KZvQIuIIsU4A2aQ2L1KmCrwuJ3Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992a6d2c405e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

my.rtmark.net/gid.js?userId=30d4bce4d1b34256b784cd8bd00265b1

139.45.195.8

200 OK

65 B

URL GET HTTP/2
my.rtmark.net/gid.js?userId=30d4bce4d1b34256b784cd8bd00265b1
IP
139.45.195.8:443
ASN
#9002 RETN Limited

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectrtmark.net
FingerprintB4:02:64:AF:5C:AB:27:5B:1B:80:CF:C8:FF:EB:BF:43:29:C3:C5:C1
ValidityTue, 25 Jul 2023 06:29:27 GMT - Mon, 23 Oct 2023 06:29:26 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
65 B (65 bytes)
Hash
445529aac71df13aef04a9026e70abc0
1559d4465f57852f0423e5092f9ed57cc8add5f6
2dd9857635fd3d96f96f44cb01e20b0b6dc17a4f9715e1eadc5319835a8ab033

HTTP Headers

GET /gid.js?userId=30d4bce4d1b34256b784cd8bd00265b1 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: https://ww1.cuevana3.ch
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=30d4bce4d1b34256b784cd8bd00265b1; expires=Sun, 22 Sep 2024 20:39:40 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2

ww1.cuevana3.ch/11404/feast-ii-atrapados-ii

172.67.73.79

301 Moved Permanently

90 kB

URL User Request GET HTTP/1.1
ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
IP
172.67.73.79:80
ASN
#13335 CLOUDFLARENET

File type

Size
90 kB (89501 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11404/feast-ii-atrapados-ii HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Sat, 23 Sep 2023 20:39:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 23 Sep 2023 21:39:38 GMT
Location: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tvHsTXwHcb6AR7bBnMfshCF5f177UPb4T3qGdn8fT%2B2N0KDvNkmkqk7ICurAulHi7T8915JccjOnSJ%2F7GylxQwCyYNdOfvPxw%2FlQYGD%2Bbjh1Xjl6qLvn%2BP4jYDppuvZtWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 80b59921b875568b-OSL
alt-svc: h2=":443"; ma=60

pelisplay.io/player/js/jquery.min.js?v=1.6

172.67.70.219

200 OK

86 kB

URL GET HTTP/2
pelisplay.io/player/js/jquery.min.js?v=1.6
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type
ASCII text, with very long lines (32042)
Size
86 kB (86349 bytes)
Hash
ed72e2a6ae1afb03eb3e917c2dbe2b50
b23ec2f5041209e5d1d567740fe5ad323688b76a
f8e5351fc39356f8f94d7f334b11f9a0f44a67a9461bbd3e8be10cf44acdf780

HTTP Headers

GET /player/js/jquery.min.js?v=1.6 HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 02:59:22 GMT
vary: Accept-Encoding
etag: W/"620dba0a-1514d"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qxtWAjLowbUybfaeq6jIo5jHOisj%2FFrWSuPmoKvd9yEkjhjDmd0gsHJkSjAn6uEwsVLLNdDT%2Bb6RYWt9fJuldGR8zMAOPDyAi%2B27BuqCYWjVH0%2FrbA7vxl6lNDCsHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992f48915697-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=5786&sizeid=17&zoneid=6326

104.26.3.107

200 OK

548 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=5786&sizeid=17&zoneid=6326
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (575), with no line terminators
Size
548 B (548 bytes)
Hash
735a7756e46b008221105f5b943e05a1
42f40590036173e8e333cb836842b3c2d5a7212f
0be31c64cbd5d8485e8fb7634b674cc317635bdb97afaa76932558eae3be2496

HTTP Headers

GET /ads.php?domainid=5786&sizeid=17&zoneid=6326 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GovIIe7gbCr4e5EVzN9Cwvmu2l2HnZdtWFBla5GsAtYbMN8qaBbNJ1cEO2QOfZOFBC1dbBfUvSvNy%2FXhPiDvjIwXs91QVfkOW7txBKu1b4TtM5BDy95fpsM9MGTeJBDMsVH0ZJBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b59926bc3356c5-OSL
content-encoding: br
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/cdn/loadMoreResults.js

104.26.6.217

200 OK

1.7 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/cdn/loadMoreResults.js
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (1743), with no line terminators
Size
1.7 kB (1728 bytes)
Hash
fa336df052fe750ce9b7276644bdd0a2
a98c4a050b84024ffe352453a251794ef422e6bc
3b8c48be3b91ed3a0ea3074b87b7bc0f5f97d7c478685a79a62cc804430dfefa

HTTP Headers

GET /static/cdn/loadMoreResults.js HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-6c0"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SJRQ%2BFSCuPx%2FAm2yitXRiIt2gmoY8ajFhPXEyHRPTnplT7tbRUOnKfsS%2FPvMugfiEZXiAX4Zga5yVfhogHeOvW0A4bM%2B3BtImG%2Bt2BtYOddOlyfyv8ra9IcWsgrp2ubMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599266edd5697-OSL
content-encoding: br
X-Firefox-Spdy: h2

pogothere.xyz/asd100.bin

172.64.133.29

200 OK

102 kB

URL GET HTTP/2
pogothere.xyz/asd100.bin
IP
172.64.133.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
data
Size
102 kB (102400 bytes)
Hash
4c6426ac7ef186464ecbb0d81cbfcb1e
5a6918eebd9d635e8f632e3ef34e3792b1b5ec13
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

HTTP Headers

GET /asd100.bin HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: binary/octet-stream
access-control-allow-origin: https://pelisplay.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cache-control: max-age=14400
cf-cache-status: HIT
age: 6147
last-modified: Sat, 23 Sep 2023 18:57:15 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N3DKaRRuK8eFuhxhQnDHBF1FjuTo0sk3TmvAbpLEZYTqpO%2Ft9Oka2mz7eOmny3b9vbDBYwLcFbupYgzN%2F%2BvLHRKbsubVhOeHoqExGXT%2FJgdO61hX7GjFmtAmo8mZYle4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b5993b8c39d17c-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

pogothere.xyz/

172.64.133.29

200 OK

27 B

URL GET HTTP/2
pogothere.xyz/
IP
172.64.133.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint17:F9:2D:6F:B5:5E:5F:37:A6:FB:BE:61:4F:97:64:33:85:5C:3A:FB
ValidityTue, 28 Feb 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
27 B (27 bytes)
Hash
5a7740b5ece68ffa21cb211fd3cdb75f
a0f70102af6d76e5bbea14e1a457149c37aa739b
6e7000658b332ee0cfbc6d59ffba8f5cc55c51670519d600b87c8c21ef15a848

HTTP Headers

GET / HTTP/1.1
Host: pogothere.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: text/plain
set-cookie: csu=2098533235866537@1@1695501582; Max-Age=31104000; Secure; SameSite=None
access-control-allow-origin: https://pelisplay.io
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-headers: X-Requested-With, content-type
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F878oXtuPFZy19aqp40vL4OulUJQM6NhzqWBQzU35%2BPIPaKBdNBVX9HpOpCUOREdCC9Rl9nh758RbCV%2BLMOw%2B4yF5Y2vouX49EzW1%2Bw8jvBBo7H9JsVxvniyj%2Fhb34C7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5993b7c2fd17c-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/img/espana.svg

104.26.6.217

200 OK

1.7 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/img/espana.svg
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1813), with no line terminators
Size
1.7 kB (1719 bytes)
Hash
b6999653fd460e508841350f4cfde098
f9b6642a096d6528838cf2ad6309716fea6f334a
cee3fa38c0e8734d1e1727f4141dbc8a9ecd0d11f099f192ec8f9d2072b1caef

HTTP Headers

GET /static/img/espana.svg HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
etag: W/"61d24c07-6b7"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4125
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWuPsgAIx%2BpoOXTlaDcwTT4XB6LSAeGutx2CJzdmzOMumERktstcausvOUq8PIJ3oamsciAA%2BQVywkHXFDmGV7prauWUNt68%2BMVuCu1p%2F6XqxYYCaQzF1BboO1gkhJV0cA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b599264ec05697-OSL
content-encoding: br
X-Firefox-Spdy: h2

pelisplay.io/js/jw8.9/provider.hlsjs.js

172.67.70.219

200 OK

313 kB

URL GET HTTP/2
pelisplay.io/js/jw8.9/provider.hlsjs.js
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type

Size
313 kB (313109 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/jw8.9/provider.hlsjs.js HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:07:09 GMT
vary: Accept-Encoding
etag: W/"61d24c3d-4c715"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2BLcfD7zt0ftsxJa5pkSDghDKMJydZ20pLVpWbFc7ozRNs9PBqMT8XjCFC7wlPU9QuNOyDEXOWpHGLDclI4ptB1A73tHhrDHh%2Fo54wK09STmxD3yaPQSvKO5w%2FJeYg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599315aa25697-OSL
content-encoding: br
X-Firefox-Spdy: h2

gourgoldpieceso.com/popunder.gif

188.114.97.1

200 OK

35 B

URL GET HTTP/3
gourgoldpieceso.com/popunder.gif
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectgourgoldpieceso.com
Fingerprint2F:6C:A4:39:D1:55:B5:C3:E1:69:AB:2B:9A:94:A6:6C:EA:FB:0A:F9
ValidityWed, 13 Sep 2023 06:21:57 GMT - Tue, 12 Dec 2023 06:21:56 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

HTTP Headers

GET /popunder.gif HTTP/1.1
Host: gourgoldpieceso.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: image/gif
access-control-allow-origin: *
pragma: public
cache-control: public, max-age=604800, immutable
cf-cache-status: HIT
age: 15287
last-modified: Sat, 23 Sep 2023 16:24:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n052sQy0XtwfX6qx9c0xlePSQcmL1tnEBjalONPtX%2FzmiW9TJTbrQcwbMzAc%2B87S%2Bhq3xYsUeJTgK4n%2B1iUvvIFTXYSOOIPzyNY5hmQVOz4rVkGnxIqz1rCQN4kwwkBeJGIQkEyA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80b59939d97d5691-OSL
alt-svc: h3=":443"; ma=86400

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcFv0-nG3EMjwuqJQL2YlrkUB7YM9cClCM83DZenXbBaJIdKhczyDqcnZspPSOaChiOYfEmWw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2114743945%3A1695501582673138&theme=glif

142.250.74.109

403 Forbidden

0 B

URL GET HTTP/3
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcFv0-nG3EMjwuqJQL2YlrkUB7YM9cClCM83DZenXbBaJIdKhczyDqcnZspPSOaChiOYfEmWw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2114743945%3A1695501582673138&theme=glif
IP
142.250.74.109:443
ASN
#15169 GOOGLE

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintBB:B9:27:FB:7D:F3:A7:1A:57:CC:23:F8:42:E9:10:BE:59:7E:1F:D4
ValidityMon, 04 Sep 2023 08:17:06 GMT - Mon, 27 Nov 2023 08:17:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=AYZoVhcFv0-nG3EMjwuqJQL2YlrkUB7YM9cClCM83DZenXbBaJIdKhczyDqcnZspPSOaChiOYfEmWw&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S2114743945%3A1695501582673138&theme=glif HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 23 Sep 2023 20:39:42 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-n5JH-dI3ydhW5GV-b65_Fw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2

172.64.103.11

200 OK

79 kB

URL GET HTTP/2
use.fontawesome.com/releases/v5.6.3/webfonts/fa-solid-900.woff2
IP
172.64.103.11:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectuse.fontawesome.com
Fingerprint23:04:2D:9B:C5:BA:9D:AA:AC:6A:FD:14:B0:96:18:D6:EB:A5:B3:65
ValidityFri, 01 Sep 2023 05:27:58 GMT - Thu, 30 Nov 2023 05:27:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 79100, version 1.0\012- data
Size
79 kB (79100 bytes)
Hash
5dc01cfcd5336f696cb85da7ce53fa9b
28a1f2fadc35c5343e0280389fe7955e3d1be607
f419ad7a4477f36ce73c74a23dce784150ca38fa5075a8e06109709cbb716903

HTTP Headers

GET /releases/v5.6.3/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: font/woff2
content-length: 79100
x-amz-id-2: HBYTbVeLqXgnopG4C0kRpvYb7O/TJfOCa6ofHgKscVjLlALzxGYKbu1PqO7i1m0+tzQ5UhVSxI1Kf2UfbaCJETzz1KRSBA2hsMU+HX64gCA=
x-amz-request-id: MYV7BQ5W25WKKJEN
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:44:54 GMT
etag: "5dc01cfcd5336f696cb85da7ce53fa9b"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 313255
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n8gq2NjkeN2dWCFHMo%2B7KCF0dMdwp3EoWqJhPJCzcqbpG9BDIDLeLBnE4nwsL2ze7uFTbsuOVKZa7WShwX12l4da0MDDBpN%2FVKIuXphJjdimaATPljVEHFCtejyfVBFxz1MicAJc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992a7d46405e-LHR
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

api.movcloud.net/v1/count/movie/es/episode/86405

172.67.210.193

200 OK

0 B

URL GET HTTP/2
api.movcloud.net/v1/count/movie/es/episode/86405
IP
172.67.210.193:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerLet's Encrypt
Subjectmovcloud.net
Fingerprint54:84:35:54:DD:F3:99:1B:BC:B6:54:5D:89:DF:DF:93:ED:48:62:7C
ValidityWed, 23 Aug 2023 01:09:01 GMT - Tue, 21 Nov 2023 01:09:00 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v1/count/movie/es/episode/86405 HTTP/1.1
Host: api.movcloud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
x-dns-prefetch-control: off
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
vary: Origin
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CYggSKt%2BZ41KO%2BRubi%2F0%2BfTV50P9feJWWqpLtbN03G79bJ%2FvwOknj0Y0f6VOu%2FGYCiic3hawHdYDh5sdDhy3uk6ctVbTNT4HUlC7lSAX4NzbbT%2FtpDhTPAM1wfhJWoL91KA1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992fdc3ab515-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

platform.bidgear.com/async.php?domainid=5786&sizeid=2&zoneid=6858&k=1695501579634

104.26.3.107

200 OK

2.7 kB

URL GET HTTP/2
platform.bidgear.com/async.php?domainid=5786&sizeid=2&zoneid=6858&k=1695501579634
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (2819), with no line terminators
Size
2.7 kB (2740 bytes)
Hash
e2d11381769cc86bc2c2d056b3037110
bdfd3718f7ff4abb70993fcdfe09f3fd5ca89e53
856a34f6b298af48770b4b04de0dc689acc42520e64b1db3dcee707edeae25ff

HTTP Headers

GET /async.php?domainid=5786&sizeid=2&zoneid=6858&k=1695501579634 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cf5znUEMK0PQrurWOPLUv1QMJYsQ5C7EdXObebUr6HXFj2EGrPWNpHAIc%2BG5UCdO4i%2Bh%2Biac5N0rxmxRbdPNXlt7UqTkeZhQyWZHd3A0%2FMSeJrCzHB4ztDr43Fi%2BbiXQ4v%2Bf92%2B5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599278d0056c5-OSL
content-encoding: br
X-Firefox-Spdy: h2

whulsaux.com/?rb=CbDCz5JiSYo8bEtu61JYvCaUyGj5dzbi9t_okD3Ek-ZMao1-8IWLU4scsB8_yVkxdGVPIEI01DxCzb7sohdMDNMACtSELQ0OyX3vxEAlOcVgckmsbg-TepvKVd4RlCm_cY7_S9P1CQYZ_aGdqD-hmILiliObcsGoUyrXQ6S246LXUSlrtNQDmMGdKOC5cnKiqCBKvn1DgxL9RCxvwQfC4Nw_aic%3D&request_ab2=0&zoneid=6058166&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=614&wiw=1092&wfc=2&pl=https%3A%2F%2Fpelisplay.io%2Fplay%3Fid%3DODY0MDU%3D&drf=https%3A%2F%2Fww1.cuevana3.ch%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=35ed92dd-37d9-4263-853b-90f35bb6f487&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link

139.45.197.244

200 OK

1.8 kB

URL GET HTTP/2
whulsaux.com/?rb=CbDCz5JiSYo8bEtu61JYvCaUyGj5dzbi9t_okD3Ek-ZMao1-8IWLU4scsB8_yVkxdGVPIEI01DxCzb7sohdMDNMACtSELQ0OyX3vxEAlOcVgckmsbg-TepvKVd4RlCm_cY7_S9P1CQYZ_aGdqD-hmILiliObcsGoUyrXQ6S246LXUSlrtNQDmMGdKOC5cnKiqCBKvn1DgxL9RCxvwQfC4Nw_aic%3D&request_ab2=0&zoneid=6058166&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=614&wiw=1092&wfc=2&pl=https%3A%2F%2Fpelisplay.io%2Fplay%3Fid%3DODY0MDU%3D&drf=https%3A%2F%2Fww1.cuevana3.ch%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=35ed92dd-37d9-4263-853b-90f35bb6f487&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link
IP
139.45.197.244:443
ASN
#9002 RETN Limited

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerLet's Encrypt
Subjectwhulsaux.com
Fingerprint29:C6:16:FB:8B:54:C5:1B:65:18:3D:96:39:33:73:B5:D3:8C:6D:48
ValidityFri, 01 Sep 2023 05:32:42 GMT - Thu, 30 Nov 2023 05:32:41 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1770), with no line terminators
Size
1.8 kB (1750 bytes)
Hash
31e87e935cd1cad94e8f694bc64c00fb
74b24ebdb34245137818e09f05274eac1a710b2d
ceea71e58387db5d23c23705adc0d5333067079b840e549412d5631eca4b0cf4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?rb=CbDCz5JiSYo8bEtu61JYvCaUyGj5dzbi9t_okD3Ek-ZMao1-8IWLU4scsB8_yVkxdGVPIEI01DxCzb7sohdMDNMACtSELQ0OyX3vxEAlOcVgckmsbg-TepvKVd4RlCm_cY7_S9P1CQYZ_aGdqD-hmILiliObcsGoUyrXQ6S246LXUSlrtNQDmMGdKOC5cnKiqCBKvn1DgxL9RCxvwQfC4Nw_aic%3D&request_ab2=0&zoneid=6058166&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1092&wih=614&wiw=1092&wfc=2&pl=https%3A%2F%2Fpelisplay.io%2Fplay%3Fid%3DODY0MDU%3D&drf=https%3A%2F%2Fww1.cuevana3.ch%2F&np=1&pt=0&nb=1&ng=1&ix=1&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=35ed92dd-37d9-4263-853b-90f35bb6f487&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link HTTP/1.1
Host: whulsaux.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisplay.io
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Cookie: OAID=79ea33855f214b919fd42c8724aa489b; oaidts=1695501582
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:42 GMT
content-type: application/json
x-trace-id: c8e1698300a58c7a25e7e841b3b777c9
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://pelisplay.io
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=30d4bce4d1b34256b784cd8bd00265b1; expires=Sun, 22 Sep 2024 20:39:42 GMT; path=/; secure; SameSite=None
oaidts=1695501582; expires=Sun, 22 Sep 2024 20:39:42 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 30 Sep 2023 20:39:42 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

pelisplay.io/js/jw8.9/jwplayer.js?v=1.6

172.67.70.219

200 OK

109 kB

URL GET HTTP/2
pelisplay.io/js/jw8.9/jwplayer.js?v=1.6
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type
ASCII text, with very long lines (65169)
Size
109 kB (109209 bytes)
Hash
d21721173f070a01a0f8120fad5a889b
6ddb1c434f41ec3968ca2fdcd4b87cf0562b41b3
3e061854c5a7141f3b8671a32e22513584b04ecbc185fe1bdc642fa9c3a891a9

HTTP Headers

GET /js/jw8.9/jwplayer.js?v=1.6 HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/javascript
last-modified: Thu, 17 Feb 2022 02:59:22 GMT
vary: Accept-Encoding
etag: W/"620dba0a-1aa99"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6834
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYNglsUukcO3iGNb3RtuVvbaTDg%2FThWvUk9p7VsWBivKLfkKBKHB1SI%2B4jJ6FPWAg81oNT9gKWwlotlZcsCXwWVXRtfOCPKpdiXdIoXJax7k9l0NwBSUUmgjrJgalA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992f48925697-OSL
content-encoding: br
X-Firefox-Spdy: h2

pelisplay.io/js/jw8.9/jwplayer.core.controls.js

172.67.70.219

200 OK

279 kB

URL GET HTTP/2
pelisplay.io/js/jw8.9/jwplayer.core.controls.js
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type

Size
279 kB (278668 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /js/jw8.9/jwplayer.core.controls.js HTTP/1.1
Host: pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://pelisplay.io/play?id=ODY0MDU=
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:07:09 GMT
vary: Accept-Encoding
etag: W/"61d24c3d-4408c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4099
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MgZ1CL7rHD4WbaAXqVC7kS%2BPqTncuM2zsxlGCTDSZKt3M6sg7r39VCSz591HtmdO3NPkX3ovRgURjaNhy7dbhrQq%2BWsTnVH8xOOHWGQ1Xm%2FSF5cQrAYULy1q5VOn2g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599314a965697-OSL
content-encoding: br
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/js/hamfunction.js?v=2.3

104.26.6.217

200 OK

1.3 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/js/hamfunction.js?v=2.3
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (1301), with no line terminators
Size
1.3 kB (1257 bytes)
Hash
8afa872bc385652d78059fbc182dcb0c
e08b40041efce59964cd1bf0fbee120607bd1817
1c3590e71ef32e319396fd5798fcd6ecc63eaea61401fadf7cade79e7c0ad916

HTTP Headers

GET /static/js/hamfunction.js?v=2.3 HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-4e9"
cache-control: max-age=14400
cf-cache-status: HIT
age: 6428
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bs4BQuCShbtdlfZw%2FXmKKzilGeFcD%2BgQyonLH2kgsHnF7sQfI5h3OZLPPwp2b59e8Z3Y4Evjcts%2Fl%2BZ%2BynkqwJvg8faqdpb%2FzrXJ0m%2BYjPMhed0mBeXIfJ93yOmLX8vCVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599265ed85697-OSL
content-encoding: br
X-Firefox-Spdy: h2

ww1.cuevana3.ch/static/cdn/jquery.js

104.26.6.217

200 OK

87 kB

URL GET HTTP/2
ww1.cuevana3.ch/static/cdn/jquery.js
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
87 kB (86923 bytes)
Hash
b72afe07a6f6f477120f3b0803d0a983
78ef8329a917d65f8bedf5e1336724c6f5b80404
f1a9c17b50d6278a694406d9e5dce160f81afd7a2683dfdf07f0651c38bdaa8e

HTTP Headers

GET /static/cdn/jquery.js HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Cookie: gogoanime=9f07phrt110l0l1gf74dihluk4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:39 GMT
content-type: application/javascript
last-modified: Mon, 03 Jan 2022 01:06:15 GMT
vary: Accept-Encoding
etag: W/"61d24c07-1538b"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4124
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPTtLK420HWvpR1SsfWwonr4TetAj1wdGB9kpyGV8mTIBHm3RiOXKkvqrKpml%2BhIffqytwiqB6oWTXyojAofCPyOJ8GXWcqY2cu9gpZMfnK%2BnuXib%2Bdry9NzCuCk8J3tkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599265ed65697-OSL
content-encoding: br
X-Firefox-Spdy: h2

platform.bidgear.com/ads.php?domainid=6991&sizeid=17&zoneid=7797

104.26.3.107

200 OK

539 B

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=6991&sizeid=17&zoneid=7797
IP
104.26.3.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisplay.io/play?id=ODY0MDU=
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint96:B8:F2:6C:8B:F4:3C:4D:3F:C4:69:A4:B1:28:D0:CB:0A:E6:73:2B
ValidityMon, 01 May 2023 00:00:00 GMT - Tue, 30 Apr 2024 23:59:59 GMT

File type
HTML document text\012- HTML document, ASCII text, with very long lines (562), with no line terminators
Size
539 B (539 bytes)
Hash
8213d1af926885a8149d29c67d28b165
bff217632ec3c06c35d2d769cde8b43f557d91bc
e0bf8e36f43150ec43bcfd3bf40e4d54de8c8d30a3e51f1949da8d4bc920148c

HTTP Headers

GET /ads.php?domainid=6991&sizeid=17&zoneid=7797 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisplay.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:40 GMT
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RWCV3vdpmqiiDjA2IXYqOA1XeizP7Syo%2BX%2BzIs80P9rh5zzr%2BorKkn0W21I8k80KM7EGEbBmLN4EuyNpw4a3DQORwp4dKNSyYjwOm0XKyqC7rkUCLLQ5N%2B5l3WmAul%2BgRKB5omqI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b5992fcf7d56c5-OSL
content-encoding: br
X-Firefox-Spdy: h2

gloacmug.net/?rb=JF_UU7d9gNEBk0WRh6DjVwdFFzXh_KRXF5HYbq_8UBJHnj4ROwoDL1Pbs8f4lSw5zFhMnLripH-Z1tzKuSQ7XH2qZw433F3IoKjJgWKlkdcc2twfBaHBOqqwXxLku-WNqVfWbkrkihylevshGJluOKIx_ZDexXqq1Ny-vPTPkpOP3lBC-LLHkFsksPLc0SwVFr7twtX_0ik3DjJ2XqEV1NuMCJ3NtLbm&request_ab2=0&zoneid=5737819&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fww1.cuevana3.ch%2F11404%2Ffeast-ii-atrapados-ii&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=5d490ff9-b200-420c-838d-34d81ebfd537&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link

139.45.197.245

200 OK

1.7 kB

URL GET HTTP/2
gloacmug.net/?rb=JF_UU7d9gNEBk0WRh6DjVwdFFzXh_KRXF5HYbq_8UBJHnj4ROwoDL1Pbs8f4lSw5zFhMnLripH-Z1tzKuSQ7XH2qZw433F3IoKjJgWKlkdcc2twfBaHBOqqwXxLku-WNqVfWbkrkihylevshGJluOKIx_ZDexXqq1Ny-vPTPkpOP3lBC-LLHkFsksPLc0SwVFr7twtX_0ik3DjJ2XqEV1NuMCJ3NtLbm&request_ab2=0&zoneid=5737819&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fww1.cuevana3.ch%2F11404%2Ffeast-ii-atrapados-ii&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=5d490ff9-b200-420c-838d-34d81ebfd537&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link
IP
139.45.197.245:443
ASN
#9002 RETN Limited

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerLet's Encrypt
Subjectgloacmug.net
Fingerprint59:4F:3D:30:13:16:37:32:2C:17:A9:37:92:F2:C1:A6:C8:5C:89:C1
ValiditySat, 15 Jul 2023 04:09:42 GMT - Fri, 13 Oct 2023 04:09:41 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (1758), with no line terminators
Size
1.7 kB (1738 bytes)
Hash
58db572fe799ee41904f474f222fb00b
8d9e6c5224f6708074ba66963431658ec784eccc
2b7d638c6d10656a1127f2f04f081cf4c928f2ab67a32972c64f33587ced791c

HTTP Headers

GET /?rb=JF_UU7d9gNEBk0WRh6DjVwdFFzXh_KRXF5HYbq_8UBJHnj4ROwoDL1Pbs8f4lSw5zFhMnLripH-Z1tzKuSQ7XH2qZw433F3IoKjJgWKlkdcc2twfBaHBOqqwXxLku-WNqVfWbkrkihylevshGJluOKIx_ZDexXqq1Ny-vPTPkpOP3lBC-LLHkFsksPLc0SwVFr7twtX_0ik3DjJ2XqEV1NuMCJ3NtLbm&request_ab2=0&zoneid=5737819&js_build=iclick-v1.601.0&fs=0&cf=0&sw=1280&sh=1024&sah=1024&wx=0&wy=0&ww=1280&wh=1024&cw=1280&wih=1024&wiw=1280&wfc=2&pl=https%3A%2F%2Fww1.cuevana3.ch%2F11404%2Ffeast-ii-atrapados-ii&drf=&np=1&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false&wgl=&js_build=iclick-v1.601.0&bs=5d490ff9-b200-420c-838d-34d81ebfd537&userId=30d4bce4d1b34256b784cd8bd00265b1&m=link HTTP/1.1
Host: gloacmug.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ww1.cuevana3.ch/
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Cookie: OAID=30d4bce4d1b34256b784cd8bd00265b1; oaidts=1695501580
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 23 Sep 2023 20:39:41 GMT
content-type: application/json
x-trace-id: e91962c66a72213b54ee427130002199
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Wow64
access-control-allow-origin: https://ww1.cuevana3.ch
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, baggage, sentry-trace
access-control-max-age: 86400
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
set-cookie: OAID=30d4bce4d1b34256b784cd8bd00265b1; expires=Sun, 22 Sep 2024 20:39:41 GMT; path=/; secure; SameSite=None
oaidts=1695501581; expires=Sun, 22 Sep 2024 20:39:41 GMT; path=/; secure; SameSite=None
syncedCookie=true; expires=Sat, 30 Sep 2023 20:39:41 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2

ww1.cuevana3.ch/11404/feast-ii-atrapados-ii

104.26.6.217

200 OK

90 kB

URL User Request GET HTTP/2
ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
IP
104.26.6.217:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcuevana3.ch
FingerprintB0:C7:58:49:EF:D1:B7:78:84:66:C2:88:C8:39:92:E9:64:6A:86:30
ValidityWed, 20 Sep 2023 04:24:56 GMT - Tue, 19 Dec 2023 04:24:55 GMT

File type

Size
90 kB (89501 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /11404/feast-ii-atrapados-ii HTTP/1.1
Host: ww1.cuevana3.ch
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:38 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.13
set-cookie: gogoanime=9f07phrt110l0l1gf74dihluk4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMDiyDzbq%2FVy3daYb2xmaLIqCrmkp%2Fj6j5%2BFl4SrZpGwWEhgilJu6M7nrh%2BgPK%2FOrn2gXF5k7ufGizzhhSm8vEKRrtmyU8m53Gq6KSTcIAdAD7Itdbe0%2BwSSpB0nA4f50g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b59921d9fa5697-OSL
content-encoding: br
X-Firefox-Spdy: h2

if.pelisplay.io/spanish.php?id=ODY0MDU=&type=[{%2213%22:{%22link%22:%22https://wishembed.pro/e/sktiqzvy30s2%22}},{%2214%22:{%22link%22:%22https://dood.wf/e/hm4gnfb9lli9%22}}]

172.67.70.219

200 OK

5 B

URL GET HTTP/2
if.pelisplay.io/spanish.php?id=ODY0MDU=&type=[{%2213%22:{%22link%22:%22https://wishembed.pro/e/sktiqzvy30s2%22}},{%2214%22:{%22link%22:%22https://dood.wf/e/hm4gnfb9lli9%22}}]
IP
172.67.70.219:443
ASN
#13335 CLOUDFLARENET

Requested by
https://ww1.cuevana3.ch/11404/feast-ii-atrapados-ii
Certificate
IssuerGoogle Trust Services LLC
Subjectpelisplay.io
FingerprintB2:D4:D3:CD:25:7A:A3:9F:EE:D8:9A:D2:19:6B:8A:C5:87:8E:0D:DC
ValiditySat, 12 Aug 2023 05:52:06 GMT - Fri, 10 Nov 2023 05:52:05 GMT

File type
ASCII text, with no line terminators
Size
5 B (5 bytes)
Hash
68934a3e9455fa72420237eb05902327
7cb6efb98ba5972a9b5090dc2e517fe14d12cb04
fcbcf165908dd18a9e49f7ff27810176db8e9f63b4352213741664245224f8aa

HTTP Headers

GET /spanish.php?id=ODY0MDU=&type=[{%2213%22:{%22link%22:%22https://wishembed.pro/e/sktiqzvy30s2%22}},{%2214%22:{%22link%22:%22https://dood.wf/e/hm4gnfb9lli9%22}}] HTTP/1.1
Host: if.pelisplay.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://ww1.cuevana3.ch
DNT: 1
Connection: keep-alive
Referer: https://ww1.cuevana3.ch/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 23 Sep 2023 20:39:50 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-powered-by: PHP/5.6.13
origin: *
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZjOXOEoyZyZzNTlIaBFe1NMuxWKAt9%2B%2BH%2BigJIVYTOkLH1UARaUpSfSe8BiQY0shzPQq6ssWwn%2BW6i6xSYLn1w8O4MswuPGqOB9mIbuLs1qoqO3sy8fOsKfFur6j%2BMRIg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80b599691f02b509-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (45)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by