Report - pelisflix2.bz/?ref=xranks

Report Overview

Visited public
2024-06-16 23:32:07
Tags
URL
pelisflix2.bz/?ref=xranks
Finishing URL
pelisflix2.bz/?ref=xranks
IP / ASN
104.21.15.223
#13335 CLOUDFLARENET
Title
PELISFLIX 【❤️】 2.0 - Películas y Series Online Gratis en HD️ ✔️️

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
pelisflix2.bz	unknown	unknown	No data	No data	479 B	24 kB	172.67.208.36
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-06-16 02:43:21	3.8 kB	304 kB	216.58.207.227
s.pelisflix2.bz	unknown	unknown	No data	No data	1.8 kB	71 kB	172.67.208.36
api.kindor.io	unknown	2020-11-15	2023-11-15 10:02:07	2024-03-08 10:04:29	401 B	2.6 kB	172.67.144.152
aus5.mozilla.org	2548	1998-01-24	2015-10-27 08:06:24	2024-06-15 18:19:56	512 B	1.2 kB	35.244.181.201
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-15 18:30:36	1.3 kB	3.6 kB	23.36.76.226
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2024-06-15 18:12:11	446 B	3.7 kB	104.18.187.31
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2024-06-16 09:39:53	1.5 kB	97 kB	104.17.24.14
tmdbcdn2.online	unknown	2024-03-05	2024-03-06 01:17:26	2024-03-16 16:33:12	4.2 kB	116 kB	172.67.220.228
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-06-16 03:20:21	468 B	10 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed
2024-06-16	medium	tmdbcdn2.online	Sinkholed

ThreatFox

No alerts detected

JavaScript (6)

	URL	From	Size	First Seen	Last Seen
	unknown	Function	916 B	2024-02-01	2025-06-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-02-01 22:54 Last Seen2025-06-21 14:39 Times Seen771 Hash e4996866d50579802b6477ae2b7f741a 1f4b0772a1968c0ed3fcf9f785c3c218a82546a5 5a6d1f7502e031de16a34a284b443eb7308a000bf65275700afa48c33eb5947e Loading...

	unknown	Function	1.5 kB	2024-02-01	2025-06-21
Pretty Introduced by Function Embedded in HTML false Observations First Seen2024-02-01 22:54 Last Seen2025-06-21 14:39 Times Seen771 Hash 3868c92928346f20d64149553923e773 72e1017081305834aea3aec70ca948b4037706e0 45f1c28127df8cd11785553510c2b2007a0f36dbbd5c52b2fa68a614ce849938 Loading...

	pelisflix2.bz/?ref=xranks	ScriptElement	3.2 kB	2024-02-01	2025-06-21
Pretty URL pelisflix2.bz/?ref=xranks IP 172.67.208.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-01 22:54 Last Seen2025-06-21 14:39 Times Seen874 Hash a23a54a96fce51d7460e05a36f2b184e 1a027fde443bfde969a1b4bc08b3385e43d8fd14 b30361101e850be5ba0dc8f4b93e59df56757cb0338588709fb1412a5887679e Loading...

	s.pelisflix2.bz/flix/js/scriptmin.js?6789	ScriptElement	8.6 kB	2023-07-22	2025-01-05
Pretty URL s.pelisflix2.bz/flix/js/scriptmin.js?6789 IP 172.67.208.36 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-22 20:17 Last Seen2025-01-05 02:09 Times Seen164 Hash bfde4980c60e96695dad5c71458ac06d 5bbcffd243a66485aa7a6aee775057ec2f457493 9a96e99e4c37652f5cd05ffd41504314d7386c66ef095eb45d54b6c51276eba9 Loading...

	cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js	ScriptElement	32 kB	2023-03-07	2025-06-21
Pretty URL cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:35 Last Seen2025-06-21 14:39 Times Seen855 Hash 3ed83b7fbb9a4a039267b521b742bb11 6dea35181356547514ca65e3f779b5a8a54ab846 080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709 Loading...

	api.kindor.io/apis/player.php	ScriptElement	2.6 kB	2024-02-01	2025-06-04
Pretty URL api.kindor.io/apis/player.php IP 172.67.144.152 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-01 22:54 Last Seen2025-06-04 23:15 Times Seen747 Hash e17972012c9713ff921cda425629abb2 ab22f777b2dee61c21aad7b2f569904cabc455d0 5b8e822ad87a97ac989752326a95647e21346dc13d20982c3b1f435e1cd3cee8 Loading...

HTTP Transactions (32)

URL IP Response Size

r10.o.lencr.org/

23.36.76.226

504 B

URL
r10.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
5c35a3180482afadf4e89f4cc249fa7b
8a088c184606fe3e4e0da8cd90b6eb5e6d30fb97
146fe131cf8436e3de4832a23b351400b4819dbd9b9716302248d3ab447f000c

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "146FE131CF8436E3DE4832A23B351400B4819DBD9B9716302248D3AB447F000C"
Last-Modified: Sat, 15 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17058
Expires: Mon, 17 Jun 2024 04:15:59 GMT
Date: Sun, 16 Jun 2024 23:31:41 GMT
Connection: keep-alive

GET cdn.jsdelivr.net/npm/@icon/dashicons@0.9.0/dashicons.min.css

104.18.187.31

200 OK

2.6 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@icon/dashicons@0.9.0/dashicons.min.css
IP
104.18.187.31:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
Fingerprint74:7A:63:DF:06:27:1E:52:8C:E8:0D:AD:1F:89:98:B5:EB:2D:49:EE
ValiditySat, 04 May 2024 00:00:00 GMT - Sun, 04 May 2025 23:59:59 GMT

File type
ASCII text, with very long lines (13403)
Size
2.6 kB (2583 bytes)
Hash
ee2f4661f9ad31b08bdd7bc711a6b89a
529581d71a795739ede4485c77e7fa9a161356e1
3f2869dec2b3c8920e4723e1a84ac031e9e0bcbff497789f149047f022ea5a26

HTTP Headers

GET /npm/@icon/dashicons@0.9.0/dashicons.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: text/css; charset=utf-8
content-length: 2583
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 0.9.0
x-jsd-version-type: version
etag: W/"35ae-UpWB1xp5Vznt5Ehcd+f6mhYTVuE"
content-encoding: br
x-served-by: cache-fra-etou8220097-FRA, cache-lga21950-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 296861
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LZa34mx1MBSqfTFluw5arqjV8ioYYAnXs0MjLG6NFb0%2FOlZGgdn8bJCT0AsBIR4dfa%2B03OV0BDWR%2F5qQK%2FoWT39GsnjvXeiRJHPILfNIy880OgNy2Se25qKIDyW9%2B8co%2Fvk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894e98507807b4f9-OSL
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js

104.17.24.14

200 OK

11 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
JavaScript source, ASCII text, with very long lines (31683)
Size
11 kB (11404 bytes)
Hash
3ed83b7fbb9a4a039267b521b742bb11
6dea35181356547514ca65e3f779b5a8a54ab846
080a485f94dee0e757572d6258ffb9faa1bf8876bef1aa5f60e15a81d54c4709

HTTP Headers

GET /ajax/libs/tiny-slider/2.9.2/min/tiny-slider.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: application/javascript; charset=utf-8
content-length: 11404
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ffd-7bfa"
last-modified: Mon, 04 May 2020 16:17:01 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 302820
expires: Fri, 06 Jun 2025 23:31:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=doE3925b%2FsgSJoH%2FSoxFvE2x3maKFLb08bQY%2BoE1l4WZFWCF9dPPQOu7RuM3bEOZ3Ydq6HmkBj7Ns7AAhzOVK5jptocQPwIaRQ9gCbrrn7w4yBCjUtFVTe4%2FxV5yo%2F0ozydh24gN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 894e98507ca756ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5.6 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 317066
expires: Fri, 06 Jun 2025 23:31:42 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gjz3WbnCHx7yF8jmhO79XZFMINgmTde5PevCSt5IoU4wm39s8wfNr6g%2BEcr5OBHWQaYBVPqwT64uiVHrtu68gppKNgOPgVX1Ond0u4i7Ka8b88tufStUg0%2FDbztE2fVfmLd3LG9q"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 894e9850accf56ab-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tmdbcdn2.online/flix/imgs/logo3.png

172.67.220.228

200 OK

1.6 kB

URL GET HTTP/2
tmdbcdn2.online/flix/imgs/logo3.png
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
PNG image data, 184 x 37, 8-bit colormap, non-interlaced
Size
1.6 kB (1580 bytes)
Hash
9bc696d41c0123eaa2856ff0a1407110
e0244563997698eefed6475c34f51967bfab0c08
4e8bcb711c6f86bc9ce8e49537f93b70098db8e713326fe1e42deecc151e9179

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /flix/imgs/logo3.png HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: image/png
content-length: 1580
last-modified: Wed, 26 Oct 2022 16:47:16 GMT
etag: "63596494-62c"
cache-control: max-age=14400
cf-cache-status: HIT
age: 855
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QxRvb1pV6qmfbIr7JyzVZ2ER1thKBRrh3s6zEZmDUpzPNCq87Mc%2BTO2kjLim5iyj0rt9dcT0R18Wpx%2FuWVJvUm8UJekU2AEYH3URCS3iM1ybnL0cqohvtc9JKxcL1jb9I7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e98514b0d5696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tmdbcdn2.online/b/v2/w1/B0kv3MQiUsTZMzDmiMwMW0URh0T.webp

172.67.220.228

200 OK

34 kB

URL GET HTTP/2
tmdbcdn2.online/b/v2/w1/B0kv3MQiUsTZMzDmiMwMW0URh0T.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 780x439, Scaling: [none]x[none], YUV color, decoders should clamp
Size
34 kB (34148 bytes)
Hash
eab3e53a0b1f73cf3abb5ade685961da
0bf4e93ea5dc4a16d89d26c74eb513f0e1129a6c
0d7ba3a25e512cbc38d36b7e3a7f8631245ffeae73f620d032bc308ef043a94d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /b/v2/w1/B0kv3MQiUsTZMzDmiMwMW0URh0T.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: image/webp
content-length: 34148
last-modified: Sat, 15 Jun 2024 00:45:39 GMT
etag: "666ce433-8564"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNKjB19UK4IBPfwGVGd%2FAK40PNsK1KdqAANA8RqkzT%2BBc1YUgEr%2Bzjf5ZLQZVBpxfGZtkONN0Zyqxok8cFD%2Bo%2B80LG8ultX%2FY51loiVMy7YO3Ld0POEgPUgaV4YsnniGigY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e98514b105696-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET pelisflix2.bz/?ref=xranks

172.67.208.36

200 OK

24 kB

URL User Request GET HTTP/2
pelisflix2.bz/?ref=xranks
IP
172.67.208.36:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectpelisflix2.bz
FingerprintEB:A4:79:21:32:5C:F8:1F:8E:09:DF:B1:BD:73:B3:9C:E6:67:58:3C
ValidityMon, 10 Jun 2024 22:33:02 GMT - Sun, 08 Sep 2024 22:33:01 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (65464), with no line terminators
Size
24 kB (23451 bytes)
Hash
9b48d9e0f249bfcb6da326ce9a7f3728
f35cecaf1b00e23c1781fb143f749bd9a09f454f
00122439976e8db023fe4c44901f51aa047749776d6fd2b8663645f06abc56b4

HTTP Headers

GET /?ref=xranks HTTP/1.1
Host: pelisflix2.bz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
ab: D=49168 t=1718580677354534
content-language: es
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=64zT%2FeT6FFSSGj%2BtzzIS7b6JCK9Jjnk0dxDoKSk4NjbHzEm8QPO0XvkM3%2B0MQqOYx%2FjSl4MiMqxknl%2B33%2BdlbzHprbzdTlpNXfJUH1dnrZJP%2BVktBPXcsM6Z1KupYPWK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894e984cdf80568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET tmdbcdn2.online/flix/imgs/dc-comics-logo-24x24.png

172.67.220.228

200 OK

628 B

URL GET HTTP/3
tmdbcdn2.online/flix/imgs/dc-comics-logo-24x24.png
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
PNG image data, 24 x 24, 8-bit gray+alpha, non-interlaced
Size
628 B (628 bytes)
Hash
fb56c08d173d1922b23db85ed9305170
53d634733bc095e9e8f0d24b5680a2c44e161244
7f14ce400b0fb0d5a07612df73e1c95b600d4a9f2093d3bc0ed6b329b64f5e4b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /flix/imgs/dc-comics-logo-24x24.png HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/png
content-length: 628
last-modified: Wed, 20 Apr 2022 18:58:52 GMT
etag: "626057ec-274"
cache-control: max-age=14400
cf-cache-status: HIT
age: 856
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQJXZX9JrG9ibYiH6MvpMjZF%2B2BO%2FJ%2FN4IiOnoCbISQvL4EXcGALnz0EbxrXJJLXK2pByA759%2FBfcN3guHxV0kthDJeu0o0MH56mV3yZKqWDz3RQo81slh%2FMFjOQGSPiewM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9852b9eeb52d-OSL
alt-svc: h3=":443"; ma=86400

GET tmdbcdn2.online/flix/imgs/marvel-comics-logo-48x20.png

172.67.220.228

200 OK

1.7 kB

URL GET HTTP/3
tmdbcdn2.online/flix/imgs/marvel-comics-logo-48x20.png
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
PNG image data, 48 x 20, 8-bit/color RGBA, non-interlaced
Size
1.7 kB (1652 bytes)
Hash
94e5a3c965eab8b0fc3b1b3755122ec0
f16249795deb6c70901ec366d93abeb4cd8edb47
183d3d3d656d35c1f464a7bf4d6d6a145ae274f449f93b3c812842dad5898dbc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /flix/imgs/marvel-comics-logo-48x20.png HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/png
content-length: 1652
last-modified: Wed, 20 Apr 2022 18:58:54 GMT
etag: "626057ee-674"
cache-control: max-age=14400
cf-cache-status: HIT
age: 856
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uC6eGmPzRoGtdPpC7lcuJveYCCLcVr61P6tw6dMxoZtKtXSSLiTUdx1jHh2SkW5otiFY%2F%2F3jxLdFJeIw1wVLoDoXDSRb1H%2BoM%2FSWt844sMYrWPuNn0zwtlk%2FTEMVZLQR0dg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9852b9f4b52d-OSL
alt-svc: h3=":443"; ma=86400

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.24.14

200 OK

77 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjectcdnjs.cloudflare.com
Fingerprint3B:5B:7C:DD:19:E8:16:5A:09:22:D6:1E:03:84:8D:B9:A1:32:BF:8E
ValiditySun, 02 Jun 2024 00:47:32 GMT - Sat, 31 Aug 2024 00:47:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 256153
expires: Fri, 06 Jun 2025 23:31:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0DZ8iTipaSdn0F%2BNush%2BqgfiTNQMY6yCnupcaJAM3IFllsbim7VVOnAu2%2FVaDmyN5hN4UBFwDzXjqiHv%2BE8ER7nTEle4X%2BkFX0ziBUJhTFIYjzg8GquTrbMPAqL3jTwsY18LcnL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 894e98532d1e712f-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

109 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 109180, version 1.0
Size
109 kB (109180 bytes)
Hash
d581ab0fb70dff2313836d355a06c356
1af5c10593c66a28be1cdbd553ed73038e4112f5
8558519e6f6e4e69807a5574145dcc2b569f65c6e060a080767944435c2ebdef

HTTP Headers

GET /s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://s.pelisflix2.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 109180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 05:01:52 GMT
expires: Sat, 14 Jun 2025 05:01:52 GMT
cache-control: public, max-age=31536000
age: 239391
last-modified: Thu, 05 Aug 2021 15:50:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14712, version 1.0
Size
15 kB (14712 bytes)
Hash
3afeae0d768769f5e5f30ac9805c5b70
3ada17c2b462db3e7a1fd85c3f4670dfe7704f4d
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14712
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 09:34:12 GMT
expires: Sat, 14 Jun 2025 09:34:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
content-type: font/woff2
age: 223051
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tmdbcdn2.online/p/v2/w0/brGHGgIjTcmfbwcuhSY45.webp

172.67.220.228

200 OK

16 kB

URL GET HTTP/3
tmdbcdn2.online/p/v2/w0/brGHGgIjTcmfbwcuhSY45.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (16346 bytes)
Hash
33006f53817979e0bd6e8261052ac52e
c4adb3e7d72d67b65f84d5c98e7d00d142a87f67
19cb863571191e7dfe46255f1a7745b219271d38b640fe86de9ca0f03f67582b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p/v2/w0/brGHGgIjTcmfbwcuhSY45.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/webp
content-length: 16346
last-modified: Mon, 22 Aug 2022 03:45:40 GMT
etag: "6302fbe4-3fda"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4312
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLC2usRQ4AR6JGE4Nb5HgasTnCAD3GBEfE12zU7fld8n%2BWeY9b3zoGAY56hDLhwWKnUpO0%2BXmC5JPvt8fA3wy2oh7fyqL8wax4e8VZBEcZgAYWd2XPdGXKD7JWWndBX39ec%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9854ab3db52d-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14892, version 1.0
Size
15 kB (14892 bytes)
Hash
9ec6deaf6bada919e20b98f9f7b718b1
501d36403ad8205e4644532600019ecb10f5cb0a
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 04:41:09 GMT
expires: Sat, 14 Jun 2025 04:41:09 GMT
cache-control: public, max-age=31536000
age: 240634
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2

216.58.207.227

200 OK

21 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 20616, version 1.0
Size
21 kB (20616 bytes)
Hash
87a7147e959103f9fe850f1f5afc2589
79c8559d24437b81d57f9f7e64dd83dd29664aad
39cf9abce51786437c69ac45ac5f39aa19af7f859d87e347478b6bd96abe52c3

HTTP Headers

GET /s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qNq7lqDY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 20616
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 09:54:25 GMT
expires: Sat, 14 Jun 2025 09:54:25 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
content-type: font/woff2
age: 221838
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14780, version 1.0
Size
15 kB (14780 bytes)
Hash
8dae809192c44690275a3624133293e7
969c98c4d7eb00386ebbd61a63288972d138ecb8
c3de27b2cbd6deda629c9b442700cf54c0dda74e494b1c75a57d822068a047f8

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14780
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 09:45:02 GMT
expires: Sat, 14 Jun 2025 09:45:02 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jun 2023 22:52:58 GMT
content-type: font/woff2
age: 222401
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 14824, version 1.0
Size
15 kB (14824 bytes)
Hash
48598bad30f08e1c3eb3d0e69b420bd5
28c2cf160273c2062f909a875c4b4c0541ee2f84
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

HTTP Headers

GET /s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14824
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 04:52:20 GMT
expires: Sat, 14 Jun 2025 04:52:20 GMT
cache-control: public, max-age=31536000
age: 239963
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET tmdbcdn2.online/p/v2/w0/5e8wvHJHoklIkJst33V9JomrjSjXnJAjOy.webp

172.67.220.228

200 OK

13 kB

URL GET HTTP/3
tmdbcdn2.online/p/v2/w0/5e8wvHJHoklIkJst33V9JomrjSjXnJAjOy.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
13 kB (13082 bytes)
Hash
24824285efc68a45531cd396c2168fe6
5d57241932742b923e7209f67ca172d0d5130f4e
36d9b0a5234208e6928e6ae167d95c555a3aa031284f0e38bd7e2348b8446df7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p/v2/w0/5e8wvHJHoklIkJst33V9JomrjSjXnJAjOy.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/webp
content-length: 13082
last-modified: Sat, 15 Jun 2024 22:45:59 GMT
etag: "666e19a7-331a"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LYo%2FgmHppHmOp4xB7ppAkls%2B41muOU5JlscqoWBXUHP8viZ%2FGaxMXqzVv2ANSS9Wh%2FZfwc9kzGJ8KrA%2FeipcZNnR%2FP5oR0koKZhfo8HDPRnf5UUDPDfSEsptnSlQSdDWYyA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9854bb50b52d-OSL
alt-svc: h3=":443"; ma=86400

GET tmdbcdn2.online/p/v2/w0/MHY6Zl4oAFtf6cixKBR.webp

172.67.220.228

200 OK

12 kB

URL GET HTTP/3
tmdbcdn2.online/p/v2/w0/MHY6Zl4oAFtf6cixKBR.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
12 kB (12066 bytes)
Hash
8347c42916a5d20d5015523d94b42c33
c3d04bb8a74e991e47c947886e1aafd625207426
2fa7b81521727205d5a1d88547efa2806d75c90b4768206d8a8318db5c7bfde5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p/v2/w0/MHY6Zl4oAFtf6cixKBR.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/webp
content-length: 12066
last-modified: Wed, 01 Jun 2022 16:19:50 GMT
etag: "629791a6-2f22"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vk25L93PqtoHNAx1%2BkfzqQlHR7ZT68UNqOvsvJYL5QOaS2VH%2BM28aRrqah253orQiUb%2FKJrRdM0Z5UasL3%2BJENTb31M8NlAsiVs9hlMT8rcKVWHXS4jte1NWdNvFRB4tgcU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9854ab41b52d-OSL
alt-svc: h3=":443"; ma=86400

GET tmdbcdn2.online/p/v2/w0/FwXLJsbGxbg9IBsRAm3vB5O5TmMn6C5BYSdxb.webp

172.67.220.228

200 OK

14 kB

URL GET HTTP/3
tmdbcdn2.online/p/v2/w0/FwXLJsbGxbg9IBsRAm3vB5O5TmMn6C5BYSdxb.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
14 kB (14180 bytes)
Hash
5b9d20a7c79b5e14e4ab380bb62062a5
4fdb5cfd8b473f80032fff874688b0b05a2bea19
c4d73f3e9e9ebd59176464b55997bbd1bcbd16b5e9f37c5588c09d1e956408ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p/v2/w0/FwXLJsbGxbg9IBsRAm3vB5O5TmMn6C5BYSdxb.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/webp
content-length: 14180
last-modified: Sat, 08 Jun 2024 21:45:29 GMT
etag: "6664d0f9-3764"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArM%2BU0RJ8a9%2B%2FCcQusEYfx3i8QloNKQGy8qMa2an59y6dtfxHy3UyAwvOVUtuoMWqm4Pje6IM8n7tyJv0SF2u7TP7uGEQJYRzY5rttvpXzRQ5BhttOEmCd4VDfQFoTh05RM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9854bb46b52d-OSL
alt-svc: h3=":443"; ma=86400

GET s.pelisflix2.bz/flix/imgs/cropped-1F17F-p-button-128-192x192.png

172.67.208.36

200 OK

18 kB

URL GET HTTP/3
s.pelisflix2.bz/flix/imgs/cropped-1F17F-p-button-128-192x192.png
IP
172.67.208.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services
Subjectpelisflix2.bz
FingerprintEB:A4:79:21:32:5C:F8:1F:8E:09:DF:B1:BD:73:B3:9C:E6:67:58:3C
ValidityMon, 10 Jun 2024 22:33:02 GMT - Sun, 08 Sep 2024 22:33:01 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
18 kB (18049 bytes)
Hash
1d9386e3cddcf8716882cbd9fd37a83b
5594ab699e5a34677ef111503ce41622dfd7047d
821fa71e6fa8404239947be3d7a339b12dfc10b15000cc5067b1ec498ea28d65

HTTP Headers

GET /flix/imgs/cropped-1F17F-p-button-128-192x192.png HTTP/1.1
Host: s.pelisflix2.bz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/png
content-length: 18049
last-modified: Wed, 11 Aug 2021 22:34:34 GMT
etag: "6114507a-4681"
cache-control: max-age=14400
cf-cache-status: HIT
age: 851
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTnQ2qi6wjgRyh%2FQyNSegc%2FnCD5IW1%2BGYl9j0L3xjA5gNVkOKxUO3ZYM1jLXyoKIG2CsyAFuynwZI4a5snPH1PquuzzhAcjbE%2Fzr7Sbec3%2Blo3S9%2BH1ncyG3CEuTUm3g9EM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e98554b585699-OSL
alt-svc: h3=":443"; ma=86400

GET s.pelisflix2.bz/flix/imgs/cropped-1F17F-p-button-128-32x32.png

172.67.208.36

200 OK

1.6 kB

URL GET HTTP/3
s.pelisflix2.bz/flix/imgs/cropped-1F17F-p-button-128-32x32.png
IP
172.67.208.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services
Subjectpelisflix2.bz
FingerprintEB:A4:79:21:32:5C:F8:1F:8E:09:DF:B1:BD:73:B3:9C:E6:67:58:3C
ValidityMon, 10 Jun 2024 22:33:02 GMT - Sun, 08 Sep 2024 22:33:01 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
1.6 kB (1568 bytes)
Hash
94a09fc458a3037d60f7015927b7425b
c726b820a64b888328e531c0e9de49021f723047
2a9d20e8e090964a3bb92314aad62df9c01b0322580817001c3cdf6dd5630f92

HTTP Headers

GET /flix/imgs/cropped-1F17F-p-button-128-32x32.png HTTP/1.1
Host: s.pelisflix2.bz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/png
content-length: 1568
last-modified: Wed, 11 Aug 2021 22:34:34 GMT
etag: "6114507a-620"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7lLUh22sXlDdUKMIxI%2FLK70dXhCdCkuf544uCkhTVPtp40Dd0qrMIEXEONexX3J5eAtUSGOYU17L3bfVheZuTqVU08WPix%2FOaFnckfYw4mqnsMH2mP%2B1PczBsueUf%2ByVjc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e98554b595699-OSL
alt-svc: h3=":443"; ma=86400

GET tmdbcdn2.online/p/v2/w0/WaEitXUXTyHAhwR9VODHI80cTS4aDxXpxryQfiE.webp

172.67.220.228

200 OK

16 kB

URL GET HTTP/3
tmdbcdn2.online/p/v2/w0/WaEitXUXTyHAhwR9VODHI80cTS4aDxXpxryQfiE.webp
IP
172.67.220.228:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerLet's Encrypt
Subjecttmdbcdn2.online
Fingerprint88:3E:8A:F5:D8:2A:04:4F:FC:F9:3F:12:37:3F:DD:FA:CE:94:D0:DB
ValiditySat, 04 May 2024 00:19:20 GMT - Fri, 02 Aug 2024 00:19:19 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 200x300, Scaling: [none]x[none], YUV color, decoders should clamp
Size
16 kB (15786 bytes)
Hash
8c5f57b00caea87533f35f6d1ea5cb06
3f47279f0bc806d202f63440d5eac85da587025d
fcf7b1941e44487f588fe36cb5863f5ecf0eb915954d02db28aaf9b535702e14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /p/v2/w0/WaEitXUXTyHAhwR9VODHI80cTS4aDxXpxryQfiE.webp HTTP/1.1
Host: tmdbcdn2.online
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: image/webp
content-length: 15786
last-modified: Thu, 16 May 2024 10:49:00 GMT
etag: "6645e49c-3daa"
cache-control: max-age=14400
cf-cache-status: HIT
age: 0
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L37n4OzvDoUeE5gjwIGNCitiAoqrMAhZT37S9TlpSz3bej9hhFgLyfDXp7SSbRiA8H2w3Sy0fVJzjZv4ZdyAPgZxJvSmTl2RdV3uc9oDZkuTekruyEenuzfx%2BTwQD9untiU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9856ec97b52d-OSL
alt-svc: h3=":443"; ma=86400

GET api.kindor.io/apis/player.php

172.67.144.152

200 OK

1.9 kB

URL GET HTTP/2
api.kindor.io/apis/player.php
IP
172.67.144.152:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services
Subjectkindor.io
Fingerprint75:A1:57:A4:D3:25:BC:DD:4E:3D:4F:13:3F:99:E0:EC:81:3B:C0:39
ValidityWed, 05 Jun 2024 19:29:04 GMT - Tue, 03 Sep 2024 19:29:03 GMT

File type
JavaScript source, ASCII text, with very long lines (2565)
Size
1.9 kB (1870 bytes)
Hash
e17972012c9713ff921cda425629abb2
ab22f777b2dee61c21aad7b2f569904cabc455d0
5b8e822ad87a97ac989752326a95647e21346dc13d20982c3b1f435e1cd3cee8

HTTP Headers

GET /apis/player.php HTTP/1.1
Host: api.kindor.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 16 Jun 2024 23:31:43 GMT
content-type: application/javascript
content-length: 1870
access-control-allow-origin: *
access-control-allow-headers: *
vary: Accept-Encoding
content-encoding: gzip
apacheserver: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FIIcFOpWiwGp1frH1ntNOdYf%2FkKgb5I79VqGX%2F0ih9Tvdr35lfqAQN2ayvba0aBZUyGQo%2BpaBcaA6W7yn6VoNhIzIP2jD26AUhBw6QSPkG4KUm%2BBvu0faXNEUE8PiouL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894e9856ca1856b5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

109 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintAF:F4:F6:EB:DF:C2:EE:A0:DE:57:2C:A6:2A:38:0A:B9:6B:0A:4C:D4
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 109180, version 1.0
Size
109 kB (109180 bytes)
Hash
d581ab0fb70dff2313836d355a06c356
1af5c10593c66a28be1cdbd553ed73038e4112f5
8558519e6f6e4e69807a5574145dcc2b569f65c6e060a080767944435c2ebdef

HTTP Headers

GET /s/materialicons/v97/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://pelisflix2.bz
DNT: 1
Connection: keep-alive
Referer: https://s.pelisflix2.bz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 109180
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jun 2024 05:01:52 GMT
expires: Sat, 14 Jun 2025 05:01:52 GMT
cache-control: public, max-age=31536000
age: 239392
last-modified: Thu, 05 Aug 2021 15:50:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ede0b27def700f18bb6d4eb4c1d97352
c802c366cb2eee6b9339349aa21677fdb1bd5fa5
18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Mon, 17 Jun 2024 02:33:53 GMT
Date: Sun, 16 Jun 2024 23:31:45 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ede0b27def700f18bb6d4eb4c1d97352
c802c366cb2eee6b9339349aa21677fdb1bd5fa5
18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Mon, 17 Jun 2024 02:33:53 GMT
Date: Sun, 16 Jun 2024 23:31:45 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
ede0b27def700f18bb6d4eb4c1d97352
c802c366cb2eee6b9339349aa21677fdb1bd5fa5
18ffb58da62f40b37a43b0baaceefe8bc3ef83ccdf9ee19ff874ccb0d802c9f2

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "18FFB58DA62F40B37A43B0BAACEEFE8BC3EF83CCDF9EE19FF874CCB0D802C9F2"
Last-Modified: Sat, 15 Jun 2024 17:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10928
Expires: Mon, 17 Jun 2024 02:33:53 GMT
Date: Sun, 16 Jun 2024 23:31:45 GMT
Connection: keep-alive

aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml

35.244.181.201

444 B

URL
aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml
IP
35.244.181.201:0
ASN
#396982 GOOGLE-CLOUD-PLATFORM

File type
XML 1.0 document, ASCII text, with very long lines (332)
Size
444 B (444 bytes)
Hash
3b324dec137a87ef7e24a30a65b13dd0
c0faa95b2f1018e264b3a14aaf50d1003e6c27b3
6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463

HTTP Headers

GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/202402/aus.content-signature.mozilla.org-2024-07-24-18-25-25.chain; p384ecdsa=WQY5ZP35wITC6-9k3qxG7VPAEQyqGrGUb64xAOEo9lGRgbavBcDEzIgZWmnW3HkS71kW8HRdRxaMP5Yo-JQ2iwJlzUUwOCORKHhUL3Y26i7Wo8I2Wv_uX85_G1tyRKXP
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Sun, 16 Jun 2024 23:30:41 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 80
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2

GET fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C600%2C700&ver=1.53

142.250.74.106

200 OK

9.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A300%2C400%2C600%2C700&ver=1.53
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintF2:70:F4:02:94:58:08:9B:B8:DA:5D:47:F4:4D:59:66:71:5E:34:8E
ValidityMon, 27 May 2024 07:29:09 GMT - Mon, 19 Aug 2024 07:29:08 GMT

File type
ASCII text, with very long lines (9740), with no line terminators
Size
9.5 kB (9516 bytes)
Hash
70436d9f39b0910dd16bab076ea8943d
55ecc25f846d152e6314fd062a054c86bbcb2562
fdebc360647412ab40e32e406c577bcc44fda07b897625a2e822575d59217236

HTTP Headers

GET /css?family=Source+Sans+Pro%3A300%2C400%2C600%2C700&ver=1.53 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 16 Jun 2024 23:31:43 GMT
date: Sun, 16 Jun 2024 23:31:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET s.pelisflix2.bz/flix/css/material.css

172.67.208.36

200 OK

40 kB

URL GET HTTP/3
s.pelisflix2.bz/flix/css/material.css
IP
172.67.208.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services
Subjectpelisflix2.bz
FingerprintEB:A4:79:21:32:5C:F8:1F:8E:09:DF:B1:BD:73:B3:9C:E6:67:58:3C
ValidityMon, 10 Jun 2024 22:33:02 GMT - Sun, 08 Sep 2024 22:33:01 GMT

File type
ASCII text, with very long lines (39809)
Size
40 kB (39810 bytes)
Hash
f0e5aa96da8efed816312ea8dc482e32
cd598b4a7284896aabb59b31dda9375f3285f3be
f4878d29e668050a901645d27c668fc15bd18731b935e6436521c5b66c595ed5

HTTP Headers

GET /flix/css/material.css HTTP/1.1
Host: s.pelisflix2.bz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: text/css
vary: Accept-Encoding, Accept-Encoding
last-modified: Sun, 08 Aug 2021 21:27:26 GMT
etag: W/"61104c3e-9b82"
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mouufqtajV0ZPMtK1O9jbIKEScwQpWXPLL5MrxJvUn6rfV2ysJGfeSGX44eRzZfw1iMCDGwCDiw5K0ZaN0llk%2FQ5odPnRQzvc5FEYMlElcuHRUjcfYHFI5WGbPWKQE2Pcjk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 894e9850980c5699-OSL
alt-svc: h3=":443"; ma=86400

GET s.pelisflix2.bz/flix/js/scriptmin.js?6789

172.67.208.36

200 OK

8.6 kB

URL GET HTTP/3
s.pelisflix2.bz/flix/js/scriptmin.js?6789
IP
172.67.208.36:443
ASN
#13335 CLOUDFLARENET

Requested by
https://pelisflix2.bz/?ref=xranks
Certificate
IssuerGoogle Trust Services
Subjectpelisflix2.bz
FingerprintEB:A4:79:21:32:5C:F8:1F:8E:09:DF:B1:BD:73:B3:9C:E6:67:58:3C
ValidityMon, 10 Jun 2024 22:33:02 GMT - Sun, 08 Sep 2024 22:33:01 GMT

File type
JavaScript source, ASCII text, with very long lines (8954), with no line terminators
Size
8.6 kB (8644 bytes)
Hash
b98c936638e7e3074db2368dad22273d
5fec3e1e821be32abd3cb38c99e9b98c924b7fb1
1161f59e7620caa496d5c75b45fbd4518af5d5b63d353a48a138b07402b61112

HTTP Headers

GET /flix/js/scriptmin.js?6789 HTTP/1.1
Host: s.pelisflix2.bz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://pelisflix2.bz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 16 Jun 2024 23:31:42 GMT
content-type: application/javascript
last-modified: Wed, 31 Jan 2024 02:35:26 GMT
etag: W/"65b9b1ee-21c4"
cache-control: max-age=14400
cf-cache-status: HIT
age: 7176
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9%2F%2F5jnKGS5mcFE1LIFSo9IuP1ES%2Fesw3X%2By9x3RHK21vpBXKsnU42PbzvEbUawSO%2F9X6IAGkdHktI1Jhm7U56iYrexLJ1QbJfldNfxD7ARlGDb%2B%2FIT%2FWXLJ%2BoGe%2BlKJnCjM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 894e9850980d5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (6)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (32)

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate