Report - www.pelisplus2.io/pelicula/el-cuervo/

Report Overview

Submitted URL
www.pelisplus2.io/pelicula/el-cuervo/
IP
104.21.23.30
ASN
#13335 CLOUDFLARENET
Submitted
2023-02-04 08:47:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
10

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	481 B	37 kB	142.250.74.67
utilitypresent.com	unknown	2023-02-04T03:11:22Z	2023-03-10T02:13:31Z	400 B	14 kB	173.233.137.60
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	374 B	21 kB	216.239.36.178
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	606 B	593 B	173.194.220.155
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.8 kB	8.7 kB	142.250.74.131
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	2.0 kB	4.4 kB	23.36.76.226
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	350 B	944 B	143.204.42.156
www.pelisplus2.io	786283	2021-10-26T12:11:08Z	2023-03-04T08:36:10Z	2.6 kB	7.8 kB	172.67.208.119
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	337 B	1.4 kB	35.241.9.150
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
revolveoppress.com	unknown	2023-02-02T02:33:12Z	2023-03-10T02:16:06Z	4.6 kB	5.8 kB	192.243.61.227
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	453 B	386 B	45.133.44.4
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	4.4 kB	62 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	34.211.126.51
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	395 B	410 B	35.156.167.37
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	362 B	29 kB	104.21.234.92
mahdicrofter.com	unknown	2022-08-31T18:09:46Z	2023-02-07T01:12:51Z	376 B	1.4 kB	23.109.87.27
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	1.7 kB	5.4 kB	172.64.167.9
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	401 B	33 kB	45.133.44.10
pageantbagauspice.com	unknown	2022-09-26T11:13:00Z	2023-03-13T04:49:52Z	403 B	64 kB	192.243.61.227
api.esplay.io	703547	2021-10-26T12:11:13Z	2023-02-25T21:40:13Z	3.5 kB	7.6 kB	188.114.97.1
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	445 B	165 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	418 B	1.7 kB	142.250.74.74
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	56 kB	34.120.237.76
static.esplay.io	688015	2021-10-26T12:11:12Z	2023-02-25T21:40:12Z	433 B	11 kB	188.114.96.1
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	384 B	16 kB	216.58.207.228

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js	Malware
2023-02-04	medium	friendshipmale.com/sfp.js	Malware
2023-02-04	medium	cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-04	medium	pageantbagauspice.com	Sinkholed
2023-02-04	medium	utilitypresent.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	www.pelisplus2.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js	12 kB	2023-03-07	2024-05-10
Pretty URL www.pelisplus2.io/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-05-10 23:35:29 Times Seen43978 Hash 88a769d2fe35899fd45a332a0a032cc0 514c6c1d8475d17e412849a4c90159517d0fa10a ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Loading...

	www.pelisplus2.io/pelicula/el-cuervo/	2.6 kB	2023-03-13	2023-03-13
Pretty URL www.pelisplus2.io/pelicula/el-cuervo/ IP 172.67.208.119 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:36:00 Last Seen2023-03-13 16:36:00 Times Seen1 Hash ace8198c73d86f6f3072625b9dc3ff8c 92b8fc2e8ec4641925015149ad3a86ec4f2627d8 42dcec89782a361b89ac90dfdad65369dc621f6e426cdd1c141f18c83b9ebfa5 Loading...

	www.pelisplus2.io/static/js/7.06440f9e.chunk.js	364 kB	2023-03-08	2023-03-13
Pretty URL www.pelisplus2.io/static/js/7.06440f9e.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:20:28 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 0e5ec27c813121c48fbb38c76744dd6e ed17f61103554c7b0d12e3ad8f296f071aae8a76 4dce34e2147cb0bef51ce9593d3ba8db102b16cd84fa079755cdbe29a2ef9b68 Loading...

	www.pelisplus2.io/static/js/UserMenuTop.605db09e.chunk.js	1.1 kB	2023-03-08	2023-03-13
Pretty URL www.pelisplus2.io/static/js/UserMenuTop.605db09e.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:20:28 Last Seen2023-03-13 16:36:00 Times Seen1 Hash efaa9ed3df8c09e6c0c7860e8f328938 45567e50ca484d66a3671976d6456858d38ff1c7 865ea0716beee0e4604e98b103a41f85143bcc49718d115ec7e5956a2bfc20ea Loading...

	www.google.com/recaptcha/api.js?render=explicit	852 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?render=explicit IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:37:32 Last Seen2023-03-13 20:49:44 Times Seen1 Hash 0c69ad595d249fb068591537fb410563 6f586812adac30ed5a5f65716d07aec4a7a979ee 6c2869ce7802b03a1f09beb236b2ddbe2d3c4396625dedc7b8a301df245bf3e6 Loading...

	pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js	60 kB	2023-03-13	2023-03-13
Pretty URL pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:36:00 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 43d84fdc3607389c88aaea05f9cfc6b8 82c1dc9b76df3673761f88dbf62b78b6b6937c10 530cbeba63ff70ed3996efb14883e4f489ad175db9fe6c6c281e2b2a59fa7db1 Loading...

	utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js	37 kB	2023-03-13	2023-03-13
Pretty URL utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:36:00 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 1caa9caec1e4c5c2a887081aa0a6f267 2ac20b0a36b0d0b176eb1372b61a063e0fce1303 3b24362ea8cbd81c844d8cf3ccdcd80913c2b09afd43af32e3be06a8e4dbbc95 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 216.239.36.178 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.pelisplus2.io/static/js/0.1da1df89.chunk.js	158 kB	2023-03-07	2023-03-14
Pretty URL www.pelisplus2.io/static/js/0.1da1df89.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:28 Last Seen2023-03-14 11:20:24 Times Seen1 Hash be06faa2fdec5fa2fb78c54f83ebf8bc 2c73c8d5f7ebe162a9cf13b2fc0b93de47eb5a7b 0dbcc8959bf7a436c1ab354b7ee3917199167cfb9fd984a989e20be82e8e7b47 Loading...

	www.pelisplus2.io/static/js/client.6910a2f9.js	131 kB	2023-03-12	2023-03-13
Pretty URL www.pelisplus2.io/static/js/client.6910a2f9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:55:20 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 07a3ab3ca0d1a8c250bfd7022bcc5a84 ed559050a17c1aec58a729fcaf7bb87d2bdc13bb 04e7f114a52cfdec92144644524f77ce7516e0ecfba6a639605d78ae532e7021 Loading...

	www.pelisplus2.io/static/js/8.a5af3c0e.chunk.js	150 kB	2023-03-08	2023-03-13
Pretty URL www.pelisplus2.io/static/js/8.a5af3c0e.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:20:28 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 2d032b954f1917bb5b5b7e07192f06fc 9ac8ab7838719395e8f958d130353e91d72c3e86 a5f0bebf10bb9b1b2263b5cc6456de636687f73f381b88a6575b5366a5216001 Loading...

	www.pelisplus2.io/static/js/components-Player.6ec7b17a.chunk.js	28 kB	2023-03-08	2023-03-13
Pretty URL www.pelisplus2.io/static/js/components-Player.6ec7b17a.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:20:28 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 39bae4ded83734ba9ca4b63dd8006a41 1895f83cc127f3027e236b95a76c5dd3c72210ae e70454b9336fa4ec3e3fa216626d2a50fddb579c62a989021b36e6ce87f4d30d Loading...

	www.pelisplus2.io/static/js/components-Comments.a2d7e05b.chunk.js	14 kB	2023-03-08	2023-03-13
Pretty URL www.pelisplus2.io/static/js/components-Comments.a2d7e05b.chunk.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:20:28 Last Seen2023-03-13 16:36:00 Times Seen1 Hash 6c82665a9135eadc15b9fe3d7c0a4803 eb782a8b944c14ff2d227c8851eaef10faf8eef0 fbf02cfe339e3b73fbdb06bdde7018e544d3715d22dbc28170670f91aa127cab Loading...

	www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js	412 kB	2023-03-13	2023-03-14
Pretty URL www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP 216.58.211.3 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:35:27 Last Seen2023-03-14 08:38:41 Times Seen1 Hash d2aff4cd4e40d9bfa2c1f818bcad7ce2 4cc960f771819bccd4783520506e3909e8ec0fcd d808130157ed1fca0469f5f40210d7d1b2dc2c41add64e658bb3222aea4d9eba Loading...

	http:blank	619 B	2023-03-13	2023-03-14
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:36:00 Last Seen2023-03-14 09:52:57 Times Seen1 Hash 8d66bf80f038d1bf13c3ab2d3ae6312a 76eebdc47688b5912a1685e89e77b19e13e6e806 4cc2a06e034169ea09788cb0743cd14c847304a6a97454f943152069df04b177 Loading...

HTTP Transactions (76)

URL IP Response Size

www.pelisplus2.io/pelicula/el-cuervo/

172.67.208.119

301 Moved Permanently

0 B

URL HTTP/1.1
www.pelisplus2.io/pelicula/el-cuervo/
IP
172.67.208.119:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pelicula/el-cuervo/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 08:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 09:46:57 GMT
Location: https://www.pelisplus2.io/pelicula/el-cuervo/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxi2Jng%2FiZjNse85YAc738YlydEmNSMena7b0vvrfgD%2BlWqDYyEuJaN%2BdurpWsvc3EGWNwvXB5tZy2ZKfmFvWaqSsZvfyMerUxY8NVWl%2B1qTFBPHv73hwWXi1yqSdbxjT6xvxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794223895f821c06-OSL
alt-svc: h2=":443"; ma=60

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20771
Expires: Sat, 04 Feb 2023 14:33:08 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3584
Expires: Sat, 04 Feb 2023 09:46:41 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19139
Expires: Sat, 04 Feb 2023 14:05:56 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:43:37 GMT
content-type: application/json
age: 200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: vTC5sGxB4eeEqZCBJslrchvt8W7Y2cufH3/gpfCB3+tK+6BF7uF9rZmvAK9y+s7FOpIuUTAqbVo=
x-amz-request-id: C2J5T8J3JTDNX3FZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 08:23:55 GMT
age: 1382
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5a08c8564e4b7d9b7c82affbd2b69a7
a8d20ba556261d37af70a1e403ae1fe541ef091f
3991bcf25255e4cedb748ceb1b27c24b8f287341d122b839f52120c583b0d698

HTTP Headers

POST /s/gts1p5/ZgJaamJ7urA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:46:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5a08c8564e4b7d9b7c82affbd2b69a7
a8d20ba556261d37af70a1e403ae1fe541ef091f
3991bcf25255e4cedb748ceb1b27c24b8f287341d122b839f52120c583b0d698

HTTP Headers

POST /s/gts1p5/ZgJaamJ7urA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c181c51a9326d56e60915a792c306c2c
de1cc0ce1384905e65a9fa9575743091d785e528
b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap

142.250.74.74

200 OK

1.1 kB

URL HTTP/2
fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
data
Size
1.1 kB (1054 bytes)
Hash
834ed60d59485910b70f55fdc449d111
7bc892ea33b5a81f12be6d82ac8f17307e95bda3
264db421d5921b714c8e8cf390f310d5310185817972f3b649152e3a0fb6fd4b

HTTP Headers

GET /css?family=Nunito:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 08:46:58 GMT
date: Sat, 04 Feb 2023 08:46:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.pelisplus2.io/static/css/components-Player.6ec7b17a.chunk.css

104.21.23.30

200 OK

2.0 kB

URL HTTP/2
www.pelisplus2.io/static/css/components-Player.6ec7b17a.chunk.css
IP
104.21.23.30:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (7138), with no line terminators
Size
2.0 kB (2010 bytes)
Hash
6e4716a098cbbd0dcbaf7485937b9780
9b296efadf96214ff1645b6260940b3669e00c6c
631449af7db79ed95281341585c423cd1a5e124c537fe5bc966d1b76abb5f018

HTTP Headers

GET /static/css/components-Player.6ec7b17a.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=7211
etag: W/"1c2b-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yny6I82n%2F5Mnv2GfuzRngcqQ7PK3c49cnoq%2Bu4SO2D96Rsb1iaCEK%2FzqbNh4WgqZLsCPuMnR%2BGPBgEaENRGHYTggIPkpYAo7jIbJErYbbj5VxOHgMIliIFIF0d6UqPxjqCCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b041c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pelisplus2.io/static/css/components-Comments.a2d7e05b.chunk.css

104.21.23.30

200 OK

1.2 kB

URL HTTP/2
www.pelisplus2.io/static/css/components-Comments.a2d7e05b.chunk.css
IP
104.21.23.30:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (3408), with no line terminators
Size
1.2 kB (1228 bytes)
Hash
61f72c5e7662c1acecfe79d5d2354ddf
d82885ac6f2e5792f8812a68d1b35838389498b0
5dd26f51f9a121d0917bf935d73f60d3362ee9b036eb93ba4cf0fa42e93050cb

HTTP Headers

GET /static/css/components-Comments.a2d7e05b.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=3475
etag: W/"d93-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtyhxT1cOY9EBJK9d035AxiyJrc9bSH7QqAh3eZ6Tew0tjWQ8kqApI9cxs3TYPMhbO4fAdMAl9waAp3fy8laT9THf2AELC8GPYUP8Wjb97PpWVl3Dq%2FvsZLiaihwWPvLF95UCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b031c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
621b586028d5acaf29b8777ca0872ce1
9d2a358576d0acab58e2eacf7765b686cee9181f
a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=explicit

216.58.207.228

200 OK

15 kB

URL HTTP/2
www.google.com/recaptcha/api.js?render=explicit
IP
216.58.207.228:0
ASN
#15169 GOOGLE

File type
data
Size
15 kB (15357 bytes)
Hash
40d42cd5753d7b7c64d6d4d03253a547
81dc79a61d5c266a7d07b97328d0e7f2f96d6b5a
ad899d8b2e29dea180407e1566af2b105b6faf542de7623e02d40d1e37d698b7

HTTP Headers

GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 04 Feb 2023 08:46:58 GMT
date: Sat, 04 Feb 2023 08:46:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2

142.250.74.67

200 OK

36 kB

URL HTTP/2
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Size
36 kB (35904 bytes)
Hash
c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357

HTTP Headers

GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 522877
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

50 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
50 kB (50269 bytes)
Hash
487e1c26611097ee9b3f017a9da39c7b
3cb63043843d9b295437246f862dc3a453f6a328
d9d399d2fcfe3093318ab34aca560e486ce37be1f79fcd4a921c2560d7a2891f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C403B7E8841F87BEE7B76C60E2CA7720A8A29CD5211A4907B71121046670E42D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Sat, 04 Feb 2023 14:46:03 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8176ac8bbb8fa05f36bdfa163da09e0c
b936c84c5fa7e781b12a17952c82bca546ca0575
1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
23287a0337047631e479bb3cbe8b0fcd
15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99
da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Sat, 04 Feb 2023 09:23:14 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive

mahdicrofter.com/tzuz2PuzYYs7WMqo/50402

23.109.87.27

200 OK

25 B

URL HTTP/1.1
mahdicrofter.com/tzuz2PuzYYs7WMqo/50402
IP
23.109.87.27:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60

HTTP Headers

GET /tzuz2PuzYYs7WMqo/50402 HTTP/1.1
Host: mahdicrofter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:46:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 05-Feb-2023 08:46:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sun, 05-Feb-2023 08:46:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff

static.esplay.io/movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp

188.114.96.1

200 OK

10 kB

URL HTTP/2
static.esplay.io/movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 326x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10250 bytes)
Hash
5285d1ce4d8ed7431e7bbd0a8dbc969a
77e93d8da270ec4df1be42c3f9533a58037d61df
b8373f480d9ce488a7cecc3f8c6adb997e3141c2991717cbb99aed5fef6b0ec3

HTTP Headers

GET /movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp HTTP/1.1
Host: static.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: image/webp
content-length: 10250
last-modified: Mon, 27 Dec 2021 04:27:05 GMT
etag: "61c94099-280a"
access-control-allow-origin: *
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ5s0IzCKatvU8IYekUthG7kVFElAm1g7IUzf7eFsmcDc%2BhkoAK2sb27UWrRt5zc1tcgBZ3xoPW6aBj1rfGO0OiiLrbrJY5EUfz8stfuKJFmhYdZJqQ8SPVD1f%2BZBpzv0GA9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238edc740b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
192705df9662b55e7075f720fdd0988e
c3cfcb899474492b7ca1882f692f4fe78d89e4eb
019eefaa78765bb67e82ba2d1131a965d3966d625c6095aeed9b7d406306e91b

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "019EEFAA78765BB67E82BA2D1131A965D3966D625C6095AEED9B7D406306E91B"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17112
Expires: Sat, 04 Feb 2023 13:32:10 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6e34951308fcf5ce960b7bc31f861565
fb64ffd61ffe7ffd43a8e35e806d089d483e8d84
3a010c40c99c0d0d0bd1dd206def6d9005a05cac724c5f2c79cb291dc42ad771

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A010C40C99C0D0D0BD1DD206DEF6D9005A05CAC724C5F2C79CB291DC42AD771"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1263
Expires: Sat, 04 Feb 2023 09:08:01 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive

push.services.mozilla.com/

34.211.126.51

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.211.126.51:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9zaSHBTsFBBQYsSwloT0Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XR5is4Ldj/QJ7wijTCHR/7yZYXg=

pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js

192.243.61.227

200 OK

63 kB

URL HTTP/1.1
pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
data
Size
63 kB (62866 bytes)
Hash
e43a836c37f643860e713a1eebb379e1
02476133d1e5ff9bebe977610d79ffa95abb328c
55b0ccd309a3d26f5c18137f704826f849ebb526b9c9b42cde628813ee70534c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ec/f5/54/ecf55400633c995bcb9429a392e80a51.js HTTP/1.1
Host: pageantbagauspice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:46:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 026fee44745d711dd9ef63c6119900b8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
51587a23f66c8249b593bdd3bc316c26
a44589aa9cf9e0a703e280f130f13783a4dce154
9d3982efed953d409b9ff9e88be9f517be1f563d0569bc8f39ca9c75be104477

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 08:46:59 GMT
Last-Modified: Sat, 04 Feb 2023 07:37:35 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n-aecbh-UvH9jBcv9N4IF6v6zJERqJtEzsF-BRW3hcmi6kG3s5hWxg==
Age: 4164

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
a380b88bd7df43068b307f6122466a76
2d24c461721ccc8f40f770461870501a8223a1fa
9b66fd47b6cbaa0392d4956eec825978beed704cd9750a096ef32435a8b210d2

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.pelisplus2.io
access-control-allow-credentials: true
set-cookie: uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; expires=Tue, 01 Feb 2033 08:46:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
99170733d25bf2a2cff9e806dffad130
833d7bbf50f50ab599247df16626a3469e82fa53
9ad6d432c8714fa65164ba102b68d8d668a0aebc06067701cdb8c256c89f2af1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AD6D432C8714FA65164BA102B68D8D668A0AEBC06067701CDB8C256C89F2AF1"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13912
Expires: Sat, 04 Feb 2023 12:38:51 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

api.esplay.io/graphql

188.114.97.1

204 No Content

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frkuvBpAUrpnKyNzxuRcYFIMvn87Du8H1UnhZA6XsLH7V1G9ZDz6iU3wHyOHzO%2FQMFuM%2BWW%2B6Y9ISkGuGcsyPKbhPMVcY0lx979JWW8AQafBjkUcPwQlnDm8K9YTYYoQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223957899b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.esplay.io/graphql

188.114.97.1

204 No Content

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pUMR2WMHwh8FABlONjDeCP5twojDKxJ4RcByrZ6r2eqHX%2BTpz3RrLbNZjgeImjX35G%2Bpy6MZmV%2Bi9GsigK069yrUGZjBrmLnVqa%2B3DcDxb4fgCQHJJ%2FJL6DdY0zxZa1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223957896b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.esplay.io/graphql

188.114.97.1

204 No Content

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKcTsek577GeJkhINMiJ7x%2Br4XW%2Bx89X6%2BUyi0M7M0Dbkn3ZHtsyQRcZu7oVGzhq8uIrAo9QKaYL1rX0M8Lv%2BAx6nBB20oyOT9dLKcLQysh8WLH%2BygR%2FR4OYzW6caQgu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422395789ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js

173.233.137.60

200 OK

13 kB

URL HTTP/1.1
utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37125), with no line terminators
Size
13 kB (13405 bytes)
Hash
cc26db71019b254f9cf08860564fe46f
6df31dfe80d67bc95839d3fd7639760b61edef98
ae15e0d249c0f9d833d680e7c02f13b56716f17489d73e3990c737d8275912cc

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js HTTP/1.1
Host: utilitypresent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a48c68738f98e452e62d9c1271fa081
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Sat, 04 Feb 2023 09:32:03 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6718 bytes)
Hash
45c6a062f8637e689819f505b019dc0e
61665688f1039c4fad848853a68e28d057718ad1
c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 38440
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 39536
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 38187
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.1 kB (7101 bytes)
Hash
41580a501cc07c328e6ab6b167a110dc
a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e
0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 38010
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.9 kB (5917 bytes)
Hash
75b9c67fbf2d207afec78eb14b95d7ec
c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8
42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 37758
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 38188
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e70e9e5d74eea4fe2727fac986865133
0b1a570e9520def8578d434b6ea0cbf204a58098
ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2703
Expires: Sat, 04 Feb 2023 09:32:03 GMT
Date: Sat, 04 Feb 2023 08:47:00 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7d482750bf7fdfcaa38c0efd583ef4dc
a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d
5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js

216.58.211.3

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (633)
Size
164 kB (163841 bytes)
Hash
fe98364486b3206867b17008f995646f
35a5e9aa210970f7abd718d99e629c6982a3cc02
1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a

HTTP Headers

GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 345229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

216.239.36.178

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
216.239.36.178:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 07:44:08 GMT
expires: Sat, 04 Feb 2023 09:44:08 GMT
cache-control: public, max-age=7200
age: 3772
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

1.4 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
1.4 kB (1431 bytes)
Hash
5ca46a353ad813a47605249521d46f6b
aeb9877b66386aa4a45ac6297d4f7c81aba17d5a
2c3de1b0207ad9c15243106ed6bbfd9ab02a7ae1ff623daae01f3c6948fef810

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

api.esplay.io/graphql

188.114.97.1

200 OK

821 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text
Size
821 B (821 bytes)
Hash
e27b001405c96fce76a85a92f0056844
a6f29bca3aed5f902d95a74b3b22b905521bf8ca
4aa3d8a8fb184a5908df5cceb3763653d2e2f48739866659fd3c425f55eda1e1

HTTP Headers

POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization: 
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 640
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"50-J2bpQitwd2TlC34udSApZB2aG3g"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIHto8JcrJjNO9MfzmfuR%2BI1EJdTUc617rlUVK9OAPtdrrJF0MCw%2FBL4QYIkpLmIX0YN4SLmMrZ%2B%2BFhtqvZArPhGUHncuuQFrgkNovm70AQnmP8YzTx13eYiotdoA30j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da39b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901

173.194.220.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901
IP
173.194.220.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.pelisplus2.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 08:47:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
42f7bb86070a306c0902a2947bfd5db1
679751d86f7520d1e5e30b5bc050015450de75a7
ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

friendshipmale.com/sfp.js

104.21.234.92

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
104.21.234.92:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27622 bytes)
Hash
994c5f8a5dccb4a19610cce412758471
acf5de7ee4758838434464156a2480aba32a8af8
cf78b738be87c8c01a56f440a5cf14e6262617e81896dcd74ebd7c361314d309

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bb536d22a72589327427afa09db3f94a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 Feb 2023 08:46:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to1TDnqEXNiZ8Zo5pGxuMxsPuSccr3YXh%2Fe%2BKuxkjOSYLHLBWqzA8ofRxebwjbxRXwUyBN0mVUmT6yKyUli06c44ZCTGymC%2FamCqaYHhbmsJ02hiYfyY8R%2Fazv5J5ggOXTi1wRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223984e857702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

revolveoppress.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1

192.243.61.227

200 OK

2.7 kB

URL HTTP/1.1
revolveoppress.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , ASCII text, with very long lines (6143), with no line terminators
Size
2.7 kB (2703 bytes)
Hash
fb2b3c45ec6e4e8d2448c30b82707996
8fdf72f8a8723104601aa9fb4aee13ead21b4aea
6f7ce3b1f6f03cc24e86675e180f0d06b296ca7078c2b4251d73895372b5a206

HTTP Headers

GET /sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.pelisplus2.io
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17687966; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; expires=Sat, 11 Feb 2023 08:47:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 061597401921d7b6a7edf4a13a2492ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
358c0cc441f7401b74509340db8b0014
19c0c7970d9a01d09daa48fd89a756d3da76a4d8
f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5466
Expires: Sat, 04 Feb 2023 10:18:09 GMT
Date: Sat, 04 Feb 2023 08:47:03 GMT
Connection: keep-alive

revolveoppress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL HTTP/1.1
revolveoppress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a72869955b15370c6a74a40c881f826
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png

172.64.167.9

200 OK

2.0 kB

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (2005 bytes)
Hash
2cecae5111d5ff932a996679215ad573
f4c63abb5dc373aba5bc144c3831d98516cc7cc9
31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5282675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ivvekfi51vYLJDr11mHF0xDG8z6USHmhdDxUrfp%2BtGPr%2Bum75AYAQmLU0WIXbRFdCYPcZXD3l9GYQZJs9LM4bBQl0L%2BuC4Wy9GQLFtEEIp2AsdA93Cu3cT3gqFItUJT5V5JxySRvggF6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b27c4223e2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
de26603d2dd53bbc97ab84a98a423fc8
0ef00c310251712fe1993300278436541a835629
a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

1.2 kB

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
gzip compressed data, max compression\012- data
Size
1.2 kB (1163 bytes)
Hash
19985202541495c846b6e697856a9156
30bbeeccdb2fee7550c4044a6c53f835d90bcfde
4eef75d3a39e292da465034bd29c06dd0a70e2eef78b91b23891cd648118989f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19203
Expires: Sat, 04 Feb 2023 14:07:07 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png

45.133.44.10

200 OK

33 kB

URL HTTP/2
cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32763 bytes)
Hash
2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce

HTTP Headers

GET /si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:25:45 GMT
etag: "63656739-7ffb"
expires: Mon, 06 Feb 2023 08:47:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

revolveoppress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D

192.243.61.227

200 OK

7 B

URL HTTP/1.1
revolveoppress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51fb30b9ae1efaed382313956c2af52a
Strict-Transport-Security: max-age=0; includeSubdomains

revolveoppress.com/pixel/sbs?c=1

192.243.61.227

200 OK

0 B

URL HTTP/1.1
revolveoppress.com/pixel/sbs?c=1
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html

45.133.44.4

200 OK

0 B

URL HTTP/2
cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:03 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 Feb 2023 09:47:03 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 25118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swTmAT5ug3hziQUM4RKj%2BFFjf0rW4RCtSqd7itAlSlcgOAPjnFHBjrDGcK7rX3llVGNryS27IgCaJErh0qgXWR9GDOmdhNRL9PjqFMW3xkEd7yOOy32t3F1p5R3A8fCQFt2ywE0WdI22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c1e23e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 217182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLWraJfC1v3hFWLi0aq%2Bk7DpyKNq3kIJ50ToOoFAO4vKmcEoYnWvqiacDdqRVvoUEt7grkySnx79PruTVStugIyXcBFLc%2Bqxncex4xJXOyG4RTZteTnjjC%2Bl0h5UEFfMMQtkJoPa%2Fc6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c1f23e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.esplay.io/graphql

188.114.97.1

200 OK

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization: 
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 181
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"1c-saxysgsJFZT+MZvdvsxJLWVBPgg"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr0aNzdRqOalwZTMK0OZKxxYuP7LzypibqnqzRtaPU9%2BLP1DMPYYUOfjK27AEZmz7jcI1Bbju6jtahhbPIB60KrnpcViG6%2BFwmj2n2XJeSHvycCUpXJpMXTU%2FZxwvVon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223b46c33b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pelisplus2.io/pelicula/el-cuervo/

104.21.23.30

200 OK

0 B

URL HTTP/2
www.pelisplus2.io/pelicula/el-cuervo/
IP
104.21.23.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /pelicula/el-cuervo/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/html; charset=utf-8
age: 6
x-cache: HIT
x-cache-hits: 4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bk4zc%2BEQg9m4wc0bwXgmOY9RZJTcUJYPckPdV8M%2Bc%2FZrA4ELOYH59LoIegORGZ6bbWYmftdliYGS5dvQrgxVRXNjPua5LW6zoE%2Bh2MgTNEdyWy0KZUe3Ywv6gkTt6fXS%2F3O1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942238b89541c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.esplay.io/graphql

188.114.97.1

200 OK

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization: 
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 476
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"fa2-Pf6WY6pTufKtpmN7L/g4PFRC+mg"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKWUzs5pBcstY1B%2F9nOk9VRq1TE68Z7Bm9G1m0HRctNMtA8R7ewT6svUmPMFtivOk2fLlTk78gd6R4ldPWgd%2BKN%2Fo9akGQYV8VoFSx7EgRDefSQFbcr2cFioI8H05X5Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da36b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pelisplus2.io/static/css/7.06440f9e.chunk.css

104.21.23.30

200 OK

0 B

URL HTTP/2
www.pelisplus2.io/static/css/7.06440f9e.chunk.css
IP
104.21.23.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/7.06440f9e.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=27336
etag: W/"6ac8-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=978LqQtTFAob5iHTtMf67qCNWEgbhm0NrB2iZ9N%2F2Ji2nT0ekLQc%2FQlkEh%2BotsEiIcy9rDAH64WZsKj8IiAI%2FXRDwswMs%2FVcgk9FP6qeETgRCdEVlUHPHgPERIqEHTvukVFXYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b081c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.pelisplus2.io/static/css/bundle.b9a30e94.css

104.21.23.30

200 OK

0 B

URL HTTP/2
www.pelisplus2.io/static/css/bundle.b9a30e94.css
IP
104.21.23.30:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/css/bundle.b9a30e94.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=35782
etag: W/"8bc6-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiHmp7RKOzUvQD06cQxNnUWm0WgLpDaPwmlq6gpKKQcCZ0xey4l%2FCTlWO9WQRoWSDDXphXxP1N9EJZfyVtFLAaO2DfFJB1ZH07%2B9DdhTCv3mfDiWwMgnt13SjQ2riM98MA0caA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b051c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

api.esplay.io/graphql

188.114.97.1

200 OK

0 B

URL HTTP/2
api.esplay.io/graphql
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization: 
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 478
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"dbd-3Tsn1n/0DLpHLQYOSJBiYVN43iA"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8csuOGGxVtZxki84oJAKlEbF9KDEWn1PyBjjc1Qj9gSvGGg5fauS2i2mqX7%2BXg%2B%2FSprZY%2FzRVy6S8LtBskDyuX%2Bcxyn7zn9%2BoKVMcziC8gbtBrALyPWqHP4UWQ4uln9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da3ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 217182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCncVYtk%2FBMuyneakQ1bqWH6iVbRDMUawDcd8GBoGKuPdvJIrj0Ta7Y%2F5polCcmlTRb%2Fbsuoa3DkhViB616HtzGmnqWIkPDZwdOX7%2FF3aj702uyLR8XnwrFJzCdawr%2FamsshfR6HFISs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c2023e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML