| www.pelisplus2.io/pelicula/el-cuervo/ | 172.67.208.119 | 301 Moved Permanently | 0 B |
URL HTTP/1.1www.pelisplus2.io/pelicula/el-cuervo/ IP172.67.208.119:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pelicula/el-cuervo/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 04 Feb 2023 08:46:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 04 Feb 2023 09:46:57 GMT
Location: https://www.pelisplus2.io/pelicula/el-cuervo/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hxi2Jng%2FiZjNse85YAc738YlydEmNSMena7b0vvrfgD%2BlWqDYyEuJaN%2BdurpWsvc3EGWNwvXB5tZy2ZKfmFvWaqSsZvfyMerUxY8NVWl%2B1qTFBPHv73hwWXi1yqSdbxjT6xvxw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 794223895f821c06-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashec47f9eed203ae063b9c210009de54a9 19ff156471b9cffbc2432c5b65543bdd18e36271 3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20771
Expires: Sat, 04 Feb 2023 14:33:08 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash81713f952b51a865ad9764cde68e3fdb 278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3584
Expires: Sat, 04 Feb 2023 09:46:41 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashfb7b6b46e708ad73eaaa3c21e74569ae 950663c025acad81556af5aa3022ecc9d55097fe 763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19139
Expires: Sat, 04 Feb 2023 14:05:56 GMT
Date: Sat, 04 Feb 2023 08:46:57 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 08:43:37 GMT
content-type: application/json
age: 200
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vTC5sGxB4eeEqZCBJslrchvt8W7Y2cufH3/gpfCB3+tK+6BF7uF9rZmvAK9y+s7FOpIuUTAqbVo=
x-amz-request-id: C2J5T8J3JTDNX3FZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 08:23:55 GMT
age: 1382
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA IP142.250.74.131:0
Hashd5a08c8564e4b7d9b7c82affbd2b69a7 a8d20ba556261d37af70a1e403ae1fe541ef091f 3991bcf25255e4cedb748ceb1b27c24b8f287341d122b839f52120c583b0d698
POST /s/gts1p5/ZgJaamJ7urA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:57 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 08:46:57 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA | 142.250.74.131 | 200 OK | 471 B |
URL HTTP/1.1ocsp.pki.goog/s/gts1p5/ZgJaamJ7urA IP142.250.74.131:0
Hashd5a08c8564e4b7d9b7c82affbd2b69a7 a8d20ba556261d37af70a1e403ae1fe541ef091f 3991bcf25255e4cedb748ceb1b27c24b8f287341d122b839f52120c583b0d698
POST /s/gts1p5/ZgJaamJ7urA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashc181c51a9326d56e60915a792c306c2c de1cc0ce1384905e65a9fa9575743091d785e528 b74bc74e2920124b3288a980f9a7b59e3450ba63f2333027440cd6ebbdfdbf8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap | 142.250.74.74 | 200 OK | 1.1 kB |
URL HTTP/2fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap IP142.250.74.74:0
Hash834ed60d59485910b70f55fdc449d111 7bc892ea33b5a81f12be6d82ac8f17307e95bda3 264db421d5921b714c8e8cf390f310d5310185817972f3b649152e3a0fb6fd4b
GET /css?family=Nunito:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 08:46:58 GMT
date: Sat, 04 Feb 2023 08:46:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.pelisplus2.io/static/css/components-Player.6ec7b17a.chunk.css | 104.21.23.30 | 200 OK | 2.0 kB |
URL HTTP/2www.pelisplus2.io/static/css/components-Player.6ec7b17a.chunk.css IP104.21.23.30:0
File typeASCII text, with very long lines (7138), with no line terminators Hash6e4716a098cbbd0dcbaf7485937b9780 9b296efadf96214ff1645b6260940b3669e00c6c 631449af7db79ed95281341585c423cd1a5e124c537fe5bc966d1b76abb5f018
GET /static/css/components-Player.6ec7b17a.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=7211
etag: W/"1c2b-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1yny6I82n%2F5Mnv2GfuzRngcqQ7PK3c49cnoq%2Bu4SO2D96Rsb1iaCEK%2FzqbNh4WgqZLsCPuMnR%2BGPBgEaENRGHYTggIPkpYAo7jIbJErYbbj5VxOHgMIliIFIF0d6UqPxjqCCqw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b041c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pelisplus2.io/static/css/components-Comments.a2d7e05b.chunk.css | 104.21.23.30 | 200 OK | 1.2 kB |
URL HTTP/2www.pelisplus2.io/static/css/components-Comments.a2d7e05b.chunk.css IP104.21.23.30:0
File typeASCII text, with very long lines (3408), with no line terminators Hash61f72c5e7662c1acecfe79d5d2354ddf d82885ac6f2e5792f8812a68d1b35838389498b0 5dd26f51f9a121d0917bf935d73f60d3362ee9b036eb93ba4cf0fa42e93050cb
GET /static/css/components-Comments.a2d7e05b.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=3475
etag: W/"d93-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QtyhxT1cOY9EBJK9d035AxiyJrc9bSH7QqAh3eZ6Tew0tjWQ8kqApI9cxs3TYPMhbO4fAdMAl9waAp3fy8laT9THf2AELC8GPYUP8Wjb97PpWVl3Dq%2FvsZLiaihwWPvLF95UCA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b031c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash621b586028d5acaf29b8777ca0872ce1 9d2a358576d0acab58e2eacf7765b686cee9181f a7c99a5217e394c715679780ae1e3e60202653547212b0a4fd2efab0e1a01015
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash23287a0337047631e479bb3cbe8b0fcd 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash23287a0337047631e479bb3cbe8b0fcd 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.google.com/recaptcha/api.js?render=explicit | 216.58.207.228 | 200 OK | 15 kB |
URL HTTP/2www.google.com/recaptcha/api.js?render=explicit IP216.58.207.228:0
Hash40d42cd5753d7b7c64d6d4d03253a547 81dc79a61d5c266a7d07b97328d0e7f2f96d6b5a ad899d8b2e29dea180407e1566af2b105b6faf542de7623e02d40d1e37d698b7
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 04 Feb 2023 08:46:58 GMT
date: Sat, 04 Feb 2023 08:46:58 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 | 142.250.74.67 | 200 OK | 36 kB |
URL HTTP/2fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 IP142.250.74.67:0
File typeWeb Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data Hashc26b97e7f5bb7a34d190703522d75e16 69d9e5aea0544dbaf9b78c1b65139c03eceece8f 96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 07:32:21 GMT
expires: Mon, 29 Jan 2024 07:32:21 GMT
cache-control: public, max-age=31536000
age: 522877
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 50 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash487e1c26611097ee9b3f017a9da39c7b 3cb63043843d9b295437246f862dc3a453f6a328 d9d399d2fcfe3093318ab34aca560e486ce37be1f79fcd4a921c2560d7a2891f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C403B7E8841F87BEE7B76C60E2CA7720A8A29CD5211A4907B71121046670E42D"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Sat, 04 Feb 2023 14:46:03 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash8176ac8bbb8fa05f36bdfa163da09e0c b936c84c5fa7e781b12a17952c82bca546ca0575 1aa7e39fd02514a4023036a8a100d7e7898ee220063ebfb41c509264c81ed727
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hash23287a0337047631e479bb3cbe8b0fcd 15ec24f5ee1990ee456a6fd3bbcbdbe27bf62c99 da05b381eec3589d2689bc5fab2b89eb5d65f9a5652f9254f3353e30a4540034
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashdedf9c519ac38c4bece9c5bc895787d7 4911175c3f8a435978c5301c33c7a99a5e00a1d5 bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2176
Expires: Sat, 04 Feb 2023 09:23:14 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive
|
|
| mahdicrofter.com/tzuz2PuzYYs7WMqo/50402 | 23.109.87.27 | 200 OK | 25 B |
URL HTTP/1.1mahdicrofter.com/tzuz2PuzYYs7WMqo/50402 IP23.109.87.27:0
File typeASCII text, with no line terminators Hashd488addc5df5fc9b9ff4135bb4e3a823 6ce56f48e851df4d562b43d3bc1269a504ae83fc d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tzuz2PuzYYs7WMqo/50402 HTTP/1.1
Host: mahdicrofter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 08:46:58 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Sun, 05-Feb-2023 08:46:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJw9i7sOgkAURAENEQXMJH6APyA%2BgoWtWhoojPUG8Wo2wl7Crg%2F8elETq5mcOWNZljMK4cgK%2FmoerWZRvIjmyxidCzGcJIWf802ZuhEqKwluwvUja%2BDWdJGsAgx%2BReR8IvSTdHJQV8UP9R8%2BtwDdXJomgPeJrxv20JG6Qrgu5HO85%2BJmWlvDU2SErohO8DbZsaDpdr9D%2BKffs2ujJ7Woan42bR8aWdKLFQk%2BnzWZFtl313kDsc5BIg%3D%3D; expires=Sun, 05-Feb-2023 08:46:58 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
|
|
| static.esplay.io/movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp | 188.114.96.1 | 200 OK | 10 kB |
URL HTTP/2static.esplay.io/movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp IP188.114.96.1:0
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 326x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data Hash5285d1ce4d8ed7431e7bbd0a8dbc969a 77e93d8da270ec4df1be42c3f9533a58037d61df b8373f480d9ce488a7cecc3f8c6adb997e3141c2991717cbb99aed5fef6b0ec3
GET /movie/cover/original/7c6c935efcfae3c84bf668aa3c092720.webp HTTP/1.1
Host: static.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: image/webp
content-length: 10250
last-modified: Mon, 27 Dec 2021 04:27:05 GMT
etag: "61c94099-280a"
access-control-allow-origin: *
cache-control: max-age=2678400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NQ5s0IzCKatvU8IYekUthG7kVFElAm1g7IUzf7eFsmcDc%2BhkoAK2sb27UWrRt5zc1tcgBZ3xoPW6aBj1rfGO0OiiLrbrJY5EUfz8stfuKJFmhYdZJqQ8SPVD1f%2BZBpzv0GA9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238edc740b4d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash192705df9662b55e7075f720fdd0988e c3cfcb899474492b7ca1882f692f4fe78d89e4eb 019eefaa78765bb67e82ba2d1131a965d3966d625c6095aeed9b7d406306e91b
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "019EEFAA78765BB67E82BA2D1131A965D3966D625C6095AEED9B7D406306E91B"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17112
Expires: Sat, 04 Feb 2023 13:32:10 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6e34951308fcf5ce960b7bc31f861565 fb64ffd61ffe7ffd43a8e35e806d089d483e8d84 3a010c40c99c0d0d0bd1dd206def6d9005a05cac724c5f2c79cb291dc42ad771
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3A010C40C99C0D0D0BD1DD206DEF6D9005A05CAC724C5F2C79CB291DC42AD771"
Last-Modified: Thu, 02 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1263
Expires: Sat, 04 Feb 2023 09:08:01 GMT
Date: Sat, 04 Feb 2023 08:46:58 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 34.211.126.51 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP34.211.126.51:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9zaSHBTsFBBQYsSwloT0Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XR5is4Ldj/QJ7wijTCHR/7yZYXg=
|
|
| pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js | 192.243.61.227 | 200 OK | 63 kB |
URL HTTP/1.1pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
Hashe43a836c37f643860e713a1eebb379e1 02476133d1e5ff9bebe977610d79ffa95abb328c 55b0ccd309a3d26f5c18137f704826f849ebb526b9c9b42cde628813ee70534c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /ec/f5/54/ecf55400633c995bcb9429a392e80a51.js HTTP/1.1
Host: pageantbagauspice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:46:58 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 026fee44745d711dd9ef63c6119900b8
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| ocsp.sca1b.amazontrust.com/ | 143.204.42.156 | 200 OK | 471 B |
URL HTTP/1.1ocsp.sca1b.amazontrust.com/ IP143.204.42.156:0
Hash51587a23f66c8249b593bdd3bc316c26 a44589aa9cf9e0a703e280f130f13783a4dce154 9d3982efed953d409b9ff9e88be9f517be1f563d0569bc8f39ca9c75be104477
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 04 Feb 2023 08:46:59 GMT
Last-Modified: Sat, 04 Feb 2023 07:37:35 GMT
Server: ECS (bsa/EB20)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: n-aecbh-UvH9jBcv9N4IF6v6zJERqJtEzsF-BRW3hcmi6kG3s5hWxg==
Age: 4164
|
|
| simplewebanalysis.com/stats | 35.156.167.37 | 200 OK | 40 B |
URL HTTP/2simplewebanalysis.com/stats IP35.156.167.37:0
File typeASCII text, with no line terminators Hasha380b88bd7df43068b307f6122466a76 2d24c461721ccc8f40f770461870501a8223a1fa 9b66fd47b6cbaa0392d4956eec825978beed704cd9750a096ef32435a8b210d2
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.pelisplus2.io
access-control-allow-credentials: true
set-cookie: uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; expires=Tue, 01 Feb 2033 08:46:59 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash99170733d25bf2a2cff9e806dffad130 833d7bbf50f50ab599247df16626a3469e82fa53 9ad6d432c8714fa65164ba102b68d8d668a0aebc06067701cdb8c256c89f2af1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9AD6D432C8714FA65164BA102B68D8D668A0AEBC06067701CDB8C256C89F2AF1"
Last-Modified: Thu, 02 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13912
Expires: Sat, 04 Feb 2023 12:38:51 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| api.esplay.io/graphql | 188.114.97.1 | 204 No Content | 0 B |
IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frkuvBpAUrpnKyNzxuRcYFIMvn87Du8H1UnhZA6XsLH7V1G9ZDz6iU3wHyOHzO%2FQMFuM%2BWW%2B6Y9ISkGuGcsyPKbhPMVcY0lx979JWW8AQafBjkUcPwQlnDm8K9YTYYoQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223957899b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.esplay.io/graphql | 188.114.97.1 | 204 No Content | 0 B |
IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pUMR2WMHwh8FABlONjDeCP5twojDKxJ4RcByrZ6r2eqHX%2BTpz3RrLbNZjgeImjX35G%2Bpy6MZmV%2Bi9GsigK069yrUGZjBrmLnVqa%2B3DcDxb4fgCQHJJ%2FJL6DdY0zxZa1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223957896b523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.esplay.io/graphql | 188.114.97.1 | 204 No Content | 0 B |
IP188.114.97.1:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sat, 04 Feb 2023 08:46:59 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKcTsek577GeJkhINMiJ7x%2Br4XW%2Bx89X6%2BUyi0M7M0Dbkn3ZHtsyQRcZu7oVGzhq8uIrAo9QKaYL1rX0M8Lv%2BAx6nBB20oyOT9dLKcLQysh8WLH%2BygR%2FR4OYzW6caQgu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422395789ab523-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js | 173.233.137.60 | 200 OK | 13 kB |
URL HTTP/1.1utilitypresent.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js IP173.233.137.60:0
File typeASCII text, with very long lines (37125), with no line terminators Hashcc26db71019b254f9cf08860564fe46f 6df31dfe80d67bc95839d3fd7639760b61edef98 ae15e0d249c0f9d833d680e7c02f13b56716f17489d73e3990c737d8275912cc
Analyzer | Verdict | Alert | fortinet | Malware | | quad9 | Sinkholed | |
GET /c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js HTTP/1.1
Host: utilitypresent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 2a48c68738f98e452e62d9c1271fa081
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe70e9e5d74eea4fe2727fac986865133 0b1a570e9520def8578d434b6ea0cbf204a58098 ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2704
Expires: Sat, 04 Feb 2023 09:32:03 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashc14d3cf8ade0150a711f094be32ac474 11e7fb5487d364c5392e1594e09f5b49831043ea 2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2844
Expires: Sat, 04 Feb 2023 09:34:23 GMT
Date: Sat, 04 Feb 2023 08:46:59 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg | 34.120.237.76 | 200 OK | 6.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash45c6a062f8637e689819f505b019dc0e 61665688f1039c4fad848853a68e28d057718ad1 c9b14113eba535a2e1a6cbbf121a818ad0204fc6dd7b2ea9b592830ab927d6d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe387e59d-188b-44a0-b94c-033d7d635117.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6718
x-amzn-requestid: 662f889b-4c25-4dec-85d4-ea9dfa8b8974
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7DE5boAMF_cA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-33ca99fc7b6eac8d5486d6c1;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WvNs1hPPXHBJs5rTIBqH3DbqLLX6si9jHF46KrsuT9BFB2N2V3zeUA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:06:20 GMT
age: 38440
etag: "61665688f1039c4fad848853a68e28d057718ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashe366b32074025aaf60bbae8bdb08d330 a52c2883bad98fa20333aa639a5dd3a5bf544c8e 9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:48:04 GMT
age: 39536
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash6661b7263315f5eb3cd2465f671e1fcd b7b5831c6b3ccc41d7a980b6088adc10ff8785f1 eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: f95a2821-ae89-4ea9-93b2-43e570285df3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEC3FyboAMFe0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8078-7e2177f11d5715d4092cad2c;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: dcFgY5x3Ef0J__7wGn3llTjZ9as5nX1H4HErIT3VlKfeQaQTjymW2g==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:33 GMT
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
age: 38187
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg | 34.120.237.76 | 200 OK | 7.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash41580a501cc07c328e6ab6b167a110dc a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e 0fa45161e563101b3f1293f951a3edf84c88c9f3b29bed9b54f952ca325bf21d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F18e70636-fb7d-4a6e-9742-a039e4d7253d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7101
x-amzn-requestid: 479d8004-430a-45b9-99fa-11cbcc605a7c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EHxqoAMFaug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-25ac3c54427748bc191fd1ba;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6h25M_XSVuTCF-9FkTtwujV0X-0-M9fvw4ouOBFmSnMWeApCSHmBsA==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:13:30 GMT
age: 38010
etag: "a4dfa0f479b5f9a036b75b2eea6dffabd3a3486e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg | 34.120.237.76 | 200 OK | 5.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash75b9c67fbf2d207afec78eb14b95d7ec c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8 42ddfef2fc1e0200a1ff3d615fd6da42fd8bdea4551344580c13af07092d401f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffa139f02-bb4d-4058-8a17-82e241e61bf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5917
x-amzn-requestid: 095185b4-b608-4ac8-9041-6e5fcf9033d9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyEW_EA4IAMFxVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd80f9-1d780a2a58fcc30613bdfdab;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:47:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -4TwLeMENj7WdI_QQWKgwxTj9MldN5z7qmo7_OX_eXIVba9zjDEoaA==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:17:42 GMT
age: 37758
etag: "c0b7e9e9ca9ee71761489e738a3a308ff0b6e5c8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash392b61306c346508d3ac4a2f28218f9c d2de32b52e0d3f4fc6acaf687b3521294b01dc03 018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G8F3Fflod6HB4QFtjpD09xzi-2LKPw_DBJT0PKYKU3bs3pvOwO_LRw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:32 GMT
age: 38188
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 345 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashe70e9e5d74eea4fe2727fac986865133 0b1a570e9520def8578d434b6ea0cbf204a58098 ac8d96ba934b1a398256d1b309d27f6f028575ea4dd88678d0c83d2688bf86fb
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "AC8D96BA934B1A398256D1B309D27F6F028575EA4DD88678D0C83D2688BF86FB"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2703
Expires: Sat, 04 Feb 2023 09:32:03 GMT
Date: Sat, 04 Feb 2023 08:47:00 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash7d482750bf7fdfcaa38c0efd583ef4dc a4f68a124e4be130bc838e70f23fd4c6d2f4ef2d 5e6f1cadf4bc425664bb26fa2b384cf13900461b689c77d0916b1d2edd41337c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js | 216.58.211.3 | 200 OK | 164 kB |
URL HTTP/2www.gstatic.com/recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js IP216.58.211.3:0
File typeASCII text, with very long lines (633) Size164 kB (163841 bytes) Hashfe98364486b3206867b17008f995646f 35a5e9aa210970f7abd718d99e629c6982a3cc02 1fd703cb16e3f6f3f7192109d19c69d6e5ac1cfa0feb5b105a86564b7970d28a
GET /recaptcha/releases/gEr-ODersURoIfof1hiDm7R5/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163841
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 08:53:11 GMT
expires: Wed, 31 Jan 2024 08:53:11 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 31 Jan 2023 02:51:47 GMT
content-type: text/javascript
age: 345229
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 216.239.36.178 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP216.239.36.178:0
File typeASCII text, with very long lines (1490) Hashca7fbbfd120e3e329633044190bbf134 d17f81e03dd827554ddd207ea081fb46b3415445 847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 07:44:08 GMT
expires: Sat, 04 Feb 2023 09:44:08 GMT
cache-control: public, max-age=7200
age: 3772
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 1.4 kB |
IP142.250.74.131:0
Hash5ca46a353ad813a47605249521d46f6b aeb9877b66386aa4a45ac6297d4f7c81aba17d5a 2c3de1b0207ad9c15243106ed6bbfd9ab02a7ae1ff623daae01f3c6948fef810
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| api.esplay.io/graphql | 188.114.97.1 | 200 OK | 821 B |
IP188.114.97.1:0
File typeJSON data\012- , ASCII text Hashe27b001405c96fce76a85a92f0056844 a6f29bca3aed5f902d95a74b3b22b905521bf8ca 4aa3d8a8fb184a5908df5cceb3763653d2e2f48739866659fd3c425f55eda1e1
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 640
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"50-J2bpQitwd2TlC34udSApZB2aG3g"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIHto8JcrJjNO9MfzmfuR%2BI1EJdTUc617rlUVK9OAPtdrrJF0MCw%2FBL4QYIkpLmIX0YN4SLmMrZ%2B%2BFhtqvZArPhGUHncuuQFrgkNovm70AQnmP8YzTx13eYiotdoA30j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da39b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901 | 173.194.220.155 | 200 OK | 1 B |
URL HTTP/2stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901 IP173.194.220.155:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-75967164-1&cid=618757583.1675500455&jid=633599928&gjid=630235137&_gid=695853573.1675500455&_u=IEBAAEAAAAAAACAAI~&z=324661901 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.pelisplus2.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 08:47:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash42f7bb86070a306c0902a2947bfd5db1 679751d86f7520d1e5e30b5bc050015450de75a7 ebccfef4e98d659e8e275dd6b2797b1154e42572695aefc916825bc0819e96dd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 08:47:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| friendshipmale.com/sfp.js | 104.21.234.92 | 200 OK | 28 kB |
URL HTTP/2friendshipmale.com/sfp.js IP104.21.234.92:0
File typeUnicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash994c5f8a5dccb4a19610cce412758471 acf5de7ee4758838434464156a2480aba32a8af8 cf78b738be87c8c01a56f440a5cf14e6262617e81896dcd74ebd7c361314d309
Analyzer | Verdict | Alert | fortinet | Malware | |
GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bb536d22a72589327427afa09db3f94a
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 04 Feb 2023 08:46:59 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=to1TDnqEXNiZ8Zo5pGxuMxsPuSccr3YXh%2Fe%2BKuxkjOSYLHLBWqzA8ofRxebwjbxRXwUyBN0mVUmT6yKyUli06c44ZCTGymC%2FamCqaYHhbmsJ02hiYfyY8R%2Fazv5J5ggOXTi1wRI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223984e857702-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| revolveoppress.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1 | 192.243.61.227 | 200 OK | 2.7 kB |
URL HTTP/1.1revolveoppress.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeJSON data\012- , ASCII text, with very long lines (6143), with no line terminators Hashfb2b3c45ec6e4e8d2448c30b82707996 8fdf72f8a8723104601aa9fb4aee13ead21b4aea 6f7ce3b1f6f03cc24e86675e180f0d06b296ca7078c2b4251d73895372b5a206
GET /sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=0ed1289d-4344-4c53-b7c1-fb3a5636647e%3A2%3A1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:03 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.pelisplus2.io
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17687966; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; expires=Sat, 11 Feb 2023 08:47:03 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uncs=1; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 05 Feb 2023 08:47:03 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 061597401921d7b6a7edf4a13a2492ff
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash358c0cc441f7401b74509340db8b0014 19c0c7970d9a01d09daa48fd89a756d3da76a4d8 f4b0f1711cc67ff151c6ce05827d1663b2569b55a669e8bb4a1dd21b3972dfea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F4B0F1711CC67FF151C6CE05827D1663B2569B55A669E8BB4A1DD21B3972DFEA"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5466
Expires: Sat, 04 Feb 2023 10:18:09 GMT
Date: Sat, 04 Feb 2023 08:47:03 GMT
Connection: keep-alive
|
|
| revolveoppress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D | 192.243.61.227 | 200 OK | 7 B |
URL HTTP/1.1revolveoppress.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSPW8cVRR9kw8KIgoiChBCbEEBEt7M7MzsR1xEhBAUEWIrCViiQe9r1g%2B%2FnTd6b2ZnbUXCIhKkQdpUUKHxWTsWYCHyA5DQmga58lIgF5iKX4BEjXa90sIt3r3nnVuce%2B79fKc4JT4KerL6vtlSWtMrcd2vvb6mUmFKV7tzvxb4dX%2B5tqbSZrRcG0wf278a%2BHHdf6P2ruQb5krDD3w%2F8IPaTWVlYgZXZixUdtAJ6h2%2FHjXqQRxhYP%2BPXeHBUQ%2Bif0ouQ4nJxfVfn0LxMdLejzek28hN9uY7vULT3Fj0xf4H6UZqyhS9RZlYD0m6P%2B%2BGcRNCvj4Hk%2B7PJ4Dp704nAFMT4v0egKX7c5lg%2Fb0zpUxDpmDiEsr%2BGFKPoegY3DyEEscE4AJ3VpD2ntwxtqSbZyydshNy4Z%2B%2FocoJufDHC0h7P1zXalC7Z3SRK5M6DJIKajCG6o6RFYfItzyo8hA8%2FwxKEKS9CkqcvOZLETTaHbEUhVG0FPE4XGItHiwlLKRxM2w2o5acWaPUGCoZQ8shqDuHwnkolIci8VBkHnripEbjTuL7rYQlYdiOOOdhyHncbopYhFE78VHwqfYh8mwIrofgdhuZ3caGenwcX4YtfoZbr%2BCEB5cT9EWFUhKUjqCkBKUiKHOCsl%2FtCe0arnoitCtYMM%2BNeQ6rkcm7O3TP5F2Zkp3slDw%2F9cx77q9vsCFParwlmgnnQRTSRLRY4gs%2FCSPZiduJDDpMwqkKyp0DdR621IS8%2BOkmMjUhF5efAaOHcPoQXHmgxSug5ajV8EHXR1Hbx1Z6kEmtXKYLV1cGwlTI8gvIN70dfUpemu3u6qUYkh9d%2B%2BrLlT%2BXxUfgtkJmK3yifiHo6keju6Yku3dN6cjTlSxXPbVFp3u9l9Ncnv%2FuPblZGitu3XDDb9%2FiU2JaHtyXLr9NU6HSriPfX1dCSHvTWC7JT7fcmmSrhVu%2FXti0yG6vvn3zVi%2Bz0jll0jGoOv7wAbiakGcffDy72Fe9Ayg7hi0q9IojMg8oMwbPtuGyhXpnCKxe9LDMQ1lUI9tgi0%2BtCLRcYMoquP9gtqh33CN0rQeaP5zdad9W6OsKVA%2FhivOjPLNH134LZwGmvRHT1ttl2urHZ9Y6dVKTceIn0m9IlnRY0qK%2B6CRRh9FOIFsspgFyN%2BGnL3%2FxLwAAAP%2F%2FAQAA%2F%2F9eSPq4iQQAAA%3D%3D HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:03 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0a72869955b15370c6a74a40c881f826
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png | 172.64.167.9 | 200 OK | 2.0 kB |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/img/close.png IP172.64.167.9:0
File typePNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data Hash2cecae5111d5ff932a996679215ad573 f4c63abb5dc373aba5bc144c3831d98516cc7cc9 31f6aad6a88eca32f245dc6d0e030ef422f306b4f8479855b30e59b6dc134ebc
GET /sb/ssp/in-page_push/os/android/2/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: image/png
content-length: 2005
last-modified: Wed, 11 May 2022 09:01:03 GMT
etag: "627b7b4f-7d5"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 5282675
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ivvekfi51vYLJDr11mHF0xDG8z6USHmhdDxUrfp%2BtGPr%2Bum75AYAQmLU0WIXbRFdCYPcZXD3l9GYQZJs9LM4bBQl0L%2BuC4Wy9GQLFtEEIp2AsdA93Cu3cT3gqFItUJT5V5JxySRvggF6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b27c4223e2-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| e1.o.lencr.org/ | 23.36.76.226 | 200 OK | 346 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashde26603d2dd53bbc97ab84a98a423fc8 0ef00c310251712fe1993300278436541a835629 a751738f67caaaf0a6be71b9a542dc444fe76fa18cadbaa963090627d01e894d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A751738F67CAAAF0A6BE71B9A542DC444FE76FA18CADBAA963090627D01E894D"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2885
Expires: Sat, 04 Feb 2023 09:35:09 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 1.2 kB |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
File typegzip compressed data, max compression\012- data Hash19985202541495c846b6e697856a9156 30bbeeccdb2fee7550c4044a6c53f835d90bcfde 4eef75d3a39e292da465034bd29c06dd0a70e2eef78b91b23891cd648118989f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9DB298B3908012B0310FFC50AE948424D0EC38A8F1F9B6AE09C36A64F596E91B"
Last-Modified: Fri, 03 Feb 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19203
Expires: Sat, 04 Feb 2023 14:07:07 GMT
Date: Sat, 04 Feb 2023 08:47:04 GMT
Connection: keep-alive
|
|
| cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png | 45.133.44.10 | 200 OK | 33 kB |
URL HTTP/2cdn.cloudimagesb.com/si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png IP45.133.44.10:0 ASN#39572 DataWeb Global Group B.V.
File typePNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data Hash2cb2500acb00f247ef19403c3a0f89e1 7c57e8b84b2bb0003810ffae7a14e24869155464 7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/89/9f/8a/899f8a5bb7132795d339610f52f16dad/1667589937.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:25:45 GMT
etag: "63656739-7ffb"
expires: Mon, 06 Feb 2023 08:47:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| revolveoppress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D | 192.243.61.227 | 200 OK | 7 B |
URL HTTP/1.1revolveoppress.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
File typeASCII text, with no line terminators Hash132d6af1b46048b45cf86cdee7991d31 eb7007d03d59b65bc6da7e098c4d38fc6dfb6285 ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSz2skRRSu3h8eXDy4eFBEnIMHBTPbPd09PzaHxbhGgmsSdlcDXqS6qnpSpqarqeqenoQFgwu6F2H2pCfpfJNsUIO4f4AgHS%2BSU8aD5GA8%2BRcInmUmA6PvUO999b3D9773Pt%2FLz4mLnJ6tv693pFL0Rlh3a69vyITrwtZW79c8t%2B4u1jZk0gwWa4PJY%2Fo3PTesu2%2FU3hVsS99ouJ7req5XW5ZGxHpwY8pCpkcdr95x60Gj7oUBBub%2F2OYOLHXA%2B%2BfkOiQfX9389Skkq5D0frwt7Fam0zff6eWKZtqgzw8%2FSLYSXSTozcvYOIiTw1k3tB0T8vUl6ORwNgF0f38yASI5Js7vHqLkcCYTUf%2FgQmmkIBJE%2FBqKfgWhKkhagemHkPyUAIxjdQ1J78mqNgXdvmDphB2TK%2F%2F8DVmMyZU%2FXkDS%2B2FJyUHtnlZ5JnViMYhLyEEF2a2Q5sfIdhzI4hgs%2BwySEyS9EpKfveYK7jXaHb4Q%2BEGwELDQX4hazFuII5%2BGTb%2FZDFpiao2UFWRcQYkhqL2E3DrIpYM8dpCnDnr8rEbDTuy6rTiKfb8dMMZ8n7Gw3eQh94N27CJnE%2B1DZOkQTA3BzC5Ss4st%2Bfg0vA6T%2Fwy7WcJyBzYj6PMShSAoLEFBCQpJUGQERb884Mo2bPmEK5tH3iw3ZtkvRzrr7tEDnXVFQvbSc%2FL8xDPnub%2B%2BwZY4q7EWb8aMeYFPY96KYpe7sR%2BITtiOhdeJBKwsIe0lUOtgR47Ji59uI5VjcnXxGUT0GFYdg0kHNH8FtBi1Gi7o5ihou9hJjlKhpE1VbutSg%2BsSaXYF2bazp87JS9Pd3bwWQrCTW199ufbnIv8IzJRITYlP5C8EXfVodFcXZP%2BuLix5upZmsid36GSv9zKaicvfvSe2C234ym07%2FPYtNiEm5dF9YbM7NOEy6Vry%2FZLkXJhlbZggP63YDRGt53ZzKTdJnt5Zf3t5pZcaYa3USQUqTz98ACbH5NkHH08v9lXnCNJUMHmJXn5CZgGpK7B0Fzadq7eawKh5T5Q6KPJyZBrR%2FFNJAiXmmEYl7H9wNK%2F37CN0jQOaPZzead%2BU6KsSVA1h88ujLDUnt37zp4FIOaNIGWc%2FUkY9vrDWyrNa6AWiHbVbjPNIMO61Gn7bd90G50GrI7wOMjtm5y9%2F8S8AAAD%2F%2FwEAAP%2F%2FSkB0XokEAAA%3D HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:04 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 51fb30b9ae1efaed382313956c2af52a
Strict-Transport-Security: max-age=0; includeSubdomains
|
|
| revolveoppress.com/pixel/sbs?c=1 | 192.243.61.227 | 200 OK | 0 B |
URL HTTP/1.1revolveoppress.com/pixel/sbs?c=1 IP192.243.61.227:0 ASN#39572 DataWeb Global Group B.V.
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pixel/sbs?c=1 HTTP/1.1
Host: revolveoppress.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=0ed1289d-4344-4c53-b7c1-fb3a5636647e:2:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 04 Feb 2023 08:47:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
|
|
| cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html | 45.133.44.4 | 200 OK | 0 B |
URL HTTP/2cdn.barscreative1.com/sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html IP45.133.44.4:0 ASN#39572 DataWeb Global Group B.V.
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /sb/au/e1/6f/bb/e16fbbe9f31c82c23d1d57f9726b5fc7/1654616215.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:03 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Tue, 07 Jun 2022 15:37:00 GMT
etag: W/"629f709c-40e"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sat, 04 Feb 2023 09:47:03 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css | 172.64.167.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/animate.css IP172.64.167.9:0
GET /sb/ssp/in-page_push/os/android/2/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:02 GMT
etag: W/"627b7b4e-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 25118
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swTmAT5ug3hziQUM4RKj%2BFFjf0rW4RCtSqd7itAlSlcgOAPjnFHBjrDGcK7rX3llVGNryS27IgCaJErh0qgXWR9GDOmdhNRL9PjqFMW3xkEd7yOOy32t3F1p5R3A8fCQFt2ywE0WdI22"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c1e23e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css | 172.64.167.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/css/style.css IP172.64.167.9:0
GET /sb/ssp/in-page_push/os/android/2/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: text/css
last-modified: Wed, 11 May 2022 09:01:01 GMT
etag: W/"627b7b4d-126c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 217182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLWraJfC1v3hFWLi0aq%2Bk7DpyKNq3kIJ50ToOoFAO4vKmcEoYnWvqiacDdqRVvoUEt7grkySnx79PruTVStugIyXcBFLc%2Bqxncex4xJXOyG4RTZteTnjjC%2Bl0h5UEFfMMQtkJoPa%2Fc6R"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c1f23e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.esplay.io/graphql | 188.114.97.1 | 200 OK | 0 B |
IP188.114.97.1:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 181
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"1c-saxysgsJFZT+MZvdvsxJLWVBPgg"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dr0aNzdRqOalwZTMK0OZKxxYuP7LzypibqnqzRtaPU9%2BLP1DMPYYUOfjK27AEZmz7jcI1Bbju6jtahhbPIB60KrnpcViG6%2BFwmj2n2XJeSHvycCUpXJpMXTU%2FZxwvVon"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 794223b46c33b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pelisplus2.io/pelicula/el-cuervo/ | 104.21.23.30 | 200 OK | 0 B |
URL HTTP/2www.pelisplus2.io/pelicula/el-cuervo/ IP104.21.23.30:0
GET /pelicula/el-cuervo/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/html; charset=utf-8
age: 6
x-cache: HIT
x-cache-hits: 4
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bk4zc%2BEQg9m4wc0bwXgmOY9RZJTcUJYPckPdV8M%2Bc%2FZrA4ELOYH59LoIegORGZ6bbWYmftdliYGS5dvQrgxVRXNjPua5LW6zoE%2Bh2MgTNEdyWy0KZUe3Ywv6gkTt6fXS%2F3O1w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7942238b89541c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.esplay.io/graphql | 188.114.97.1 | 200 OK | 0 B |
IP188.114.97.1:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 476
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"fa2-Pf6WY6pTufKtpmN7L/g4PFRC+mg"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zKWUzs5pBcstY1B%2F9nOk9VRq1TE68Z7Bm9G1m0HRctNMtA8R7ewT6svUmPMFtivOk2fLlTk78gd6R4ldPWgd%2BKN%2Fo9akGQYV8VoFSx7EgRDefSQFbcr2cFioI8H05X5Q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da36b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pelisplus2.io/static/css/7.06440f9e.chunk.css | 104.21.23.30 | 200 OK | 0 B |
URL HTTP/2www.pelisplus2.io/static/css/7.06440f9e.chunk.css IP104.21.23.30:0
GET /static/css/7.06440f9e.chunk.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=27336
etag: W/"6ac8-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=978LqQtTFAob5iHTtMf67qCNWEgbhm0NrB2iZ9N%2F2Ji2nT0ekLQc%2FQlkEh%2BotsEiIcy9rDAH64WZsKj8IiAI%2FXRDwswMs%2FVcgk9FP6qeETgRCdEVlUHPHgPERIqEHTvukVFXYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b081c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.pelisplus2.io/static/css/bundle.b9a30e94.css | 104.21.23.30 | 200 OK | 0 B |
URL HTTP/2www.pelisplus2.io/static/css/bundle.b9a30e94.css IP104.21.23.30:0
GET /static/css/bundle.b9a30e94.css HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/pelicula/el-cuervo/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:58 GMT
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
cf-bgj: minify
cf-polished: origSize=35782
etag: W/"8bc6-18615fb34c5"
last-modified: Fri, 03 Feb 2023 06:33:50 GMT
x-cache: MISS
x-cache-hits: 0
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FiHmp7RKOzUvQD06cQxNnUWm0WgLpDaPwmlq6gpKKQcCZ0xey4l%2FCTlWO9WQRoWSDDXphXxP1N9EJZfyVtFLAaO2DfFJB1ZH07%2B9DdhTCv3mfDiWwMgnt13SjQ2riM98MA0caA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7942238d8b051c06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| api.esplay.io/graphql | 188.114.97.1 | 200 OK | 0 B |
IP188.114.97.1:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 478
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:46:59 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"dbd-3Tsn1n/0DLpHLQYOSJBiYVN43iA"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8csuOGGxVtZxki84oJAKlEbF9KDEWn1PyBjjc1Qj9gSvGGg5fauS2i2mqX7%2BXg%2B%2FSprZY%2FzRVy6S8LtBskDyuX%2Bcxyn7zn9%2BoKVMcziC8gbtBrALyPWqHP4UWQ4uln9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79422396da3ab523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js | 172.64.167.9 | 200 OK | 0 B |
URL HTTP/2cdn.creative-bars1.com/sb/ssp/in-page_push/os/android/2/js/script.js IP172.64.167.9:0
GET /sb/ssp/in-page_push/os/android/2/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 08:47:04 GMT
content-type: application/javascript
last-modified: Wed, 11 May 2022 09:01:04 GMT
etag: W/"627b7b50-194"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 217182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XCncVYtk%2FBMuyneakQ1bqWH6iVbRDMUawDcd8GBoGKuPdvJIrj0Ta7Y%2F5polCcmlTRb%2Fbsuoa3DkhViB616HtzGmnqWIkPDZwdOX7%2FF3aj702uyLR8XnwrFJzCdawr%2FamsshfR6HFISs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 794223b26c2023e2-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|