www.pelisplus2.io/serie/sex-education/01x01/
104.21.23.30301 Moved Permanently 0 B URL HTTP/1.1 www.pelisplus2.io/serie/sex-education/01x01/
IP 104.21.23.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /serie/sex-education/01x01/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 27 Nov 2022 20:16:13 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 27 Nov 2022 21:16:13 GMT
Location: https://www.pelisplus2.io/serie/sex-education/01x01/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHYlz8F0tjeiPfQqHYhkB%2FsE26DFfFNcwCQU%2BYO6FgFCmUFky5YuNrmEWO1bbUNhtu2f0jvc1uqwKBbTAu6i0Y2DEm%2BoEdNE3I9gCiERG1AYq%2BkxFM16RUXhaR6FKhW%2FA6TxgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 770d8a51e89bb4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cdbad2434b7d127a4fc769807a9dc3e7
fa98cd9fc2309ab4423f33f683d17bdb17d76713
560cbbb751ab2884024da3b93fba6bc45c6434797dba72a98c05e7fc2bb94bc1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "560CBBB751AB2884024DA3B93FBA6BC45C6434797DBA72A98C05E7FC2BB94BC1"
Last-Modified: Sat, 26 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2304
Expires: Sun, 27 Nov 2022 20:54:37 GMT
Date: Sun, 27 Nov 2022 20:16:13 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4860
Cache-Control: max-age=142560
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 11:52:13 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 27 Nov 2022 19:17:41 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3512
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5042
Expires: Sun, 27 Nov 2022 21:40:15 GMT
Date: Sun, 27 Nov 2022 20:16:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aqSJpWqT/p5mYYeJyySB+OGmOaFRTwdArVKo0qd929lPKKUSfqdqZHn+LM1IvJ79GeEPfeL4g08=
x-amz-request-id: H87F7Q1N0CGGQG9N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 27 Nov 2022 19:44:45 GMT
age: 1888
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67f99035ce7149e64419ca96e2de99b3
2713b3a69ac87c4d00ab4d04a91faa8b0d3a28c7
92ae14431b650860d13e1c347cb3fe651ee5c8d6a69613b7583cf68460f46ddf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=92127
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Etag: "63827346-117"
Expires: Mon, 28 Nov 2022 21:51:40 GMT
Last-Modified: Sat, 26 Nov 2022 20:12:54 GMT
Server: ECS (amb/6BC3)
X-Cache: HIT
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 27 Nov 2022 20:16:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 67f99035ce7149e64419ca96e2de99b3
2713b3a69ac87c4d00ab4d04a91faa8b0d3a28c7
92ae14431b650860d13e1c347cb3fe651ee5c8d6a69613b7583cf68460f46ddf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=92127
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Etag: "63827346-117"
Expires: Mon, 28 Nov 2022 21:51:40 GMT
Last-Modified: Sat, 26 Nov 2022 20:12:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fd564c689ee96f6fb4f376cf94180e8
f6296d00e76639abb7085a1356acb15a0d58c15a
f9c42a58146d1de6210530aa7fa87086824229d9c971b3d6128a016c576cd87c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5925
Cache-Control: max-age=150818
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Etag: "6383588a-117"
Expires: Tue, 29 Nov 2022 14:09:51 GMT
Last-Modified: Sun, 27 Nov 2022 12:31:06 GMT
Server: ECS (amb/6BC3)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 4.4 kB IP 142.250.74.3:0
File type gzip compressed data, from Unix\012- data
Hash a7f6fa5453fea476f4ece0f2434bec51
8c815d55bf2c19a57c9ce4c706536a0c4b523dd2
16768f4815b595559788808ae3b7fc06d5bec5936a11ad497e64b0576973dc05
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 27 Nov 2022 20:11:12 GMT
cache-control: public,max-age=3600
age: 302
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
static.esplay.io/tvshow/cover/original/oOEOg8rawAtc1nRbgGkf5fYcMB4.webp
172.67.222.73200 OK 225 kB URL HTTP/2 static.esplay.io/tvshow/cover/original/oOEOg8rawAtc1nRbgGkf5fYcMB4.webp
IP 172.67.222.73:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1364x2048, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 225 kB (224926 bytes)
Hash a9acb5606aef0862edad30d7c0916857
8d58b0c8e5cb84d70a7b917864972fd484956fba
852d9d7f2db8c0467a17db8de0954e2bed0163eb60a6440a8c716e5ca250b5e8
GET /tvshow/cover/original/oOEOg8rawAtc1nRbgGkf5fYcMB4.webp HTTP/1.1
Host: static.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:14 GMT
content-type: image/webp
content-length: 224926
last-modified: Mon, 27 Dec 2021 05:18:52 GMT
etag: "61c94cbc-36e9e"
access-control-allow-origin: *
cache-control: max-age=2678400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EX5h6IE8dsE1ymci2RPcpjaQcX%2FBwzYgBhJxKGqd7UhAK8S%2FV59WeLSl5zErli%2FN0jaE3GkFBzJzDIX1oE3yOQScUZseXfEbKwkmKz6arASeJj911ok9nCzgBXtpB9AePX1V"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d8a571d2ab4f1-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9f6cc8d3fe9092a6d3901e873a87fd87
2e0aac117a4cc57596efb3d6f6624c269f94b031
e73982e62b92abac3d15b161f4525448cc2bc8b9bacefdcbfc6f87b74ec372e4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 2fd564c689ee96f6fb4f376cf94180e8
f6296d00e76639abb7085a1356acb15a0d58c15a
f9c42a58146d1de6210530aa7fa87086824229d9c971b3d6128a016c576cd87c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5926
Cache-Control: max-age=150818
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Etag: "6383588a-117"
Expires: Tue, 29 Nov 2022 14:09:52 GMT
Last-Modified: Sun, 27 Nov 2022 12:31:06 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
www.google.com/recaptcha/api.js?render=explicit
142.250.74.164200 OK 554 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 0a628b8a14a877262721824930709597
31bbb380c04a4229a099a1fb6dea09cf717bcb5f
6c63432c24b1f8eed67f792c68214710fd6444ede5c28f56202e966770d20121
GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 27 Nov 2022 20:16:14 GMT
date: Sun, 27 Nov 2022 20:16:14 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 554
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
216.58.207.195200 OK 36 kB URL HTTP/2 fonts.gstatic.com/s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 35904, version 1.0\012- data
Hash c26b97e7f5bb7a34d190703522d75e16
69d9e5aea0544dbaf9b78c1b65139c03eceece8f
96217f1d27fb909f92b4a6b35a0d3d6775f2f0b4d136d27aee88547d3ed87357
GET /s/nunito/v25/XRXV3I6Li01BKofINeaB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 35904
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 21 Nov 2022 21:11:06 GMT
expires: Tue, 21 Nov 2023 21:11:06 GMT
cache-control: public, max-age=31536000
age: 515108
last-modified: Mon, 18 Jul 2022 19:34:47 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5467
Cache-Control: max-age=138105
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:37:59 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1d15996e96d16b68d850efe2f35eb0f2
f4339b526283b2659ffb538ae62e68cdcf2060e1
b1d2521796baa243d3aecc4ba259364d85984a6d79b6ce29f352ce7978470318
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B1D2521796BAA243D3AECC4BA259364D85984A6D79B6CE29F352CE7978470318"
Last-Modified: Sat, 26 Nov 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5275
Expires: Sun, 27 Nov 2022 21:44:09 GMT
Date: Sun, 27 Nov 2022 20:16:14 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 88e42375d2172305f819b892225cf877
674324641f82700172e72fe259ee2241361e2ea1
6dce3754a67df878b536c368657a492a1f908d408fe7fe5ba43c5d24c44434b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mahdicrofter.com/tzuz2PuzYYs7WMqo/50402
142.91.159.133200 OK 25 B URL HTTP/1.1 mahdicrofter.com/tzuz2PuzYYs7WMqo/50402
IP 142.91.159.133:0
File type ASCII text, with no line terminators
Hash d488addc5df5fc9b9ff4135bb4e3a823
6ce56f48e851df4d562b43d3bc1269a504ae83fc
d1e90b8aef655ca37932287e04cbda72092eb029fe90de2bac019c10d3431f60
GET /tzuz2PuzYYs7WMqo/50402 HTTP/1.1
Host: mahdicrofter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 27 Nov 2022 20:16:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Headers: content-type, megageocheckolololo, x-forwarded-for
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, OPTIONS
X-Frame-Options: SAMEORIGIN
Set-Cookie: GL_UI4=eJw9jd1OhDAYRIHy42aFOAkPsI9QVBAvvfEVvCSl%2FcC60G5KXfTtbUz07mTmTCaKoqSuEF9zBvYpWpzU1HSS9428bx9417WPgtM09s9j%2F9Q1gvc46G3wYlzIp7idyZDTcpBWUYm7UP0lZ2N3kyIbnTCqRLYGYylRjM7uG7maITViJRSv2tFkv4IhPqwDa3gbWJvAMUdit5pVBxRv2qiwrI5IGl6VeYTjZRF%2Bsm4dtMpjZLMTihC%2F4EYKT7N13ygUbWdvL4Bd1PDv%2Fx6zveHIFV21JGTWv5P7AaoaStk%3D; expires=Mon, 28-Nov-2022 20:16:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
GL_GI10=eJxNjM0KgkAYRW0qSwrjQg%2FQC2T%2Fi7bVMnThAwxmXzFg84kz%2FdjTpwbR5nI4cK7jOGLsQ6gcw%2B0i2M6D9TJYbNZoX4khwgjDlO%2FaFqXUyY3ghlw8kxJuQVfFGmK%2BwuDLMuUzoRtG0z%2FXRIPIZDzZ1z8lOqmqt1bwav52vaprXFuZHP4uU69JzNndVi8GniYrTU50hrdPThnNDvER%2Fs82H24LfWVkXvCrrHhk1Y3erEny5WLIVqr1cMUHDLFHVQ%3D%3D; expires=Mon, 28-Nov-2022 20:16:14 GMT; Max-Age=86400; path=/; secure; SameSite=None
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Lqg+q42fYMHKx0Po2yP6zA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nxEs4anyfZnGRrkr8IVfCR8+AKI=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bdf68061e206686617bca216ecd7a27f
1511f8c332357d818185bf0caacff80f36081303
c5e5ec8999a117788ed3bd69c2fa1ba6a58cd2b752569670c32eb7c3b8d6c55c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5E5EC8999A117788ED3BD69C2FA1BA6A58CD2B752569670C32EB7C3B8D6C55C"
Last-Modified: Sun, 27 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5125
Expires: Sun, 27 Nov 2022 21:41:39 GMT
Date: Sun, 27 Nov 2022 20:16:14 GMT
Connection: keep-alive
pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js
192.243.59.13200 OK 21 kB URL HTTP/1.1 pageantbagauspice.com/ec/f5/54/ecf55400633c995bcb9429a392e80a51.js
IP 192.243.59.13:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document, ASCII text, with very long lines (60209), with no line terminators
Hash 9dbcf94775608420eb12bcc1ede5cb4c
b9c2597bd18747a82ea6ff67d8dff7ee1138a2fa
fe354f6ce27ad51950529b9673e509b483d5ad8a964442407b870e30c15b0965
Analyzer Verdict Alert quad9 Sinkholed
GET /ec/f5/54/ecf55400633c995bcb9429a392e80a51.js HTTP/1.1
Host: pageantbagauspice.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 20:16:14 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 70708e436262169232ed145d128e3e09
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8781ef7b81ea378c87b9b75e52115397
df3106ed152971215d454459c4e7ad93559aa4ca
e44e3b4621bc2e63c4b7a69aee8cf240a496c5d1cdef6b26f5a6036c0e3007a1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152253
Date: Sun, 27 Nov 2022 20:16:15 GMT
Etag: "63836697-1d7"
Expires: Tue, 29 Nov 2022 14:33:48 GMT
Last-Modified: Sun, 27 Nov 2022 13:31:03 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: x2vSP8DzdpcDBajWd5wx_qESEjcI3T17yn09ZN8du2jihSvWCHnhwQ==
Age: 3765
simplewebanalysis.com/stats
52.28.211.11200 OK 2.5 kB URL HTTP/2 simplewebanalysis.com/stats
IP 52.28.211.11:0
Hash 76ce63157934132e3f510067771afc9e
24102cb5cab6a52acaa208d879c01fb2c310ed37
0ba776303140ff8c882d26c7b9a88d88b10f484c13c6c4deb02b6510f1858d4c
GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:15 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://www.pelisplus2.io
access-control-allow-credentials: true
set-cookie: uid_id2=ab030203-3512-411c-893b-0ea5591da165:1:1; expires=Wed, 24 Nov 2032 20:16:15 GMT; secure; SameSite=None
X-Firefox-Spdy: h2
api.esplay.io/graphql
104.21.25.32204 No Content 0 B IP 104.21.25.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 20:16:15 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hBdW5x9j4P%2BiFol%2BxAQzDfFbaCMdxWzu7V33L0jNqgss0tOgHlDVBSqfMwsDvpilyYbdbORmfNcX%2BD6oC910SCpDwx4KHGyw1mJK8OdrVpfLa6%2ByNAXFuhTYWGWcVDus"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a5ed9f70afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.esplay.io/graphql
104.21.25.32204 No Content 0 B IP 104.21.25.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-site
Referer: https://www.pelisplus2.io/
Origin: https://www.pelisplus2.io
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 27 Nov 2022 20:16:15 GMT
content-length: 0
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
vary: Access-Control-Request-Headers
access-control-allow-headers: authorization,content-type,x-site
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsKXVoFor%2BwHu3iJOkJ%2B2p7ecBCZTWByCp4J%2BPsrUYMgAuPTGQdyle8zoyiliaTckC%2FRC5ZvUjra%2FigexaPOWYkcEspxyPo13vLdb8OE2P%2BkqW0NsLty32k%2BKgDjeO70"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a5ed9fa0afe-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.pelisplus2.io/serie/sex-education/01x01/
172.67.208.119200 OK 19 kB URL HTTP/2 www.pelisplus2.io/serie/sex-education/01x01/
IP 172.67.208.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14701)
Hash c4ebd08653001e9a03df0eb5ced01e9d
9984581a2959cbf52357e5b84339a2c84d1a3927
e6736fc3269b3ad87dd4ee75ee11338962f783669dd897c3bc4100821dcae27f
GET /serie/sex-education/01x01/ HTTP/1.1
Host: www.pelisplus2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:13 GMT
content-type: text/html; charset=utf-8
age: 1126
x-cache: HIT
x-cache-hits: 3
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rA9rcBkgdOupWxm9q%2BNdDSCXjGY42palW6Oakz0Ax3NHXA3Awew5ycbMABcb%2BOkxym8olg2o%2ByKyjRYmC8oXDYjiv7SM9PcqwSxxHZAZ%2Bk%2Bg3nN7gEBS8BhaEYKOc8enfWRMRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a545f37b50f-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fa7807766d23b7a5d301da2eff6f85f5
f45185b68991f46feb25cfe97377661e8e63d431
a4873b1d66c85fed052cce0a2507d992990b3590fd4f263f2a2ba8108fcff317
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A4873B1D66C85FED052CCE0A2507D992990B3590FD4F263F2A2BA8108FCFF317"
Last-Modified: Sat, 26 Nov 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5796
Expires: Sun, 27 Nov 2022 21:52:51 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
soldierreproduceadmiration.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js
192.243.59.12200 OK 13 kB URL HTTP/1.1 soldierreproduceadmiration.com/c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js
IP 192.243.59.12:0
ASN #39572 DataWeb Global Group B.V.
File type ASCII text, with very long lines (37132), with no line terminators
Hash e0bda99a343ac4182ede73d8b4eac876
9f25dba2e30defe819ee64d3d3ed922836237e96
1455f4ae684a77024493c239e5f84a84867ef45dbf76f1fd2459c8ae4b5079ec
Analyzer Verdict Alert quad9 Sinkholed
GET /c7/d6/fc/c7d6fcc143afd7bf0d0f34e958fe19be.js HTTP/1.1
Host: soldierreproduceadmiration.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sun, 27 Nov 2022 20:16:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4974fcebf7d6a7d4f4fc24969cf1c916
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Sun, 27 Nov 2022 20:57:13 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 741ddfb19764ac9a77509e7e87cfbfb2
308c08784ce4a0757cbd112807555b83e17a1d56
e9271a76da94d8b655860c3b00d111396c5d3a227fd2f19e0ef400fd5e84d87e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba57ea10-c30b-4188-bb72-b589f3564094.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8817
x-amzn-requestid: 33d3ca17-7878-4897-a634-5f626a64e820
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cJ40OEOqIAMFaOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6380a1b4-040288d571fc10b96d893fa4;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 11:06:28 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: f_U8KSYET6kaKAPbEV7sHW0tO6JGijsqUvghniwzFCRd2YGQjVlFoA==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 10:16:35 GMT
age: 35980
etag: "308c08784ce4a0757cbd112807555b83e17a1d56"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c00eceed956377d7469ef58b0815cb
97a135335f5b1b042adeb385718f8808cb78528b
81fb72ab752b2eb39ab6ee015055304490b3b6c3259968703fd07c2a2eed1e61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0b2959f-9d1d-41c7-a7c1-b9f52a7766ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7380
x-amzn-requestid: 18589644-299c-4a39-9376-db1bd1472009
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iEegIAMFeuQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-23990acc0fdc599a75a534e3;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: RqsZxAtbOkWBGbXJ3sZHxcS-ZvWOw7Yg2Qd4zj0QLhrp3wAXC8w6jA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "97a135335f5b1b042adeb385718f8808cb78528b"
content-type: image/jpeg
age: 81241
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 05:54:16 GMT
age: 51719
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: K2eKLQhrsCdd4ASsfEibRuZAYW4CpPTlO3fZs7xdoKrw1HBxfTGkEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
age: 81241
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 433875a1b1fef34e45f2d8ac344c07e3
f2129466436cbbdd58abe42a47fb7af19eba58e6
ab1e7b46f3804640c7dd94d70c8c31ec2dfc3e2f0f015a8556d04d9d9089c450
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F297e7532-86f8-4631-9062-cdd6a291b40b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5099
x-amzn-requestid: 57648043-7820-453d-9549-0f743b6c2557
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4jFBvoAMFl1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-53b59d607b82c264180f469d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: VsdLWuh4rCawI5V0YYGaHxEMl2YEVNgsbjfCwzDsrnCZhRK2FkCkVw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 26 Nov 2022 21:42:14 GMT
etag: "f2129466436cbbdd58abe42a47fb7af19eba58e6"
content-type: image/jpeg
age: 81241
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e97baa4851785eac92c719abf481c64
c32a57038d3cdbc514c9081c9938eca6a04fb481
adb59e982648082e5421f58899a5331b2747e9d45be33c495fbe3ab8cc872b22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcfaef414-0c01-4bb9-800d-29da0ef5607d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8387
x-amzn-requestid: fc238ea9-0169-47fc-b92e-f12b3ee27c72
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b433YGtOoAMFexg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6379d362-2f97c67a2e5f05b6746cf858;Sampled=0
x-amzn-remapped-date: Sun, 20 Nov 2022 07:12:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: oMrdB0NUGe5CqTY7eFd3u8xaSy9TyDdOrf1awBikFJzm3jWreD2irQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 82c2ab57bc9900898383f6b70681b9e6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 12:30:20 GMT
age: 27955
etag: "c32a57038d3cdbc514c9081c9938eca6a04fb481"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5116
Expires: Sun, 27 Nov 2022 21:41:31 GMT
Date: Sun, 27 Nov 2022 20:16:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
142.250.74.163200 OK 163 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (730)
Size 163 kB (162976 bytes)
Hash 79d18cf4265108d7cecca1bf4ada6109
e51d0285a545381d4c39e9e0292a650ffeeecbb9
59ce7253f371df0833c3f72d4748ef812002b90a49413c56d0ca7c40bb5a0ab6
GET /recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 162976
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 26 Nov 2022 21:26:04 GMT
expires: Sun, 26 Nov 2023 21:26:04 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
content-type: text/javascript
age: 82212
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 27 Nov 2022 18:41:08 GMT
expires: Sun, 27 Nov 2022 20:41:08 GMT
cache-control: public, max-age=7200
age: 5708
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 0ee1d1a60ec1770ec3e880a25c257f5d
015b05feff63bdcf8fae4d1a8c0c83c923a2ca67
b6845619444a37f322c044933a44cf3fd283a18a54d03bad4f76a2ed8c2cbaf6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
e1.o.lencr.org/
23.36.76.226200 OK 346 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d438e1af63e2f2b0e0cdf2a74966ab91
37e36842937ddc6abf543f0623894e770cc06118
a5121c332d69fbec0378a247a93432ecc3f00014bd67df9b1ff613bea57af4d1
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "A5121C332D69FBEC0378A247A93432ECC3F00014BD67DF9B1FF613BEA57AF4D1"
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5115
Expires: Sun, 27 Nov 2022 21:41:31 GMT
Date: Sun, 27 Nov 2022 20:16:16 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75967164-1&cid=1344976151.1669580176&jid=1756726076&gjid=796743924&_gid=363361868.1669580176&_u=IEBAAEAAAAAAACAAI~&z=672455589
142.251.1.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75967164-1&cid=1344976151.1669580176&jid=1756726076&gjid=796743924&_gid=363361868.1669580176&_u=IEBAAEAAAAAAACAAI~&z=672455589
IP 142.251.1.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75967164-1&cid=1344976151.1669580176&jid=1756726076&gjid=796743924&_gid=363361868.1669580176&_u=IEBAAEAAAAAAACAAI~&z=672455589 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.pelisplus2.io
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 27 Nov 2022 20:16:16 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 27 Nov 2022 20:16:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c3d81c7773951296a5121d08fb2d7925
635da96c5625d73287fdea5061fa12802dceb8fe
ab45607458d9e03f1d3b165925ea91df8f0198d568cef46c99990dc5ff176b53
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB45607458D9E03F1D3B165925EA91DF8F0198D568CEF46C99990DC5FF176B53"
Last-Modified: Sat, 26 Nov 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4203
Expires: Sun, 27 Nov 2022 21:26:24 GMT
Date: Sun, 27 Nov 2022 20:16:21 GMT
Connection: keep-alive
reproductiontape.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=ab030203-3512-411c-893b-0ea5591da165%3A1%3A1
173.233.137.44200 OK 3.6 kB URL HTTP/1.1 reproductiontape.com/sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=ab030203-3512-411c-893b-0ea5591da165%3A1%3A1
IP 173.233.137.44:0
File type JSON data\012- , ASCII text, with very long lines (6222), with no line terminators
Hash 8150fd44c12c8fac47e1bbaf32b47972
b74d91b256d782d7927b7f95f6e4f05c8d7281af
7b94cbb90f2565c1e1a66b949f7584a322e47b66eed60da24158077beed13638
Analyzer Verdict Alert quad9 Sinkholed
GET /sbar.json?key=c7d6fcc143afd7bf0d0f34e958fe19be&uuid=ab030203-3512-411c-893b-0ea5591da165%3A1%3A1 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 20:16:21 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://www.pelisplus2.io
Access-Control-Allow-Origin: https://www.pelisplus2.io
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17687966; expires=Mon, 28 Nov 2022 20:16:21 GMT; secure; SameSite=None
uid_id2=ab030203-3512-411c-893b-0ea5591da165:1:1; expires=Sun, 04 Dec 2022 20:16:21 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 28 Nov 2022 20:16:21 GMT; secure; SameSite=None
uncs=1; expires=Mon, 28 Nov 2022 20:16:21 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 28 Nov 2022 20:16:21 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 28 Nov 2022 20:16:21 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 1031515cf84c078e30878e44e4a01036
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsfv8BMPBg96UObgQcGdrZ6e3p12D9EYI8GYDUk04K2%2Beracmq6mqnt6dhEMBiQXYXIQPUnvM5ssahDzBwgyqwcJCBkPsgfXk%2BJdyFlmdmD0har3fet5D8%2FzvPXxbnlEKEp2eOVtu6ONYatxkzZevKEzaSvfuHy9EdIm3Wjc0Nlae6MxnF1u8EpI4yZ9qfGmEj272qIhpSENGxe0U6kdrs5R6Px%2BEjYT2my3mmHcxtD9t%2FdlAM8CyMEROQMtp6e3fnoALSbI%2Bt%2BeV75X2PzlN%2FqlYYV1GMj9d7JeZqsM%2FWWZugBptr%2BYhvVTQj4%2FAZvtLxTADvZmCsD1lAS%2FhuDZ%2FoIm%2BODuMVNuoDJw%2BQSqwQTKTKDZBMLegpaPCCAkLm8i69%2B7bF3Fto9RNkOn5NTjv6GrKTn129PI%2Bt%2BcM3rYuGZNWWibeQzTGno4ge5OkJcHKHYC6OoAovgIWv5MVh9fQtbf2%2FTGQsvDFxinEW3RaCWKw9ZKOwzFSieJ%2BApVLI6TULJwLZ5bpPUEOp3AqBGYD1DOjg5QpgHKPEBfHjZYnKSUrqc8jaJOWwgRRULEnTUZy6jdSSlKMdMwQpGPIMwIwt1E7m6ip%2B88is%2FAld%2FDb9XwMoAvCAayRqUIKk9QMYJKE1QFQTWo70rjW76%2BJ40vebjIrUWO6rEturvsri26KiO7%2BRF5auZd8OQfX6CnDhtiXa6lQoTtiKVynadU0jRqqyTupCpMuILXNbQ%2FMVe6o6fkmQ%2B3kespOb3xP3B2AG8OIHQAVj4HVo3XWxRsa9zuUOxk93NltM9N6ZvaQtoaeXEKxXawa47Is%2FMdJn8SKPHw7GefbP6%2BId%2BDcDVyV%2BN9%2FQNB19weX7UV2btqK08ebOaF7usdNtvvtYIV6uRXb6ntyjp58bwfffmamAGz8v515YtLLJM663ry9TktpXIXrBOKfHfR31D8Sum3zpUuK%2FNLV16%2FcLGfO%2BW9ttkETD969wMIPSX%2Fd735z33%2Br1eh3QSurNEvH5JFQNsJRH4TPl%2By95bAmeUMzwNUZT12Lb58NJrAqGXPeA3%2Fr54v611%2FG10XgBW3kPVrDFyNganBzAi%2BPDkucvfw7C%2FRPMBNMObGBXvcOHPn2FqvDxsqTmmqaEvxNOHpOqMySdsJZ0mo1nnMQhR%2BKm79%2BOk%2FAAAA%2F%2F8BAAD%2F%2F2jF28aRBAAA
173.233.137.44200 OK 7 B URL HTTP/1.1 reproductiontape.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsfv8BMPBg96UObgQcGdrZ6e3p12D9EYI8GYDUk04K2%2Beracmq6mqnt6dhEMBiQXYXIQPUnvM5ssahDzBwgyqwcJCBkPsgfXk%2BJdyFlmdmD0har3fet5D8%2FzvPXxbnlEKEp2eOVtu6ONYatxkzZevKEzaSvfuHy9EdIm3Wjc0Nlae6MxnF1u8EpI4yZ9qfGmEj272qIhpSENGxe0U6kdrs5R6Px%2BEjYT2my3mmHcxtD9t%2FdlAM8CyMEROQMtp6e3fnoALSbI%2Bt%2BeV75X2PzlN%2FqlYYV1GMj9d7JeZqsM%2FWWZugBptr%2BYhvVTQj4%2FAZvtLxTADvZmCsD1lAS%2FhuDZ%2FoIm%2BODuMVNuoDJw%2BQSqwQTKTKDZBMLegpaPCCAkLm8i69%2B7bF3Fto9RNkOn5NTjv6GrKTn129PI%2Bt%2BcM3rYuGZNWWibeQzTGno4ge5OkJcHKHYC6OoAovgIWv5MVh9fQtbf2%2FTGQsvDFxinEW3RaCWKw9ZKOwzFSieJ%2BApVLI6TULJwLZ5bpPUEOp3AqBGYD1DOjg5QpgHKPEBfHjZYnKSUrqc8jaJOWwgRRULEnTUZy6jdSSlKMdMwQpGPIMwIwt1E7m6ip%2B88is%2FAld%2FDb9XwMoAvCAayRqUIKk9QMYJKE1QFQTWo70rjW76%2BJ40vebjIrUWO6rEturvsri26KiO7%2BRF5auZd8OQfX6CnDhtiXa6lQoTtiKVynadU0jRqqyTupCpMuILXNbQ%2FMVe6o6fkmQ%2B3kespOb3xP3B2AG8OIHQAVj4HVo3XWxRsa9zuUOxk93NltM9N6ZvaQtoaeXEKxXawa47Is%2FMdJn8SKPHw7GefbP6%2BId%2BDcDVyV%2BN9%2FQNB19weX7UV2btqK08ebOaF7usdNtvvtYIV6uRXb6ntyjp58bwfffmamAGz8v515YtLLJM663ry9TktpXIXrBOKfHfR31D8Sum3zpUuK%2FNLV16%2FcLGfO%2BW9ttkETD969wMIPSX%2Fd735z33%2Br1eh3QSurNEvH5JFQNsJRH4TPl%2By95bAmeUMzwNUZT12Lb58NJrAqGXPeA3%2Fr54v611%2FG10XgBW3kPVrDFyNganBzAi%2BPDkucvfw7C%2FRPMBNMObGBXvcOHPn2FqvDxsqTmmqaEvxNOHpOqMySdsJZ0mo1nnMQhR%2BKm79%2BOk%2FAAAA%2F%2F8BAAD%2F%2F2jF28aRBAAA
IP 173.233.137.44:0
File type ASCII text, with no line terminators
Hash 132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSzYscxRuuzsfv8BMPBg96UObgQcGdrZ6e3p12D9EYI8GYDUk04K2%2Beracmq6mqnt6dhEMBiQXYXIQPUnvM5ssahDzBwgyqwcJCBkPsgfXk%2BJdyFlmdmD0har3fet5D8%2FzvPXxbnlEKEp2eOVtu6ONYatxkzZevKEzaSvfuHy9EdIm3Wjc0Nlae6MxnF1u8EpI4yZ9qfGmEj272qIhpSENGxe0U6kdrs5R6Px%2BEjYT2my3mmHcxtD9t%2FdlAM8CyMEROQMtp6e3fnoALSbI%2Bt%2BeV75X2PzlN%2FqlYYV1GMj9d7JeZqsM%2FWWZugBptr%2BYhvVTQj4%2FAZvtLxTADvZmCsD1lAS%2FhuDZ%2FoIm%2BODuMVNuoDJw%2BQSqwQTKTKDZBMLegpaPCCAkLm8i69%2B7bF3Fto9RNkOn5NTjv6GrKTn129PI%2Bt%2BcM3rYuGZNWWibeQzTGno4ge5OkJcHKHYC6OoAovgIWv5MVh9fQtbf2%2FTGQsvDFxinEW3RaCWKw9ZKOwzFSieJ%2BApVLI6TULJwLZ5bpPUEOp3AqBGYD1DOjg5QpgHKPEBfHjZYnKSUrqc8jaJOWwgRRULEnTUZy6jdSSlKMdMwQpGPIMwIwt1E7m6ip%2B88is%2FAld%2FDb9XwMoAvCAayRqUIKk9QMYJKE1QFQTWo70rjW76%2BJ40vebjIrUWO6rEturvsri26KiO7%2BRF5auZd8OQfX6CnDhtiXa6lQoTtiKVynadU0jRqqyTupCpMuILXNbQ%2FMVe6o6fkmQ%2B3kespOb3xP3B2AG8OIHQAVj4HVo3XWxRsa9zuUOxk93NltM9N6ZvaQtoaeXEKxXawa47Is%2FMdJn8SKPHw7GefbP6%2BId%2BDcDVyV%2BN9%2FQNB19weX7UV2btqK08ebOaF7usdNtvvtYIV6uRXb6ntyjp58bwfffmamAGz8v515YtLLJM663ry9TktpXIXrBOKfHfR31D8Sum3zpUuK%2FNLV16%2FcLGfO%2BW9ttkETD969wMIPSX%2Fd735z33%2Br1eh3QSurNEvH5JFQNsJRH4TPl%2By95bAmeUMzwNUZT12Lb58NJrAqGXPeA3%2Fr54v611%2FG10XgBW3kPVrDFyNganBzAi%2BPDkucvfw7C%2FRPMBNMObGBXvcOHPn2FqvDxsqTmmqaEvxNOHpOqMySdsJZ0mo1nnMQhR%2BKm79%2BOk%2FAAAA%2F%2F8BAAD%2F%2F2jF28aRBAAA HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=ab030203-3512-411c-893b-0ea5591da165:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 20:16:21 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4fe47c9f4f967fab1e73183a783ada7d
Strict-Transport-Security: max-age=0; includeSubdomains
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c7afa63a2e765a5889feedb036228204
546d048429118d6ff49049b948a6d39c3706b4e1
ce33ebbd5115ffaac9721eacc50f458d369b30dbc875379c5602fe846d078207
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CE33EBBD5115FFAAC9721EACC50F458D369B30DBC875379C5602FE846D078207"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5671
Expires: Sun, 27 Nov 2022 21:50:53 GMT
Date: Sun, 27 Nov 2022 20:16:22 GMT
Connection: keep-alive
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5375
Expires: Sun, 27 Nov 2022 21:45:57 GMT
Date: Sun, 27 Nov 2022 20:16:22 GMT
Connection: keep-alive
cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
45.133.44.3200 OK 461 B URL HTTP/2 cdn.barscreative1.com/sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html
IP 45.133.44.3:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document, ASCII text
Hash 186ef88be072a4247214744fa3779b0b
9cb0e80fe5dca29d3d2526b3100248eaa664973b
f670b62c086feb7cea5b545ec6539292d23d04e49e3aea64b14874a076d8d8b4
Analyzer Verdict Alert fortinet Phishing
GET /sb/au/50/77/d2/5077d2a4de96d9464e3c0d2ecf8bb3de/1601543282.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: text/html; charset=utf-8
server: nginx/1.17.6
last-modified: Sat, 07 May 2022 03:21:28 GMT
etag: W/"6275e5b8-4b9"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 27 Nov 2022 21:16:22 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5375
Expires: Sun, 27 Nov 2022 21:45:57 GMT
Date: Sun, 27 Nov 2022 20:16:22 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
172.64.108.13200 OK 4.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png
IP 172.64.108.13:0
File type PNG image data, 500 x 500, 8-bit gray+alpha, non-interlaced\012- data
Hash 23e9690b0e7ac26868363a6248f44467
d7ad0eae64e0c1e65b12eda0aa9d2b91996dd64f
f362c67320d739ccf3bea21f857b9620075bd20ceacda8c51261b9612fe28395
GET /sb/notifications/software/us/windows/flash-all/ssp/1/img/close.png HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: image/png
content-length: 4022
last-modified: Wed, 17 Feb 2021 11:46:53 GMT
etag: "602d022d-fb6"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1059876
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jDsNja09%2BOVfw73LsfiIsveQEtPd4nb7CWmfTtY9mySpadQ3ucv0ECTKkEJfuCTy4gQiILtuGjpGHeRygJaOsFW4J2lSDeqxsKqwy5HXbFQt%2Fi%2F2fcZB2LhMeVtAs2OQElSYOSu%2B1qk5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d8a8b2d9171ce-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
e1.o.lencr.org/
23.36.76.226200 OK 345 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3a1eb8e3d7b5e963c21e1905e849e570
fff8193edc6218562c5612b0e02f73dbcca98c0c
12db50941a08926a1f14146c52b53cfc6acc1dcb6ac858f6fcfb421330dfb12f
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12DB50941A08926A1F14146C52B53CFC6ACC1DCB6AC858F6FCFB421330DFB12F"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5375
Expires: Sun, 27 Nov 2022 21:45:57 GMT
Date: Sun, 27 Nov 2022 20:16:22 GMT
Connection: keep-alive
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
172.64.108.13200 OK 2.0 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css
IP 172.64.108.13:0
Hash bc771b6059b7ed97533277b0e53214b8
87bec9da5e4d5e1030b5635627c0a783178f2122
652dadce0e1bfe1ac45db934c8acf976e3182d784a952acd0304a746c9ac98cd
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 11:41:22 GMT
etag: W/"614c67e2-160c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 77368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPDaEUVUdPVi3Kg2069YutkFAl1B3TWnOY7fqPdyQoYLjdgcslVZnoeiR29GPgJjvNcFdvlQGT6TKaSdmhqI5FEwGKYm4RfTK1LnVTMqb%2BwbV3FMYgCzlTI32mcTlmZDSFHgJfCV6bji"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d8a8b2d8271ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=129
173.233.137.44200 OK 0 B URL HTTP/1.1 reproductiontape.com/pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=129
IP 173.233.137.44:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /pixel/sbls?bv=22.33.5038&tmpl=482&u=https%3A%2F%2Fcdn.creative-bars1.com%2Fsb%2Fnotifications%2Fsoftware%2Fus%2Fwindows%2Fflash-all%2Fssp%2F1%2Fjs%2Fscript.js&l=386&fd=129 HTTP/1.1
Host: reproductiontape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Cookie: u_pl=17687966; uid_id2=ab030203-3512-411c-893b-0ea5591da165:1:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 27 Nov 2022 20:16:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range
cdn.cloudimagesb.com/si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png
45.133.44.10200 OK 33 kB URL HTTP/2 cdn.cloudimagesb.com/si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png
IP 45.133.44.10:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce
GET /si/9f/03/9f/9f039f12c3a901981b39e44a7e2deb89/1667590110.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: image/png
content-length: 32763
server: nginx/1.17.6
last-modified: Fri, 04 Nov 2022 19:28:39 GMT
etag: "636567e7-7ffb"
expires: Tue, 29 Nov 2022 20:16:22 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js
172.64.108.13200 OK 189 B URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js
IP 172.64.108.13:0
Hash e92fccb89580145c885f0359badbd628
bed02f01f78b1f585462796e01527a268ac7f24c
f9fdf22943d31068189a6e1329d6bc9bf9ebc39b5ce4ccbd1d3a2f99f82a0597
GET /sb/notifications/software/us/windows/flash-all/ssp/1/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:46:52 GMT
etag: W/"602d022c-182"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 77368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bqy1pGEEGIygcxcD2MiJ81lh6cqUgQW0YttOUbshttrFxckEI6ckkVCbwTc0%2B%2Bt%2FJQ8rFmW2UlrxlURL11DEdVBJdQpffe2fpadSnPX7ghnbnBygDG%2FG0WrTUpT1ZmMGGAnsG2tBCGp"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d8a8b1d7771ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
172.64.108.13200 OK 4.8 kB URL HTTP/2 cdn.creative-bars1.com/sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css
IP 172.64.108.13:0
Hash 21eb7a65c17a2c22ba104a7ecbf1dc0f
ea8c53be54889c7489aed04e30e3eb83af64dec9
090bd9ceb9a58da038e5ed4a39dfbb63ece49ed4f4f0656ce35f7faa41a3b237
GET /sb/notifications/software/us/windows/flash-all/ssp/1/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pelisplus2.io
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:22 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:46:51 GMT
etag: W/"602d022b-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 77368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bsZpFTZFsN8s9cwYw0JTtlrg1PM5s3g7mvccD01mW32Ymxf0V3eay1uoqEqiZiFq8%2BapNv9QDbBzhx4wTAAXjQNsYtGsbAW5KVbRLciUmDxjTcvetdRmIaF9v3vq66QrGMVpRMYQeUV4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 770d8a8b1d6871ce-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.esplay.io/graphql
104.21.25.32200 OK 0 B IP 104.21.25.32:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 476
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:15 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"bbf-F9REz46bp1x34KF28/omuhvdESg"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VjnDjF%2BUR2o73YhNWw%2BVjjsDTGIHHsBkaAH8H84hu8JGhJIqi1Pvwt1qPZZ%2FfwOr9%2F75lGl1vDI4SKk%2BM4VdBY%2Ba%2B5a2sVLhE9tP2QcV5zgEJUj%2FCOCb35U5FqMJoDUb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a605d5b0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Nunito:300,400,600,700&display=swap
IP 142.250.74.10:0
GET /css?family=Nunito:300,400,600,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pelisplus2.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 27 Nov 2022 20:16:13 GMT
date: Sun, 27 Nov 2022 20:16:13 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
api.esplay.io/graphql
104.21.25.32200 OK 0 B IP 104.21.25.32:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 645
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:15 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"152f-9wvY+ADPZYAwS2jGqMgSTyTXX1M"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bAckG3srgUumivwO9loAiFjMsPUSqwyHl%2FBkMjq2qL%2BsIIkK2fxM8KaBd4XQFZpvzeFVG4KnB8xSPuu6kZuYyQeY0vlJsPhczrUdH0nc8K4caXsTCWQfRePxd43z1mym"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a605d590afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.esplay.io/graphql
104.21.25.32200 OK 0 B IP 104.21.25.32:0
POST /graphql HTTP/1.1
Host: api.esplay.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pelisplus2.io/
content-type: application/json
authorization:
x-site: pelisplus2
Origin: https://www.pelisplus2.io
Content-Length: 483
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 27 Nov 2022 20:16:15 GMT
content-type: application/json; charset=utf-8
x-dns-prefetch-control: off
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
access-control-allow-origin: https://www.pelisplus2.io
vary: Origin
access-control-allow-credentials: true
etag: W/"f2d-1okofiiiBA5sLMI0Oyk1yKoJqn0"
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYDw7lLWxX4KrDp4uPdz0Xc%2FcRgikd2gbl8ySevxLxi%2BOrTbfcmk%2FEAnKzWFFFzrE5F5jn1pUbVN6eRsT7ZjErGHqMc3FKWKaEdXQI5gbk9WAMn2o17WswitXCx%2FHQgv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 770d8a606d600afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2