Report - site.cinem4.org/pt/movie/1357633/reawakening

Report Overview

Visited public
2024-12-22 00:57:36
Tags
URL
site.cinem4.org/pt/movie/1357633/reawakening
Finishing URL
site.cinem4.org/pt/movie/1357633/reawakening
IP / ASN
104.21.32.167
#13335 CLOUDFLARENET
Title
(1) New Message!

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
juvenilesoftlysoda.com	unknown	2024-07-27	2024-07-31	2024-12-01	4.0 kB	133 kB	172.240.108.84
recordedthereby.com	unknown	2024-05-08	2024-05-08	2024-12-15	800 B	172 kB	185.196.197.72
cdn.creative-stat1.com	unknown	2024-08-20	2024-08-27	2024-12-19	3.4 kB	159 kB	172.67.133.15
cdn.show-sb.com	unknown	2024-08-20	2024-08-31	2024-12-19	495 B	2.9 kB	172.67.170.115
site.cinem4.org	unknown	2024-09-04	2024-10-17	2024-10-17	7.8 kB	1.1 MB	104.21.32.167
retortloudenvelope.com	unknown	2024-08-14	2024-12-21	2024-12-21	2.8 kB	6.0 kB	172.240.127.234
layerrepeatedlychancy.com	unknown	2024-08-14	2024-09-20	2024-09-20	2.8 kB	6.0 kB	172.240.108.84
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-12-18	1.8 kB	175 kB	172.67.142.245
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2024-12-18	1.6 kB	87 kB	216.58.207.227
prudentperform.com	unknown	2024-08-14	2024-12-21	2024-12-21	3.3 kB	6.5 kB	172.240.108.68
whomcomposescientific.com	unknown	2024-11-26	2024-12-21	2024-12-21	7.6 kB	21 kB	192.243.61.227
unseenreport.com	unknown	2022-03-30	2022-03-30	2024-12-19	1.5 kB	990 B	192.243.59.20
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2024-12-18	870 B	2.6 kB	142.250.74.106
easyengineering.net	563568	2017-09-28	2018-01-09	2024-04-09	451 B	54 kB	104.21.77.210
image.tmdb.org	17757	2009-09-15	2021-01-09	2024-12-21	919 B	140 kB	79.127.216.111
proftrafficcounter.com	unknown	2023-11-16	2023-11-21	2024-12-15	3.5 kB	3.3 kB	18.198.223.149
capaciousdrewreligion.com	unknown	2023-11-07	2023-11-27	2024-12-15	414 B	375 B	185.196.197.71
peanutrefusesplit.com	unknown	2024-08-14	2024-12-20	2024-12-20	19 kB	16 kB	172.240.108.68
cdn.storageimagedisplay.com	unknown	2024-09-13	2024-09-13	2024-12-17	4.2 kB	469 kB	45.133.44.2
randomuser.me	165273	2013-08-06	2013-09-02	2024-12-16	1.4 kB	10 kB	104.21.112.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-12-22	medium	whomcomposescientific.com	Sinkholed
2024-12-22	medium	whomcomposescientific.com	Sinkholed
2024-12-22	medium	whomcomposescientific.com	Sinkholed
2024-12-21	medium	unseenreport.com	Sinkholed
2024-12-21	medium	unseenreport.com	Sinkholed
2024-12-22	medium	whomcomposescientific.com	Sinkholed
2024-12-22	medium	whomcomposescientific.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (39)

	URL	From	Size	First Seen	Last Seen
	use.fontawesome.com/3db27005e3.js	ScriptElement	9.5 kB	2023-03-07	2025-04-13
Pretty URL use.fontawesome.com/3db27005e3.js IP 172.67.142.245 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-04-13 06:28 Times Seen406 Hash 98736d79a2579e922ebb12be517eea2a e572a040dff07014408a07f589ae29d7e4045cba 0dac9c370df2dbbb2b36a3ca7f77e2dfdf9678e8d951f376dee865b01312829b Loading...

	site.cinem4.org/assets/v1/js/js.js	ScriptElement	288 kB	2023-03-07	2025-04-13
Pretty URL site.cinem4.org/assets/v1/js/js.js IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-04-13 06:28 Times Seen338 Hash ae557976a61570a850e6b9e1de77e667 2a48828aa085dce014b82851b2cc5034ad9e5c52 99ec662ecfe312398708a1ce2aa752e806e6124de63b47181141f9c344242c89 Loading...

	juvenilesoftlysoda.com/8d445882e8fadd541fc9501fa6091abb/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/8d445882e8fadd541fc9501fa6091abb/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 75071e8cdce9d35523249b59fd8cee47 9d27b5bab7006adbc0b09ae74e18749ff3af16a4 638d0812f06a45359b1f6a5021d8c7a0e22cbc27bf908c8be3c7d165914f267a Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	26 B	2023-03-07	2025-03-07
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:29 Last Seen2025-03-07 19:45 Times Seen242 Hash d0bed863e09f178dcdcfe6e3befe843a e3419074358302d55708fb9c1e84b78e3ba9b254 3253697732ab7f84b393dfce838e5fa5430e8175bca6451e20d7898c7419d863 Loading...

	juvenilesoftlysoda.com/2fc1332690910ec8e8c77c6e0f7df472/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/2fc1332690910ec8e8c77c6e0f7df472/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash a466469db79ae77166154f43e78ab142 b9dc74b185877d48363f828fb22d2bc918b69d24 ab5e237a38e23b097129b6a6a144e3298335e38fc14f29bf22e9b86067db1bf1 Loading...

	juvenilesoftlysoda.com/9e5c403b4787cb47ad2331ecc029e98e/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/9e5c403b4787cb47ad2331ecc029e98e/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 4b8f740d403fb42a51e96a9781554e8a a4b14b8ec5e926873d60782ead274b96236ef523 286d60ac8d2302f4fca821240445c64f4ca302a1f7d7b550d8abff1088e32ab0 Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	140 B	2024-10-17	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash a76b0d1a18306e8564159ed7d9d76e0b db24d1ea3f16ed4d8462df09d1b80e30243f4594 90016354654d8188cbc895fccf74e2f4060ab73b81096a76c3e4a3725fac1c4a Loading...

	recordedthereby.com/sfp.js	ScriptElement	85 kB	2024-05-17	2025-01-21
Pretty URL recordedthereby.com/sfp.js IP 185.196.197.72 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-17 16:43 Last Seen2025-01-21 11:22 Times Seen13574 Hash 7e3e44049654b6e244c1777e68ffb8e7 8f2a8298666d607afd92a0baa362ef4dc9ccd039 4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b Loading...

	site.cinem4.org/assets/v1/js/s.js	ScriptElement	527 kB	2023-03-07	2025-04-13
Pretty URL site.cinem4.org/assets/v1/js/s.js IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:29 Last Seen2025-04-13 06:28 Times Seen258 Hash 3e0d601975871ce6a7cd542a91734d49 84412cab04eb670be0545179d309e04a305ed7c3 34f9313ec80b08437f150e4eef2fe073f872ab201b326b114c9ae9bba00b7dcf Loading...

	unknown	ScriptElement	145 B	2024-10-17	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash 3b96e9e52514965d9843fdeb36fc89a2 bdb0b73563011b3cb7012cbdeb5334e965d67017 4e8ecec67b787386b4a9761e12f2da563345b6ddd91d4c8d2630be2a4dc5d323 Loading...

	unknown	ScriptElement	3.4 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 18c93df28455b1e672a1f760da944ab9 4b821ee1e64881ed18daf33eb94ebc93e79da985 6035dd39d5b039f9f0c436906397a1e2beb3824318bc218143c25eaa00b5c9c8 Loading...

	unknown	ScriptElement	145 B	2024-10-17	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash ab51bc370600bd50790a346bc0f1684f 12979e88a80c55b5cc8dc01328bed49cb7415408 981acd664d9aaabae7fa00f229df8089f75eb168a790af80d6734faae2ac89dc Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	139 B	2024-12-22	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 7cb0a5ea4755e54f3e7fdffef524d24d 769f106f7387c57264b2ea5f070ae11b0c5db011 e21cd14640599f82f0d0202c858353adae65704b954bdae7e8d7de0a4517cc81 Loading...

	juvenilesoftlysoda.com/ec/bc/79/ecbc7931427da56bdc6d87cd541f745f.js	ScriptElement	46 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/ec/bc/79/ecbc7931427da56bdc6d87cd541f745f.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 65c7344c0c56e703bc913b995594a039 3bd0875350c92d4ed46b5c2d6a0b46144e123def 343550f3f43ea2800e9e51da510a8326897786045e8f8fd67aae6892bafa593f Loading...

	unknown	ScriptElement	3.3 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash a677408888a336163402d0c2a7ceeeff 0a4b6fe2c18e3bf813f80b5c8e9a18671ef85dc0 0dfd3f2b8fcbbdc46826e6783c7e019c5590717d27acf8d8d2f0a452ccd42f3f Loading...

	unknown	ScriptElement	3.4 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 492409f5defb5933e19d5d27c8d95301 e9abcb7331d703bec6830249a3ebc27e805879da 0b04d400e4c0f9c2904c47676980f2516cdd4e6aded5d67abd446578c5008917 Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	140 B	2024-10-17	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash adcdc6a10a6b68dd7abe1d653eb828a4 c41b21eca7e19a00f83376a8588e6f614ece35b9 54d48ac94e491d4a533134ff89b31549b056c205ae80a81b47c888b5c001d658 Loading...

	unknown	ScriptElement	3.3 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 7b48a84843b11c989f20136f1620951c 542fce065a60e005633bde4c708677fd30af270f c4ad9cca2c27d893b4da63e418e30e387702099988a6fedbefc7edfc4fafdcaf Loading...

	unknown	ScriptElement	6.3 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 98a8215761a56be008e6ad475a09044b 239cdd990588150bb9a7c9dc3058cd2639e5b4c3 e406ea8622ab054b6e092f065094b8f0b3eb74643460328b501c6c099126873e Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	139 B	2024-10-17	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash a10e9cad64705da38dfda406e7643ad9 14f5285028eebe0625e098a8fa842b3c9097263d ca900d689ec10dbb13da3f5074044123708fe1016d2e9be9a5ba9deffb11e8bc Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	139 B	2024-10-17	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash 6a89939cc7d627b5ca6262df881e398d 4d18205fa669f29b466d1d4f42176af2c2a79a79 1f658393a4772b386edd322910ddf1d46699c0bc186edafe1e85633680424e89 Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	488 B	2024-01-01	2024-12-23
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-01 23:32 Last Seen2024-12-23 19:11 Times Seen9 Hash aa9672747825fec82d8273a13ec927bc 1a1b108ff08c8b4e09cdcf9fe13225eb4ce6c57e 67019e85f53d9fc3ae8e8f1c593a8df556e33d8fda49dd9f70dfaa827afc9bfb Loading...

	juvenilesoftlysoda.com/39/69/2d/39692d5f9533d43eeb962bb77e2faead.js	ScriptElement	94 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/39/69/2d/39692d5f9533d43eeb962bb77e2faead.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 153eefc58171b8a881dcf95e2765919b 839d5cb86033a498ef69bfb0a309e1946d9c76fc e55bfcee8a73c42e644262ded9b53ac00d2987a7b5afe51256a2fd5fd15ee3ee Loading...

	juvenilesoftlysoda.com/bf44515d12a227a576c089440427038e/invoke.js	ScriptElement	24 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/bf44515d12a227a576c089440427038e/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash ddbd987c5141d18e205783b5313032b8 ce0608a6aebb552736fd74fa3225dd2f7bc14a22 225559b2fff5f6de1f8783cbdb7b7c9e0f36f7b396e49a78ad934fcdce24d18b Loading...

	unknown	ScriptElement	145 B	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 8e08b0cab83c44713744c23a259cc1eb 3cb90f0586dcf4b50b6b7c090812445537614cc1 b343dddfd2d8749291271b85bd6521dcfd95d7e33ae4669819bee44c1f9083c8 Loading...

	unknown	ScriptElement	145 B	2024-10-17	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash 66b7f5449b0e7dd4e8336749e8de45d9 beee530add309b4752394b6a6948475b8ddfce0d e9d3e2e5eb28ecc8ae27721cdbda6bcbc5ca44ad36f739f6b0fecc900f31817f Loading...

	unknown	ScriptElement	145 B	2024-10-17	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-10-17 15:53 Last Seen2024-12-22 00:57 Times Seen2 Hash 5ad3f86d5e6cc63982f22ce9c6ff5754 466ec363c623cb90d359446373be769597bc48cf a8355fdd745e29d3f85399c02bae2f66dffb0d373079d08555c84b6ac7a03638 Loading...

	juvenilesoftlysoda.com/b7171462edb88ced22f73d8acf3224a8/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/b7171462edb88ced22f73d8acf3224a8/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 8a3b65c51dd03d74c69b8c704b137846 0d43cd899e5c070bb721dea644c579b5e9c0ed21 cdcf69e1763f4979f7b07bfe4e91330d4a444eea54661d62519882e41e8effe2 Loading...

	site.cinem4.org/assets/v1/js/gs.js	ScriptElement	1.5 kB	2023-03-08	2024-12-23
Pretty URL site.cinem4.org/assets/v1/js/gs.js IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:42 Last Seen2024-12-23 19:11 Times Seen11 Hash 77a2116b25ef7177beff002076318ab6 e97894974b4614dcec5e6890a573ab540e02e924 acc6c8ff051b22d22b1aa7e17ef880128bee07e35d7af9115eb7ab377046601d Loading...

	capaciousdrewreligion.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-05-05
Pretty URL capaciousdrewreligion.com/advertisers.js IP 185.196.197.71 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-05-05 03:09 Times Seen4609158 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	unknown	ScriptElement	3.4 kB	2024-12-22	2024-12-22
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash f120538330a2266ea60c487bb4ab58ba aa9ecd7433d9c2c40fc83c644ed534907f6a5f04 1f8bfce65b28fcfcfffc61ee102482ef6e44da2fd42f763c85f340a66bdf8903 Loading...

	cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/jquery.min.js	ScriptElement	84 kB	2023-03-07	2025-05-04
Pretty URL cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/jquery.min.js IP 172.67.133.15 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-04 12:55 Times Seen1285 Hash 6326c600df01e3bfb9b40e1aa08176f8 6b4fb754d29b297b539bf62ba9b4eaf0f33f314a df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3 Loading...

	site.cinem4.org/pt/movie/1357633/reawakening	ScriptElement	424 B	2024-12-22	2024-12-22
Pretty URL site.cinem4.org/pt/movie/1357633/reawakening IP 104.21.32.167 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 17e75fbe7a5d01b91c6015572b965a12 d3b6b7a410101363acd0a49a370ea85da14bb287 809623155243fb5d90df8cb9a2243f10ff3ae181764393a7c5d4a319b539aa43 Loading...

	juvenilesoftlysoda.com/15ccc2c03166b5f92e04d9786e483783/invoke.js	ScriptElement	25 kB	2024-12-22	2024-12-22
Pretty URL juvenilesoftlysoda.com/15ccc2c03166b5f92e04d9786e483783/invoke.js IP 172.240.108.84 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 40fb6a3209deef05b0fa5562904b0193 5da50c00a78640a97bba53cc55978cb731cdf733 82a88b705e392fb1c1c6456b7c7d0513192cc81d82361fd7c3430cf2fadce9cb Loading...

		Size	First Seen	Last Seen
	#1 Eval - e14aa93a3acfeef8cbadf7dd9a700bec	2.1 kB	2024-12-22 00:57	2024-12-22 00:57
Pretty Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash e14aa93a3acfeef8cbadf7dd9a700bec 88d9badadb347fc2bfed2d3f9fd8f3dc1d7dfc11 3ce2dadac1a94dc6e7380ec23c419c6c1dc4234f589423393165718d9bca0d8b Loading...

	#2 Eval - 9c7701402b064096e45c3efb7135b404	2.1 kB	2024-12-22 00:57	2024-12-22 00:57
Pretty Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash 9c7701402b064096e45c3efb7135b404 3b4fe29a06c504146f5d7f91894d5427dff64cbd 8c3037743e5ea666d699733b48b7770546825b6a689daa8a0c901bbef7626563 Loading...

	#3 Eval - acff89329acb9e374630da4754cef5df	2.1 kB	2024-12-22 00:57	2024-12-22 00:57
Pretty Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash acff89329acb9e374630da4754cef5df 5fe824a2ee51f7a1ef513334cb87bd03a231a712 49cea02227445509ecb22a8e0fdb7b9aa18b3e47a55ca16d19ee4da5e9978525 Loading...

	#4 Eval - fa6dfdc61cbb99607a575de64e95be10	2.1 kB	2024-12-22 00:57	2024-12-22 00:57
Pretty Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash fa6dfdc61cbb99607a575de64e95be10 72e79ace62b01fb4d4cc4c8afedc128c1e41445c 8b4c8f0a2691a929db3d4b2d6dab20ee295cf7a689cade434a373c8838777f5e Loading...

	#5 Eval - aae5668cb8eb46ac2439744c5c368b34	2.1 kB	2024-12-22 00:57	2024-12-22 00:57
Pretty Observations First Seen2024-12-22 00:57 Last Seen2024-12-22 00:57 Times Seen1 Hash aae5668cb8eb46ac2439744c5c368b34 daf2cf560ab535d8dfc6dea19b339e92a9e50675 7fe76cb79e388ac58247a06004cf5db6de0e356b729e6eb546b84314aba795e6 Loading...

HTTP Transactions (85)

URL IP Response Size

use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css

172.67.142.245

200 OK

84 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/css/font-awesome-css.min.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
ASCII text, with very long lines (30343)
Size
84 kB (83915 bytes)
Hash
36082410df2ef7f83932219089dc1443
7961402d7d01e19387fe609a38454b0bc8c6cca4
5b9573e1023da775390e9284ec0eb1c606df9b468a28980055b4a6aa804f4350

HTTP Headers

GET /releases/v4.7.0/css/font-awesome-css.min.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/3db27005e3.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/css
cache-control: max-age=31556926
etag: W/"36082410df2ef7f83932219089dc1443"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 322744
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uDUvuwGqI2D3TOdvtovsc4CtaaUbRHH4i%2FGcoDIwwp2b7x1SsnysmpMi8XedV5VmCnS2UbF567WfI%2Bdj27Ituywl%2BvFSiUQgh4q0JgAgCgLZHStbcF1S1jZixyNTqpWQdpg49FXs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f62c355699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1147&min_rtt=472&rtt_var=1134&sent=13&recv=15&lost=0&retrans=0&sent_bytes=8452&recv_bytes=1431&delivery_rate=10197183&cwnd=256&unsent_bytes=0&cid=2393f8392969cd3f&ts=152&x=0"
X-Firefox-Spdy: h2

image.tmdb.org/t/p/w300/ggQjQpd5OIIjeQbv11yXfjixj1Z.jpg?resize=300,450

79.127.216.111

200 OK

21 kB

URL GET HTTP/2
image.tmdb.org/t/p/w300/ggQjQpd5OIIjeQbv11yXfjixj1Z.jpg?resize=300,450
IP
79.127.216.111:443
ASN
#60068 Datacamp Limited

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 300x450, components 3
Size
21 kB (20860 bytes)
Hash
88ba72e3add0116e42ecd16eaa8dca76
bf618382108bb3f85b2d868a37778e8aefe951ba
59a83fd068a197df2d1ac0dcc72f4b086928ca26e5bc5334517824c2dc26b669

HTTP Headers

GET /t/p/w300/ggQjQpd5OIIjeQbv11yXfjixj1Z.jpg?resize=300,450 HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: image/jpeg
content-length: 20860
server: BunnyCDN-DE1-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "67171aa4-517c"
last-modified: Tue, 22 Oct 2024 03:23:16 GMT
cdn-storageserver: NY-353
cdn-requestpullsuccess: True
cdn-fileserver: 917
perma-cache: HIT
cdn-proxyver: 1.06
cdn-requestpullcode: 200
cdn-cachedat: 11/28/2024 00:13:22
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: a25d942309e09723a2a073ff10915bef
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

image.tmdb.org/t/p/original/hlfu6g0h0D65SjkVhQBU20zePTl.jpg

79.127.216.111

200 OK

118 kB

URL GET HTTP/2
image.tmdb.org/t/p/original/hlfu6g0h0D65SjkVhQBU20zePTl.jpg
IP
79.127.216.111:443
ASN
#60068 Datacamp Limited

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectimage.tmdb.org
FingerprintE9:19:C2:E8:45:3A:6E:B9:97:57:71:6E:D9:CA:E3:0A:3E:C6:DF:1B
ValidityTue, 19 Nov 2024 13:16:19 GMT - Mon, 17 Feb 2025 13:16:18 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3
Size
118 kB (118135 bytes)
Hash
6278eaa0556ed6f29c893ad9b78c73f0
7dedca7ec5f5d301d7012e9d214da9fea601f353
617a881a662b344426d67108a4f5f5be2703a82f27273d9fe451b8594f97e73a

HTTP Headers

GET /t/p/original/hlfu6g0h0D65SjkVhQBU20zePTl.jpg HTTP/1.1
Host: image.tmdb.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: image/jpeg
content-length: 118135
server: BunnyCDN-DE1-752
cdn-pullzone: 775336
cdn-uid: 29af4e0e-bcbd-4fcb-8635-74ddc38a1ebf
cdn-requestcountrycode: NO
cache-control: public, max-age=31919000
etag: "67520ee3-1cd77"
last-modified: Thu, 05 Dec 2024 20:36:51 GMT
cdn-storageserver: NY-346
cdn-requestpullsuccess: True
cdn-fileserver: 917
perma-cache: HIT
cdn-proxyver: 1.06
cdn-requestpullcode: 200
cdn-cachedat: 12/05/2024 20:43:47
cdn-edgestorageid: 874
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 3e5724e5a16542c7683041eb14d19f7b
cdn-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

juvenilesoftlysoda.com/9e5c403b4787cb47ad2331ecc029e98e/invoke.js

172.240.108.84

200 OK

11 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/9e5c403b4787cb47ad2331ecc029e98e/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (25144), with no line terminators
Size
11 kB (11307 bytes)
Hash
4b8f740d403fb42a51e96a9781554e8a
a4b14b8ec5e926873d60782ead274b96236ef523
286d60ac8d2302f4fca821240445c64f4ca302a1f7d7b550d8abff1088e32ab0

HTTP Headers

GET /9e5c403b4787cb47ad2331ecc029e98e/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a924e250ce8f75d5bbe239d4ee5f2175
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/8d445882e8fadd541fc9501fa6091abb/invoke.js

172.240.108.84

200 OK

11 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/8d445882e8fadd541fc9501fa6091abb/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (25160), with no line terminators
Size
11 kB (11326 bytes)
Hash
75071e8cdce9d35523249b59fd8cee47
9d27b5bab7006adbc0b09ae74e18749ff3af16a4
638d0812f06a45359b1f6a5021d8c7a0e22cbc27bf908c8be3c7d165914f267a

HTTP Headers

GET /8d445882e8fadd541fc9501fa6091abb/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e67a03916ff28499d4060455582c6558
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/bf44515d12a227a576c089440427038e/invoke.js

172.240.108.84

200 OK

9.4 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/bf44515d12a227a576c089440427038e/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (23579), with no line terminators
Size
9.4 kB (9436 bytes)
Hash
ddbd987c5141d18e205783b5313032b8
ce0608a6aebb552736fd74fa3225dd2f7bc14a22
225559b2fff5f6de1f8783cbdb7b7c9e0f36f7b396e49a78ad934fcdce24d18b

HTTP Headers

GET /bf44515d12a227a576c089440427038e/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: dd2a13283c0427023f7af90d768b3523
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/b7171462edb88ced22f73d8acf3224a8/invoke.js

172.240.108.84

200 OK

11 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/b7171462edb88ced22f73d8acf3224a8/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (25148), with no line terminators
Size
11 kB (11326 bytes)
Hash
8a3b65c51dd03d74c69b8c704b137846
0d43cd899e5c070bb721dea644c579b5e9c0ed21
cdcf69e1763f4979f7b07bfe4e91330d4a444eea54661d62519882e41e8effe2

HTTP Headers

GET /b7171462edb88ced22f73d8acf3224a8/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: deae9ddc530d763d5a6bb16c84895373
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/2fc1332690910ec8e8c77c6e0f7df472/invoke.js

172.240.108.84

200 OK

11 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/2fc1332690910ec8e8c77c6e0f7df472/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (25144), with no line terminators
Size
11 kB (11308 bytes)
Hash
a466469db79ae77166154f43e78ab142
b9dc74b185877d48363f828fb22d2bc918b69d24
ab5e237a38e23b097129b6a6a144e3298335e38fc14f29bf22e9b86067db1bf1

HTTP Headers

GET /2fc1332690910ec8e8c77c6e0f7df472/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1d760125a6a6db96229f7466e054bf63
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/15ccc2c03166b5f92e04d9786e483783/invoke.js

172.240.108.84

200 OK

11 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/15ccc2c03166b5f92e04d9786e483783/invoke.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (25132), with no line terminators
Size
11 kB (11316 bytes)
Hash
40fb6a3209deef05b0fa5562904b0193
5da50c00a78640a97bba53cc55978cb731cdf733
82a88b705e392fb1c1c6456b7c7d0513192cc81d82361fd7c3430cf2fadce9cb

HTTP Headers

GET /15ccc2c03166b5f92e04d9786e483783/invoke.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a74d11ff619bc011171b262a338c8c4f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/ec/bc/79/ecbc7931427da56bdc6d87cd541f745f.js

172.240.108.84

200 OK

17 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/ec/bc/79/ecbc7931427da56bdc6d87cd541f745f.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (46173), with no line terminators
Size
17 kB (16745 bytes)
Hash
65c7344c0c56e703bc913b995594a039
3bd0875350c92d4ed46b5c2d6a0b46144e123def
343550f3f43ea2800e9e51da510a8326897786045e8f8fd67aae6892bafa593f

HTTP Headers

GET /ec/bc/79/ecbc7931427da56bdc6d87cd541f745f.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: a1efa32b1ffdb51279514304235b3518
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

juvenilesoftlysoda.com/39/69/2d/39692d5f9533d43eeb962bb77e2faead.js

172.240.108.84

200 OK

34 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/39/69/2d/39692d5f9533d43eeb962bb77e2faead.js
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
34 kB (33896 bytes)
Hash
153eefc58171b8a881dcf95e2765919b
839d5cb86033a498ef69bfb0a309e1946d9c76fc
e55bfcee8a73c42e644262ded9b53ac00d2987a7b5afe51256a2fd5fd15ee3ee

HTTP Headers

GET /39/69/2d/39692d5f9533d43eeb962bb77e2faead.js HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: aafbb9b325e4b4728e4e2ef79c242693
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Dec 2024 18:54:18 GMT
expires: Sat, 20 Dec 2025 18:54:18 GMT
cache-control: public, max-age=31536000
age: 108171
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2

216.58.207.227

200 OK

33 kB

URL GET HTTP/2
fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 32796, version 1.0
Size
33 kB (32796 bytes)
Hash
b2a264e3e87b58b54b76483238805a40
169d6f17c82024fe0cfc2d19884a14dae2ec0bdb
f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929

HTTP Headers

GET /s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 32796
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Dec 2024 18:54:18 GMT
expires: Sat, 20 Dec 2025 18:54:18 GMT
cache-control: public, max-age=31536000
age: 108171
last-modified: Wed, 13 Sep 2023 22:41:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

site.cinem4.org/assets/v1/css/gsilvers.shuffle.css

104.21.32.167

200 OK

1.2 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/css/gsilvers.shuffle.css
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
ASCII text
Size
1.2 kB (1199 bytes)
Hash
7c7befdbab57d34b720afe94644e4a31
746f8d4c8371c9f8e98bcdce8c6b350d4cd5f077
19acc6be081e2d3e7eef3363824dc95aa8ec7b4e50beb9f5bfef08197c9c42de

HTTP Headers

GET /assets/v1/css/gsilvers.shuffle.css HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Thu, 26 Dec 2024 22:27:24 GMT
last-modified: Tue, 02 Aug 2022 07:44:48 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 181784
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9uPSd3DoLhWtzsnPlvXVnt5HPCnM4i4uNp6OJTDMNvXaP4jXNTogXUauu4SlVmRliLfzTTvHsWM7p5NdiNRrlmCk9eVMuTlC1dsXG8hwkKSv0I%2FbLAGB54Gb%2FWsjWh02iL0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f55b6956bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3069&min_rtt=1543&rtt_var=1668&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4090&recv_bytes=3053&delivery_rate=384755&cwnd=12000&unsent_bytes=0&cid=04ae631c22df374b&ts=196&x=1", cfExtPri, cfHdrFlush;dur=0

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
279c6f90008687ae7d0d80e9ddc11e6e
5b353e032e3077cca7402ff6a99dd6e0238de3b0
f40b2fee38cee42ff770c8d12ae9ce0c28ebb7b6ca3cfe58c40fa4afce66c3c7

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12:2:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
33aa3fcb8b29ef2f08bb5e70e24038d6
0e2d7472e3412ec70a59300d82d2b78d8e38e1f1
b99693a46a0f82bbb79722e00571aac73ec4933fb49fb603198fd3dd246f9956

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=b816c85d-569e-4489-9a96-c12c5859f383:1:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
45d608fca4b5ba0232be9652b824dfb0
a2fc57f689bf50f20cfd460678fcf604a9584e6f
2f0f5be8923af91d99c3b753bd127e39a22eb8b510644ef9a6b61dab48f6a94b

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=108d50ab-e6b7-40cf-af68-4a219e39a07e:3:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
0adeb8ebdaabb1829fefe1a51f9e1b43
df23825a00a58c5075f4a9531ae13f6417c78ed0
d3e722a4910f4e1e1b7925b9102de33dd1ca040cd6ea8d4892707109cf203d3c

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=ad8e6a5e-6774-43bf-970c-0e972b4278be:3:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
e13241576f4e2af6a3a17571c5a6eb23
93e5cf62180b5ef56e0eacacb1a5730c2f94e553
9d4d556da5cfb3d99c0e69c30e86428bfb6693530d5908f9f9b125490d2afc12

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=42a7e37a-558a-4bb2-9b11-6e887f9491db:1:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
3536e2b1cd01affaefefff8f5c62244f
d18091e1a07466103bbb7e7d68c004a9700b27e6
15ac4660d79b8b1649a5f57af9405b965267b61d0734ebd721cfc6b7283d5218

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f2693364b16128c1c7fbb60b8a5aa251
60f3526a97ad3214de1e7a1ef1894b9e4c5ae175
6a384e17dc1c622e9202d42209a58f7d520c4787c0dc6367ed266b3dc6cbcb91

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=2a49026c-b8d3-4722-a6e8-a20e424ebfc3:3:1; expires=Wed, 20 Dec 2034 00:57:09 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

site.cinem4.org/assets/v1/65676868.jpg

104.21.32.167

200 OK

84 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/65676868.jpg
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x600, components 3
Size
84 kB (83553 bytes)
Hash
4ae510929be5ddde427fd6b06974f278
8b662f19c801616c01aced9d38da657b2895a4b3
755666cd301a9c62cd905785ccbcdbd0b23bcde0512f36b963f1795c70043154

HTTP Headers

GET /assets/v1/65676868.jpg HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: image/jpeg
content-length: 83553
cache-control: public, max-age=604800
expires: Sun, 29 Dec 2024 00:57:09 GMT
last-modified: Fri, 03 Nov 2023 10:29:54 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: MISS
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EUShlWo3rCH7450vMj0xj%2F2XpjK84HtVnTDV0lW6DpDtRfc%2FlAfuXtUt5JddVkBUhLCppsrD3xBvdhWrlI0fsqUgfJ%2BUa4B2%2FHe3A%2FonVt1CR2cOnKn996GzyRVrXXYhYbM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c27f8ae4e56bf-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1821&min_rtt=660&rtt_var=992&sent=248&recv=21&lost=0&retrans=0&sent_bytes=280399&recv_bytes=5577&delivery_rate=27722832&cwnd=192000&unsent_bytes=0&cid=04ae631c22df374b&ts=1387&x=1", cfExtPri, cfHdrFlush;dur=0

proftrafficcounter.com/stats

18.198.223.149

200 OK

40 B

URL GET HTTP/2
proftrafficcounter.com/stats
IP
18.198.223.149:443
ASN
#16509 AMAZON-02

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerAmazon
Subjectproftrafficcounter.com
Fingerprint40:FD:DA:57:15:28:B1:29:02:3E:E6:2F:38:E5:11:E5:7F:DB:6B:40
ValidityMon, 21 Oct 2024 00:00:00 GMT - Thu, 20 Nov 2025 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
f2693364b16128c1c7fbb60b8a5aa251
60f3526a97ad3214de1e7a1ef1894b9e4c5ae175
6a384e17dc1c622e9202d42209a58f7d520c4787c0dc6367ed266b3dc6cbcb91

HTTP Headers

GET /stats HTTP/1.1
Host: proftrafficcounter.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: uid_id2=2a49026c-b8d3-4722-a6e8-a20e424ebfc3:3:1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://site.cinem4.org
vary: Origin
access-control-allow-credentials: true
X-Firefox-Spdy: h2

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b281dfe84d6e3af7cd52477640654a0d
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

recordedthereby.com/sfp.js

185.196.197.72

200 OK

85 kB

URL GET HTTP/1.1
recordedthereby.com/sfp.js
IP
185.196.197.72:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectrecordedthereby.com
FingerprintE0:09:99:E3:0E:A5:83:8D:96:1B:26:8A:2E:AC:12:98:C6:D3:E1:76
ValidityWed, 06 Nov 2024 14:09:18 GMT - Tue, 04 Feb 2025 14:09:17 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
85 kB (85378 bytes)
Hash
7e3e44049654b6e244c1777e68ffb8e7
8f2a8298666d607afd92a0baa362ef4dc9ccd039
4acac8b8ff23671d365150818f3c39bbbfa08b1a1842d73de5933e0fea26454b

HTTP Headers

GET /sfp.js HTTP/1.1
Host: recordedthereby.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:09 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 85378
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: recordedthereby.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: f7eeb4aec9cc46d1bc9762b88ebcde2e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

prudentperform.com/pixel/purst?dl=0&th=0&sc=0&rs=1844&rd=1844&fd=826&bv=24.12.6652&tmpl=70

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
prudentperform.com/pixel/purst?dl=0&th=0&sc=0&rs=1844&rd=1844&fd=826&bv=24.12.6652&tmpl=70
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectprudentperform.com
Fingerprint5F:2C:52:56:AB:BB:A1:02:1A:22:C4:E2:07:21:BA:64:31:E0:7F:9B
ValidityFri, 13 Dec 2024 21:29:39 GMT - Thu, 13 Mar 2025 21:29:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1844&rd=1844&fd=826&bv=24.12.6652&tmpl=70 HTTP/1.1
Host: prudentperform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Length: 0
Connection: keep-alive
Host: prudentperform.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

capaciousdrewreligion.com/advertisers.js

185.196.197.71

200 OK

0 B

URL GET HTTP/1.1
capaciousdrewreligion.com/advertisers.js
IP
185.196.197.71:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcapaciousdrewreligion.com
FingerprintD9:49:50:C3:1F:23:A3:E8:75:32:16:6A:76:DE:28:2B:93:73:31:80
ValiditySun, 03 Nov 2024 04:28:34 GMT - Sat, 01 Feb 2025 04:28:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: capaciousdrewreligion.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 99546f28e15fabaf904dbb2dcbf1a820
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

prudentperform.com/watch.1178190732870.js?key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
prudentperform.com/watch.1178190732870.js?key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectprudentperform.com
Fingerprint5F:2C:52:56:AB:BB:A1:02:1A:22:C4:E2:07:21:BA:64:31:E0:7F:9B
ValidityFri, 13 Dec 2024 21:29:39 GMT - Thu, 13 Mar 2025 21:29:38 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1178190732870.js?key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1 HTTP/1.1
Host: prudentperform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Location: https://prudentperform.com/watch.1178190732870.js?dev=e&key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=4029b0341ed12a437d16b7968fc1e28b3f3cc8ac25bce1a0654f60f7bcce3d9f7d76c40b3690d78f5db6ed68aa78e7cb8a709e5785405fe23911a244737f59cf3d1ac180bf9efc358abeb921e65e6d746f4f1380cef4ee1fa4b7&tz=0&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1
Set-Cookie: u_pl24261796=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc5NiwiayI6IjE1Y2NjMmMwMzE2NmI1ZjkyZTA0ZDk3ODZlNDgzNzgzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyNywicHQiOjQsInBrIjoiYno1dnJrMmNhaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.g3BIj7CtCr8hzGFf6urzgNwlrWXtC0fO9uegc1WOVdY; expires=Sun, 22 Dec 2024 00:58:10 GMT; path=/; secure; SameSite=None
Host: prudentperform.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 4bbc825bd586603878d7f3e5b8fd883e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

retortloudenvelope.com/watch.295031923945.js?key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1

172.240.127.234

307 Temporary Redirect

0 B

URL GET HTTP/1.1
retortloudenvelope.com/watch.295031923945.js?key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectretortloudenvelope.com
Fingerprint2C:FA:A7:9A:E2:BA:82:F4:45:BC:41:C0:A4:7F:89:2A:BC:7F:A3:2F
ValidityFri, 13 Dec 2024 21:33:34 GMT - Thu, 13 Mar 2025 21:33:33 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.295031923945.js?key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1 HTTP/1.1
Host: retortloudenvelope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Location: https://retortloudenvelope.com/watch.295031923945.js?dev=e&key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=25748f9616cd02fd57ace8537564f8ccc5f03b6f66f2c2b555479e6ed4157bbf47f0673dc84c3e20abbb4f3b14cefc1cde9d43125f62fc1cad46af2adce4316cbf39f9367bcf45433a7f5fdd78c647631b508bd201503d2b51f6&tz=0&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1
Set-Cookie: u_pl24261756=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc1NiwiayI6ImI3MTcxNDYyZWRiODhjZWQyMmY3M2Q4YWNmMzIyNGE4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2aWcxcmNkYWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaXRlLmNpbmVtNC5vcmcvcHQvbW92aWUvMTM1NzYzMy9yZWF3YWtlbmluZyIsImFyIjpbXX19.WzFCMN0bnarLf6zCAfqsVCahpZJsexP8FI3b5cFWUCc; expires=Sun, 22 Dec 2024 00:58:10 GMT; path=/; secure; SameSite=None
Host: retortloudenvelope.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 09e0c6733969ba144b1984a9b728b329
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

layerrepeatedlychancy.com/watch.1630061423865.js?key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1

172.240.108.84

307 Temporary Redirect

0 B

URL GET HTTP/1.1
layerrepeatedlychancy.com/watch.1630061423865.js?key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectlayerrepeatedlychancy.com
FingerprintFE:44:4F:64:E1:45:56:11:22:94:28:5D:5F:98:A1:E8:85:26:8C:88
ValidityFri, 13 Dec 2024 21:18:35 GMT - Thu, 13 Mar 2025 21:18:34 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1630061423865.js?key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1 HTTP/1.1
Host: layerrepeatedlychancy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Location: https://layerrepeatedlychancy.com/watch.1630061423865.js?dev=e&key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=c20f53aef246d0acb759cb34026a939b5fbedcb040a6849e2ad97fb9f2efe2107844df68dec99b07b6fe31a22572bdc73a467240c522d0d8dbb1f56bdb42f7cab5e32ce9a1d1728b301da4478265d0f615206f74898758bdf857&tz=0&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1
Set-Cookie: u_pl24926292=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDkyNjI5MiwiayI6IjhkNDQ1ODgyZThmYWRkNTQxZmM5NTAxZmE2MDkxYWJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoieDdzNWZnOXlkOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.O6I8ONwfNs-jopjaDkLvraneMxaWGWRmv3rH4PguOf0; expires=Sun, 22 Dec 2024 00:58:10 GMT; path=/; secure; SameSite=None
Host: layerrepeatedlychancy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 420ccda79f1e4c309ec40f38484686a5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

peanutrefusesplit.com/watch.1488876106291.js?key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/watch.1488876106291.js?key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1488876106291.js?key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Location: https://peanutrefusesplit.com/watch.1488876106291.js?dev=e&key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=753d0e1aff8195718b078c3cf839a27bead853bab92b9caf1d23cf0486f0395ef73cb80ffa23f3d228d9b733082f741b593e1bece68ad0ac92cc0985755185de20eb5a6de60edd917e3c5f1933c5b3a20c4ba508259a65c283ee&tz=0&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1
Set-Cookie: u_pl24261786=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc4NiwiayI6IjJmYzEzMzI2OTA5MTBlYzhlOGM3N2M2ZTBmN2RmNDcyIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyNiwicHQiOjQsInBrIjoicXFoZXhqdnQiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaXRlLmNpbmVtNC5vcmcvcHQvbW92aWUvMTM1NzYzMy9yZWF3YWtlbmluZyIsImFyIjpbXX19.aSMdP40CmMqyYitr1wD7VFvvL9w3nuUVhiUyPsdn1kY; expires=Sun, 22 Dec 2024 00:58:10 GMT; path=/; secure; SameSite=None
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1b949f9c67986074e7c1f98cc12aef9f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

peanutrefusesplit.com/watch.1418408918894.js?key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1

172.240.108.68

307 Temporary Redirect

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/watch.1418408918894.js?key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /watch.1418408918894.js?key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&tz=0&dev=e&res=14.2071&rb=&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 307 Temporary Redirect
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Location: https://peanutrefusesplit.com/watch.1418408918894.js?dev=e&key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=e0c71a46d70c3c498d829c268de87c93686cf703519391fbaf0c4f67a0fec8e85c44d27433a4f460758d33949564471c4939cdf00f0e8e5815b5d06d398a9c2890f94568a8d180a861375f2b2841d18c569195eb0849f9eebf1a&tz=0&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1
Set-Cookie: u_pl24261770=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; expires=Sun, 22 Dec 2024 00:58:10 GMT; path=/; secure; SameSite=None
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c3d6c55f4021adf0c690cf41559d143b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

juvenilesoftlysoda.com/sbar.json?key=ecbc7931427da56bdc6d87cd541f745f&uuid=108d50ab-e6b7-40cf-af68-4a219e39a07e%3A3%3A1

172.240.108.84

200 OK

8.0 kB

URL GET HTTP/1.1
juvenilesoftlysoda.com/sbar.json?key=ecbc7931427da56bdc6d87cd541f745f&uuid=108d50ab-e6b7-40cf-af68-4a219e39a07e%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectjuvenilesoftlysoda.com
Fingerprint94:9F:63:38:7F:60:A5:49:DD:02:1B:56:66:CE:CA:69:53:33:AC:17
ValidityMon, 25 Nov 2024 22:34:20 GMT - Sun, 23 Feb 2025 22:34:19 GMT

File type
JSON text data
Size
8.0 kB (7951 bytes)
Hash
1ba35e37f024d805ac1db4ab9b7e3e16
7e9f8e3ade777f836b742c3fcd4d12d07edb4af2
0452df0346a59206da920f9a93eedb4b052e25ebc806249836e95bfc18ef82de

HTTP Headers

GET /sbar.json?key=ecbc7931427da56bdc6d87cd541f745f&uuid=108d50ab-e6b7-40cf-af68-4a219e39a07e%3A3%3A1 HTTP/1.1
Host: juvenilesoftlysoda.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl24261752=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uid_id2=108d50ab-e6b7-40cf-af68-4a219e39a07e:3:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv29=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs29=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: juvenilesoftlysoda.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: da602e97201a05386a15880c1c53eb95
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

prudentperform.com/watch.1178190732870.js?dev=e&key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=4029b0341ed12a437d16b7968fc1e28b3f3cc8ac25bce1a0654f60f7bcce3d9f7d76c40b3690d78f5db6ed68aa78e7cb8a709e5785405fe23911a244737f59cf3d1ac180bf9efc358abeb921e65e6d746f4f1380cef4ee1fa4b7&tz=0&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1

172.240.108.68

200 OK

2.0 kB

URL GET HTTP/1.1
prudentperform.com/watch.1178190732870.js?dev=e&key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=4029b0341ed12a437d16b7968fc1e28b3f3cc8ac25bce1a0654f60f7bcce3d9f7d76c40b3690d78f5db6ed68aa78e7cb8a709e5785405fe23911a244737f59cf3d1ac180bf9efc358abeb921e65e6d746f4f1380cef4ee1fa4b7&tz=0&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectprudentperform.com
Fingerprint5F:2C:52:56:AB:BB:A1:02:1A:22:C4:E2:07:21:BA:64:31:E0:7F:9B
ValidityFri, 13 Dec 2024 21:29:39 GMT - Thu, 13 Mar 2025 21:29:38 GMT

File type
JavaScript source, ASCII text, with very long lines (2495)
Size
2.0 kB (2035 bytes)
Hash
e55c44a8540dda44f70fd8d5a5f7ecec
af8f48ad5823df83ec6dade60d368c3ce605128b
f81976f9b29f75d596295f97605e4b96af5f041fb50853b1ee69452e18dfa3cd

HTTP Headers

GET /watch.1178190732870.js?dev=e&key=15ccc2c03166b5f92e04d9786e483783&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=4029b0341ed12a437d16b7968fc1e28b3f3cc8ac25bce1a0654f60f7bcce3d9f7d76c40b3690d78f5db6ed68aa78e7cb8a709e5785405fe23911a244737f59cf3d1ac180bf9efc358abeb921e65e6d746f4f1380cef4ee1fa4b7&tz=0&uuid=42a7e37a-558a-4bb2-9b11-6e887f9491db%3A1%3A1 HTTP/1.1
Host: prudentperform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
Referer: https://site.cinem4.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl24261796=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc5NiwiayI6IjE1Y2NjMmMwMzE2NmI1ZjkyZTA0ZDk3ODZlNDgzNzgzIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyNywicHQiOjQsInBrIjoiYno1dnJrMmNhaSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.g3BIj7CtCr8hzGFf6urzgNwlrWXtC0fO9uegc1WOVdY
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=42a7e37a-558a-4bb2-9b11-6e887f9491db:1:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv27=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs27=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: prudentperform.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b74a2e062ff641e3009e980ab9ffbcdb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

whomcomposescientific.com/ntv.json?key=bf44515d12a227a576c089440427038e&vstc=4

192.243.61.227

200 OK

17 kB

URL GET HTTP/1.1
whomcomposescientific.com/ntv.json?key=bf44515d12a227a576c089440427038e&vstc=4
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectwhomcomposescientific.com
Fingerprint2F:F9:3C:21:EA:39:3E:16:DA:4E:D0:38:08:9F:8E:D1:C4:B5:03:0C
ValidityTue, 26 Nov 2024 08:13:56 GMT - Mon, 24 Feb 2025 08:13:55 GMT

File type
JSON text data
Size
17 kB (16835 bytes)
Hash
1674ddf53ee2a2812add933162d90303
afbf8839c5b08841263515865f3d12a914a09872
8d10f812ee4a9a178630c9bb9128f7d87daac36b2f004ecdfd3aada1e910e771

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ntv.json?key=bf44515d12a227a576c089440427038e&vstc=4 HTTP/1.1
Host: whomcomposescientific.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: application/json
Content-Length: 16835
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl24167093=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv49=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs49=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: whomcomposescientific.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 5afdc4da1e0ce1beb1f3eb1b9276e537
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

layerrepeatedlychancy.com/watch.1630061423865.js?dev=e&key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=c20f53aef246d0acb759cb34026a939b5fbedcb040a6849e2ad97fb9f2efe2107844df68dec99b07b6fe31a22572bdc73a467240c522d0d8dbb1f56bdb42f7cab5e32ce9a1d1728b301da4478265d0f615206f74898758bdf857&tz=0&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1

172.240.108.84

200 OK

2.0 kB

URL GET HTTP/1.1
layerrepeatedlychancy.com/watch.1630061423865.js?dev=e&key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=c20f53aef246d0acb759cb34026a939b5fbedcb040a6849e2ad97fb9f2efe2107844df68dec99b07b6fe31a22572bdc73a467240c522d0d8dbb1f56bdb42f7cab5e32ce9a1d1728b301da4478265d0f615206f74898758bdf857&tz=0&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1
IP
172.240.108.84:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectlayerrepeatedlychancy.com
FingerprintFE:44:4F:64:E1:45:56:11:22:94:28:5D:5F:98:A1:E8:85:26:8C:88
ValidityFri, 13 Dec 2024 21:18:35 GMT - Thu, 13 Mar 2025 21:18:34 GMT

File type
JavaScript source, ASCII text, with very long lines (2508)
Size
2.0 kB (2045 bytes)
Hash
48fc756bc2b72bae638c58d4509e5073
a389c422e5242a0bc2c64a2966960b1518f0a0a3
93f0c160d4729504a56a6d0794a7229bb924e9527c5776ff4d05ec5978bd7cea

HTTP Headers

GET /watch.1630061423865.js?dev=e&key=8d445882e8fadd541fc9501fa6091abb&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=c20f53aef246d0acb759cb34026a939b5fbedcb040a6849e2ad97fb9f2efe2107844df68dec99b07b6fe31a22572bdc73a467240c522d0d8dbb1f56bdb42f7cab5e32ce9a1d1728b301da4478265d0f615206f74898758bdf857&tz=0&uuid=ad8e6a5e-6774-43bf-970c-0e972b4278be%3A3%3A1 HTTP/1.1
Host: layerrepeatedlychancy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
Referer: https://site.cinem4.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl24926292=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDkyNjI5MiwiayI6IjhkNDQ1ODgyZThmYWRkNTQxZmM5NTAxZmE2MDkxYWJiIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjoyMywicHQiOjQsInBrIjoieDdzNWZnOXlkOSIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.O6I8ONwfNs-jopjaDkLvraneMxaWGWRmv3rH4PguOf0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=ad8e6a5e-6774-43bf-970c-0e972b4278be:3:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv23=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs23=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: layerrepeatedlychancy.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 1be4d594796b63053cab429c47269bb2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

retortloudenvelope.com/watch.295031923945.js?dev=e&key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=25748f9616cd02fd57ace8537564f8ccc5f03b6f66f2c2b555479e6ed4157bbf47f0673dc84c3e20abbb4f3b14cefc1cde9d43125f62fc1cad46af2adce4316cbf39f9367bcf45433a7f5fdd78c647631b508bd201503d2b51f6&tz=0&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1

172.240.127.234

200 OK

2.0 kB

URL GET HTTP/1.1
retortloudenvelope.com/watch.295031923945.js?dev=e&key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=25748f9616cd02fd57ace8537564f8ccc5f03b6f66f2c2b555479e6ed4157bbf47f0673dc84c3e20abbb4f3b14cefc1cde9d43125f62fc1cad46af2adce4316cbf39f9367bcf45433a7f5fdd78c647631b508bd201503d2b51f6&tz=0&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1
IP
172.240.127.234:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectretortloudenvelope.com
Fingerprint2C:FA:A7:9A:E2:BA:82:F4:45:BC:41:C0:A4:7F:89:2A:BC:7F:A3:2F
ValidityFri, 13 Dec 2024 21:33:34 GMT - Thu, 13 Mar 2025 21:33:33 GMT

File type
JavaScript source, ASCII text, with very long lines (2478)
Size
2.0 kB (2019 bytes)
Hash
f65987b668bb32b2c508c2aa90a68c4e
f25f79ec73c5196211ea3779b1a890d1f69907d7
9864825000ff80ed01983c561e337c4367ece8e357dea4f389c319ef462ec7b6

HTTP Headers

GET /watch.295031923945.js?dev=e&key=b7171462edb88ced22f73d8acf3224a8&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=25748f9616cd02fd57ace8537564f8ccc5f03b6f66f2c2b555479e6ed4157bbf47f0673dc84c3e20abbb4f3b14cefc1cde9d43125f62fc1cad46af2adce4316cbf39f9367bcf45433a7f5fdd78c647631b508bd201503d2b51f6&tz=0&uuid=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12%3A2%3A1 HTTP/1.1
Host: retortloudenvelope.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
Referer: https://site.cinem4.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl24261756=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc1NiwiayI6ImI3MTcxNDYyZWRiODhjZWQyMmY3M2Q4YWNmMzIyNGE4Iiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjo1LCJwdCI6NCwicGsiOiJ2aWcxcmNkYWoiLCJ0IjoxfSwidSI6eyJ1IjoxLCJhdSI6MSwiZCI6eyJpZCI6Nzk5NTQxOTYsImlkcyI6IiIsImljIjpmYWxzZSwibiI6IkRlc2t0b3AsRW11bGF0b3IiLCJ2IjoiVW5rbm93biIsIm0iOiJVbmtub3duIiwiZiI6MSwiZm4iOiJEZXNrdG9wIiwib2lkIjoxODExMCwib24iOiJMaW51eCIsIm92IjoiVW5rbm93biIsImJpZCI6MTE2NjcwLCJibiI6IkZpcmVmb3giLCJidiI6Ijk2LjAiLCJ3diI6ZmFsc2UsImUiOnRydWUsImFiIjpmYWxzZX0sImMiOnsiaWQiOjE2MiwiYyI6Ik5PIiwibiI6Ik5vcndheSJ9LCJhIjpmYWxzZSwiY3IiOnsibiI6IkJsaXggU29sdXRpb25zIn0sInhmIjoiIiwiaXhmIjpmYWxzZSwiaWd4ZiI6ZmFsc2UsInVwIjp0cnVlLCJyIjoiaHR0cHM6Ly9zaXRlLmNpbmVtNC5vcmcvcHQvbW92aWUvMTM1NzYzMy9yZWF3YWtlbmluZyIsImFyIjpbXX19.WzFCMN0bnarLf6zCAfqsVCahpZJsexP8FI3b5cFWUCc
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=d0ce90a2-5bf6-4f23-9ce2-5fc8b8ea1e12:2:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv5=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs5=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: retortloudenvelope.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 7dee618b880dedba23ec7d0e57d64adb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

peanutrefusesplit.com/watch.1488876106291.js?dev=e&key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=753d0e1aff8195718b078c3cf839a27bead853bab92b9caf1d23cf0486f0395ef73cb80ffa23f3d228d9b733082f741b593e1bece68ad0ac92cc0985755185de20eb5a6de60edd917e3c5f1933c5b3a20c4ba508259a65c283ee&tz=0&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1

172.240.108.68

200 OK

2.1 kB

URL GET HTTP/1.1
peanutrefusesplit.com/watch.1488876106291.js?dev=e&key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=753d0e1aff8195718b078c3cf839a27bead853bab92b9caf1d23cf0486f0395ef73cb80ffa23f3d228d9b733082f741b593e1bece68ad0ac92cc0985755185de20eb5a6de60edd917e3c5f1933c5b3a20c4ba508259a65c283ee&tz=0&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type
JavaScript source, ASCII text, with very long lines (2528)
Size
2.1 kB (2052 bytes)
Hash
c9157d7afd6fb9081518e8e80f2c1ae1
c39d9d78310ebe3627feb84fb7011d1998137db6
5fa8a41a8ac463d1c31c4bd55593f7b89a52b42deadd50bf49c5c9e9814c0771

HTTP Headers

GET /watch.1488876106291.js?dev=e&key=2fc1332690910ec8e8c77c6e0f7df472&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=753d0e1aff8195718b078c3cf839a27bead853bab92b9caf1d23cf0486f0395ef73cb80ffa23f3d228d9b733082f741b593e1bece68ad0ac92cc0985755185de20eb5a6de60edd917e3c5f1933c5b3a20c4ba508259a65c283ee&tz=0&uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
Referer: https://site.cinem4.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=2a49026c-b8d3-4722-a6e8-a20e424ebfc3:3:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv26=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs26=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 8258be7a73c46f507c8cd82a5d9c6f3b
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

peanutrefusesplit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuzoYf%2FPC0snoRYVAPCmbSPdPTPeMeFmOMBONm2XVZLyLVVdWTMtVdbVX39GROwYDscfATdJ5JNqiLfz6Ai3QWPCwIGfGQgzl61IOwZ5kxOPoe6n2f93kLnnre%2BuywuCBtFPR8%2FT09kkrR1U7Tbbz6geddb2zJtBg2ht3go8C%2F3jCDN3pB032t8Y5gu3q15Xqu67leY0MaEevh6oyEzB72vGbPbfqtptfxMTT%2FxbZwYKkDPrggz0Ly6fJj5xokq5Em364Lu5vr7PW3k0LRXBsM%2BMnddDfVZYpkUcbGQZyeXE5D27ONR9Dp8Vwu9OCfwUhOifPjI0TpyaVIRIOjuc5IQaSI%2BDMoBzWEqiFpDaYPIPkZARjHzW2kyYOb2pR072%2BWztgpWX76J2Q5Jcu%2FXkOafL2m5LBxR6silzq1GMYV5LCG7NfIilPkIweyPAXLP4XkP5HVp1tIk6NtqzQkP3%2FFc7u849JoRQRRuOK7LF6hcdBd8WnL64l2j7qhmBskZQ0Z11BiDGqvoLAOCumgiB0UmYOEnzeY53mhyxl1uz3G2jwUUcBdj4axRz036KJgszeMkWdjMDUGM%2FvIzD525Rim%2BAF2p4LlDmxOMOAVSkFQWoKSEpSSoMwJykF1zJVt2eoBV7aIvMvcusztaqLz%2FiE91nlfpATUjGF4dSSzT%2BwBWH5lMorthxMdW36YXZCrM1Md4w%2BxK84bgkUs7LU9vxVy2gkizgLeDRnv%2BF4c%2Bp0YVlaQdgnUOhjJKbkx%2Fh2ZnJLn%2F%2F8HInoKq07BpANavAhaVqA7FUbpN1bmoslkKhK%2FqU0fXFfI8mXke86huiAvzDd776UdCPaEXAaYqZCZCh%2FLxwR9dX9yW5fk6LYuLfluO8tlIkd0tvU7Oc3F%2F758V%2ByV2vDNdTv%2B4k02I2blw%2FeFzbdoymXat%2BSrNcm5MBvaMEG%2B37T3RHSrsDtrhUmLbOvWWxubSWaEtVKnNag8e7kFJqfk6i9359%2FZe45AmhqmqJAUC6VS12DZPmy26FlNYNQCR5mDsqgmphUtmkoSKLHANKpg%2F4WjRT0xdHabyurQ3kffLIHmB0iTCgNTYaAqUDWGLa5M8sw8ufFzex6I1NIkUmbpKFJGfT43eXb0YeV5I2y3XRr0Ol4YUhFGfqsbBx6ntOUHrSCgbeR22u%2Bz3%2F4KAAD%2F%2F20s0YmoBAAA

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
peanutrefusesplit.com/ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuzoYf%2FPC0snoRYVAPCmbSPdPTPeMeFmOMBONm2XVZLyLVVdWTMtVdbVX39GROwYDscfATdJ5JNqiLfz6Ai3QWPCwIGfGQgzl61IOwZ5kxOPoe6n2f93kLnnre%2BuywuCBtFPR8%2FT09kkrR1U7Tbbz6geddb2zJtBg2ht3go8C%2F3jCDN3pB032t8Y5gu3q15Xqu67leY0MaEevh6oyEzB72vGbPbfqtptfxMTT%2FxbZwYKkDPrggz0Ly6fJj5xokq5Em364Lu5vr7PW3k0LRXBsM%2BMnddDfVZYpkUcbGQZyeXE5D27ONR9Dp8Vwu9OCfwUhOifPjI0TpyaVIRIOjuc5IQaSI%2BDMoBzWEqiFpDaYPIPkZARjHzW2kyYOb2pR072%2BWztgpWX76J2Q5Jcu%2FXkOafL2m5LBxR6silzq1GMYV5LCG7NfIilPkIweyPAXLP4XkP5HVp1tIk6NtqzQkP3%2FFc7u849JoRQRRuOK7LF6hcdBd8WnL64l2j7qhmBskZQ0Z11BiDGqvoLAOCumgiB0UmYOEnzeY53mhyxl1uz3G2jwUUcBdj4axRz036KJgszeMkWdjMDUGM%2FvIzD525Rim%2BAF2p4LlDmxOMOAVSkFQWoKSEpSSoMwJykF1zJVt2eoBV7aIvMvcusztaqLz%2FiE91nlfpATUjGF4dSSzT%2BwBWH5lMorthxMdW36YXZCrM1Md4w%2BxK84bgkUs7LU9vxVy2gkizgLeDRnv%2BF4c%2Bp0YVlaQdgnUOhjJKbkx%2Fh2ZnJLn%2F%2F8HInoKq07BpANavAhaVqA7FUbpN1bmoslkKhK%2FqU0fXFfI8mXke86huiAvzDd776UdCPaEXAaYqZCZCh%2FLxwR9dX9yW5fk6LYuLfluO8tlIkd0tvU7Oc3F%2F758V%2ByV2vDNdTv%2B4k02I2blw%2FeFzbdoymXat%2BSrNcm5MBvaMEG%2B37T3RHSrsDtrhUmLbOvWWxubSWaEtVKnNag8e7kFJqfk6i9359%2FZe45AmhqmqJAUC6VS12DZPmy26FlNYNQCR5mDsqgmphUtmkoSKLHANKpg%2F4WjRT0xdHabyurQ3kffLIHmB0iTCgNTYaAqUDWGLa5M8sw8ufFzex6I1NIkUmbpKFJGfT43eXb0YeV5I2y3XRr0Ol4YUhFGfqsbBx6ntOUHrSCgbeR22u%2Bz3%2F4KAAD%2F%2F20s0YmoBAAA
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RST2skxRuuzoYf%2FPC0snoRYVAPCmbSPdPTPeMeFmOMBONm2XVZLyLVVdWTMtVdbVX39GROwYDscfATdJ5JNqiLfz6Ai3QWPCwIGfGQgzl61IOwZ5kxOPoe6n2f93kLnnre%2BuywuCBtFPR8%2FT09kkrR1U7Tbbz6geddb2zJtBg2ht3go8C%2F3jCDN3pB032t8Y5gu3q15Xqu67leY0MaEevh6oyEzB72vGbPbfqtptfxMTT%2FxbZwYKkDPrggz0Ly6fJj5xokq5Em364Lu5vr7PW3k0LRXBsM%2BMnddDfVZYpkUcbGQZyeXE5D27ONR9Dp8Vwu9OCfwUhOifPjI0TpyaVIRIOjuc5IQaSI%2BDMoBzWEqiFpDaYPIPkZARjHzW2kyYOb2pR072%2BWztgpWX76J2Q5Jcu%2FXkOafL2m5LBxR6silzq1GMYV5LCG7NfIilPkIweyPAXLP4XkP5HVp1tIk6NtqzQkP3%2FFc7u849JoRQRRuOK7LF6hcdBd8WnL64l2j7qhmBskZQ0Z11BiDGqvoLAOCumgiB0UmYOEnzeY53mhyxl1uz3G2jwUUcBdj4axRz036KJgszeMkWdjMDUGM%2FvIzD525Rim%2BAF2p4LlDmxOMOAVSkFQWoKSEpSSoMwJykF1zJVt2eoBV7aIvMvcusztaqLz%2FiE91nlfpATUjGF4dSSzT%2BwBWH5lMorthxMdW36YXZCrM1Md4w%2BxK84bgkUs7LU9vxVy2gkizgLeDRnv%2BF4c%2Bp0YVlaQdgnUOhjJKbkx%2Fh2ZnJLn%2F%2F8HInoKq07BpANavAhaVqA7FUbpN1bmoslkKhK%2FqU0fXFfI8mXke86huiAvzDd776UdCPaEXAaYqZCZCh%2FLxwR9dX9yW5fk6LYuLfluO8tlIkd0tvU7Oc3F%2F758V%2ByV2vDNdTv%2B4k02I2blw%2FeFzbdoymXat%2BSrNcm5MBvaMEG%2B37T3RHSrsDtrhUmLbOvWWxubSWaEtVKnNag8e7kFJqfk6i9359%2FZe45AmhqmqJAUC6VS12DZPmy26FlNYNQCR5mDsqgmphUtmkoSKLHANKpg%2F4WjRT0xdHabyurQ3kffLIHmB0iTCgNTYaAqUDWGLa5M8sw8ufFzex6I1NIkUmbpKFJGfT43eXb0YeV5I2y3XRr0Ol4YUhFGfqsbBx6ntOUHrSCgbeR22u%2Bz3%2F4KAAD%2F%2F20s0YmoBAAA HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: e0710fa40daf6b5a8ccb1005f4191192
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRSt1lFQT8qyFy%2BDJ4Vl0t0z0zPjCosxRoJxs2YVvYhUV9VMylR3tVXd05M5BQOyxzl40VPnTbJBXXb14NFFOgsiASFzy8F486iIsOxRegyOfij%2Bf%2F%2F9glfv16f72TlpIqNnK2%2FpsVSKLrUbbv3F9z3van1dxtmoPuoGHwatq3UzfLkXNNyX6m8Itq2XfNdzXc%2F16qvSiL4eLVUkZHKn5zV6bqPlN7x2CyPzf2wzB5Y64MNz8hwkn9UeOJcgWYk4%2BmZF2O1UJ1dejzJFU20w5EfvxtuxzmNEi7JvHPTjo4tpaHu6eh86PpzLhR7%2BOxjKGXF%2BvI8wProQiXB4MNcZKogYIX8G%2BbCEUCUkLcH0HiQ%2FJQDjuL6BOLp9XZuc7vzD0oqdkdrDvyDzGan9cglxdHdZyVH9plZZKnVsMeoXkKMSclAiyY6Rjh3I%2FBgs%2FQSS%2F0yWHq4jjg42rNKQvJi%2FXcoSsl9CiQmodZBVRzrI%2Bg6yxEHEz%2BrM87yOyxl1uz3GmrwjwoC7Hu30Peq5QRcZq%2BRNkCYTMDUBM7tIzC625QQm%2BwF2q4DlDmw6I87buxjyArkgyC1BTglySZCnBPmwOOTK%2Bra4zZXNQu8i%2Bxe5WUx1OtinhzodiJiAmgkMLw5k8rHdA0sfn4779oOp7lu%2Bn5yTZyvPnKT8DtvirB72W6221%2BaeT32%2FQ9udgLndXqvltvyO2%2BwKWFlA2sfmNozljFyb%2FI5Ezsjlp%2F5ASI9h1TGYdEAzDzQvQLcKjON7VqaiwWQsolZDmwG4LpCkNaQ7zr46J8%2FPF3cluAvBTshFgJkCiSnwkXxAMFC3pps6JwebOrfk240klZEc02qpN1Oaiie%2FelPs5NrwtRU7%2BfJVVhFVeecdYdN1GnMZDyz5ellyLsyqNkyQ79fseyK8kdmt5czEWbJ%2B47XVtSgxwlqp4xJUnm48ApMz8sSjF%2Ba%2F9fJmE9KUMFmBKFsolboES3Zhk0XPagKjFjhMHORZMTV%2BuGgqSaDEAtOwgP0PDhf11NDqNpXFvr2FgamBpnuIowJDU2CoClA1gc2enqaJObn20%2BdVfIFQ1aahMrWDUBn12dzkGXnl15MZWe%2F%2BWcF7sPKs3mk2XRr02l6nQ0UnbPndfuBxSv1W4AcBbSK1s8GA%2FfZ3AAAA%2F%2F%2FQuJUckQQAAA%3D%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRSt1lFQT8qyFy%2BDJ4Vl0t0z0zPjCosxRoJxs2YVvYhUV9VMylR3tVXd05M5BQOyxzl40VPnTbJBXXb14NFFOgsiASFzy8F486iIsOxRegyOfij%2Bf%2F%2F9glfv16f72TlpIqNnK2%2FpsVSKLrUbbv3F9z3van1dxtmoPuoGHwatq3UzfLkXNNyX6m8Itq2XfNdzXc%2F16qvSiL4eLVUkZHKn5zV6bqPlN7x2CyPzf2wzB5Y64MNz8hwkn9UeOJcgWYk4%2BmZF2O1UJ1dejzJFU20w5EfvxtuxzmNEi7JvHPTjo4tpaHu6eh86PpzLhR7%2BOxjKGXF%2BvI8wProQiXB4MNcZKogYIX8G%2BbCEUCUkLcH0HiQ%2FJQDjuL6BOLp9XZuc7vzD0oqdkdrDvyDzGan9cglxdHdZyVH9plZZKnVsMeoXkKMSclAiyY6Rjh3I%2FBgs%2FQSS%2F0yWHq4jjg42rNKQvJi%2FXcoSsl9CiQmodZBVRzrI%2Bg6yxEHEz%2BrM87yOyxl1uz3GmrwjwoC7Hu30Peq5QRcZq%2BRNkCYTMDUBM7tIzC625QQm%2BwF2q4DlDmw6I87buxjyArkgyC1BTglySZCnBPmwOOTK%2Bra4zZXNQu8i%2Bxe5WUx1OtinhzodiJiAmgkMLw5k8rHdA0sfn4779oOp7lu%2Bn5yTZyvPnKT8DtvirB72W6221%2BaeT32%2FQ9udgLndXqvltvyO2%2BwKWFlA2sfmNozljFyb%2FI5Ezsjlp%2F5ASI9h1TGYdEAzDzQvQLcKjON7VqaiwWQsolZDmwG4LpCkNaQ7zr46J8%2FPF3cluAvBTshFgJkCiSnwkXxAMFC3pps6JwebOrfk240klZEc02qpN1Oaiie%2FelPs5NrwtRU7%2BfJVVhFVeecdYdN1GnMZDyz5ellyLsyqNkyQ79fseyK8kdmt5czEWbJ%2B47XVtSgxwlqp4xJUnm48ApMz8sSjF%2Ba%2F9fJmE9KUMFmBKFsolboES3Zhk0XPagKjFjhMHORZMTV%2BuGgqSaDEAtOwgP0PDhf11NDqNpXFvr2FgamBpnuIowJDU2CoClA1gc2enqaJObn20%2BdVfIFQ1aahMrWDUBn12dzkGXnl15MZWe%2F%2BWcF7sPKs3mk2XRr02l6nQ0UnbPndfuBxSv1W4AcBbSK1s8GA%2FfZ3AAAA%2F%2F%2FQuJUckQQAAA%3D%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectwhomcomposescientific.com
Fingerprint2F:F9:3C:21:EA:39:3E:16:DA:4E:D0:38:08:9F:8E:D1:C4:B5:03:0C
ValidityTue, 26 Nov 2024 08:13:56 GMT - Mon, 24 Feb 2025 08:13:55 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRSt1lFQT8qyFy%2BDJ4Vl0t0z0zPjCosxRoJxs2YVvYhUV9VMylR3tVXd05M5BQOyxzl40VPnTbJBXXb14NFFOgsiASFzy8F486iIsOxRegyOfij%2Bf%2F%2F9glfv16f72TlpIqNnK2%2FpsVSKLrUbbv3F9z3van1dxtmoPuoGHwatq3UzfLkXNNyX6m8Itq2XfNdzXc%2F16qvSiL4eLVUkZHKn5zV6bqPlN7x2CyPzf2wzB5Y64MNz8hwkn9UeOJcgWYk4%2BmZF2O1UJ1dejzJFU20w5EfvxtuxzmNEi7JvHPTjo4tpaHu6eh86PpzLhR7%2BOxjKGXF%2BvI8wProQiXB4MNcZKogYIX8G%2BbCEUCUkLcH0HiQ%2FJQDjuL6BOLp9XZuc7vzD0oqdkdrDvyDzGan9cglxdHdZyVH9plZZKnVsMeoXkKMSclAiyY6Rjh3I%2FBgs%2FQSS%2F0yWHq4jjg42rNKQvJi%2FXcoSsl9CiQmodZBVRzrI%2Bg6yxEHEz%2BrM87yOyxl1uz3GmrwjwoC7Hu30Peq5QRcZq%2BRNkCYTMDUBM7tIzC625QQm%2BwF2q4DlDmw6I87buxjyArkgyC1BTglySZCnBPmwOOTK%2Bra4zZXNQu8i%2Bxe5WUx1OtinhzodiJiAmgkMLw5k8rHdA0sfn4779oOp7lu%2Bn5yTZyvPnKT8DtvirB72W6221%2BaeT32%2FQ9udgLndXqvltvyO2%2BwKWFlA2sfmNozljFyb%2FI5Ezsjlp%2F5ASI9h1TGYdEAzDzQvQLcKjON7VqaiwWQsolZDmwG4LpCkNaQ7zr46J8%2FPF3cluAvBTshFgJkCiSnwkXxAMFC3pps6JwebOrfk240klZEc02qpN1Oaiie%2FelPs5NrwtRU7%2BfJVVhFVeecdYdN1GnMZDyz5ellyLsyqNkyQ79fseyK8kdmt5czEWbJ%2B47XVtSgxwlqp4xJUnm48ApMz8sSjF%2Ba%2F9fJmE9KUMFmBKFsolboES3Zhk0XPagKjFjhMHORZMTV%2BuGgqSaDEAtOwgP0PDhf11NDqNpXFvr2FgamBpnuIowJDU2CoClA1gc2enqaJObn20%2BdVfIFQ1aahMrWDUBn12dzkGXnl15MZWe%2F%2BWcF7sPKs3mk2XRr02l6nQ0UnbPndfuBxSv1W4AcBbSK1s8GA%2FfZ3AAAA%2F%2F%2FQuJUckQQAAA%3D%3D HTTP/1.1
Host: whomcomposescientific.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24167093=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: whomcomposescientific.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ac205a81b0a97a65e31c34052b6975a2
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

peanutrefusesplit.com/watch.1418408918894.js?dev=e&key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=e0c71a46d70c3c498d829c268de87c93686cf703519391fbaf0c4f67a0fec8e85c44d27433a4f460758d33949564471c4939cdf00f0e8e5815b5d06d398a9c2890f94568a8d180a861375f2b2841d18c569195eb0849f9eebf1a&tz=0&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1

172.240.108.68

200 OK

2.1 kB

URL GET HTTP/1.1
peanutrefusesplit.com/watch.1418408918894.js?dev=e&key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=e0c71a46d70c3c498d829c268de87c93686cf703519391fbaf0c4f67a0fec8e85c44d27433a4f460758d33949564471c4939cdf00f0e8e5815b5d06d398a9c2890f94568a8d180a861375f2b2841d18c569195eb0849f9eebf1a&tz=0&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type
JavaScript source, ASCII text, with very long lines (2525)
Size
2.1 kB (2054 bytes)
Hash
0e59bbf2e02890d7bfac69b855bfcb4f
ff05a72bd85354a4bc4a0fe3e910e623b035ff75
f6f2ef79507406fb204f367615fbf15b71a2bf839928110b57a4290642929413

HTTP Headers

GET /watch.1418408918894.js?dev=e&key=9e5c403b4787cb47ad2331ecc029e98e&kw=%5B%22assista%22%2C%22%E4%BF%BA%E3%81%A0%E3%81%91%E3%83%AC%E3%83%99%E3%83%AB%E3%82%A2%E3%83%83%E3%83%97%E3%81%AA%E4%BB%B6%22%2C%22-reawakening-%22%2C%22full%22%2C%22movie%22%2C%22online%22%2C%22gr%C3%A1tis%22%5D&pst=1734829090&rb=&refer=https%3A%2F%2Fsite.cinem4.org%2Fpt%2Fmovie%2F1357633%2Freawakening&res=14.2071&rmtc=t&shu=e0c71a46d70c3c498d829c268de87c93686cf703519391fbaf0c4f67a0fec8e85c44d27433a4f460758d33949564471c4939cdf00f0e8e5815b5d06d398a9c2890f94568a8d180a861375f2b2841d18c569195eb0849f9eebf1a&tz=0&uuid=7719c7ae-1711-462c-967b-befb2ccea53e%3A3%3A1 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
Referer: https://site.cinem4.org/
DNT: 1
Connection: keep-alive
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://site.cinem4.org
Access-Control-Allow-Origin: https://site.cinem4.org
Access-Control-Allow-Credentials: true
Set-Cookie: uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; expires=Sun, 29 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
pdhtkv32=true; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
uncs32=1; expires=Mon, 23 Dec 2024 00:57:10 GMT; path=/; secure; SameSite=None
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 138abe909c17a223c02670c7fd0401cb
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStXgdB96QsXvQwR4Vl0t0z0zPjCosxRoJxs%2B4qehGprqqZlKnuaqu6pydzCgZkj3PwoqfOm2SDuuzqwaOLdBZEAkLmIORgPAgeFREWj9JjcNwPxf%2Fvv1%2Fw6v36eC87I01k9HTlDT2WStGldsOtP%2F%2Bu512pr8s4G9VH3eD9oHWlboYv9oKG%2B0L9NcG29JLveq7ruV59VRrR16OlioRM7vS8Rs9ttPyG125hZB7FNnNgqQM%2BPCNPQ%2FJZ7YFzCZKViKOvVoTdSnVy%2BdUoUzTVBkN%2B%2BHa8Fes8RrQo%2B8ZBPz48n4a2J6v3oeODuVzo4X%2BDoZwR5%2Fv7COPDc5EIh%2FtznaGCiBHyi8iHJYQqIWkJpnch%2BQkBGMe1DcTR7Wva5HT7X5ZW7IzUHv4Fmc9I7edLiKO7y0qO6je1ylKpY4tRv4AclZCDEkl2hHTsQOZHYOlHkPxHsvRwHXG0v2GVhuTF%2FO1SlpD9EkpMQK2DrDrSQdZ3kCUOIn5aZ57ndVzOqNvtMdbkHREG3PVop%2B9Rzw26yFglb4I0mYCpCZjZQWJ2sCUnMNl3sJsFLHdg0xlx3tzBkBfIBUFuCXJKkEuCPCXIh8UBV9a3xW2ubBZ659k%2Fz81iqtPBHj3Q6UDEBNRMYHixL5MP7S5Y%2Bth03LfvTXXf8r3kjDxVeeYk5TfYEqf1sN9qtb0293zq%2Bx3a7gTM7fZaLbfld9xmV8DKAtJemNswljNydfI7EjkjzzzxB0J6BKuOwKQDmnmgeQG6WWAc37MyFQ0mYxG1GtoMwHWBJK0h3Xb21Bl5dr64l345hmDH5DzATIHEFPhAPiAYqFvTGzon%2Bzd0bsnXG0kqIzmm1VJvpjQVj3%2FxutjOteFrK3by%2BcusIqryzlvCpus05jIeWPLlsuRcmFVtmCDfrtl3RHg9s5vLmYmzZP36K6trUWKEtVLHJag82fgbTM7Ixed%2Bnf%2FW%2Bk8c0pQwWYEoWyiVugRLdmCTRc9qAqMWOEwuIM%2BKqfHDRVNJAiUWmIYF7P9wuKinhla3qSz27C0MTA003UUcFRiaAkNVgKoJbPbkNE3M8dUfPq3iM4SqNg2Vqe2HyqhPZuRycHfu9Iysd%2F%2Bs4D1YeVrvNJsuDXptr9OhohO2%2FG4%2F8Dilfivwg4A2kdrZYMB%2B%2BycAAP%2F%2FChstf5EEAAA%3D

192.243.61.227

200 OK

7 B

URL GET HTTP/1.1
whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStXgdB96QsXvQwR4Vl0t0z0zPjCosxRoJxs%2B4qehGprqqZlKnuaqu6pydzCgZkj3PwoqfOm2SDuuzqwaOLdBZEAkLmIORgPAgeFREWj9JjcNwPxf%2Fvv1%2Fw6v36eC87I01k9HTlDT2WStGldsOtP%2F%2Bu512pr8s4G9VH3eD9oHWlboYv9oKG%2B0L9NcG29JLveq7ruV59VRrR16OlioRM7vS8Rs9ttPyG125hZB7FNnNgqQM%2BPCNPQ%2FJZ7YFzCZKViKOvVoTdSnVy%2BdUoUzTVBkN%2B%2BHa8Fes8RrQo%2B8ZBPz48n4a2J6v3oeODuVzo4X%2BDoZwR5%2Fv7COPDc5EIh%2FtznaGCiBHyi8iHJYQqIWkJpnch%2BQkBGMe1DcTR7Wva5HT7X5ZW7IzUHv4Fmc9I7edLiKO7y0qO6je1ylKpY4tRv4AclZCDEkl2hHTsQOZHYOlHkPxHsvRwHXG0v2GVhuTF%2FO1SlpD9EkpMQK2DrDrSQdZ3kCUOIn5aZ57ndVzOqNvtMdbkHREG3PVop%2B9Rzw26yFglb4I0mYCpCZjZQWJ2sCUnMNl3sJsFLHdg0xlx3tzBkBfIBUFuCXJKkEuCPCXIh8UBV9a3xW2ubBZ659k%2Fz81iqtPBHj3Q6UDEBNRMYHixL5MP7S5Y%2Bth03LfvTXXf8r3kjDxVeeYk5TfYEqf1sN9qtb0293zq%2Bx3a7gTM7fZaLbfld9xmV8DKAtJemNswljNydfI7EjkjzzzxB0J6BKuOwKQDmnmgeQG6WWAc37MyFQ0mYxG1GtoMwHWBJK0h3Xb21Bl5dr64l345hmDH5DzATIHEFPhAPiAYqFvTGzon%2Bzd0bsnXG0kqIzmm1VJvpjQVj3%2FxutjOteFrK3by%2BcusIqryzlvCpus05jIeWPLlsuRcmFVtmCDfrtl3RHg9s5vLmYmzZP36K6trUWKEtVLHJag82fgbTM7Ixed%2Bnf%2FW%2Bk8c0pQwWYEoWyiVugRLdmCTRc9qAqMWOEwuIM%2BKqfHDRVNJAiUWmIYF7P9wuKinhla3qSz27C0MTA003UUcFRiaAkNVgKoJbPbkNE3M8dUfPq3iM4SqNg2Vqe2HyqhPZuRycHfu9Iysd%2F%2Bs4D1YeVrvNJsuDXptr9OhohO2%2FG4%2F8Dilfivwg4A2kdrZYMB%2B%2BycAAP%2F%2FChstf5EEAAA%3D
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectwhomcomposescientific.com
Fingerprint2F:F9:3C:21:EA:39:3E:16:DA:4E:D0:38:08:9F:8E:D1:C4:B5:03:0C
ValidityTue, 26 Nov 2024 08:13:56 GMT - Mon, 24 Feb 2025 08:13:55 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRRStXgdB96QsXvQwR4Vl0t0z0zPjCosxRoJxs%2B4qehGprqqZlKnuaqu6pydzCgZkj3PwoqfOm2SDuuzqwaOLdBZEAkLmIORgPAgeFREWj9JjcNwPxf%2Fvv1%2Fw6v36eC87I01k9HTlDT2WStGldsOtP%2F%2Bu512pr8s4G9VH3eD9oHWlboYv9oKG%2B0L9NcG29JLveq7ruV59VRrR16OlioRM7vS8Rs9ttPyG125hZB7FNnNgqQM%2BPCNPQ%2FJZ7YFzCZKViKOvVoTdSnVy%2BdUoUzTVBkN%2B%2BHa8Fes8RrQo%2B8ZBPz48n4a2J6v3oeODuVzo4X%2BDoZwR5%2Fv7COPDc5EIh%2FtznaGCiBHyi8iHJYQqIWkJpnch%2BQkBGMe1DcTR7Wva5HT7X5ZW7IzUHv4Fmc9I7edLiKO7y0qO6je1ylKpY4tRv4AclZCDEkl2hHTsQOZHYOlHkPxHsvRwHXG0v2GVhuTF%2FO1SlpD9EkpMQK2DrDrSQdZ3kCUOIn5aZ57ndVzOqNvtMdbkHREG3PVop%2B9Rzw26yFglb4I0mYCpCZjZQWJ2sCUnMNl3sJsFLHdg0xlx3tzBkBfIBUFuCXJKkEuCPCXIh8UBV9a3xW2ubBZ659k%2Fz81iqtPBHj3Q6UDEBNRMYHixL5MP7S5Y%2Bth03LfvTXXf8r3kjDxVeeYk5TfYEqf1sN9qtb0293zq%2Bx3a7gTM7fZaLbfld9xmV8DKAtJemNswljNydfI7EjkjzzzxB0J6BKuOwKQDmnmgeQG6WWAc37MyFQ0mYxG1GtoMwHWBJK0h3Xb21Bl5dr64l345hmDH5DzATIHEFPhAPiAYqFvTGzon%2Bzd0bsnXG0kqIzmm1VJvpjQVj3%2FxutjOteFrK3by%2BcusIqryzlvCpus05jIeWPLlsuRcmFVtmCDfrtl3RHg9s5vLmYmzZP36K6trUWKEtVLHJag82fgbTM7Ixed%2Bnf%2FW%2Bk8c0pQwWYEoWyiVugRLdmCTRc9qAqMWOEwuIM%2BKqfHDRVNJAiUWmIYF7P9wuKinhla3qSz27C0MTA003UUcFRiaAkNVgKoJbPbkNE3M8dUfPq3iM4SqNg2Vqe2HyqhPZuRycHfu9Iysd%2F%2Bs4D1YeVrvNJsuDXptr9OhohO2%2FG4%2F8Dilfivwg4A2kdrZYMB%2B%2BycAAP%2F%2FChstf5EEAAA%3D HTTP/1.1
Host: whomcomposescientific.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24167093=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: whomcomposescientific.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: c97b8f33da5800331e3690a6a30d65a5
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.storageimagedisplay.com/cti/ba/d6/dc/bad6dc9672d9f51a0e8636de62878e04/1627974558.jpg

45.133.44.2

200 OK

27 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/ba/d6/dc/bad6dc9672d9f51a0e8636de62878e04/1627974558.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
27 kB (27363 bytes)
Hash
aaefda31ca4b0e20d613ff6c4380c8e7
369f9c690a1f90ee1053214e8e5f5430ca199cdf
dbc9b97617bb126beb7ee0f9fabac264ac934268a50a53a3d3401c0a04149260

HTTP Headers

GET /cti/ba/d6/dc/bad6dc9672d9f51a0e8636de62878e04/1627974558.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 27363
server: nginx/1.21.6
last-modified: Tue, 03 Aug 2021 07:09:27 GMT
etag: "6108eba7-6ae3"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/9b/d5/0f/9bd50fd5d4a02ba4e5d1f1bec6dca9f1/1708270587.jpg

45.133.44.2

200 OK

53 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/9b/d5/0f/9bd50fd5d4a02ba4e5d1f1bec6dca9f1/1708270587.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 15:43:07], progressive, precision 8, 468x60, components 3
Size
53 kB (53239 bytes)
Hash
034d0320b7ff0d6408e58a6012d2741c
fd0e4bf86e361ea981e81b9a227e0bcf2413a4fc
6a90dd44b2122e51af67ea778ceafcc1eee91bad6048c19d2de39f0399064cac

HTTP Headers

GET /cti/9b/d5/0f/9bd50fd5d4a02ba4e5d1f1bec6dca9f1/1708270587.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 53239
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:36:35 GMT
etag: "65d22403-cff7"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg

45.133.44.2

200 OK

16 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
16 kB (15967 bytes)
Hash
18824639d2c05601023e0c65c9254198
e3f92d3067c69e5d4ccf93b24b748b09f3302d98
804d0b21ee4a862f7b6417b643ffdbc5588f5c366eaac4ec7962a82bb9e38879

HTTP Headers

GET /cti/b4/6d/0e/b46d0e46cf213661b4798ed35e81643c/1627974582.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 15967
server: nginx/1.21.6
last-modified: Tue, 03 Aug 2021 07:09:50 GMT
etag: "6108ebbe-3e5f"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/fc/cd/67/fccd674daffa4a0e84c477b134260764/1708077973.jpg

45.133.44.2

200 OK

25 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/fc/cd/67/fccd674daffa4a0e84c477b134260764/1708077973.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
25 kB (25148 bytes)
Hash
2917b26bc8fe3756719270318c7651f7
6e1e3c5ef0e4d61f0da50e9636448b5412f09ed8
94837bce5866556eed57de8a45000965d488616e740e87ffd3d2ad9efe461e75

HTTP Headers

GET /cti/fc/cd/67/fccd674daffa4a0e84c477b134260764/1708077973.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 25148
server: nginx/1.21.6
last-modified: Fri, 16 Feb 2024 10:06:21 GMT
etag: "65cf339d-623c"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg

45.133.44.2

200 OK

79 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 14:58:01], progressive, precision 8, 728x90, components 3
Size
79 kB (79356 bytes)
Hash
55ed59e5d7a388b1e733a86d7b654fa4
b3316451e0932734d60d343bb2c3939d5dd3d983
805f37a36d50e7437b87cc31eb8287395f62034b1ba796285c73fd669f74cc4e

HTTP Headers

GET /cti/80/c6/99/80c6995878998246b6018519748dc7cd/1708270668.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 79356
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:37:56 GMT
etag: "65d22454-135fc"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/e8/07/fe/e807fe372abce8276539e9af5f84be2f/1675417797.jpeg

45.133.44.2

200 OK

27 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/e8/07/fe/e807fe372abce8276539e9af5f84be2f/1675417797.jpeg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 320x240, components 3
Size
27 kB (26715 bytes)
Hash
d0754bf1203b73f3dd4bcbb27280db2b
1bb54e92dad6a88fd5cc9a4f24b1ce35d4fffdad
610d800f3f58b7dd03eef071ac1c852caf2420321358b467ddda7e8537911359

HTTP Headers

GET /cti/e8/07/fe/e807fe372abce8276539e9af5f84be2f/1675417797.jpeg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 26715
server: nginx/1.21.6
last-modified: Fri, 03 Feb 2023 09:50:05 GMT
etag: "63dcd8cd-685b"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

site.cinem4.org/assets/v1/js/js.js

104.21.32.167

200 OK

210 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/js/js.js
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
210 kB (210538 bytes)
Hash
ae557976a61570a850e6b9e1de77e667
2a48828aa085dce014b82851b2cc5034ad9e5c52
99ec662ecfe312398708a1ce2aa752e806e6124de63b47181141f9c344242c89

HTTP Headers

GET /assets/v1/js/js.js HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/javascript
last-modified: Thu, 08 Aug 2019 00:41:34 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XadQTBYiFAVheWWkdvZaGFjUxMpIAkEnu10mjymd2y8AToE8xBnnzp2kfCA8ZGoeRwdFEfCfQkkH8xuIwp65wpKogJBj%2BRdxiNpTEI%2FlGxCFrKgPVcFUXK9be1phkU95qyg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f55b6756bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2344&min_rtt=660&rtt_var=1580&sent=49&recv=15&lost=0&retrans=0&sent_bytes=44415&recv_bytes=4618&delivery_rate=4142735&cwnd=48000&unsent_bytes=0&cid=04ae631c22df374b&ts=542&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.storageimagedisplay.com/cti/38/c4/d7/38c4d7a0aea5f4c6c0b51f9d847c61de/1708269703.jpg

45.133.44.2

200 OK

82 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/38/c4/d7/38c4d7a0aea5f4c6c0b51f9d847c61de/1708269703.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 13:35:08], progressive, precision 8, 160x300, components 3
Size
82 kB (81604 bytes)
Hash
ec14a719ad253ff69c77700bbd812725
f0783b77df0648f74152ed2ca4e94346f72b4090
7c1b57c7fea29be2850ab97b050dc581eb8e978a104349c3887650e414b99d12

HTTP Headers

GET /cti/38/c4/d7/38c4d7a0aea5f4c6c0b51f9d847c61de/1708269703.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 81604
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:21:52 GMT
etag: "65d22090-13ec4"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Findex.html&l=1947&fd=235

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Findex.html&l=1947&fd=235
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.show-sb.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Findex.html&l=1947&fd=235 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Length: 0
Connection: keep-alive
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

unseenreport.com/pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ecbc7931427da56bdc6d87cd541f745f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ecbc7931427da56bdc6d87cd541f745f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=ecbc7931427da56bdc6d87cd541f745f&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: b67377fcdd29c3b0829f194153ae5309
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=39692d5f9533d43eeb962bb77e2faead&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0

192.243.59.20

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=39692d5f9533d43eeb962bb77e2faead&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0
IP
192.243.59.20:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintB3:C3:D3:00:AB:EE:F9:2F:2C:9A:5D:74:A9:E1:4E:36:06:3F:B6:74
ValidityMon, 18 Nov 2024 22:38:22 GMT - Sun, 16 Feb 2025 22:38:21 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=2a49026c-b8d3-4722-a6e8-a20e424ebfc3&eb=978028c5053b26833423c7a069ce3bd5&te=5db3a4e34790624df926db520a13f79f&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A96.0)%20Gecko%2F20100101%20Firefox%2F96.0&dev=e&res=14.2071&b_frame=0&pk=39692d5f9533d43eeb962bb77e2faead&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=0 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Host: unseenreport.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 57f3230fe2dd098566d65c9755cb5a9e
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

fonts.googleapis.com/css?family=Muli:300,400,700,800

142.250.74.106

200 OK

510 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Muli:300,400,700,800
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
gzip compressed data, max compression
Size
510 B (510 bytes)
Hash
07e5efa3bbad93a6d60661d99feece39
c56c0f81345a0b84119d10f54bef2bb32b84d498
56f96bc203037c1f585737ffe958f2df91e6c9abfa0c24f031acf9a5f6367dca

HTTP Headers

GET /css?family=Muli:300,400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Dec 2024 00:57:08 GMT
date: Sun, 22 Dec 2024 00:57:08 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.storageimagedisplay.com/cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/1708270373.jpg

45.133.44.2

200 OK

38 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/1708270373.jpg
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 24.5 (Windows), datetime=2024:02:18 16:00:20], progressive, precision 8, 320x50, components 3
Size
38 kB (37503 bytes)
Hash
051cc133b2430a8f70f322cac7339c38
01fdfd9b95c35f86fbe8f10a2f85cb108e6e514c
f53bba61704138e18c9373a89b36aa4cfc03b9db23db3d944f32cc67a11bfcff

HTTP Headers

GET /cti/fb/2e/4c/fb2e4ceb25f9e8394e12c3d216df7b2e/1708270373.jpg HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/jpeg
content-length: 37503
server: nginx/1.21.6
last-modified: Sun, 18 Feb 2024 15:33:02 GMT
etag: "65d2232e-927f"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fnd%2BQT0pixcvc1RZJt09Mz0zrrAYYyQYN%2BuuoheR6qqaSZnqrraqe3oyF4MB2eMc9KCnzjfJBnXZ1YNHF%2BksiESEzC0H482jIsLiwYP0GBx9ULz3ve8VfPW9%2BmAvOyNNZPR05RU9lkrRpXbDrT%2F1puddrq%2FLOBvVR93g7aB1uW6Gz%2FaChvt0%2FSXBtvSS73qu67lefVUa0dejpYqETG73vEbPbbT8htduYWT%2Bi23mwFIHfHhGHofks9p95yIkKxFHX6wIu5Xq5NKLUaZoqg2G%2FPD1eCvWeYxoUfaNg358eD4NbU9W70HHB3O50MN%2FBkM5I8639xDGh%2BciEQ735zpDBREj5I8iH5YQqoSkJZjeheQnBGAcVzcQR7euapPT7b9ZWrEzUnvwO2Q%2BI7UfLyKO7iwrOarf0CpLpY4tRv0CclRCDkok2RHSsQOZH4Gl70PyH8jSg3XE0f6GVRqSF%2FO3S1lC9ksoMQG1DrLqSAdZ30GWOIj4aZ15ntdxOaNut8dYk3dEGHDXo52%2BRz036CJjlbwJ0mQCpiZgZgeJ2cGWnMBk38BuFrDcgU1nxHl1B0NeIBcEuSXIKUEuCfKUIB8WB1xZ3xa3uLJZ6J1n%2Fzw3i6lOB3v0QKcDERNQM4Hhxb5M3rW7YOmF6bhv35rqvuV7yRl5rPLMScqvsCVO62G%2F1Wp7be751Pc7tN0JmNvttVpuy%2B%2B4za6AlQWk%2Fd%2FchrGckSuTX5DIGXni4V8R0iNYdQQmHdDMA80L0M0C4%2FiulaloMBmLqNXQZgCuCyRpDem2s6fOyJPzxa13f4Ngx%2BQ8wEyBxBR4R94nGKib0%2Bs6J%2FvXdW7JlxtJKiM5ptVSb6Q0FQ999rLYzrXhayt28unzrCKq8vZrwqbrNOYyHljy%2BbLkXJhVbZggX6%2FZN0R4LbOby5mJs2T92gura1FihLVSxyWoPNn4A0zOyP%2F%2F%2FGj%2BW59573tIU8JkBaJsoVTqEizZgU0WPasJjFrgMLmAPCumxg8XTSUJlFhgGhaw%2F8Lhop4aWt2mstizNzEwNdB0F3FUYGgKDFUBqiaw2SPTNDHHV777uIpPEKraNFSmth8qoz6ckUvBnRl57qfjud0VvAsrT%2BudZtOlQa%2FtdTpUdMKW3%2B0HHqfUbwV%2BENAmUjsbDNjPfwUAAP%2F%2FKnq9hZEEAAA%3D

192.243.59.13

200 OK

7 B

URL GET HTTP/1.1
whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fnd%2BQT0pixcvc1RZJt09Mz0zrrAYYyQYN%2BuuoheR6qqaSZnqrraqe3oyF4MB2eMc9KCnzjfJBnXZ1YNHF%2BksiESEzC0H482jIsLiwYP0GBx9ULz3ve8VfPW9%2BmAvOyNNZPR05RU9lkrRpXbDrT%2F1puddrq%2FLOBvVR93g7aB1uW6Gz%2FaChvt0%2FSXBtvSS73qu67lefVUa0dejpYqETG73vEbPbbT8htduYWT%2Bi23mwFIHfHhGHofks9p95yIkKxFHX6wIu5Xq5NKLUaZoqg2G%2FPD1eCvWeYxoUfaNg358eD4NbU9W70HHB3O50MN%2FBkM5I8639xDGh%2BciEQ735zpDBREj5I8iH5YQqoSkJZjeheQnBGAcVzcQR7euapPT7b9ZWrEzUnvwO2Q%2BI7UfLyKO7iwrOarf0CpLpY4tRv0CclRCDkok2RHSsQOZH4Gl70PyH8jSg3XE0f6GVRqSF%2FO3S1lC9ksoMQG1DrLqSAdZ30GWOIj4aZ15ntdxOaNut8dYk3dEGHDXo52%2BRz036CJjlbwJ0mQCpiZgZgeJ2cGWnMBk38BuFrDcgU1nxHl1B0NeIBcEuSXIKUEuCfKUIB8WB1xZ3xa3uLJZ6J1n%2Fzw3i6lOB3v0QKcDERNQM4Hhxb5M3rW7YOmF6bhv35rqvuV7yRl5rPLMScqvsCVO62G%2F1Wp7be751Pc7tN0JmNvttVpuy%2B%2B4za6AlQWk%2Fd%2FchrGckSuTX5DIGXni4V8R0iNYdQQmHdDMA80L0M0C4%2FiulaloMBmLqNXQZgCuCyRpDem2s6fOyJPzxa13f4Ngx%2BQ8wEyBxBR4R94nGKib0%2Bs6J%2FvXdW7JlxtJKiM5ptVSb6Q0FQ999rLYzrXhayt28unzrCKq8vZrwqbrNOYyHljy%2BbLkXJhVbZggX6%2FZN0R4LbOby5mJs2T92gura1FihLVSxyWoPNn4A0zOyP%2F%2F%2FGj%2BW59573tIU8JkBaJsoVTqEizZgU0WPasJjFrgMLmAPCumxg8XTSUJlFhgGhaw%2F8Lhop4aWt2mstizNzEwNdB0F3FUYGgKDFUBqiaw2SPTNDHHV777uIpPEKraNFSmth8qoz6ckUvBnRl57qfjud0VvAsrT%2BudZtOlQa%2FtdTpUdMKW3%2B0HHqfUbwV%2BENAmUjsbDNjPfwUAAP%2F%2FKnq9hZEEAAA%3D
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectwhomcomposescientific.com
Fingerprint2F:F9:3C:21:EA:39:3E:16:DA:4E:D0:38:08:9F:8E:D1:C4:B5:03:0C
ValidityTue, 26 Nov 2024 08:13:56 GMT - Mon, 24 Feb 2025 08:13:55 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fnd%2BQT0pixcvc1RZJt09Mz0zrrAYYyQYN%2BuuoheR6qqaSZnqrraqe3oyF4MB2eMc9KCnzjfJBnXZ1YNHF%2BksiESEzC0H482jIsLiwYP0GBx9ULz3ve8VfPW9%2BmAvOyNNZPR05RU9lkrRpXbDrT%2F1puddrq%2FLOBvVR93g7aB1uW6Gz%2FaChvt0%2FSXBtvSS73qu67lefVUa0dejpYqETG73vEbPbbT8htduYWT%2Bi23mwFIHfHhGHofks9p95yIkKxFHX6wIu5Xq5NKLUaZoqg2G%2FPD1eCvWeYxoUfaNg358eD4NbU9W70HHB3O50MN%2FBkM5I8639xDGh%2BciEQ735zpDBREj5I8iH5YQqoSkJZjeheQnBGAcVzcQR7euapPT7b9ZWrEzUnvwO2Q%2BI7UfLyKO7iwrOarf0CpLpY4tRv0CclRCDkok2RHSsQOZH4Gl70PyH8jSg3XE0f6GVRqSF%2FO3S1lC9ksoMQG1DrLqSAdZ30GWOIj4aZ15ntdxOaNut8dYk3dEGHDXo52%2BRz036CJjlbwJ0mQCpiZgZgeJ2cGWnMBk38BuFrDcgU1nxHl1B0NeIBcEuSXIKUEuCfKUIB8WB1xZ3xa3uLJZ6J1n%2Fzw3i6lOB3v0QKcDERNQM4Hhxb5M3rW7YOmF6bhv35rqvuV7yRl5rPLMScqvsCVO62G%2F1Wp7be751Pc7tN0JmNvttVpuy%2B%2B4za6AlQWk%2Fd%2FchrGckSuTX5DIGXni4V8R0iNYdQQmHdDMA80L0M0C4%2FiulaloMBmLqNXQZgCuCyRpDem2s6fOyJPzxa13f4Ngx%2BQ8wEyBxBR4R94nGKib0%2Bs6J%2FvXdW7JlxtJKiM5ptVSb6Q0FQ999rLYzrXhayt28unzrCKq8vZrwqbrNOYyHljy%2BbLkXJhVbZggX6%2FZN0R4LbOby5mJs2T92gura1FihLVSxyWoPNn4A0zOyP%2F%2F%2FGj%2BW59573tIU8JkBaJsoVTqEizZgU0WPasJjFrgMLmAPCumxg8XTSUJlFhgGhaw%2F8Lhop4aWt2mstizNzEwNdB0F3FUYGgKDFUBqiaw2SPTNDHHV777uIpPEKraNFSmth8qoz6ckUvBnRl57qfjud0VvAsrT%2BudZtOlQa%2FtdTpUdMKW3%2B0HHqfUbwV%2BENAmUjsbDNjPfwUAAP%2F%2FKnq9hZEEAAA%3D HTTP/1.1
Host: whomcomposescientific.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24167093=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: whomcomposescientific.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: ca42fbb720b03e2258ede203ffa5a93f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/adobe_flash_player.png

172.67.133.15

200 OK

11 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/adobe_flash_player.png
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
PNG image data, 300 x 335, 8-bit colormap, non-interlaced
Size
11 kB (11265 bytes)
Hash
59a190081a9ee0dfce168033e73e6383
bd604cd88aa562d3363eebc4c403dc605db0eb42
844b46db74175f0108f5500b30ea887521893f2093c1e54066a94d69cc0bacaf

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/adobe_flash_player.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: image/png
content-length: 11265
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: "65aa8608-2c01"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1067908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1FapkHlbMhqma3QKHOvvTQTJCDlPWMVli7KQjynJkymJcCFsL6ydYdMDKpSGmE6sOddrd7BqDyrrmA5Z3x5nR2P9sTOhHzSmLozlw56fY2NJX1730SzR4Q8i%2BTR71G6Eh%2B3PX40re7XX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28048a8eb4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=618&min_rtt=446&rtt_var=289&sent=12&recv=17&lost=0&retrans=0&sent_bytes=4574&recv_bytes=1783&delivery_rate=6873417&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=210&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/send.png

172.67.133.15

200 OK

17 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/send.png
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
Size
17 kB (16894 bytes)
Hash
49d282404a58395fd8d033171b934c1f
c5fe08b3491fc9ab1cd577fd0566a60cfade8ba2
dafcb1f828c60041971b47d7ebeaebbb1cae72e32a0f2e729b9077910bfbfb67

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/send.png HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: image/png
content-length: 16894
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: "65aa8608-41fe"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1067908
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OTSmyU67peQt8z1bn3t6F0sMt9m%2F4W7dNI8Yc7Pd1T7MxDuMPspLgPJJ0Cow6rrESx3k1vDUVDX0htAgcspYnrsk1WjgFeyGAZGJSkeluauZlaJ%2FQns2cxCh8r5zYf7YmqRvPjtSrswr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28048a93b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=634&min_rtt=446&rtt_var=249&sent=23&recv=18&lost=0&retrans=0&sent_bytes=16555&recv_bytes=1783&delivery_rate=21322623&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=212&x=0"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

740 B

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint30:E5:7E:29:A5:A1:81:DB:C8:A8:49:80:67:40:12:AB:30:C0:34:8D
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
ASCII text
Size
740 B (740 bytes)
Hash
04fce85a4376ac7d4549b5401a08427f
4853a7df6ddd20a01810fc0d8eb88a74542c76e6
71cfdae69236a935151761b96b4f46b54f95be14372112e9b5c398eb87db1b3a

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 22 Dec 2024 00:57:11 GMT
date: Sun, 22 Dec 2024 00:57:11 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fcss%2Fstyle.css&l=3970&fd=741

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fcss%2Fstyle.css&l=3970&fd=741
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fcss%2Fstyle.css&l=3970&fd=741 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:11 GMT
Content-Length: 0
Connection: keep-alive
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fjs%2Fscript.js&l=5287&fd=441
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fjs%2Fscript.js&l=5287&fd=441 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:11 GMT
Content-Length: 0
Connection: keep-alive
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint40:A7:D7:D3:7D:FA:BE:34:C0:7E:6F:F7:9F:55:52:22:92:07:C7:EF
ValidityMon, 02 Dec 2024 08:36:58 GMT - Mon, 24 Feb 2025 08:36:57 GMT

File type
Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
Size
18 kB (18536 bytes)
Hash
8eff0b8045fd1959e117f85654ae7770
227fee13ceb7c410b5c0bb8000258b6643cb6255
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 20 Dec 2024 19:08:18 GMT
expires: Sat, 20 Dec 2025 19:08:18 GMT
cache-control: public, max-age=31536000
age: 107333
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

peanutrefusesplit.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzoYf%2FPC0snoRYVAPCmbSPdPz5R4WY4wE42bZdVkvIvXVkzLVXW1V9%2FRkTsGA7HHwL%2Bg8k2xQFz%2F%2BABfpLHhYEDLiIQdz9KgHYc8yY3D0PdT7Pu%2FzFjz1vPXZYX5Bmsjp%2Bfp7ZqS0pqutul979YMguF7bUkk%2BrA277Y%2Fa4fWaHbzRa9f912rvSL5rVht%2B4PuBH9Q2lJWRGa7OSKj0YS%2Bo9%2Fx62KgHrRBD%2B1%2Fscg%2BOehCDC%2FIslJguP%2FauQfEKSfztunS7mUlffzvONc2MxUCc3E12E1MkiBdlZD1EycnlNIw723gEkxzP5cIM%2Fhlkakq8Hx%2BBJSeXIsEGR3OdTEMmYOIZFIMKUldQtAI3B1DijABc4OY2kvjBTWMLuvc3S2fslCw%2F%2FROqmJLlX68hib9e02pYu2N0nimTOAyjEmpYQfUrpPkpspEHVZyCZ59CiZ%2FI6tMtJPHRttMGSpy%2FEvhd0fIpW5Ft1lkJfR6t0KjdXQlpI%2BjJZo%2F6HTk3SKkKKqqg5RjUXUHuPOTKQx55yFMPsTiv8SAIOr7g1O%2F2OG%2BKjmRt4Qe0EwU08Ntd5Hz2hjGydAyux%2BB2H6ndx64aw%2BY%2FwO2UcMKDywgGokQhCQpHUFCCQhEUGUExKI%2BFdg1XPhDa5Sy4zI3L3CwnJusf0mOT9WVCQO0YVpRHKv3EHYBnVyajyH04MZETh%2BkFuToz1bPhELvyvCY5451eMwgbHUFbbSZ4W3Q7XLTCIOqErQhOlVBuCdR5GKkpuTH%2BHamakuf%2F%2FwcYPYXTp%2BDKA81fBC1K0J0So%2BQbpzJZ5yqRcVg3tg9hSqTZMrI971BfkBfmm7330g4kf0IuA9yWSG2Jj9Vjgr6%2BP7ltCnJ02xSOfLedZipWIzrb%2Bp2MZvJ%2FX74r9wpjxea6G3%2FxJp8Rs%2FLh%2B9JlWzQRKuk78tWaEkLaDWO5JN9vunuS3crdzlpukzzduvXWxmacWumcMkkFqs5eboCrKbn6y935dw6eI1C2gs1LxPlCqTIVeLoPly56zhBYvcAs9VDk5cQ22KKpFYGWC0xZCfcvzBb1xNLZbarKQ3cffbsEmh0giUsMbImBLkH1GC6%2FMslS%2B%2BTGz815gOmlCdN26Yhpqz%2Bfmzw7%2BnDqvNb0RYfJSHaYDFthJLlgrRbzecRZU3S7HJmb9vv8t78CAAD%2F%2F%2B34BGGoBAAA

172.240.108.68

200 OK

7 B

URL GET HTTP/1.1
peanutrefusesplit.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzoYf%2FPC0snoRYVAPCmbSPdPz5R4WY4wE42bZdVkvIvXVkzLVXW1V9%2FRkTsGA7HHwL%2Bg8k2xQFz%2F%2BABfpLHhYEDLiIQdz9KgHYc8yY3D0PdT7Pu%2FzFjz1vPXZYX5Bmsjp%2Bfp7ZqS0pqutul979YMguF7bUkk%2BrA277Y%2Fa4fWaHbzRa9f912rvSL5rVht%2B4PuBH9Q2lJWRGa7OSKj0YS%2Bo9%2Fx62KgHrRBD%2B1%2Fscg%2BOehCDC%2FIslJguP%2FauQfEKSfztunS7mUlffzvONc2MxUCc3E12E1MkiBdlZD1EycnlNIw723gEkxzP5cIM%2Fhlkakq8Hx%2BBJSeXIsEGR3OdTEMmYOIZFIMKUldQtAI3B1DijABc4OY2kvjBTWMLuvc3S2fslCw%2F%2FROqmJLlX68hib9e02pYu2N0nimTOAyjEmpYQfUrpPkpspEHVZyCZ59CiZ%2FI6tMtJPHRttMGSpy%2FEvhd0fIpW5Ft1lkJfR6t0KjdXQlpI%2BjJZo%2F6HTk3SKkKKqqg5RjUXUHuPOTKQx55yFMPsTiv8SAIOr7g1O%2F2OG%2BKjmRt4Qe0EwU08Ntd5Hz2hjGydAyux%2BB2H6ndx64aw%2BY%2FwO2UcMKDywgGokQhCQpHUFCCQhEUGUExKI%2BFdg1XPhDa5Sy4zI3L3CwnJusf0mOT9WVCQO0YVpRHKv3EHYBnVyajyH04MZETh%2BkFuToz1bPhELvyvCY5451eMwgbHUFbbSZ4W3Q7XLTCIOqErQhOlVBuCdR5GKkpuTH%2BHamakuf%2F%2FwcYPYXTp%2BDKA81fBC1K0J0So%2BQbpzJZ5yqRcVg3tg9hSqTZMrI971BfkBfmm7330g4kf0IuA9yWSG2Jj9Vjgr6%2BP7ltCnJ02xSOfLedZipWIzrb%2Bp2MZvJ%2FX74r9wpjxea6G3%2FxJp8Rs%2FLh%2B9JlWzQRKuk78tWaEkLaDWO5JN9vunuS3crdzlpukzzduvXWxmacWumcMkkFqs5eboCrKbn6y935dw6eI1C2gs1LxPlCqTIVeLoPly56zhBYvcAs9VDk5cQ22KKpFYGWC0xZCfcvzBb1xNLZbarKQ3cffbsEmh0giUsMbImBLkH1GC6%2FMslS%2B%2BTGz815gOmlCdN26Yhpqz%2Bfmzw7%2BnDqvNb0RYfJSHaYDFthJLlgrRbzecRZU3S7HJmb9vv8t78CAAD%2F%2F%2B34BGGoBAAA
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSzWskxRuuzoYf%2FPC0snoRYVAPCmbSPdPz5R4WY4wE42bZdVkvIvXVkzLVXW1V9%2FRkTsGA7HHwL%2Bg8k2xQFz%2F%2BABfpLHhYEDLiIQdz9KgHYc8yY3D0PdT7Pu%2FzFjz1vPXZYX5Bmsjp%2Bfp7ZqS0pqutul979YMguF7bUkk%2BrA277Y%2Fa4fWaHbzRa9f912rvSL5rVht%2B4PuBH9Q2lJWRGa7OSKj0YS%2Bo9%2Fx62KgHrRBD%2B1%2Fscg%2BOehCDC%2FIslJguP%2FauQfEKSfztunS7mUlffzvONc2MxUCc3E12E1MkiBdlZD1EycnlNIw723gEkxzP5cIM%2Fhlkakq8Hx%2BBJSeXIsEGR3OdTEMmYOIZFIMKUldQtAI3B1DijABc4OY2kvjBTWMLuvc3S2fslCw%2F%2FROqmJLlX68hib9e02pYu2N0nimTOAyjEmpYQfUrpPkpspEHVZyCZ59CiZ%2FI6tMtJPHRttMGSpy%2FEvhd0fIpW5Ft1lkJfR6t0KjdXQlpI%2BjJZo%2F6HTk3SKkKKqqg5RjUXUHuPOTKQx55yFMPsTiv8SAIOr7g1O%2F2OG%2BKjmRt4Qe0EwU08Ntd5Hz2hjGydAyux%2BB2H6ndx64aw%2BY%2FwO2UcMKDywgGokQhCQpHUFCCQhEUGUExKI%2BFdg1XPhDa5Sy4zI3L3CwnJusf0mOT9WVCQO0YVpRHKv3EHYBnVyajyH04MZETh%2BkFuToz1bPhELvyvCY5451eMwgbHUFbbSZ4W3Q7XLTCIOqErQhOlVBuCdR5GKkpuTH%2BHamakuf%2F%2FwcYPYXTp%2BDKA81fBC1K0J0So%2BQbpzJZ5yqRcVg3tg9hSqTZMrI971BfkBfmm7330g4kf0IuA9yWSG2Jj9Vjgr6%2BP7ltCnJ02xSOfLedZipWIzrb%2Bp2MZvJ%2FX74r9wpjxea6G3%2FxJp8Rs%2FLh%2B9JlWzQRKuk78tWaEkLaDWO5JN9vunuS3crdzlpukzzduvXWxmacWumcMkkFqs5eboCrKbn6y935dw6eI1C2gs1LxPlCqTIVeLoPly56zhBYvcAs9VDk5cQ22KKpFYGWC0xZCfcvzBb1xNLZbarKQ3cffbsEmh0giUsMbImBLkH1GC6%2FMslS%2B%2BTGz815gOmlCdN26Yhpqz%2Bfmzw7%2BnDqvNb0RYfJSHaYDFthJLlgrRbzecRZU3S7HJmb9vv8t78CAAD%2F%2F%2B34BGGoBAAA HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 814c2920fe90d8fe817670f7a8967b2f
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/jquery.min.js

172.67.133.15

200 OK

33 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/jquery.min.js
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
JavaScript source, ASCII text, with very long lines (32025), with CRLF line terminators
Size
33 kB (33345 bytes)
Hash
6326c600df01e3bfb9b40e1aa08176f8
6b4fb754d29b297b539bf62ba9b4eaf0f33f314a
df34524351c5fabc921a89183b5da5667aebd7b9e9a1c52255c76ff722935ea3

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/jquery.min.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: W/"65aa8608-149a0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 1067908
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SrfBMfX%2FcpqM6VLm8KjyvkQ7WMObuspxT4KGxQ81vZrohteEOsRZHEhR7q8GZmZ1P9xB9zusKvvAodO4GdNgSa2bOZxcZv%2Bs6ZAskamMXW0RCWEFiaasz74jMBg1dlkU7QZqWcuslGbi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28048a98b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=643&min_rtt=446&rtt_var=184&sent=38&recv=20&lost=0&retrans=0&sent_bytes=34241&recv_bytes=1783&delivery_rate=27218045&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=219&x=0"
X-Firefox-Spdy: h2

randomuser.me/api/portraits/med/women/57.jpg

104.21.112.1

200 OK

3.4 kB

URL GET HTTP/2
randomuser.me/api/portraits/med/women/57.jpg
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectrandomuser.me
Fingerprint2A:F0:78:91:CB:94:57:3C:43:1C:05:94:B5:3E:24:7C:EE:47:75:6E
ValidityFri, 25 Oct 2024 06:45:32 GMT - Thu, 23 Jan 2025 06:45:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 72x72, components 3
Size
3.4 kB (3404 bytes)
Hash
8d673b85341abb4d6d7be65632cf38ae
d835e144fce354e74effba0155c77b6f838516be
6d6343f70795f83f60f6efb105182930c9144652f1aecfde388edd6188453dd5

HTTP Headers

GET /api/portraits/med/women/57.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:21 GMT
content-type: image/jpeg
content-length: 3404
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-d4c"
expires: Wed, 01 Jan 2025 08:23:21 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 876166
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FL6DSzk5A%2FeMDbH9z5xWSjmP53b8Hczo%2FQP3Sj4bIf4WvZamA5JibelyptjP765Xr%2Fu0dAWrJ1RLRDUFvY6I5u5VBt8Y6phIB%2FINvYUPOo4x54vNHpUsjpSX3aHLCQRi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c2842dac07128-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=728&min_rtt=564&rtt_var=311&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3280&recv_bytes=1213&delivery_rate=4601694&cwnd=253&unsent_bytes=0&cid=652cd46b032471b5&ts=25&x=0"
X-Firefox-Spdy: h2

randomuser.me/api/

104.21.112.1

200 OK

999 B

URL GET HTTP/2
randomuser.me/api/
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectrandomuser.me
Fingerprint2A:F0:78:91:CB:94:57:3C:43:1C:05:94:B5:3E:24:7C:EE:47:75:6E
ValidityFri, 25 Oct 2024 06:45:32 GMT - Thu, 23 Jan 2025 06:45:31 GMT

File type
gzip compressed data, from Unix
Size
999 B (999 bytes)
Hash
2ab36490a68c7d4f299b4fb7032fc1c1
ca0191e2af2a54ad3bb2447dc62f6441c93452d3
0d6bf76a1b4c13fdc82969a9745d1cb62e44045ef26bc071962ae9d0d0f852ae

HTTP Headers

GET /api/ HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:20 GMT
content-type: application/json; charset=utf-8
x-powered-by: Express
access-control-allow-origin: *
cache-control: no-cache
etag: W/"48f-P7Z3wkYZ9lGmy4849f9sbfCtUQw"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=15gNDeAYNEcf1Uw1T57CGRszdMqxYi5zYiGAIC%2BImbwcJXdcU%2BssnDlnN1pK3SP3%2Fc857WTECmNoAbzkdU36mWKaCWdCqJCoR1IaQJyJwCZmNdmcURr3e%2FMr%2BbitXJvo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c28415f4856c7-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=544&min_rtt=431&rtt_var=227&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3279&recv_bytes=1231&delivery_rate=8321839&cwnd=254&unsent_bytes=0&cid=5d7325007d50d41e&ts=165&x=0"
X-Firefox-Spdy: h2

easyengineering.net/wp-content/uploads/2018/04/pulse.gif

104.21.77.210

200 OK

53 kB

URL GET HTTP/2
easyengineering.net/wp-content/uploads/2018/04/pulse.gif
IP
104.21.77.210:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjecteasyengineering.net
FingerprintCC:D5:52:C1:35:47:A0:64:16:04:33:2F:C9:42:EB:9F:69:F4:7D:11
ValidityMon, 28 Oct 2024 16:41:25 GMT - Sun, 26 Jan 2025 16:41:24 GMT

File type
GIF image data, version 89a, 269 x 269
Size
53 kB (53401 bytes)
Hash
7758c8c1e64b32be5a25e438f371d046
956d0e372b8d209f3265c4f465e4d157bc693d8f
33142255b80ecf819425eeb6da3bc2b15859c096f9542cfb6051065a4ca8b3f6

HTTP Headers

GET /wp-content/uploads/2018/04/pulse.gif HTTP/1.1
Host: easyengineering.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:21 GMT
content-type: image/gif
content-length: 53401
last-modified: Thu, 19 Jan 2023 18:31:04 GMT
etag: "63c98c68-d099"
x-powered-by: WordOps
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
access-control-allow-origin: *
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT
cf-cache-status: HIT
age: 3272592
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NZLij8dZA4wg5csl8AGva49EuD0Wm%2BnTh8BWmO0ZqdLJ1hfR%2BuNHZ2XMcZD7xq4Pc5ySxS8d1g1C2MVB4WdlyRUZo1MNJREoYcKM6QUfb6KLzrPmlunJw9av4uFfosyWwP3InOh5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28431e0656a4-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=2085&min_rtt=780&rtt_var=541&sent=6&recv=10&lost=0&retrans=0&sent_bytes=3277&recv_bytes=1226&delivery_rate=1868387&cwnd=253&unsent_bytes=0&cid=c8234b4ebc9269eb&ts=33&x=0"
X-Firefox-Spdy: h2

randomuser.me/api/portraits/med/women/84.jpg

104.21.112.1

200 OK

3.1 kB

URL GET HTTP/3
randomuser.me/api/portraits/med/women/84.jpg
IP
104.21.112.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectrandomuser.me
Fingerprint2A:F0:78:91:CB:94:57:3C:43:1C:05:94:B5:3E:24:7C:EE:47:75:6E
ValidityFri, 25 Oct 2024 06:45:32 GMT - Thu, 23 Jan 2025 06:45:31 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 72x72, components 3
Size
3.1 kB (3108 bytes)
Hash
e931f5370b8c4354199b25bc18648ef9
158c2c8626f58a63f15f6fae0609a1daa986fc15
9142f0741ead9f865ade5f09ea9e8acad68330982f75dc574f3905bf1e04a6eb

HTTP Headers

GET /api/portraits/med/women/84.jpg HTTP/1.1
Host: randomuser.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:29 GMT
content-type: image/jpeg
content-length: 3108
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GHMHra50g2gKhBdCkrNGV1fDT0UBFjYqujG0b9e6E7uH4%2FdcYft4URHeUVf72hyoaGiRo6kg8rKcWLoCgFH5AP1S0Axwe9otZUu%2B8pKuK%2BIYU2PBNBc6DvBz81CHb46W"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 05 Jul 2022 00:27:53 GMT
etag: "62c38589-c24"
expires: Tue, 10 Dec 2024 06:16:25 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2572542
accept-ranges: bytes
cf-ray: 8f5c287a48727128-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/close.svg

172.67.133.15

200 OK

1.3 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/close.svg
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
SVG Scalable Vector Graphics image
Size
1.3 kB (1279 bytes)
Hash
06b58be66025256a4e1785c478b1aeac
aa55ba2feb6939c89f013c53818fa5575d050ae7
3817611e4087897cd053caf3ca74fa333cba3631976499a735497b1eae133b78

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/img/close.svg HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: image/svg+xml
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: W/"65aa8608-4ff"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 84799
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=69Ula7Md%2BQboMPSoE8l8yKYSQPJKw8hgOg4a8EMaK6ahTRkZki3d4vVqX93huTkgQFEKTV5NuuaehQ%2FkrUw83X5Jw%2F8MINoqj3IviorvI7gZ%2Fx9pRSptbfACdJX3qoJn4x9I2KTa1cL1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28047a8cb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=550&min_rtt=446&rtt_var=206&sent=9&recv=15&lost=0&retrans=0&sent_bytes=3219&recv_bytes=1654&delivery_rate=6873417&cwnd=239&unsent_bytes=0&cid=06b309132ca40dd2&ts=208&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/style.css

172.67.133.15

200 OK

4.0 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/style.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
ASCII text, with very long lines (4210), with no line terminators
Size
4.0 kB (3970 bytes)
Hash
c736b736a3eda80f9d17ce9bb7f892ac
84de4bc57728522f6e2f9e0538810c2e43e4e633
8b963a3ac725568d35cb0f53b3ab9a0b6a2d538feeb2190db497f4902b772dd4

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/style.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: W/"65aa8608-f82"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ut8Id%2FXV6sodCFbJy6%2BcJBIEA4W0LUavKNjjAuoTqxbsbcNGUX8UAhaMUqFlADRiXzy8DbooBlPzmjRJLLGLM3zcX%2BoRJa4QVN0yX4YakW3f0XzA60Gn3ZNjMJO6GB47zh59a0h3QdT7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28044a5eb4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=723&min_rtt=446&rtt_var=170&sent=69&recv=28&lost=0&retrans=0&sent_bytes=71151&recv_bytes=1904&delivery_rate=36351464&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=635&x=0"
X-Firefox-Spdy: h2

site.cinem4.org/favicon.ico

104.21.32.167

200 OK

1.2 kB

URL GET HTTP/3
site.cinem4.org/favicon.ico
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel
Size
1.2 kB (1150 bytes)
Hash
67025a9056fc84aec31bdc9482134a51
67a67b9d8c6feb849fd7f4fbfc4613cc2d99b75c
f7242e3cd67fb8a4899a63465b1d1ee666a94be3efc9aae316525a9bdd89e9af

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D; dom3ic8zudi28v8lr6fgphwffqoz0j6c=2a49026c-b8d3-4722-a6e8-a20e424ebfc3%3A3%3A1; pp_main_39692d5f9533d43eeb962bb77e2faead=1; sb_main_ecbc7931427da56bdc6d87cd541f745f=1; sb_count_ecbc7931427da56bdc6d87cd541f745f=1; pbpr0tpuw4isk85t8yg3jb2lj5vqf=juvenilesoftlysoda.com; m5a4xojbcp2nx3gptmm633qal3gzmadn=whomcomposescientific.com
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: image/x-icon
cache-control: public, max-age=604800
expires: Sun, 22 Dec 2024 20:25:06 GMT
last-modified: Sat, 18 Nov 2023 22:02:58 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 534725
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3TyGHBKp8Tf2t4B4Zh89oH61otpRdTnGn6stpRYELPRtX2kfkMF6Gu0EzXHYthAelLoEs5OtrruFl7CGzzA%2BhkkJ6ANb6Bzbk1H%2Fk1nEL4zHiptiHUgPZYTO2GnjKnmV9EY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28083b3556bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1891&min_rtt=660&rtt_var=885&sent=321&recv=23&lost=0&retrans=0&sent_bytes=366771&recv_bytes=6583&delivery_rate=128806&cwnd=192000&unsent_bytes=0&cid=04ae631c22df374b&ts=3221&x=1", cfExtPri, cfHdrFlush;dur=0

site.cinem4.org/assets/v1/js/gs.js

104.21.32.167

200 OK

1.5 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/js/gs.js
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
JavaScript source, ASCII text, with very long lines (1600), with no line terminators
Size
1.5 kB (1539 bytes)
Hash
4226e644e59ab1a25ff18b66d0283d62
ebb09ab075ebc9aea5c37a1da12ad743169d110e
818486d79210dbcf4dac6c0a8cd65f5fe0599ac325c6c62decf944964b729bf8

HTTP Headers

GET /assets/v1/js/gs.js HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/javascript
last-modified: Tue, 02 Aug 2022 06:55:38 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=243so7uWNRpYeLs%2BHWJeRZnF1MxY%2B%2BjBl%2FKavK45ktXwkBEFSuWiWJ0D5u6Q4mbK%2BizBNf0HcYsQro9kdNzr5tpyhTXT%2Beq3ItXS%2BpnIoJxmMjWLJg0FMhQcUdbjJ%2B8RTl0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f56b7456bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2123&min_rtt=660&rtt_var=1284&sent=128&recv=17&lost=0&retrans=0&sent_bytes=139169&recv_bytes=4709&delivery_rate=28968338&cwnd=96000&unsent_bytes=0&cid=04ae631c22df374b&ts=547&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/animate.css

172.67.133.15

200 OK

79 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/animate.css
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
ASCII text
Size
79 kB (78689 bytes)
Hash
3d4123dbfb33d27a5cfdfcfa91df6783
e7d0eeeec54b848f0bc3da8685fa3bc88429d660
cb7d1393b65701b2f97d8da244c2c6023e9cbc3463ecb0136b915cfc775c6887

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/css/animate.css HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: text/css
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: W/"65aa8608-13361"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JR2%2FIk8cT9JBCb%2BctMz%2BEwUqNlGPtF%2F36Vtqs2YeNiAnT8Ckoq%2Bs7UuAK53oAgMMkM9ngaFF%2BV5UXJRu2nQpHoGfhPAGl66DP624ZSXKqt7oqZC8P2bwbZHt14xR%2B297wX8krZz2xPyJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28043a57b4fa-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=659&min_rtt=446&rtt_var=125&sent=63&recv=25&lost=0&retrans=0&sent_bytes=65740&recv_bytes=1904&delivery_rate=36351464&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=629&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/3db27005e3.js

172.67.142.245

200 OK

9.5 kB

URL GET HTTP/2
use.fontawesome.com/3db27005e3.js
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (9731), with no line terminators
Size
9.5 kB (9496 bytes)
Hash
aaf3ec5ce652d94ca41db59d56323b5b
3265fcbea623887efe331275b4bddf266bddf03a
fe127b665460353e2b450cbb6e52a65af49dfcf2f4bbaec446b4235060f82556

HTTP Headers

GET /3db27005e3.js HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/javascript
etag: W/"98736d79a2579e922ebb12be517eea2a"
last-modified: Fri, 22 Sep 2023 00:35:35 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 5774
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FWo0hz87juiTs%2Bz336LZneAZcGTyFDU4p7cIxx1%2BJwQhJbaHbYCECOnphzKiKTtZ7hF9ZKzWElQztTt%2FY%2FW%2FqbBpcqVPVhXwJkh5M8%2FJSUexf7cof%2Fp36GIVWz4TyopMjO7%2FI%2Ftf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f56b0b5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1394&min_rtt=472&rtt_var=1860&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3275&recv_bytes=1292&delivery_rate=7325463&cwnd=254&unsent_bytes=0&cid=2393f8392969cd3f&ts=37&x=0"
X-Firefox-Spdy: h2

cdn.show-sb.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/index.html

172.67.170.115

200 OK

2.0 kB

URL GET HTTP/2
cdn.show-sb.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/index.html
IP
172.67.170.115:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectshow-sb.com
Fingerprint3C:A5:E1:7B:2D:A7:39:E4:57:14:B9:37:8B:15:0F:75:62:48:17:1A
ValidityMon, 16 Dec 2024 21:27:23 GMT - Sun, 16 Mar 2025 22:25:53 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2065), with no line terminators
Size
2.0 kB (1951 bytes)
Hash
b407847f675ff08b89f8b9f1d37c473a
4cf7c1c7a6047c4c4d1c9fae38faa684f526f279
e331c706141ae18ac6f69d1dcda178aaee18c3bdf3d9b219771b910d247041e5

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/index.html HTTP/1.1
Host: cdn.show-sb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: text/html
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTS7%2BMWojsA3DXlsdc8SrTBJm7D4dB7dbvcawPrh6Vi1QX85QU9z1GLHSwumNEgTFchkvD%2FthCVYjCqMOp73C89Gb9mE0iUeO2kle43%2BQeeYMtly5UKIIE7kf4N7gR01ENc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c28011b9ab4eb-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=565&min_rtt=458&rtt_var=216&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3270&recv_bytes=1252&delivery_rate=7040518&cwnd=254&unsent_bytes=0&cid=91a617afd92d2287&ts=153&x=0"
X-Firefox-Spdy: h2

cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/script.js

172.67.133.15

200 OK

6.1 kB

URL GET HTTP/2
cdn.creative-stat1.com/sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/script.js
IP
172.67.133.15:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcreative-stat1.com
FingerprintA5:93:3C:16:BF:CC:79:91:37:A7:7D:E8:8B:8D:A8:B3:FD:F9:5E:DB
ValidityMon, 16 Dec 2024 18:24:51 GMT - Sun, 16 Mar 2025 19:23:03 GMT

File type
Unicode text, UTF-8 text, with very long lines (5704), with no line terminators
Size
6.1 kB (6083 bytes)
Hash
f4113a12e7d99b8a787c6d9ecb57efc2
c4f4ff86fea6dd5d3e0ab65d06fb9dc6fecde21a
54296ad6cbed5582f4f9e17fb3c999d6c5da75a20e81535bb7409273a7237ba1

HTTP Headers

GET /sb/notifications/dating/whatsapp/multi/windows/whatsapp-message/js/script.js HTTP/1.1
Host: cdn.creative-stat1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:11 GMT
content-type: application/javascript
last-modified: Fri, 19 Jan 2024 14:24:08 GMT
etag: W/"65aa8608-17c3"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qdIGx%2FSyZMGEfZVfb%2FM2JXg2%2FXbTQP7t3RzcpStAcqmjmvrluhe2Z7zc8pOluKFzcg9WwhsYMn1exGlD5iTNF3TwAXNy%2BsZQ9rqDdHtj%2F8m62X9sKW19yIr8dLUFwM%2Bhh2NkLnepr0B7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8f5c28057b1bb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6082&min_rtt=446&rtt_var=10897&sent=72&recv=30&lost=0&retrans=0&sent_bytes=73044&recv_bytes=1904&delivery_rate=36351464&cwnd=242&unsent_bytes=0&cid=06b309132ca40dd2&ts=790&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2

172.67.142.245

200 OK

77 kB

URL GET HTTP/2
use.fontawesome.com/releases/v4.7.0/fonts/fontawesome-webfont.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /releases/v4.7.0/fonts/fontawesome-webfont.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://site.cinem4.org
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: application/font-woff2
content-length: 77160
access-control-allow-origin: *
cache-control: max-age=31556926
etag: "af7ae505a9eed503f8b8e6982036873e"
last-modified: Fri, 22 Sep 2023 01:44:05 GMT
vary: Origin, Accept-Encoding
cf-cache-status: HIT
age: 534724
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cuxBl7if0Bq%2BCOebtjRGm2ZhvyL6gsL5tkh83z5LWC%2FBhRvRcOI3geCisub8OqWmzmh4Qmef%2FPKCCQnoZ6e01hOfkX7VwwrJ72N2NowNa0iQsVfRx%2FQAi6zvFKPjkGAqXlsNZmTw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f65c5f5699-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1082&min_rtt=472&rtt_var=981&sent=19&recv=17&lost=0&retrans=0&sent_bytes=15852&recv_bytes=1646&delivery_rate=13834394&cwnd=256&unsent_bytes=0&cid=2393f8392969cd3f&ts=182&x=0"
X-Firefox-Spdy: h2

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fcss%2Fanimate.css&l=78689&fd=736
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbls?bv=24.50.2194&tmpl=482&u=https%3A%2F%2Fcdn.creative-stat1.com%2Fsb%2Fnotifications%2Fdating%2Fwhatsapp%2Fmulti%2Fwindows%2Fwhatsapp-message%2Fcss%2Fanimate.css&l=78689&fd=736 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:11 GMT
Content-Length: 0
Connection: keep-alive
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

site.cinem4.org/assets/v1/js/s.js

104.21.32.167

200 OK

527 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/js/s.js
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type

Size
527 kB (526749 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /assets/v1/js/s.js HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:09 GMT
content-type: text/javascript
last-modified: Thu, 08 Aug 2019 00:41:34 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cache-control: max-age=14400
cf-cache-status: REVALIDATED
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1%2FdEo2a43dx4yqWYqf8EQ2A1UzC6B3UtBJeDvonED9ADhU8BjkakU9ZskdKnqwwafoT4ORKawhmwFD7avfBdmUDaVKuT8ISVr7E03uzL3aVe2%2F1UyrWZfYPrblCDr38Y8qw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f56b7656bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=1961&min_rtt=660&rtt_var=1287&sent=130&recv=18&lost=0&retrans=0&sent_bytes=140504&recv_bytes=4754&delivery_rate=1015586&cwnd=96000&unsent_bytes=0&cid=04ae631c22df374b&ts=591&x=1", cfExtPri, cfHdrFlush;dur=0

whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fv9RUE%2FKshcvgyeFZdLd09Mz4wqLMUaCcbNmFb2IVFfVTMpUd7VV3dOTOQUDssc5eNFT55tkg7rs6sGji3QWRAJC5paD8eZREWHZo8xscPRB8d73vlfw1ffq0%2F38nDSR07OVt%2FRIKkWXWg23%2FuL7nne1vi6TfFgfdsIPw%2BBq3Qxe7oYN96X6G4Jt6yXf9VzXc736qjSip4dLMxIyvdP1Gl23EfgNrxVgaP6Lbe7AUgd8cE6eg%2BTT2gPnEiSrkMTfrAi7nen0yutxrmimDQb86N1kO9FFgnhR9oyDXnJ0MQ1tT1fvQyeHc7nQg38GIzklzo%2F3ESVHFyIRDQ7mOiMFkSDiz6AYVBCqgqQVmN6D5KcEYBzXN5DEt69rU9CdxyydsVNSe%2FgXZDEltV8uIYnvLis5rN%2FUKs%2BkTiyGvRJyWEH2K6T5MbKRA1kcg2WfQPKfydLDdSTxwYZVGpKX87dLWUH2KigxBrUO8tmRDvKegzx1EPOzOvM8r%2B1yRt1Ol7Emb4so5K5H2z2Pem7YQc5m8sbI0jGYGoOZXaRmF9tyDJP%2FALtVwnIHNpsS5%2B1dDHiJQhAUlqCgBIUkKDKCYlAecmV9W97myuaRd5H9i9wsJzrr79NDnfVFQkDNGIaXBzL92O6BZf%2BfjHr2g4nuWb6fnpNnZ545afUdtsVZPeoFQctrcc%2Bnvt%2BmrXbI3E43CNzAb7vNjoCVJaT939yGkZySa%2BPfkcopufzUH4joMaw6BpMOaO6BFiXoVolRcs%2FKTDSYTEQcNLTpg%2BsSaVZDtuPsq3Py%2FHxxV8J7EOyEXASYKZGaEh%2FJBwR9dWuyqQtysKkLS77dSDMZyxGdLfVmRjPx5Fdvip1CG762YsdfvspmxKy8846w2TpNuEz6lny9LDkXZlUbJsj3a%2FY9Ed3I7dZybpI8Xb%2Fx2upanBphrdRJBSpPNx6BySl54tEL8996eTOANBVMXiLOF0qlrsDSXdh00bOawKgFjtIairycGD9aNJUkUGKBaVTC%2FgtHi3pi6Ow2leW%2BvYW%2BqYFme0jiEgNTYqBKUDWGzZ%2BeZKk5ufbT57P4ApGqTSJlageRMuqzmcl3p%2BSVX0%2BmZL3z52PPrTyrt5tNl4bdltduU9GOAr%2FTCz1OqR%2BEfhjSJjI77ffZb38HAAD%2F%2FwKwzb6RBAAA

192.243.59.13

200 OK

0 B

URL GET HTTP/1.1
whomcomposescientific.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fv9RUE%2FKshcvgyeFZdLd09Mz4wqLMUaCcbNmFb2IVFfVTMpUd7VV3dOTOQUDssc5eNFT55tkg7rs6sGji3QWRAJC5paD8eZREWHZo8xscPRB8d73vlfw1ffq0%2F38nDSR07OVt%2FRIKkWXWg23%2FuL7nne1vi6TfFgfdsIPw%2BBq3Qxe7oYN96X6G4Jt6yXf9VzXc736qjSip4dLMxIyvdP1Gl23EfgNrxVgaP6Lbe7AUgd8cE6eg%2BTT2gPnEiSrkMTfrAi7nen0yutxrmimDQb86N1kO9FFgnhR9oyDXnJ0MQ1tT1fvQyeHc7nQg38GIzklzo%2F3ESVHFyIRDQ7mOiMFkSDiz6AYVBCqgqQVmN6D5KcEYBzXN5DEt69rU9CdxyydsVNSe%2FgXZDEltV8uIYnvLis5rN%2FUKs%2BkTiyGvRJyWEH2K6T5MbKRA1kcg2WfQPKfydLDdSTxwYZVGpKX87dLWUH2KigxBrUO8tmRDvKegzx1EPOzOvM8r%2B1yRt1Ol7Emb4so5K5H2z2Pem7YQc5m8sbI0jGYGoOZXaRmF9tyDJP%2FALtVwnIHNpsS5%2B1dDHiJQhAUlqCgBIUkKDKCYlAecmV9W97myuaRd5H9i9wsJzrr79NDnfVFQkDNGIaXBzL92O6BZf%2BfjHr2g4nuWb6fnpNnZ545afUdtsVZPeoFQctrcc%2Bnvt%2BmrXbI3E43CNzAb7vNjoCVJaT939yGkZySa%2BPfkcopufzUH4joMaw6BpMOaO6BFiXoVolRcs%2FKTDSYTEQcNLTpg%2BsSaVZDtuPsq3Py%2FHxxV8J7EOyEXASYKZGaEh%2FJBwR9dWuyqQtysKkLS77dSDMZyxGdLfVmRjPx5Fdvip1CG762YsdfvspmxKy8846w2TpNuEz6lny9LDkXZlUbJsj3a%2FY9Ed3I7dZybpI8Xb%2Fx2upanBphrdRJBSpPNx6BySl54tEL8996eTOANBVMXiLOF0qlrsDSXdh00bOawKgFjtIairycGD9aNJUkUGKBaVTC%2FgtHi3pi6Ow2leW%2BvYW%2BqYFme0jiEgNTYqBKUDWGzZ%2BeZKk5ufbT57P4ApGqTSJlageRMuqzmcl3p%2BSVX0%2BmZL3z52PPrTyrt5tNl4bdltduU9GOAr%2FTCz1OqR%2BEfhjSJjI77ffZb38HAAD%2F%2FwKwzb6RBAAA
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectwhomcomposescientific.com
Fingerprint2F:F9:3C:21:EA:39:3E:16:DA:4E:D0:38:08:9F:8E:D1:C4:B5:03:0C
ValidityTue, 26 Nov 2024 08:13:56 GMT - Mon, 24 Feb 2025 08:13:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQWgkRReu%2Fv9RUE%2FKshcvgyeFZdLd09Mz4wqLMUaCcbNmFb2IVFfVTMpUd7VV3dOTOQUDssc5eNFT55tkg7rs6sGji3QWRAJC5paD8eZREWHZo8xscPRB8d73vlfw1ffq0%2F38nDSR07OVt%2FRIKkWXWg23%2FuL7nne1vi6TfFgfdsIPw%2BBq3Qxe7oYN96X6G4Jt6yXf9VzXc736qjSip4dLMxIyvdP1Gl23EfgNrxVgaP6Lbe7AUgd8cE6eg%2BTT2gPnEiSrkMTfrAi7nen0yutxrmimDQb86N1kO9FFgnhR9oyDXnJ0MQ1tT1fvQyeHc7nQg38GIzklzo%2F3ESVHFyIRDQ7mOiMFkSDiz6AYVBCqgqQVmN6D5KcEYBzXN5DEt69rU9CdxyydsVNSe%2FgXZDEltV8uIYnvLis5rN%2FUKs%2BkTiyGvRJyWEH2K6T5MbKRA1kcg2WfQPKfydLDdSTxwYZVGpKX87dLWUH2KigxBrUO8tmRDvKegzx1EPOzOvM8r%2B1yRt1Ol7Emb4so5K5H2z2Pem7YQc5m8sbI0jGYGoOZXaRmF9tyDJP%2FALtVwnIHNpsS5%2B1dDHiJQhAUlqCgBIUkKDKCYlAecmV9W97myuaRd5H9i9wsJzrr79NDnfVFQkDNGIaXBzL92O6BZf%2BfjHr2g4nuWb6fnpNnZ545afUdtsVZPeoFQctrcc%2Bnvt%2BmrXbI3E43CNzAb7vNjoCVJaT939yGkZySa%2BPfkcopufzUH4joMaw6BpMOaO6BFiXoVolRcs%2FKTDSYTEQcNLTpg%2BsSaVZDtuPsq3Py%2FHxxV8J7EOyEXASYKZGaEh%2FJBwR9dWuyqQtysKkLS77dSDMZyxGdLfVmRjPx5Fdvip1CG762YsdfvspmxKy8846w2TpNuEz6lny9LDkXZlUbJsj3a%2FY9Ed3I7dZybpI8Xb%2Fx2upanBphrdRJBSpPNx6BySl54tEL8996eTOANBVMXiLOF0qlrsDSXdh00bOawKgFjtIairycGD9aNJUkUGKBaVTC%2FgtHi3pi6Ow2leW%2BvYW%2BqYFme0jiEgNTYqBKUDWGzZ%2BeZKk5ufbT57P4ApGqTSJlageRMuqzmcl3p%2BSVX0%2BmZL3z52PPrTyrt5tNl4bdltduU9GOAr%2FTCz1OqR%2BEfhjSJjI77ffZb38HAAD%2F%2FwKwzb6RBAAA HTTP/1.1
Host: whomcomposescientific.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24167093=1; pdhtkv=true; uncs=1; pdhtkv49=true; uncs49=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 22 Dec 2024 00:57:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-PlatformUser-Agent,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Host: whomcomposescientific.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
X-Request-ID: 9946aa978b18cb6b46189cce02ef71fa
Cache-Control: no-cache, max-age=0, private, no-cache
Pragma: no-cache
Strict-Transport-Security: max-age=0; includeSubdomains

peanutrefusesplit.com/pixel/sbs?c=1

172.240.108.68

200 OK

0 B

URL GET HTTP/1.1
peanutrefusesplit.com/pixel/sbs?c=1
IP
172.240.108.68:443
ASN
#7979 SERVERS-COM

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectpeanutrefusesplit.com
FingerprintF7:D8:A3:DA:71:D8:83:37:54:5A:28:A3:C2:30:40:65:C5:2D:61:17
ValidityFri, 13 Dec 2024 21:25:05 GMT - Thu, 13 Mar 2025 21:25:04 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: peanutrefusesplit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Cookie: u_pl24261786=1; ain=eyJhbGciOiJIUzI1NiJ9.eyJwIjp7ImlkIjoyNDI2MTc3MCwiayI6IjllNWM0MDNiNDc4N2NiNDdhZDIzMzFlY2MwMjllOThlIiwic2lkIjoiIiwiaXNpZCI6MiwiYXNpZCI6MSwiemlkIjo0MTY1ODcwLCJwaWQiOjE0NDQzMzUsImFuIjp0cnVlLCJsYW4iOnRydWUsImNpZCI6MSwiYWlkIjozMiwicHQiOjQsInBrIjoiaWUzOTNqMXRiaCIsInQiOjF9LCJ1Ijp7InUiOjEsImF1IjoxLCJkIjp7ImlkIjo3OTk1NDE5NiwiaWRzIjoiIiwiaWMiOmZhbHNlLCJuIjoiRGVza3RvcCxFbXVsYXRvciIsInYiOiJVbmtub3duIiwibSI6IlVua25vd24iLCJmIjoxLCJmbiI6IkRlc2t0b3AiLCJvaWQiOjE4MTEwLCJvbiI6IkxpbnV4Iiwib3YiOiJVbmtub3duIiwiYmlkIjoxMTY2NzAsImJuIjoiRmlyZWZveCIsImJ2IjoiOTYuMCIsInd2IjpmYWxzZSwiZSI6dHJ1ZSwiYWIiOmZhbHNlfSwiYyI6eyJpZCI6MTYyLCJjIjoiTk8iLCJuIjoiTm9yd2F5In0sImEiOmZhbHNlLCJjciI6eyJuIjoiQmxpeCBTb2x1dGlvbnMifSwieGYiOiIiLCJpeGYiOmZhbHNlLCJpZ3hmIjpmYWxzZSwidXAiOnRydWUsInIiOiJodHRwczovL3NpdGUuY2luZW00Lm9yZy9wdC9tb3ZpZS8xMzU3NjMzL3JlYXdha2VuaW5nIiwiYXIiOltdfX0.YP_QBcFm6xWuY--JXBv2Ks2SOahE8c6oakAgZoXyZYE; u_pl24261770=1; uid_id2=7719c7ae-1711-462c-967b-befb2ccea53e:3:1; pdhtkv=true; uncs=1; pdhtkv26=true; uncs26=1; pdhtkv32=true; uncs32=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 22 Dec 2024 00:57:11 GMT
Content-Length: 0
Connection: keep-alive
Host: peanutrefusesplit.com
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

site.cinem4.org/pt/movie/1357633/reawakening

104.21.32.167

200 OK

38 kB

URL User Request GET HTTP/2
site.cinem4.org/pt/movie/1357633/reawakening
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type

Size
38 kB (38003 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /pt/movie/1357633/reawakening HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.3.33
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; expires=Sun, 22-Dec-2024 02:57:08 GMT; Max-Age=7200; path=/; secure
laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D; expires=Sun, 22-Dec-2024 02:57:08 GMT; Max-Age=7200; path=/; httponly; secure
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LUE9d7R%2BFqfZ8y12az5RuILGbvHpj533rGhNQskyvfKaTFlTkzKNxpZMHGOFuzw%2BwILN6HZ0vY8h6%2BR6UNuz%2BuzHIYB43MqoKypxr2eibgI3l9DpuC9CqRxmVICsfD8soIU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27ef6acf0b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=6253&min_rtt=423&rtt_var=11662&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3271&recv_bytes=1265&delivery_rate=7812949&cwnd=254&unsent_bytes=0&cid=f816c67a5c5b8a6c&ts=775&x=0"
X-Firefox-Spdy: h2

use.fontawesome.com/3db27005e3.css

172.67.142.245

200 OK

1.0 kB

URL GET HTTP/2
use.fontawesome.com/3db27005e3.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectuse.fontawesome.com
Fingerprint05:31:F4:38:90:E5:B9:DA:3F:69:54:FA:D4:B6:58:60:69:5D:E8:A0
ValidityThu, 07 Nov 2024 23:24:31 GMT - Thu, 06 Feb 2025 00:24:26 GMT

File type
ASCII text, with very long lines (1054), with no line terminators
Size
1.0 kB (1033 bytes)
Hash
19fcb5d7988df9192e630541dd060149
ce855143892a6e5e99321681e2794e56eae773e7
cc47ef5353bcae248dc2c84bbf63c44684737025b3c5430fee988ff114eb74b2

HTTP Headers

GET /3db27005e3.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/css
etag: W/"fccfcc7a79d8dea2a68ba45063e61b7a"
last-modified: Fri, 22 Sep 2023 00:35:35 GMT
vary: Accept-Encoding
cache-control: max-age=1800
cf-cache-status: HIT
age: 6462
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dwqzXsOAppvCBEkQYmvIJ5zNgmzRDmwN0c8PcZ4pR0oDYUeULrTZiIcDRx%2BAHHk7ercAvJZLuOwUc%2BEJsLGTIEJSwbpwdL7cUrKVOgUv5eWrJ0P7SECW5eGlPktqIdfcC5sQt4sG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f57b1a5699-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1187&min_rtt=472&rtt_var=1406&sent=11&recv=13&lost=0&retrans=0&sent_bytes=7564&recv_bytes=1292&delivery_rate=10197183&cwnd=256&unsent_bytes=0&cid=2393f8392969cd3f&ts=51&x=0"
X-Firefox-Spdy: h2

site.cinem4.org/assets/v1/css/v1.css

104.21.32.167

200 OK

208 kB

URL GET HTTP/3
site.cinem4.org/assets/v1/css/v1.css
IP
104.21.32.167:443
ASN
#13335 CLOUDFLARENET

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerGoogle Trust Services
Subjectcinem4.org
FingerprintC7:25:48:9F:B2:9E:02:7C:D8:00:7F:FB:23:17:3F:82:A5:B6:E4:28
ValidityThu, 14 Nov 2024 09:58:29 GMT - Wed, 12 Feb 2025 09:58:28 GMT

File type
ASCII text, with very long lines (65248)
Size
208 kB (208299 bytes)
Hash
e2fa6b39f20ea00a51c99bab9d60151f
4d7f138b2d69b525158239a3363763efeb4994d5
da8d4b11b5540240e36a60cb333ddd96720b6ce1f29004f908ad7aaee45bc9f6

HTTP Headers

GET /assets/v1/css/v1.css HTTP/1.1
Host: site.cinem4.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://site.cinem4.org/pt/movie/1357633/reawakening
Cookie: XSRF-TOKEN=eyJpdiI6InU3Q2dwUnVKYldOdFwvQkJiVmhcL3hyQT09IiwidmFsdWUiOiIzS2lNdXRPQzdka0hkQWZXb0d6aFdcL0lnNjFjd0duSnFiaFhcL2MyK3VKcTg4c1B6M1ZHakNSMjk1a1REUmlmZmUiLCJtYWMiOiI3MDc0ODYwNDNkMDRmYjdmMzhiYTdlOGRkZjNlY2JmMzQ5MGRkZTJkZTBhNTcxMjljYTdjZmEwMmIyZDgyOWM3In0%3D; laravel_session=eyJpdiI6IjZYUE51bDM4bEwxYkVGcU1HeXNlQXc9PSIsInZhbHVlIjoiSzRaSGdCOVpBSUdHU2tiQUNDdzdXMnpSTEFXUHUzWmJZdjY1YVRZc2s4TGtJTFNmNjBGZjFWR09RTTFMYjhGbiIsIm1hYyI6ImYwODBkMGE0OWNiM2VjZDYyYzdlNWQ4YjNmNzYwNjY3ODJmMTU5MGU1YTlhMjE0MDgxM2Q0NmNlMmVjMzQ4YTgifQ%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 22 Dec 2024 00:57:08 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sun, 22 Dec 2024 08:03:27 GMT
last-modified: Thu, 08 Aug 2019 00:41:34 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: HIT
age: 579221
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=znqiJzj5fzhVbmhW5ayqR3%2BOACmujc9klFOw3XVt0y5199XrxXPVV3WL%2F2TNg%2F1pukFKm84u2Eyty3T4hJ%2FQMCeoj8dIyYwoDa0HIcesRPkZgA8jDPRIzMXimsLXWhlTzys%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8f5c27f55b6656bf-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=2930&min_rtt=1543&rtt_var=1528&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5677&recv_bytes=4489&delivery_rate=8443&cwnd=12000&unsent_bytes=0&cid=04ae631c22df374b&ts=199&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png

45.133.44.2

200 OK

119 kB

URL GET HTTP/2
cdn.storageimagedisplay.com/cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png
IP
45.133.44.2:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://site.cinem4.org/pt/movie/1357633/reawakening
Certificate
IssuerLet's Encrypt
Subjectcdn.storageimagedisplay.com
FingerprintF9:20:E7:90:5F:37:8A:CE:B4:58:90:7D:E5:7E:FD:5E:B8:11:6E:FE
ValidityTue, 12 Nov 2024 03:04:34 GMT - Mon, 10 Feb 2025 03:04:33 GMT

File type
PNG image data, 300 x 250, 8-bit/color RGBA, non-interlaced
Size
119 kB (118759 bytes)
Hash
72fe477091722c9a5ab9b26117663f22
edf375c273be0ee032792a29121c435678c303a5
7b2a8ad947f5c5ec0e0e4aaabc63cd445b1346e6f03ad5cfc604f1f274bd89a2

HTTP Headers

GET /cti/bf/84/2e/bf842e9bfc0a67b3160025c9ef8373c8/1707813634.png HTTP/1.1
Host: cdn.storageimagedisplay.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 22 Dec 2024 00:57:10 GMT
content-type: image/png
content-length: 118759
server: nginx/1.21.6
last-modified: Tue, 13 Feb 2024 08:40:43 GMT
etag: "65cb2b0b-1cfe7"
expires: Tue, 24 Dec 2024 00:57:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
x-cdn-host-id: ah0543
accept-ranges: bytes
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (39)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by